Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/45FqnsRGFCKeUV-IDDyN96g3JIE.roa
File: 45FqnsRGFCKeUV-IDDyN96g3JIE.roa (raw, json)
Hash identifier: MOBbO7bnUVvRFqFxCLewbsVhy8cxJiyDLWKsQOMureI=
Subject key identifier: E3:91:6A:9E:C4:46:14:22:9E:51:5F:88:0C:3C:8D:F7:A8:37:24:81
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF37D555F576422A4D28BBA0F2FDD1
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/45FqnsRGFCKeUV-IDDyN96g3JIE.roa
Signing time: Tue 02 Jan 2024 06:32:01 +0000
ROA not before: Tue 02 Jan 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 213.209.135.0/24 maxlen: 24
213.209.141.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 01:57:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:37:d5:55:f5:76:42:2a:4d:28:bb:a0:f2:fd:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3916a9ec44614229e515f880c3c8df7a8372481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1b:7f:6f:50:14:af:b6:7c:e1:6f:d0:a0:c7:
6e:06:0e:a6:68:57:69:d3:46:4d:49:37:59:8d:86:
df:19:bd:11:f2:ef:2d:50:76:ed:29:d3:e0:ea:73:
14:31:61:9f:9a:c2:a4:d3:ba:cb:96:84:78:70:77:
bf:38:2a:b2:9d:49:86:91:ce:35:d1:68:89:47:ee:
99:3d:7c:e5:82:23:eb:ca:f9:71:cd:46:36:bc:27:
48:bd:8a:22:fa:bd:df:79:61:fc:af:28:11:b8:07:
09:7a:ea:c0:1b:1e:61:f8:89:a9:33:df:3b:62:4b:
43:28:19:ed:06:ce:f2:6e:7f:39:bc:79:c8:15:eb:
cb:b2:2a:e0:09:fa:46:ee:87:94:a0:15:91:93:a4:
87:6f:1a:4f:69:7e:89:58:c1:06:0c:6e:78:6d:04:
e6:af:a7:51:9d:43:69:81:8e:eb:92:58:f9:40:ac:
d1:00:e8:da:6e:fb:e1:35:2f:d8:40:4c:54:db:77:
05:65:32:10:19:09:84:4c:7c:40:48:a3:9c:e7:5e:
6a:db:ad:aa:f7:53:0b:b2:af:19:14:8a:35:92:fe:
51:ef:31:18:6a:97:06:53:f2:c8:d8:45:d4:5e:ef:
b6:8b:c4:b8:b9:03:48:5f:36:ca:ce:be:a4:c2:46:
34:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:91:6A:9E:C4:46:14:22:9E:51:5F:88:0C:3C:8D:F7:A8:37:24:81
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/45FqnsRGFCKeUV-IDDyN96g3JIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.167.0/24
213.209.135.0/24
213.209.141.0/24
213.209.153.0-213.209.154.255
Signature Algorithm: sha256WithRSAEncryption
76:61:8f:80:39:85:32:12:a4:b1:a8:b4:50:fa:7d:e1:99:98:
72:e4:1c:a9:63:23:8f:7b:be:93:3e:5c:cc:d1:c5:6a:24:e9:
55:d2:53:c4:14:d3:ad:3a:32:59:e4:e3:23:22:32:df:c4:34:
60:f5:c4:8b:fe:49:ff:14:2c:7f:4c:06:91:d8:ce:ed:6e:51:
b6:7f:f5:f2:93:37:8d:85:ab:bc:91:8a:61:a3:fe:2c:d9:fe:
a5:f7:8b:5f:6d:34:15:ad:6f:15:4f:89:e6:6b:ad:30:d6:72:
5a:15:ae:a2:ce:96:d3:8e:cb:16:25:a6:ee:e7:d0:5e:4a:da:
d0:d5:d1:5d:9f:d0:14:3a:58:a9:28:91:53:45:8f:93:c0:73:
a1:d1:68:0c:cc:f6:1d:9b:10:57:59:ea:3f:52:cb:02:2e:d6:
28:c5:0c:53:66:f7:c1:43:6b:c2:5e:ee:5f:84:e8:34:d3:4e:
3f:0c:cc:6c:d6:47:b1:ec:87:18:f3:49:b4:90:4b:e9:a6:3a:
16:5f:3f:e8:9e:b7:d5:45:1a:bc:4a:f3:73:66:6a:b1:a8:13:
a4:0d:92:25:61:54:32:b5:d6:d3:24:01:4b:10:23:d7:74:18:
ce:8c:95:bf:12:c7:6a:a0:19:0c:a6:ad:68:05:60:40:88:ca:
2b:f9:8d:a6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzI3zfVVfV2QipNKLug8v3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzkxNmE5ZWM0NDYxNDIyOWU1MTVmODgwYzNjOGRmN2E4MzcyNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRt/b1AUr7Z84W/QoMduBg6maFdp
00ZNSTdZjYbfGb0R8u8tUHbtKdPg6nMUMWGfmsKk07rLloR4cHe/OCqynUmGkc41
0WiJR+6ZPXzlgiPryvlxzUY2vCdIvYoi+r3feWH8rygRuAcJeurAGx5h+ImpM987
YktDKBntBs7ybn85vHnIFevLsirgCfpG7oeUoBWRk6SHbxpPaX6JWMEGDG54bQTm
r6dRnUNpgY7rklj5QKzRAOjabvvhNS/YQExU23cFZTIQGQmETHxASKOc515q262q
91MLsq8ZFIo1kv5R7zEYapcGU/LI2EXUXu+2i8S4uQNIXzbKzr6kwkY0OwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOORap7ERhQinlFfiAw8jfeoNySBMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvNDVGcW5zUkdGQ0tlVVYtSUREeU45NmczSklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATVqnAwQA
1dGHAwQA1dGNMAwDBADV0ZkDBADV0ZowDQYJKoZIhvcNAQELBQADggEBAHZhj4A5
hTISpLGotFD6feGZmHLkHKljI497vpM+XMzRxWok6VXSU8QU0606Mlnk4yMiMt/E
NGD1xIv+Sf8ULH9MBpHYzu1uUbZ/9fKTN42Fq7yRimGj/izZ/qX3i19tNBWtbxVP
ieZrrTDWcloVrqLOltOOyxYlpu7n0F5K2tDV0V2f0BQ6WKkokVNFj5PAc6HRaAzM
9h2bEFdZ6j9SywIu1ijFDFNm98FDa8Je7l+E6DTTTj8MzGzWR7HshxjzSbSQS+mm
OhZfP+iet9VFGrxK83NmarGoE6QNkiVhVDK11tMkAUsQI9d0GM6Mlb8Sx2qgGQym
rWgFYECIyiv5jaY=
-----END CERTIFICATE-----
Generated at Sun Apr 28 06:35:14 2024 by rpki-client on console-ams.rpki-client.org