Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/0NOTC247PrhBQHmb2YPUVeWDNWc.roa
File: 0NOTC247PrhBQHmb2YPUVeWDNWc.roa (raw, json)
Hash identifier: 3tcxg1NL3yz/lvX+2dtGqL6Z69rijdSkTORxLGvSv8Y=
Subject key identifier: D0:D3:93:0B:6E:3B:3E:B8:41:40:79:9B:D9:83:D4:55:E5:83:35:67
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 018DC5C10DC2A343EA0089B12AA0F34EF297
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/0NOTC247PrhBQHmb2YPUVeWDNWc.roa
Signing time: Tue 20 Feb 2024 09:02:59 +0000
ROA not before: Tue 20 Feb 2024 09:02:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 45.66.252.0/24 maxlen: 24
45.66.253.0/24 maxlen: 24
45.66.254.0/24 maxlen: 24
45.66.255.0/24 maxlen: 24
91.217.6.0/24 maxlen: 24
91.217.7.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:c1:0d:c2:a3:43:ea:00:89:b1:2a:a0:f3:4e:f2:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Feb 20 09:02:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0d3930b6e3b3eb84140799bd983d455e5833567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:57:5d:d0:84:b7:d1:5a:3b:f4:4d:d0:24:9b:
10:14:ae:79:94:5b:72:2e:67:a9:7f:b9:28:e4:91:
41:33:c1:e6:fc:60:7d:fd:75:34:50:bd:32:5c:96:
cd:8a:0d:4f:38:e9:6a:48:79:94:f1:01:33:e6:df:
a1:ee:41:11:f1:c2:42:27:32:2c:9c:99:e5:b6:f5:
76:8c:75:ba:73:95:a6:71:ce:1c:04:a1:24:d3:ae:
22:0b:62:fd:0d:fd:7a:99:18:c4:a8:2f:62:e5:34:
91:9e:0b:9b:50:20:7a:59:14:2a:0a:c2:3e:d1:5e:
c1:5e:88:6c:c5:8c:1f:6f:35:f2:ed:c0:49:d2:37:
2f:74:06:de:7a:d1:fe:20:36:3f:b7:90:ab:3d:ba:
e3:ec:e0:28:77:f1:0e:f9:77:42:e3:10:72:10:7d:
8d:54:0c:fc:1d:6e:bd:84:23:37:e4:50:a2:14:f1:
09:03:0d:96:72:60:da:cd:b1:34:b7:ea:fe:ea:bf:
0e:9f:61:0f:e2:ba:60:90:f5:d0:e6:89:c0:a6:ca:
50:4c:58:fd:ab:78:fa:a5:6c:aa:d2:3a:1e:4a:2d:
fc:d9:00:16:1c:2c:5d:78:33:c4:0b:fd:f3:43:0e:
24:41:01:cf:0d:6c:bc:09:25:76:36:b3:d2:c7:63:
0e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D3:93:0B:6E:3B:3E:B8:41:40:79:9B:D9:83:D4:55:E5:83:35:67
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/0NOTC247PrhBQHmb2YPUVeWDNWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.252.0/22
91.217.6.0/23
109.74.28.0/22
Signature Algorithm: sha256WithRSAEncryption
41:03:f4:a3:43:83:35:f9:b3:a0:21:ab:ad:b3:d5:60:41:9b:
c0:e8:31:0f:ff:17:72:70:ea:4e:aa:1d:38:8b:54:ef:aa:e8:
3e:95:8e:15:ca:fb:15:67:e4:da:3a:68:d1:3b:a4:58:d5:a6:
86:64:47:af:0a:16:27:cb:fb:65:48:8c:e8:4b:f1:8d:e1:8e:
57:6a:cb:35:2d:83:30:47:5d:58:7e:e1:fa:3f:d3:cc:ff:d6:
ce:f4:7a:dd:0e:41:af:93:a0:88:0f:2f:30:dd:7c:2c:47:85:
75:3a:01:75:ce:a9:15:1c:f5:72:b3:33:56:26:a5:4f:a7:96:
1a:b1:70:1e:0f:c7:64:83:15:fa:87:64:f1:72:db:56:a7:69:
3b:fe:ba:1f:46:ab:32:7a:77:82:60:6a:e1:a1:67:6b:1c:c6:
98:ee:cf:d6:f6:2c:8b:b0:1e:54:4a:2e:91:23:61:bc:46:48:
b4:b8:09:a3:f2:c0:2d:30:87:77:43:1a:83:37:d3:47:ea:be:
97:31:72:41:8d:85:b4:12:96:2a:61:e4:e1:49:de:0c:95:97:
9a:b6:f4:17:7f:95:81:bc:0e:64:1d:ca:f9:24:3c:cc:b3:4f:
42:92:26:b2:1f:b2:77:9f:3c:cc:a0:ce:5b:8f:14:b2:d5:4e:
4e:4a:01:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3FwQ3Co0PqAImxKqDzTvKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQwMjIwMDkwMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQzOTMwYjZlM2IzZWI4NDE0MDc5OWJkOTgzZDQ1NWU1ODMzNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApldd0IS30Vo79E3QJJsQFK55lFty
Lmepf7ko5JFBM8Hm/GB9/XU0UL0yXJbNig1POOlqSHmU8QEz5t+h7kER8cJCJzIs
nJnltvV2jHW6c5Wmcc4cBKEk064iC2L9Df16mRjEqC9i5TSRngubUCB6WRQqCsI+
0V7BXohsxYwfbzXy7cBJ0jcvdAbeetH+IDY/t5CrPbrj7OAod/EO+XdC4xByEH2N
VAz8HW69hCM35FCiFPEJAw2WcmDazbE0t+r+6r8On2EP4rpgkPXQ5onApspQTFj9
q3j6pWyq0joeSi382QAWHCxdeDPEC/3zQw4kQQHPDWy8CSV2NrPSx2MO/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNDTkwtuOz64QUB5m9mD1FXlgzVnMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvME5PVEMyNDdQcmhCUUhtYjJZUFVWZVdETldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLUL8AwQB
W9kGAwQCbUocMA0GCSqGSIb3DQEBCwUAA4IBAQBBA/SjQ4M1+bOgIauts9VgQZvA
6DEP/xdycOpOqh04i1Tvqug+lY4VyvsVZ+TaOmjRO6RY1aaGZEevChYny/tlSIzo
S/GN4Y5Xass1LYMwR11YfuH6P9PM/9bO9HrdDkGvk6CIDy8w3XwsR4V1OgF1zqkV
HPVyszNWJqVPp5YasXAeD8dkgxX6h2TxcttWp2k7/rofRqsyeneCYGrhoWdrHMaY
7s/W9iyLsB5USi6RI2G8Rki0uAmj8sAtMId3QxqDN9NH6r6XMXJBjYW0EpYqYeTh
Sd4MlZeatvQXf5WBvA5kHcr5JDzMs09CkiayH7J3nzzMoM5bjxSy1U5OSgGA
-----END CERTIFICATE-----
Generated at Wed May 8 15:35:57 2024 by rpki-client on console-fra.rpki-client.org