Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Dk0EbuLwUAP9sm_f1hGcLUSIrmg.roa
File: Dk0EbuLwUAP9sm_f1hGcLUSIrmg.roa (raw, json)
Hash identifier: fi7ImXWeUeR4q9JCznJIziyv5GNzpD8LiGk3q5flKdA=
Subject key identifier: 0E:4D:04:6E:E2:F0:50:03:FD:B2:6F:DF:D6:11:9C:2D:44:88:AE:68
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018E9761603C0E882A42C14418C12DEA9F01
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Dk0EbuLwUAP9sm_f1hGcLUSIrmg.roa
Signing time: Mon 01 Apr 2024 01:58:44 +0000
ROA not before: Mon 01 Apr 2024 01:58:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141759
IP address blocks: 45.134.144.0/24 maxlen: 24
45.155.224.0/24 maxlen: 24
103.211.100.0/24 maxlen: 24
185.245.1.0/24 maxlen: 24
185.245.2.0/24 maxlen: 24
194.145.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:97:61:60:3c:0e:88:2a:42:c1:44:18:c1:2d:ea:9f:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Apr 1 01:58:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e4d046ee2f05003fdb26fdfd6119c2d4488ae68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:05:ec:18:85:12:28:26:ca:25:b0:3c:f3:86:
3d:b6:ad:7c:c9:e7:d9:af:13:a9:2b:39:42:88:2b:
b4:e6:03:b4:93:dc:85:8d:2a:fb:27:59:3c:67:64:
53:44:23:f6:39:15:23:f4:c0:e6:76:58:7a:90:4b:
58:d2:5c:dd:32:32:11:67:48:94:11:c8:93:d1:1a:
28:e1:99:a0:c1:73:2c:20:9b:8c:86:dc:7d:a1:97:
45:a4:2a:89:bd:92:0d:dc:2c:c6:e3:bf:5f:35:04:
b3:de:47:ae:c3:26:53:26:30:96:54:8d:5a:55:73:
86:13:5a:c1:e7:c2:cb:43:3a:8b:49:6b:23:57:78:
22:74:2b:0c:9b:34:14:d9:9a:d6:13:09:89:89:cc:
8c:8f:2b:c1:87:47:b3:7e:c1:2d:80:6d:e4:d4:ce:
ba:fb:14:60:b8:88:37:7f:9b:02:d3:d8:2f:17:d5:
4a:50:16:cb:23:28:37:9a:16:aa:32:6d:7f:b7:30:
28:51:ae:39:63:17:c4:83:fc:b8:b7:a4:bf:07:93:
0e:ea:62:fb:26:c8:31:10:70:fb:55:ef:69:9d:5c:
e9:f5:37:02:10:2a:63:3b:6c:09:38:4a:b0:df:ee:
37:b0:2d:4b:3f:56:8e:7a:a7:6b:9f:0d:2d:f5:c6:
b7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:4D:04:6E:E2:F0:50:03:FD:B2:6F:DF:D6:11:9C:2D:44:88:AE:68
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Dk0EbuLwUAP9sm_f1hGcLUSIrmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.144.0/24
45.155.224.0/24
103.211.100.0/24
185.245.1.0-185.245.2.255
194.145.237.0/24
Signature Algorithm: sha256WithRSAEncryption
10:fb:4e:4e:6c:ea:c1:9d:d5:7e:fa:8b:04:06:68:2c:76:6b:
98:8a:15:a1:8b:a6:52:3f:02:6e:af:5b:64:29:d5:d8:39:5e:
53:b7:1c:3c:b5:d2:f6:88:08:b9:1b:dd:ca:b0:e6:f7:ce:8c:
33:25:5e:c3:a6:5e:82:43:19:fd:82:16:8b:0b:e2:ec:7d:31:
d3:65:81:03:8d:fc:ee:96:8d:44:90:23:e8:87:d9:2a:9d:71:
11:b2:10:a2:bb:29:af:d2:fd:c8:68:48:e9:35:13:f5:61:b8:
b2:9c:90:d5:9f:05:ee:08:c0:bb:a0:fa:d9:a7:68:fb:b9:0e:
02:a1:2b:eb:0a:41:40:e5:30:11:35:c1:64:86:ab:f4:0b:6e:
80:e8:1b:97:07:07:22:8e:df:d7:dc:76:3f:15:34:d0:f5:8f:
3d:51:6b:17:0d:95:f2:c9:ef:03:a5:15:c1:32:ff:83:66:0f:
29:2f:47:2b:4c:19:22:b2:6b:07:15:44:3a:f3:a4:98:20:8f:
1a:d3:b7:6b:40:c4:94:28:e9:2c:65:c5:d8:67:e8:68:5c:42:
f6:41:b9:4b:00:c6:d5:19:24:58:0c:b9:c5:b1:b1:62:40:1d:
d5:5d:45:59:1a:9b:7d:a4:80:ed:53:7c:f2:ce:d5:ab:cd:59:
a8:e6:9f:7f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY6XYWA8DogqQsFEGMEt6p8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwNDAxMDE1ODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTRkMDQ2ZWUyZjA1MDAzZmRiMjZmZGZkNjExOWMyZDQ0ODhhZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQXsGIUSKCbKJbA884Y9tq18yefZ
rxOpKzlCiCu05gO0k9yFjSr7J1k8Z2RTRCP2ORUj9MDmdlh6kEtY0lzdMjIRZ0iU
EciT0Roo4ZmgwXMsIJuMhtx9oZdFpCqJvZIN3CzG479fNQSz3keuwyZTJjCWVI1a
VXOGE1rB58LLQzqLSWsjV3gidCsMmzQU2ZrWEwmJicyMjyvBh0ezfsEtgG3k1M66
+xRguIg3f5sC09gvF9VKUBbLIyg3mhaqMm1/tzAoUa45YxfEg/y4t6S/B5MO6mL7
JsgxEHD7Ve9pnVzp9TcCECpjO2wJOEqw3+43sC1LP1aOeqdrnw0t9ca3FQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFA5NBG7i8FAD/bJv39YRnC1EiK5oMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvRGswRWJ1THdVQVA5c21fZjFoR2NMVVNJcm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALYaQAwQA
LZvgAwQAZ9NkMAwDBAC59QEDBAC59QIDBADCke0wDQYJKoZIhvcNAQELBQADggEB
ABD7Tk5s6sGd1X76iwQGaCx2a5iKFaGLplI/Am6vW2Qp1dg5XlO3HDy10vaICLkb
3cqw5vfOjDMlXsOmXoJDGf2CFosL4ux9MdNlgQON/O6WjUSQI+iH2SqdcRGyEKK7
Ka/S/choSOk1E/VhuLKckNWfBe4IwLug+tmnaPu5DgKhK+sKQUDlMBE1wWSGq/QL
boDoG5cHByKO39fcdj8VNND1jz1RaxcNlfLJ7wOlFcEy/4NmDykvRytMGSKyawcV
RDrzpJggjxrTt2tAxJQo6Sxlxdhn6GhcQvZBuUsAxtUZJFgMucWxsWJAHdVdRVka
m32kgO1TfPLO1avNWajmn38=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:50:31 2024 by rpki-client on console-fra.rpki-client.org