Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/RguRSJM_lt1uNlVUwklzDTIxW5k.roa
File: RguRSJM_lt1uNlVUwklzDTIxW5k.roa (raw, json)
Hash identifier: Wxuh4i4ZA0IhyZ22uu34XdsdZAGWtDJUniYVjSsRWdU=
Subject key identifier: 46:0B:91:48:93:3F:96:DD:6E:36:55:54:C2:49:73:0D:32:31:5B:99
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 01930C0653B6042DCA41CB98DD600788B982
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/RguRSJM_lt1uNlVUwklzDTIxW5k.roa
Signing time: Fri 08 Nov 2024 13:46:01 +0000
ROA not before: Fri 08 Nov 2024 13:46:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 79.137.184.0/24 maxlen: 24
79.137.194.0/23 maxlen: 23
79.137.196.0/22 maxlen: 22
79.137.202.0/23 maxlen: 23
79.137.204.0/23 maxlen: 23
79.137.206.0/24 maxlen: 24
79.137.207.0/24 maxlen: 24
79.137.248.0/24 maxlen: 24
85.192.24.0/24 maxlen: 24
85.192.25.0/24 maxlen: 24
85.192.26.0/24 maxlen: 24
85.192.27.0/24 maxlen: 24
85.192.28.0/24 maxlen: 24
85.192.29.0/24 maxlen: 24
85.192.31.0/24 maxlen: 24
85.192.37.0/24 maxlen: 24
85.192.40.0/23 maxlen: 23
85.192.42.0/24 maxlen: 24
85.192.56.0/24 maxlen: 24
85.192.60.0/24 maxlen: 24
85.192.61.0/24 maxlen: 24
85.192.63.0/24 maxlen: 24
89.208.96.0/24 maxlen: 24
89.208.97.0/24 maxlen: 24
89.208.103.0/24 maxlen: 24
89.208.104.0/22 maxlen: 22
95.163.152.0/24 maxlen: 24
95.163.153.0/24 maxlen: 24
185.125.100.0/24 maxlen: 24
185.125.101.0/24 maxlen: 24
185.125.102.0/24 maxlen: 24
185.125.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0c:06:53:b6:04:2d:ca:41:cb:98:dd:60:07:88:b9:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Nov 8 13:46:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=460b9148933f96dd6e365554c249730d32315b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:33:65:03:65:31:c4:60:69:cb:f0:ac:ba:19:
c6:71:03:58:6c:19:c7:3d:e7:04:ca:5e:da:1a:ff:
f6:cb:8f:29:47:90:43:1f:c7:3b:db:64:fd:af:1e:
26:d6:29:1a:67:e0:5c:dd:8b:90:13:bb:69:3a:6c:
66:5c:f6:0f:6e:c9:ef:ba:3b:30:ff:73:42:be:a0:
eb:95:77:2d:ff:93:6f:bd:c7:44:6b:68:f9:ca:97:
c2:ce:93:01:42:ab:de:67:b3:28:95:73:5b:9f:75:
d8:e3:61:a9:45:53:3f:6d:3a:29:aa:8f:be:6f:25:
c2:02:6d:c8:bc:53:23:cc:61:08:3c:1b:3d:aa:cf:
08:aa:96:c1:c3:1b:f7:6d:95:b1:24:3a:c5:5c:bb:
7c:ae:2f:1c:a7:70:16:54:eb:42:af:51:ad:0e:8b:
66:12:dd:c3:32:07:8e:5c:f9:d9:2b:bb:1c:a9:c5:
b0:97:56:73:3b:f8:d4:cc:97:5e:4e:89:88:37:4b:
b6:f8:de:f2:34:84:ea:21:92:14:15:a8:0e:97:aa:
06:a9:ce:5b:d4:9d:c9:e9:e7:8f:67:6b:d6:c0:d9:
87:35:39:a9:1f:26:93:f9:22:1f:4e:64:d6:40:ee:
78:d0:03:bf:9d:fa:aa:39:0b:ab:8d:b2:a1:63:27:
bc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:0B:91:48:93:3F:96:DD:6E:36:55:54:C2:49:73:0D:32:31:5B:99
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/RguRSJM_lt1uNlVUwklzDTIxW5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.137.184.0/24
79.137.194.0-79.137.199.255
79.137.202.0-79.137.207.255
79.137.248.0/24
85.192.24.0-85.192.29.255
85.192.31.0/24
85.192.37.0/24
85.192.40.0-85.192.42.255
85.192.56.0/24
85.192.60.0/23
85.192.63.0/24
89.208.96.0/23
89.208.103.0-89.208.107.255
95.163.152.0/23
185.125.100.0/22
Signature Algorithm: sha256WithRSAEncryption
23:b3:0f:93:17:de:11:ab:a0:fe:cb:e6:fe:cc:50:04:63:5e:
b8:2b:95:04:e7:16:a0:f7:a9:a9:7c:d8:4f:0b:ec:5a:33:54:
47:c2:24:96:84:80:e8:eb:b6:ab:ad:3e:bd:99:19:7d:cb:6e:
52:cf:86:7b:b4:4e:37:0a:37:b2:07:37:65:76:56:7c:b4:f6:
93:68:2a:d4:f6:d7:b3:76:d9:cc:ba:b7:a5:37:7b:70:4f:35:
5d:bf:23:d2:27:c7:12:81:46:d5:c8:d6:3f:89:69:1f:b6:76:
10:a3:9b:bf:49:80:c8:99:72:9f:48:5f:51:ed:8b:7b:f4:cd:
f5:9d:0f:eb:1f:91:2b:ed:ca:85:57:6a:79:7f:5f:84:81:34:
54:1b:2a:b1:88:c9:18:69:d0:07:b3:8d:43:e9:8f:1e:18:9a:
a2:34:57:64:2b:fa:0c:4b:f9:e1:e1:f3:6e:f5:38:dd:64:e4:
aa:88:e1:57:0f:f1:93:c9:d8:ea:35:4f:f1:7e:af:b9:75:6c:
29:da:e7:e9:02:f5:9f:2b:19:2f:c9:47:50:4c:05:b3:f4:c1:
af:32:76:51:3f:d4:32:0c:67:e9:1b:50:0a:3f:b2:ca:cd:f0:
22:b7:7c:67:a3:54:ef:4b:3e:92:d4:fd:a4:fe:0d:31:6b:68:
91:ce:24:5c
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZMMBlO2BC3KQcuY3WAHiLmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjQxMTA4MTM0NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjBiOTE0ODkzM2Y5NmRkNmUzNjU1NTRjMjQ5NzMwZDMyMzE1Yjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjNlA2UxxGBpy/CsuhnGcQNYbBnH
PecEyl7aGv/2y48pR5BDH8c722T9rx4m1ikaZ+Bc3YuQE7tpOmxmXPYPbsnvujsw
/3NCvqDrlXct/5NvvcdEa2j5ypfCzpMBQqveZ7MolXNbn3XY42GpRVM/bTopqo++
byXCAm3IvFMjzGEIPBs9qs8IqpbBwxv3bZWxJDrFXLt8ri8cp3AWVOtCr1GtDotm
Et3DMgeOXPnZK7scqcWwl1ZzO/jUzJdeTomIN0u2+N7yNITqIZIUFagOl6oGqc5b
1J3J6eePZ2vWwNmHNTmpHyaT+SIfTmTWQO540AO/nfqqOQurjbKhYye8owIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFEYLkUiTP5bdbjZVVMJJcw0yMVuZMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvUmd1UlNKTV9sdDF1TmxWVXdrbHpEVEl4VzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABP
ibgwDAMEAU+JwgMEA0+JwDAMAwQBT4nKAwQET4nAAwQAT4n4MAwDBANVwBgDBAFV
wBwDBABVwB8DBABVwCUwDAMEA1XAKAMEAFXAKgMEAFXAOAMEAVXAPAMEAFXAPwME
AVnQYDAMAwQAWdBnAwQCWdBoAwQBX6OYAwQCuX1kMA0GCSqGSIb3DQEBCwUAA4IB
AQAjsw+TF94Rq6D+y+b+zFAEY164K5UE5xag96mpfNhPC+xaM1RHwiSWhIDo67ar
rT69mRl9y25Sz4Z7tE43CjeyBzdldlZ8tPaTaCrU9tezdtnMurelN3twTzVdvyPS
J8cSgUbVyNY/iWkftnYQo5u/SYDImXKfSF9R7Yt79M31nQ/rH5Er7cqFV2p5f1+E
gTRUGyqxiMkYadAHs41D6Y8eGJqiNFdkK/oMS/nh4fNu9TjdZOSqiOFXD/GTydjq
NU/xfq+5dWwp2ufpAvWfKxkvyUdQTAWz9MGvMnZRP9QyDGfpG1AKP7LKzfAit3xn
o1TvSz6S1P2k/g0xa2iRziRc
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:48:33 2024 by rpki-client on console-fra.rpki-client.org