Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/435XfRVrlh94BNjTeU7SlWR80aE.roa
File: 435XfRVrlh94BNjTeU7SlWR80aE.roa (raw, json)
Hash identifier: pH3nV1bjhGywFpbfog4D1ctynoYn1DNQqY6opeS6vNY=
Subject key identifier: E3:7E:57:7D:15:6B:96:1F:78:04:D8:D3:79:4E:D2:95:64:7C:D1:A1
Certificate issuer: /CN=6e8b028d18274d21a7316aea3ccce9158b54f481
Certificate serial: 0191EB743CCC2DC9E1C34FF1C3D102AF9495
Authority key identifier: 6E:8B:02:8D:18:27:4D:21:A7:31:6A:EA:3C:CC:E9:15:8B:54:F4:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/435XfRVrlh94BNjTeU7SlWR80aE.roa
Signing time: Fri 13 Sep 2024 12:55:48 +0000
ROA not before: Fri 13 Sep 2024 12:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198913
IP address blocks: 31.220.147.0/24 maxlen: 24
46.243.120.0/21 maxlen: 21
46.243.121.0/24 maxlen: 24
46.243.122.0/24 maxlen: 24
46.243.123.0/24 maxlen: 24
46.243.124.0/24 maxlen: 24
46.243.125.0/24 maxlen: 24
46.243.126.0/24 maxlen: 24
46.243.127.0/24 maxlen: 24
185.132.24.0/22 maxlen: 22
185.132.24.0/24 maxlen: 24
185.132.25.0/24 maxlen: 24
185.132.26.0/24 maxlen: 24
185.132.27.0/24 maxlen: 24
185.173.228.0/22 maxlen: 22
185.173.228.0/24 maxlen: 24
185.173.229.0/24 maxlen: 24
185.173.230.0/24 maxlen: 24
185.173.231.0/24 maxlen: 24
217.19.13.0/24 maxlen: 24
2a03:d400::/32 maxlen: 32
2a03:d400:13::/48 maxlen: 48
2a03:d400:24::/48 maxlen: 48
2a03:d400:25::/48 maxlen: 48
2a03:d400:26::/48 maxlen: 48
2a03:d400:27::/48 maxlen: 48
2a03:d400:120::/48 maxlen: 48
2a03:d400:121::/48 maxlen: 48
2a03:d400:122::/48 maxlen: 48
2a03:d400:123::/48 maxlen: 48
2a03:d400:124::/48 maxlen: 48
2a03:d400:125::/48 maxlen: 48
2a03:d400:126::/48 maxlen: 48
2a03:d400:127::/48 maxlen: 48
2a03:d400:228::/48 maxlen: 48
2a03:d400:229::/48 maxlen: 48
2a03:d400:230::/48 maxlen: 48
2a03:d400:231::/48 maxlen: 48
2a03:d400:1337::/48 maxlen: 48
2a0b:6f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/bosCjRgnTSGnMWrqPMzpFYtU9IE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/bosCjRgnTSGnMWrqPMzpFYtU9IE.mft
rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:74:3c:cc:2d:c9:e1:c3:4f:f1:c3:d1:02:af:94:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e8b028d18274d21a7316aea3ccce9158b54f481
Validity
Not Before: Sep 13 12:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e37e577d156b961f7804d8d3794ed295647cd1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4f:36:6e:24:b9:d4:0e:ab:51:8d:77:ee:da:
ff:4f:7a:4e:34:b9:67:d3:eb:8b:f0:3b:4b:e9:86:
77:8a:c2:14:91:ab:37:da:20:18:42:8c:4b:3c:52:
f0:64:74:fc:9e:07:ff:37:54:28:cc:f8:17:b9:6c:
17:da:01:c1:d0:97:cc:b2:06:9d:94:ab:9f:1f:26:
cf:de:c4:db:af:b5:28:ef:42:ff:30:6c:7c:45:d7:
6b:4a:5a:c1:75:02:5c:d1:9f:95:4f:53:68:b2:b9:
67:ba:45:d9:7b:98:9a:6e:76:8a:25:1e:a2:dc:ef:
23:dc:8c:c7:9a:1a:2a:35:e3:f7:92:b2:5d:30:32:
c2:b0:bb:35:b5:09:e3:b4:be:70:6c:98:61:19:4d:
bd:8a:a6:34:f4:00:2a:d5:e9:d5:92:d4:3b:25:92:
41:70:83:bd:77:9d:ef:0a:4b:3b:7f:8f:a6:b4:ba:
67:6b:3b:ef:d5:a7:d4:48:6b:57:b5:ec:53:31:d4:
5b:d4:8c:4c:81:16:2f:bb:7a:f0:fa:ae:c0:fb:ea:
eb:d3:01:42:69:5c:a5:e4:df:f4:ee:0a:05:c8:40:
6e:4b:91:e0:ac:e5:c8:eb:0e:49:f5:a1:25:34:df:
fe:e2:c5:b8:59:5d:75:0d:2f:26:6e:4c:b1:a6:27:
0b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7E:57:7D:15:6B:96:1F:78:04:D8:D3:79:4E:D2:95:64:7C:D1:A1
X509v3 Authority Key Identifier:
keyid:6E:8B:02:8D:18:27:4D:21:A7:31:6A:EA:3C:CC:E9:15:8B:54:F4:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/435XfRVrlh94BNjTeU7SlWR80aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/bosCjRgnTSGnMWrqPMzpFYtU9IE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.147.0/24
46.243.120.0/21
185.132.24.0/22
185.173.228.0/22
217.19.13.0/24
IPv6:
2a03:d400::/32
2a0b:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
15:b0:a9:e2:cb:bb:92:17:98:85:ea:d2:8f:8f:18:77:da:b7:
e4:03:ea:d9:66:b4:32:97:05:dc:3e:d2:2f:f6:fe:51:4f:71:
8d:63:28:67:6c:92:a4:8b:49:11:78:2e:dd:55:76:74:0e:ed:
28:3b:10:fd:c6:ce:4c:52:ff:d3:b4:87:c0:9c:14:f0:a1:f9:
da:57:30:fe:dd:c7:0d:a9:49:54:24:bc:df:1d:18:f6:ad:72:
40:4c:f3:93:94:af:27:5a:88:42:5d:8a:22:7c:c1:a4:28:ed:
29:1e:09:43:40:55:2c:a0:dd:de:6b:6c:50:88:99:95:9f:df:
ac:7c:e9:dc:7c:ee:1e:fe:6c:32:c6:12:a1:60:1c:3a:1d:e7:
e4:0f:28:48:5c:ac:41:45:98:b0:db:08:93:68:86:8c:91:85:
b7:1d:90:68:99:06:37:69:63:9a:5c:aa:b8:86:63:09:36:36:
95:20:f3:ed:8d:cf:b5:c2:1f:10:81:52:36:f4:65:b4:ca:12:
ca:4b:b5:19:39:bf:04:af:2c:d8:ce:d5:94:ab:fe:ce:c1:7b:
1f:da:e7:a0:a8:61:f8:c2:e9:cf:70:be:5a:17:70:b0:74:7a:
a8:e7:86:f2:86:34:ef:db:61:15:f9:d7:e0:53:92:92:cd:61:
22:fe:cc:e0
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZHrdDzMLcnhw0/xw9ECr5SVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlOGIwMjhkMTgyNzRkMjFhNzMxNmFlYTNjY2NlOTE1OGI1
NGY0ODEwHhcNMjQwOTEzMTI1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzdlNTc3ZDE1NmI5NjFmNzgwNGQ4ZDM3OTRlZDI5NTY0N2NkMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk082biS51A6rUY137tr/T3pONLln
0+uL8DtL6YZ3isIUkas32iAYQoxLPFLwZHT8ngf/N1QozPgXuWwX2gHB0JfMsgad
lKufHybP3sTbr7Uo70L/MGx8RddrSlrBdQJc0Z+VT1NosrlnukXZe5iabnaKJR6i
3O8j3IzHmhoqNeP3krJdMDLCsLs1tQnjtL5wbJhhGU29iqY09AAq1enVktQ7JZJB
cIO9d53vCks7f4+mtLpnazvv1afUSGtXtexTMdRb1IxMgRYvu3rw+q7A++rr0wFC
aVyl5N/07goFyEBuS5HgrOXI6w5J9aElNN/+4sW4WV11DS8mbkyxpicLKQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFON+V30Va5YfeATY03lO0pVkfNGhMB8GA1UdIwQY
MBaAFG6LAo0YJ00hpzFq6jzM6RWLVPSBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9zQ2pSZ25UU0duTVdycVBNenBGWXRVOUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8wOTZlYWYtNjM0Yi00YzQ5LWI2OGUt
YzJjNjE1MTg1ODlmLzEvNDM1WGZSVnJsaDk0Qk5qVGVVN1NsV1I4MGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8wOTZlYWYtNjM0Yi00YzQ5LWI2OGUtYzJjNjE1MTg1ODlm
LzEvYm9zQ2pSZ25UU0duTVdycVBNenBGWXRVOUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQAH9yTAwQD
LvN4AwQCuYQYAwQCua3kAwQA2RMNMBQEAgACMA4DBQAqA9QAAwUDKgtvADANBgkq
hkiG9w0BAQsFAAOCAQEAFbCp4su7kheYherSj48Yd9q35APq2Wa0MpcF3D7SL/b+
UU9xjWMoZ2ySpItJEXgu3VV2dA7tKDsQ/cbOTFL/07SHwJwU8KH52lcw/t3HDalJ
VCS83x0Y9q1yQEzzk5SvJ1qIQl2KInzBpCjtKR4JQ0BVLKDd3mtsUIiZlZ/frHzp
3HzuHv5sMsYSoWAcOh3n5A8oSFysQUWYsNsIk2iGjJGFtx2QaJkGN2ljmlyquIZj
CTY2lSDz7Y3PtcIfEIFSNvRltMoSyku1GTm/BK8s2M7VlKv+zsF7H9rnoKhh+MLp
z3C+WhdwsHR6qOeG8oY079thFfnX4FOSks1hIv7M4A==
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:03:43 2024 by rpki-client on console-fra.rpki-client.org