Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/PJzGqwr2DDKSABQ5lSwl55tjc_M.roa
File: PJzGqwr2DDKSABQ5lSwl55tjc_M.roa (raw, json)
Hash identifier: h2CHA2LF5Ot0zzSLb6Ha9PJQ1PoyhS0vv3tO+hZHeg0=
Subject key identifier: 3C:9C:C6:AB:0A:F6:0C:32:92:00:14:39:95:2C:25:E7:9B:63:73:F3
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018CC4255B635BEB0DE800A6F01E5DDBA2E3
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/PJzGqwr2DDKSABQ5lSwl55tjc_M.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64080
IP address blocks: 45.43.64.0/24 maxlen: 24
45.43.68.0/22 maxlen: 24
45.43.65.0/24 maxlen: 24
45.43.84.0/23 maxlen: 24
45.43.80.0/22 maxlen: 24
198.105.100.0/22 maxlen: 24
198.105.109.0/24 maxlen: 24
198.105.108.0/24 maxlen: 24
198.105.111.0/24 maxlen: 24
89.33.6.0/23 maxlen: 24
155.254.48.0/23 maxlen: 24
107.181.132.0/23 maxlen: 24
107.181.128.0/22 maxlen: 22
107.181.140.0/22 maxlen: 24
107.181.152.0/24 maxlen: 24
107.181.148.0/23 maxlen: 24
107.181.154.0/24 maxlen: 24
107.181.153.0/24 maxlen: 24
2a05:9f46::/32 maxlen: 48
2a05:9f47::/32 maxlen: 48
2a07:9946::/32 maxlen: 48
2a05:9f40:1f::/48 maxlen: 48
2a05:9f44:2a05::/48 maxlen: 48
2a07:9947::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 07:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5b:63:5b:eb:0d:e8:00:a6:f0:1e:5d:db:a2:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c9cc6ab0af60c3292001439952c25e79b6373f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:15:8a:c6:18:50:9f:48:5d:ee:12:36:85:2a:
04:d8:a8:cd:38:9a:86:d9:6c:15:3d:a7:cb:48:ca:
07:e2:d9:40:59:bf:53:52:a0:60:4d:d6:f3:fb:09:
30:03:6b:67:e1:c6:52:bc:0b:80:2b:1a:2b:f3:d2:
f9:a0:2f:8b:1b:b2:af:f9:b7:e5:61:10:ae:d8:1a:
cd:d6:e8:26:b5:90:5d:4a:00:1a:1e:03:d8:a1:11:
16:54:05:7d:45:9c:03:10:26:37:b0:7c:4f:d2:43:
1d:35:61:bc:20:af:ca:68:7e:75:0c:54:5c:52:57:
90:92:1c:95:2a:99:8a:8d:43:0e:ea:b0:ff:2c:22:
f3:8a:e6:9e:4a:87:f7:5f:32:df:cb:00:fa:ea:18:
66:a8:74:cf:2e:40:eb:2d:be:08:fe:85:dc:22:bb:
f2:2b:bc:0b:4e:b5:25:3a:13:11:c6:20:a6:dc:d3:
e1:7d:79:51:b6:42:d8:ae:b5:68:42:3a:0a:cb:29:
27:e8:de:af:5a:e7:76:22:2d:00:b8:46:9a:cb:1a:
09:af:eb:86:47:cb:e2:dd:73:18:a5:8f:98:77:e4:
e6:5b:9e:68:bc:51:12:19:14:74:2c:36:fd:de:d5:
21:67:27:a4:92:d0:3b:fa:e1:cd:ed:13:bf:4a:11:
e3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9C:C6:AB:0A:F6:0C:32:92:00:14:39:95:2C:25:E7:9B:63:73:F3
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/PJzGqwr2DDKSABQ5lSwl55tjc_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/23
45.43.68.0/22
45.43.80.0-45.43.85.255
89.33.6.0/23
107.181.128.0-107.181.133.255
107.181.140.0/22
107.181.148.0/23
107.181.152.0-107.181.154.255
155.254.48.0/23
198.105.100.0/22
198.105.108.0/23
198.105.111.0/24
IPv6:
2a05:9f40:1f::/48
2a05:9f44:2a05::/48
2a05:9f46::/31
2a07:9946::/31
Signature Algorithm: sha256WithRSAEncryption
04:7e:52:5f:e9:5a:52:e1:f3:41:f0:04:38:fc:f5:bd:60:58:
a5:dc:36:6d:cc:dd:23:66:16:6e:57:24:d7:c8:0d:0a:f7:31:
ec:9c:ab:65:ee:cc:59:94:8c:b3:dd:69:54:d6:96:2e:f5:f5:
8a:ce:cb:b8:4a:fa:c4:61:0d:15:a9:83:ac:39:7f:70:c4:e5:
63:0e:bc:07:75:05:44:0d:e6:5a:fd:2b:cd:ec:d0:57:c5:a2:
45:40:d5:cc:52:1b:d5:5b:6c:35:95:49:f7:3a:3d:84:63:7a:
ca:2e:b9:15:25:0e:49:c8:c4:ac:3a:23:ba:fb:73:46:06:c9:
2f:45:a6:36:3e:34:2f:cb:97:6d:95:d8:d7:4b:5f:71:19:25:
f8:e7:a8:30:b1:28:de:49:99:1a:84:25:01:bb:9b:df:1e:dc:
ed:ec:e3:78:fc:d9:8e:7e:00:4c:01:ec:6b:1b:27:18:cd:44:
fd:62:bd:e2:93:28:8c:bb:3d:87:51:2c:ca:bd:19:53:a0:a3:
2f:8a:79:83:a1:e5:9d:48:4a:98:f6:5c:35:e1:66:87:9f:6c:
94:ac:1b:2e:98:5c:33:6b:36:78:66:d9:5f:1b:bd:14:be:ae:
1d:92:a3:b3:25:e1:ab:37:08:4c:37:08:b1:d7:e9:f3:ad:57:
17:68:c0:9f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYzEJVtjW+sN6ACm8B5d26LjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzljYzZhYjBhZjYwYzMyOTIwMDE0Mzk5NTJjMjVlNzliNjM3M2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxWKxhhQn0hd7hI2hSoE2KjNOJqG
2WwVPafLSMoH4tlAWb9TUqBgTdbz+wkwA2tn4cZSvAuAKxor89L5oC+LG7Kv+bfl
YRCu2BrN1ugmtZBdSgAaHgPYoREWVAV9RZwDECY3sHxP0kMdNWG8IK/KaH51DFRc
UleQkhyVKpmKjUMO6rD/LCLziuaeSof3XzLfywD66hhmqHTPLkDrLb4I/oXcIrvy
K7wLTrUlOhMRxiCm3NPhfXlRtkLYrrVoQjoKyykn6N6vWud2Ii0AuEaayxoJr+uG
R8vi3XMYpY+Yd+TmW55ovFESGRR0LDb93tUhZyekktA7+uHN7RO/ShHj4QIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFDycxqsK9gwykgAUOZUsJeebY3PzMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvUEp6R3F3cjJEREtTQUJRNWxTd2w1NXRqY19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDBmBAIAATBgAwQBLStA
AwQCLStEMAwDBAQtK1ADBAEtK1QDBAFZIQYwDAMEB2u1gAMEAWu1hAMEAmu1jAME
AWu1lDAMAwQDa7WYAwQAa7WaAwQBm/4wAwQCxmlkAwQBxmlsAwQAxmlvMCYEAgAC
MCADBwAqBZ9AAB8DBwAqBZ9EKgUDBQEqBZ9GAwUBKgeZRjANBgkqhkiG9w0BAQsF
AAOCAQEABH5SX+laUuHzQfAEOPz1vWBYpdw2bczdI2YWblck18gNCvcx7JyrZe7M
WZSMs91pVNaWLvX1is7LuEr6xGENFamDrDl/cMTlYw68B3UFRA3mWv0rzezQV8Wi
RUDVzFIb1VtsNZVJ9zo9hGN6yi65FSUOScjErDojuvtzRgbJL0WmNj40L8uXbZXY
10tfcRkl+OeoMLEo3kmZGoQlAbub3x7c7ezjePzZjn4ATAHsaxsnGM1E/WK94pMo
jLs9h1Esyr0ZU6CjL4p5g6HlnUhKmPZcNeFmh59slKwbLphcM2s2eGbZXxu9FL6u
HZKjsyXhqzcITDcIsdfp861XF2jAnw==
-----END CERTIFICATE-----
Generated at Fri May 17 09:46:50 2024 by rpki-client on console-ams.rpki-client.org