Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/RsXLwSguKojONcHfCGccX4tqFJ4.roa
File: RsXLwSguKojONcHfCGccX4tqFJ4.roa (raw, json)
Hash identifier: oYMiwpGVJvDpDBoi8PPduIYiD6phYaEZoF1lExjQiTU=
Subject key identifier: 46:C5:CB:C1:28:2E:2A:88:CE:35:C1:DF:08:67:1C:5F:8B:6A:14:9E
Certificate issuer: /CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
Certificate serial: 018CC8DD8C34224770D661CFE35618D852CC
Authority key identifier: A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/RsXLwSguKojONcHfCGccX4tqFJ4.roa
Signing time: Tue 02 Jan 2024 06:30:11 +0000
ROA not before: Tue 02 Jan 2024 06:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57457
IP address blocks: 185.210.203.0/24 maxlen: 24
185.210.200.0/24 maxlen: 24
185.210.201.0/24 maxlen: 24
185.210.202.0/24 maxlen: 24
91.232.64.0/24 maxlen: 24
91.232.65.0/24 maxlen: 24
91.232.69.0/24 maxlen: 24
91.232.66.0/24 maxlen: 24
91.232.67.0/24 maxlen: 24
91.232.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/qEOOrPTQZOh6drtGLTtLLMOFikw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/qEOOrPTQZOh6drtGLTtLLMOFikw.mft
rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:8c:34:22:47:70:d6:61:cf:e3:56:18:d8:52:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8438eacf4d064e87a76bb462d3b4b2cc3858a4c
Validity
Not Before: Jan 2 06:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46c5cbc1282e2a88ce35c1df08671c5f8b6a149e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:00:6a:c8:96:af:00:13:f8:11:45:01:e5:56:
2e:ec:d3:ea:89:4a:1f:31:e1:aa:17:7a:ab:25:8b:
54:91:71:be:30:14:de:9a:d5:1c:36:4e:14:0a:81:
7f:87:0e:cf:2a:7d:3f:f1:36:10:97:d5:b2:58:7e:
10:75:2a:4d:d2:a9:28:76:17:d5:51:5a:a8:df:3b:
61:e0:55:8e:1d:4a:98:c4:cc:bc:90:82:5d:33:22:
7c:af:cb:43:2c:fe:bd:48:16:bf:dc:f5:64:cf:11:
63:6c:b5:2e:46:be:9a:21:99:32:42:83:2a:98:a2:
01:96:bf:31:df:32:a9:a3:6a:9c:97:17:d3:e9:3e:
ef:99:07:90:d7:3b:96:04:28:a2:98:22:79:d5:1f:
d8:27:b3:23:c0:b2:1b:14:dd:0c:a6:23:a8:86:f9:
83:47:33:30:7e:d3:43:bb:60:96:cd:69:a2:b7:1d:
2e:f7:6a:34:78:9e:fa:67:5e:a1:0d:48:f4:4f:df:
91:5c:d1:b7:da:b9:d2:8b:45:3d:e6:9e:ce:f7:e8:
fd:4b:63:c8:62:f3:97:85:54:31:18:dd:13:67:d5:
d5:bb:d9:54:96:ab:77:01:07:76:69:90:db:f1:3a:
d4:70:8c:91:36:03:6e:67:a2:f5:3c:4a:91:32:78:
6a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C5:CB:C1:28:2E:2A:88:CE:35:C1:DF:08:67:1C:5F:8B:6A:14:9E
X509v3 Authority Key Identifier:
keyid:A8:43:8E:AC:F4:D0:64:E8:7A:76:BB:46:2D:3B:4B:2C:C3:85:8A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEOOrPTQZOh6drtGLTtLLMOFikw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/RsXLwSguKojONcHfCGccX4tqFJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8e1122-8cb9-4872-8811-1c2800831c64/1/qEOOrPTQZOh6drtGLTtLLMOFikw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.64.0-91.232.69.255
185.210.200.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:86:2b:1c:6c:40:d9:78:a3:b8:41:83:03:af:10:ae:1f:d8:
de:07:97:b2:c7:b8:27:dd:4d:63:77:10:51:d3:8a:53:e8:91:
11:e0:a7:3c:95:57:44:c3:5b:e0:71:52:1b:f6:51:d4:69:51:
af:ab:84:21:2d:31:69:70:31:d6:8c:18:8f:f7:03:94:c1:0a:
4e:52:47:ba:58:6a:3b:10:85:f7:0c:30:13:3b:60:7b:14:0d:
ec:58:e3:2b:72:be:14:9d:e2:58:38:87:4a:af:c4:66:a3:f9:
58:c3:24:33:23:93:78:27:c2:a5:6f:c2:58:44:8b:e9:7c:21:
61:e5:a0:64:be:4f:80:b3:eb:3b:67:0f:65:bd:e3:0d:a9:32:
a6:a1:62:2b:1f:0a:24:91:09:5c:80:a5:84:b1:15:67:2d:ed:
99:99:78:7f:9d:81:b2:ba:d7:1f:a7:07:4f:dc:7d:91:a9:e9:
1d:43:dd:1a:38:db:69:e3:62:22:d3:00:db:a9:d0:8f:5e:46:
45:65:ca:6c:73:95:73:ed:e6:ac:a8:80:73:84:7a:54:d0:6e:
d9:60:d6:e8:ea:13:65:3b:fc:c0:d6:33:19:6a:6c:82:c3:ff:
0a:2e:75:24:d4:22:0e:94:2d:35:bf:9b:85:be:98:92:2c:63:
f7:40:7b:c5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzI3Yw0Ikdw1mHP41YY2FLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDM4ZWFjZjRkMDY0ZTg3YTc2YmI0NjJkM2I0YjJjYzM4
NThhNGMwHhcNMjQwMTAyMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmM1Y2JjMTI4MmUyYTg4Y2UzNWMxZGYwODY3MWM1ZjhiNmExNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhABqyJavABP4EUUB5VYu7NPqiUof
MeGqF3qrJYtUkXG+MBTemtUcNk4UCoF/hw7PKn0/8TYQl9WyWH4QdSpN0qkodhfV
UVqo3zth4FWOHUqYxMy8kIJdMyJ8r8tDLP69SBa/3PVkzxFjbLUuRr6aIZkyQoMq
mKIBlr8x3zKpo2qclxfT6T7vmQeQ1zuWBCiimCJ51R/YJ7MjwLIbFN0MpiOohvmD
RzMwftNDu2CWzWmitx0u92o0eJ76Z16hDUj0T9+RXNG32rnSi0U95p7O9+j9S2PI
YvOXhVQxGN0TZ9XVu9lUlqt3AQd2aZDb8TrUcIyRNgNuZ6L1PEqRMnhqcQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEbFy8EoLiqIzjXB3whnHF+LahSeMB8GA1UdIwQY
MBaAFKhDjqz00GToena7Ri07SyzDhYpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVPT3JQVFFaT2g2ZHJ0R0xUdExMTU9GaWt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84ZTExMjItOGNiOS00ODcyLTg4MTEt
MWMyODAwODMxYzY0LzEvUnNYTHdTZ3VLb2pPTmNIZkNHY2NYNHRxRko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84ZTExMjItOGNiOS00ODcyLTg4MTEtMWMyODAwODMxYzY0
LzEvcUVPT3JQVFFaT2g2ZHJ0R0xUdExMTU9GaWt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAZb6EAD
BAFb6EQDBAK50sgwDQYJKoZIhvcNAQELBQADggEBAM6GKxxsQNl4o7hBgwOvEK4f
2N4Hl7LHuCfdTWN3EFHTilPokRHgpzyVV0TDW+BxUhv2UdRpUa+rhCEtMWlwMdaM
GI/3A5TBCk5SR7pYajsQhfcMMBM7YHsUDexY4ytyvhSd4lg4h0qvxGaj+VjDJDMj
k3gnwqVvwlhEi+l8IWHloGS+T4Cz6ztnD2W94w2pMqahYisfCiSRCVyApYSxFWct
7ZmZeH+dgbK61x+nB0/cfZGp6R1D3Ro422njYiLTANup0I9eRkVlymxzlXPt5qyo
gHOEelTQbtlg1ujqE2U7/MDWMxlqbILD/woudSTUIg6ULTW/m4W+mJIsY/dAe8U=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:00 2024 by rpki-client on console-fra.rpki-client.org