Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/pAnove0Nzr0aNEb907s6hPUFvPc.roa
File: pAnove0Nzr0aNEb907s6hPUFvPc.roa (raw, json)
Hash identifier: F21f/af1ZDxAd5xwHbk3AQMv2xawB2dmS02R+CQ0xEk=
Subject key identifier: A4:09:E8:BD:ED:0D:CE:BD:1A:34:46:FD:D3:BB:3A:84:F5:05:BC:F7
Certificate issuer: /CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Certificate serial: 018FE2D42F3401C004CE4D641ED281C73CC0
Authority key identifier: 1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/pAnove0Nzr0aNEb907s6hPUFvPc.roa
Signing time: Tue 04 Jun 2024 10:38:27 +0000
ROA not before: Tue 04 Jun 2024 10:38:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205394
IP address blocks: 46.226.72.0/21 maxlen: 24
139.28.100.0/22 maxlen: 22
139.28.100.0/24 maxlen: 24
139.28.101.0/24 maxlen: 24
185.176.124.0/22 maxlen: 24
185.180.172.0/22 maxlen: 24
185.201.164.0/22 maxlen: 24
2a00:5a00::/32 maxlen: 48
2a0a:c840::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Jul 2024 07:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:d4:2f:34:01:c0:04:ce:4d:64:1e:d2:81:c7:3c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Validity
Not Before: Jun 4 10:38:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a409e8bded0dcebd1a3446fdd3bb3a84f505bcf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:37:73:eb:08:a7:a6:2a:84:95:6b:75:b5:b9:
84:a2:0d:a1:ea:9d:fc:92:eb:8f:18:d1:78:11:e8:
86:a7:0f:3a:72:dd:32:5d:fa:e1:33:5f:26:d7:33:
79:d6:8c:bf:1c:dd:0e:dd:1f:aa:cc:f9:e3:bb:57:
81:1c:5b:cf:fd:52:24:23:59:bb:c1:20:79:59:c7:
a2:47:2e:34:26:a2:a5:f9:54:ad:56:ef:be:92:de:
f1:0b:b9:6c:21:05:97:5f:57:09:6a:eb:68:f4:b5:
18:3e:e0:24:6e:30:62:36:48:d5:d4:1c:85:1a:c2:
42:d3:c4:00:31:86:7a:66:42:73:18:01:ea:3d:75:
56:0d:38:a0:6c:ee:4f:01:45:52:f9:ca:09:36:dd:
9d:de:3b:f9:d1:cd:55:ec:9c:c3:99:64:29:b5:1c:
20:d4:58:68:a0:10:7c:4f:11:15:f1:35:08:12:d7:
7b:a2:da:57:86:af:c1:16:bc:52:1c:7d:13:cf:f6:
7d:44:51:41:9c:5a:7f:58:30:31:dc:e1:84:7e:ee:
b9:01:eb:53:70:8a:5d:a0:25:c4:c8:b4:20:a2:01:
bc:e3:39:49:74:c7:dd:19:f0:b6:d1:b3:0f:ce:cd:
e5:07:39:c6:cd:86:f7:b9:85:c3:3b:35:20:8a:c1:
50:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:09:E8:BD:ED:0D:CE:BD:1A:34:46:FD:D3:BB:3A:84:F5:05:BC:F7
X509v3 Authority Key Identifier:
keyid:1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/pAnove0Nzr0aNEb907s6hPUFvPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.72.0/21
139.28.100.0/22
185.176.124.0/22
185.180.172.0/22
185.201.164.0/22
IPv6:
2a00:5a00::/32
2a0a:c840::/29
Signature Algorithm: sha256WithRSAEncryption
29:f3:d8:05:14:67:90:c3:33:b4:cb:20:5d:8d:63:a9:06:60:
4f:da:97:47:a3:1e:de:df:35:b7:94:7a:42:99:2d:c9:fe:20:
1d:5b:9e:bc:54:b9:79:e3:71:7b:d7:00:ff:7d:5f:b3:fa:f5:
96:26:86:b4:8f:60:57:2b:67:1a:0d:db:37:1e:7a:81:f3:8f:
26:07:f7:e5:7f:27:89:88:ec:80:9e:45:e1:12:0c:37:0b:9c:
fd:56:74:b0:39:5c:f1:fe:d9:0b:4a:f4:5f:11:76:22:58:55:
eb:ba:6c:36:a9:7e:45:8e:3c:2a:61:6d:93:a1:76:86:94:3a:
ad:d9:d2:ac:d3:d2:e1:dc:fa:c8:77:ad:d9:52:39:62:b2:ca:
3e:2b:c8:6c:b9:08:77:bc:b5:82:d1:4f:6b:62:b4:41:ee:73:
24:6e:88:d2:0b:10:66:6b:bb:e4:a5:33:f5:03:f6:f4:1c:5a:
3a:d6:48:21:a5:64:48:f9:c0:4c:71:df:6f:06:18:a4:78:d0:
64:d3:0f:55:1f:b4:12:cb:60:53:40:a3:97:19:88:54:ec:c5:
8d:25:a3:1a:79:68:03:ab:15:bb:f4:2d:83:02:2b:72:8f:e7:
f3:48:63:16:5f:74:46:d2:9f:36:37:c9:40:d7:bb:ff:e7:e9:
6a:21:73:38
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY/i1C80AcAEzk1kHtKBxzzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZTVlZmJmNjU4OTcxNjBkNTVhNTJkYzNhMjJjMDE3ODc2
Y2QwNmMwHhcNMjQwNjA0MTAzODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA5ZThiZGVkMGRjZWJkMWEzNDQ2ZmRkM2JiM2E4NGY1MDViY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDdz6winpiqElWt1tbmEog2h6p38
kuuPGNF4EeiGpw86ct0yXfrhM18m1zN51oy/HN0O3R+qzPnju1eBHFvP/VIkI1m7
wSB5WceiRy40JqKl+VStVu++kt7xC7lsIQWXX1cJauto9LUYPuAkbjBiNkjV1ByF
GsJC08QAMYZ6ZkJzGAHqPXVWDTigbO5PAUVS+coJNt2d3jv50c1V7JzDmWQptRwg
1FhooBB8TxEV8TUIEtd7otpXhq/BFrxSHH0Tz/Z9RFFBnFp/WDAx3OGEfu65AetT
cIpdoCXEyLQgogG84zlJdMfdGfC20bMPzs3lBznGzYb3uYXDOzUgisFQ9wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKQJ6L3tDc69GjRG/dO7OoT1Bbz3MB8GA1UdIwQY
MBaAFB7l779liXFg1VpS3DoiwBeHbNBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUt
N2MwZGI3YmFlMTM1LzEvcEFub3ZlME56cjBhTkViOTA3czZoUFVGdlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUtN2MwZGI3YmFlMTM1
LzEvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDLuJIAwQC
ixxkAwQCubB8AwQCubSsAwQCucmkMBQEAgACMA4DBQAqAFoAAwUDKgrIQDANBgkq
hkiG9w0BAQsFAAOCAQEAKfPYBRRnkMMztMsgXY1jqQZgT9qXR6Me3t81t5R6Qpkt
yf4gHVuevFS5eeNxe9cA/31fs/r1liaGtI9gVytnGg3bNx56gfOPJgf35X8niYjs
gJ5F4RIMNwuc/VZ0sDlc8f7ZC0r0XxF2IlhV67psNql+RY48KmFtk6F2hpQ6rdnS
rNPS4dz6yHet2VI5YrLKPivIbLkId7y1gtFPa2K0Qe5zJG6I0gsQZmu75KUz9QP2
9BxaOtZIIaVkSPnATHHfbwYYpHjQZNMPVR+0EstgU0CjlxmIVOzFjSWjGnloA6sV
u/QtgwIrco/n80hjFl90RtKfNjfJQNe7/+fpaiFzOA==
-----END CERTIFICATE-----
Generated at Tue Jul 9 11:32:25 2024 by rpki-client on console.sobornost.net