Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/97V9XucVFvinmNY3gLSo0Nsodz0.roa
File: 97V9XucVFvinmNY3gLSo0Nsodz0.roa (raw, json)
Hash identifier: qO+0QpDk0SiqiYyAoxztKMgkHvuC79WxBXn4almFA3c=
Subject key identifier: F7:B5:7D:5E:E7:15:16:F8:A7:98:D6:37:80:B4:A8:D0:DB:28:77:3D
Certificate issuer: /CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Certificate serial: 018CC26D4FFFC72D9D482D6364E728D6661A
Authority key identifier: 46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/97V9XucVFvinmNY3gLSo0Nsodz0.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213038
IP address blocks: 89.40.170.0/24 maxlen: 24
185.145.253.0/24 maxlen: 24
185.145.252.0/24 maxlen: 24
185.145.255.0/24 maxlen: 24
185.145.254.0/24 maxlen: 24
31.220.151.0/24 maxlen: 24
89.42.24.0/24 maxlen: 24
89.36.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/RvAXcdHMj9EUxGphYgaqTFnb3Bk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/RvAXcdHMj9EUxGphYgaqTFnb3Bk.mft
rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4f:ff:c7:2d:9d:48:2d:63:64:e7:28:d6:66:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7b57d5ee71516f8a798d63780b4a8d0db28773d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9e:80:91:3f:96:4a:38:bb:ac:43:0a:ba:3f:
e7:0d:8b:d9:ee:15:b4:21:00:d1:00:e5:fb:11:1c:
4d:a7:00:d3:68:df:48:f6:b9:8c:a8:c6:1b:ae:63:
61:3f:d3:c5:5c:51:27:3f:25:f5:51:d9:36:37:85:
e3:d4:04:99:76:e9:57:e0:15:27:ee:75:7f:47:96:
29:7c:9b:78:e6:a7:c8:a2:21:46:c3:d3:34:f2:60:
f2:fb:f2:56:70:04:2e:8c:c7:de:03:f3:4d:c3:a9:
46:54:4c:26:29:22:04:2a:5e:89:92:0f:2c:c9:20:
50:ef:cb:51:c8:b3:87:8b:0a:96:25:c5:aa:74:3a:
1d:f9:c1:ef:6c:1d:3a:04:e7:ef:a1:8a:23:f9:07:
76:81:62:f9:98:ca:6a:04:1b:45:d4:d1:ed:8f:36:
fb:f8:94:32:f3:f5:4f:c9:ab:31:bf:3d:ef:8f:2e:
02:27:87:8d:f0:a4:02:7a:be:ea:2d:df:e9:fa:a3:
f7:3a:b4:81:eb:9c:44:29:39:c3:72:dd:cc:38:fd:
95:67:24:a9:f2:80:81:85:68:47:29:31:a9:10:17:
6a:26:fb:73:17:2a:e6:c0:3d:5c:ea:94:c0:f3:b1:
68:f7:53:47:cb:3f:e2:5e:dd:35:72:be:65:24:00:
21:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B5:7D:5E:E7:15:16:F8:A7:98:D6:37:80:B4:A8:D0:DB:28:77:3D
X509v3 Authority Key Identifier:
keyid:46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/97V9XucVFvinmNY3gLSo0Nsodz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/RvAXcdHMj9EUxGphYgaqTFnb3Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.151.0/24
89.36.197.0/24
89.40.170.0/24
89.42.24.0/24
185.145.252.0/22
Signature Algorithm: sha256WithRSAEncryption
19:69:7d:4b:3e:50:ba:23:ec:6f:60:8b:ad:3f:e3:02:2f:d1:
a1:95:70:64:42:24:bb:07:6d:fd:bf:51:22:3f:33:80:c6:8f:
d4:50:ff:f2:33:53:87:f1:dd:bf:ed:c2:ba:25:fd:d9:4e:37:
36:e8:e7:5b:7c:ce:28:ab:f4:ec:8d:d0:ff:ac:67:7d:16:02:
7a:a0:e5:49:e0:0d:76:6f:25:6a:24:4c:24:82:a2:44:35:a3:
be:58:4e:a8:da:c9:66:0b:dd:62:43:8e:74:88:d8:20:a1:3d:
74:8b:b8:00:6f:07:61:11:68:e5:32:a6:32:e4:40:0f:d4:33:
47:7e:a1:92:b7:15:82:cd:0c:c9:2b:46:d3:ed:0a:36:8c:e5:
ec:18:6b:e2:7d:ff:39:da:1a:f1:63:2e:0f:f8:96:38:b7:73:
9a:2d:6f:37:79:bc:d6:fa:0e:a6:2c:9e:54:10:a4:bb:6b:ef:
ee:14:b5:f1:31:02:74:f9:28:99:ce:4a:1a:25:93:11:44:56:
ef:2a:54:7a:e6:05:5f:fc:3f:3d:99:cc:9f:6c:63:66:3c:ca:
99:5c:5d:e6:2d:c5:14:f2:30:8b:b7:0f:9a:89:b1:53:8e:91:
18:58:99:3c:4f:09:c6:e9:63:9c:01:fe:ba:af:df:aa:25:3f:
8b:11:29:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzCbU//xy2dSC1jZOco1mYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZjAxNzcxZDFjYzhmZDExNGM0NmE2MTYyMDZhYTRjNTlk
YmRjMTkwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2I1N2Q1ZWU3MTUxNmY4YTc5OGQ2Mzc4MGI0YThkMGRiMjg3NzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ6AkT+WSji7rEMKuj/nDYvZ7hW0
IQDRAOX7ERxNpwDTaN9I9rmMqMYbrmNhP9PFXFEnPyX1Udk2N4Xj1ASZdulX4BUn
7nV/R5YpfJt45qfIoiFGw9M08mDy+/JWcAQujMfeA/NNw6lGVEwmKSIEKl6Jkg8s
ySBQ78tRyLOHiwqWJcWqdDod+cHvbB06BOfvoYoj+Qd2gWL5mMpqBBtF1NHtjzb7
+JQy8/VPyasxvz3vjy4CJ4eN8KQCer7qLd/p+qP3OrSB65xEKTnDct3MOP2VZySp
8oCBhWhHKTGpEBdqJvtzFyrmwD1c6pTA87Fo91NHyz/iXt01cr5lJAAhpQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPe1fV7nFRb4p5jWN4C0qNDbKHc9MB8GA1UdIwQY
MBaAFEbwF3HRzI/RFMRqYWIGqkxZ29wZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUt
MzE2ZjZkYWJmZmJmLzEvOTdWOVh1Y1ZGdmlubU5ZM2dMU28wTnNvZHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUtMzE2ZjZkYWJmZmJm
LzEvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH9yXAwQA
WSTFAwQAWSiqAwQAWSoYAwQCuZH8MA0GCSqGSIb3DQEBCwUAA4IBAQAZaX1LPlC6
I+xvYIutP+MCL9GhlXBkQiS7B239v1EiPzOAxo/UUP/yM1OH8d2/7cK6Jf3ZTjc2
6OdbfM4oq/TsjdD/rGd9FgJ6oOVJ4A12byVqJEwkgqJENaO+WE6o2slmC91iQ450
iNggoT10i7gAbwdhEWjlMqYy5EAP1DNHfqGStxWCzQzJK0bT7Qo2jOXsGGviff85
2hrxYy4P+JY4t3OaLW83ebzW+g6mLJ5UEKS7a+/uFLXxMQJ0+SiZzkoaJZMRRFbv
KlR65gVf/D89mcyfbGNmPMqZXF3mLcUU8jCLtw+aibFTjpEYWJk8TwnG6WOcAf66
r9+qJT+LESlm
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:12 2024 by rpki-client on console-fra.rpki-client.org