Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/Cmemwho5LQToP7xlvAzCInUQwnc.roa
File: Cmemwho5LQToP7xlvAzCInUQwnc.roa (raw, json)
Hash identifier: UeNrtWVRq+jsxf1Aimank/xElaVy+xdzgiFs+GsoZqg=
Subject key identifier: 0A:67:A6:C2:1A:39:2D:04:E8:3F:BC:65:BC:0C:C2:22:75:10:C2:77
Certificate issuer: /CN=dc0bde1467895c6f3a47197eac58ca13ae4bb78d
Certificate serial: 01905EE49AD5F882EE697EC91D0B14A7271D
Authority key identifier: DC:0B:DE:14:67:89:5C:6F:3A:47:19:7E:AC:58:CA:13:AE:4B:B7:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AveFGeJXG86Rxl-rFjKE65Lt40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/Cmemwho5LQToP7xlvAzCInUQwnc.roa
Signing time: Fri 28 Jun 2024 12:49:18 +0000
ROA not before: Fri 28 Jun 2024 12:49:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49824
IP address blocks: 45.87.89.0/24 maxlen: 24
45.87.90.0/24 maxlen: 24
45.87.91.0/24 maxlen: 24
62.204.51.0/24 maxlen: 24
95.141.245.0/24 maxlen: 24
212.23.203.0/24 maxlen: 24
2a10:2f40::/48 maxlen: 48
2a10:2f40:1::/48 maxlen: 48
2a10:2f40:2::/48 maxlen: 48
2a10:2f40:3::/48 maxlen: 48
2a10:2f40:4::/48 maxlen: 48
2a10:2f40:5::/48 maxlen: 48
2a10:2f40:9::/48 maxlen: 48
2a10:2f40:a::/48 maxlen: 48
2a10:2f40:b::/48 maxlen: 48
2a10:2f40:c::/48 maxlen: 48
2a10:2f40:d::/48 maxlen: 48
2a10:2f40:1a::/48 maxlen: 48
2a14:7280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/3AveFGeJXG86Rxl-rFjKE65Lt40.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/3AveFGeJXG86Rxl-rFjKE65Lt40.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AveFGeJXG86Rxl-rFjKE65Lt40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:e4:9a:d5:f8:82:ee:69:7e:c9:1d:0b:14:a7:27:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc0bde1467895c6f3a47197eac58ca13ae4bb78d
Validity
Not Before: Jun 28 12:49:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a67a6c21a392d04e83fbc65bc0cc2227510c277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e6:84:4a:2a:5c:ad:86:80:47:32:05:dd:cf:
a7:b8:95:41:a0:05:ec:ef:fb:b7:a1:fa:a6:ce:0a:
7d:36:ee:cb:25:4c:56:51:cb:be:2e:63:e5:77:a5:
a2:75:e8:6c:98:d4:4c:e8:1c:b5:69:16:37:64:1a:
c1:5f:84:79:af:46:67:ab:c9:2f:8d:6a:f4:aa:71:
c6:68:d4:7b:79:ab:98:56:d6:16:84:5c:ca:4c:e2:
fa:eb:cc:63:c0:b0:87:52:0a:54:04:ab:ee:49:8f:
f2:09:15:34:fc:7b:9e:9d:98:d0:1b:79:dd:81:64:
28:74:af:2e:4e:f8:35:4f:57:11:7b:62:fe:c6:66:
07:97:bf:fc:9c:06:fc:18:ac:bb:e5:91:0b:7f:af:
f0:1a:77:83:06:cf:3e:de:04:bd:b8:87:27:bc:fe:
c3:ce:92:48:ba:3d:a8:96:8c:26:81:98:ed:89:aa:
77:97:5a:22:38:76:df:6a:fb:84:b2:29:cd:30:a0:
c5:57:59:98:13:ff:b9:eb:b9:6c:69:aa:07:87:9b:
a1:b3:3e:d2:18:e6:0a:66:4a:1c:c7:5a:6c:5c:bb:
87:40:d3:ad:8d:82:1d:58:d3:4a:32:c4:27:77:b8:
02:37:f9:96:c8:66:5d:cc:83:7f:47:97:1b:3a:fe:
b8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:67:A6:C2:1A:39:2D:04:E8:3F:BC:65:BC:0C:C2:22:75:10:C2:77
X509v3 Authority Key Identifier:
keyid:DC:0B:DE:14:67:89:5C:6F:3A:47:19:7E:AC:58:CA:13:AE:4B:B7:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AveFGeJXG86Rxl-rFjKE65Lt40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/Cmemwho5LQToP7xlvAzCInUQwnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/cf063f-9493-46f1-acd1-31c7fb4715f6/1/3AveFGeJXG86Rxl-rFjKE65Lt40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.89.0-45.87.91.255
62.204.51.0/24
95.141.245.0/24
212.23.203.0/24
IPv6:
2a10:2f40::-2a10:2f40:5:ffff:ffff:ffff:ffff:ffff
2a10:2f40:9::-2a10:2f40:d:ffff:ffff:ffff:ffff:ffff
2a10:2f40:1a::/48
2a14:7280::/29
Signature Algorithm: sha256WithRSAEncryption
50:4e:0b:fa:a2:e1:57:6e:0e:81:95:bf:be:5a:11:00:41:6b:
4d:3b:52:9b:f0:8f:e4:7a:ac:fd:f1:94:bd:02:1f:5e:92:16:
f1:82:b7:16:70:2f:c2:73:ee:4a:24:71:7a:40:be:53:de:06:
6a:d8:ba:8a:ba:cc:76:e3:8a:0c:fb:79:9b:89:26:cc:48:09:
db:3b:37:92:54:db:6a:57:b6:af:d0:12:a9:59:c7:32:5b:5d:
14:03:ef:cd:b9:ee:f9:2f:bc:81:92:15:b9:f4:6f:e3:05:f0:
6b:03:c7:79:76:28:ce:e2:e2:24:cc:3d:ac:6b:d3:9f:71:72:
f2:b4:12:ab:4a:00:5c:61:51:b1:3c:53:4c:3d:f8:44:94:a0:
e9:bc:b0:3e:5b:76:94:c6:12:2a:0b:bc:d1:ef:8e:db:2b:12:
3b:3d:07:50:cb:99:7e:7e:a9:05:83:a4:1d:ca:e6:d3:3f:ed:
d3:6e:dc:60:06:28:7a:13:ad:69:df:5d:a2:b9:2e:4b:cc:3b:
52:3e:15:3b:87:ba:44:6a:8e:72:e1:0d:a6:b7:91:90:35:27:
49:8d:5e:36:82:f1:31:bb:d9:e5:b5:8f:c9:7f:d3:44:2b:85:
02:75:fc:b2:0a:30:18:d8:d9:8c:a2:32:f9:f8:36:39:98:ab:
d5:d5:07:20
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZBe5JrV+ILuaX7JHQsUpycdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMGJkZTE0Njc4OTVjNmYzYTQ3MTk3ZWFjNThjYTEzYWU0
YmI3OGQwHhcNMjQwNjI4MTI0OTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTY3YTZjMjFhMzkyZDA0ZTgzZmJjNjViYzBjYzIyMjc1MTBjMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuaESipcrYaARzIF3c+nuJVBoAXs
7/u3ofqmzgp9Nu7LJUxWUcu+LmPld6WidehsmNRM6By1aRY3ZBrBX4R5r0Znq8kv
jWr0qnHGaNR7eauYVtYWhFzKTOL668xjwLCHUgpUBKvuSY/yCRU0/HuenZjQG3nd
gWQodK8uTvg1T1cRe2L+xmYHl7/8nAb8GKy75ZELf6/wGneDBs8+3gS9uIcnvP7D
zpJIuj2olowmgZjtiap3l1oiOHbfavuEsinNMKDFV1mYE/+567lsaaoHh5uhsz7S
GOYKZkocx1psXLuHQNOtjYIdWNNKMsQnd7gCN/mWyGZdzIN/R5cbOv64uwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFApnpsIaOS0E6D+8ZbwMwiJ1EMJ3MB8GA1UdIwQY
MBaAFNwL3hRniVxvOkcZfqxYyhOuS7eNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0F2ZUZHZUpYRzg2UnhsLXJGaktFNjVMdDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jZjA2M2YtOTQ5My00NmYxLWFjZDEt
MzFjN2ZiNDcxNWY2LzEvQ21lbXdobzVMUVRvUDd4bHZBekNJblVRd25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jZjA2M2YtOTQ5My00NmYxLWFjZDEtMzFjN2ZiNDcxNWY2
LzEvM0F2ZUZHZUpYRzg2UnhsLXJGaktFNjVMdDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjAmBAIAATAgMAwDBAAtV1kD
BAItV1gDBAA+zDMDBABfjfUDBADUF8swPAQCAAIwNjAQAwUGKhAvQAMHASoQL0AA
BDASAwcAKhAvQAAJAwcBKhAvQAAMAwcAKhAvQAAaAwUDKhRygDANBgkqhkiG9w0B
AQsFAAOCAQEAUE4L+qLhV24OgZW/vloRAEFrTTtSm/CP5Hqs/fGUvQIfXpIW8YK3
FnAvwnPuSiRxekC+U94Gati6irrMduOKDPt5m4kmzEgJ2zs3klTbale2r9ASqVnH
MltdFAPvzbnu+S+8gZIVufRv4wXwawPHeXYozuLiJMw9rGvTn3Fy8rQSq0oAXGFR
sTxTTD34RJSg6bywPlt2lMYSKgu80e+O2ysSOz0HUMuZfn6pBYOkHcrm0z/t027c
YAYoehOtad9dorkuS8w7Uj4VO4e6RGqOcuENpreRkDUnSY1eNoLxMbvZ5bWPyX/T
RCuFAnX8sgowGNjZjKIy+fg2OZir1dUHIA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:35:34 2024 by rpki-client on console-fra.rpki-client.org