Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Bqdd0tzOH25-udBdgktYOZxm3nI.roa
File: Bqdd0tzOH25-udBdgktYOZxm3nI.roa (raw, json)
Hash identifier: N1x6QePLSczstVhCNZdx9yx+gWPGFGnapupP36EcFt4=
Subject key identifier: 06:A7:5D:D2:DC:CE:1F:6E:7E:B9:D0:5D:82:4B:58:39:9C:66:DE:72
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01935431CDFEFC4AAE87393600159823C81D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Bqdd0tzOH25-udBdgktYOZxm3nI.roa
Signing time: Fri 22 Nov 2024 14:06:10 +0000
ROA not before: Fri 22 Nov 2024 14:06:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 31.13.246.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.90.88.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.119.196.0/23 maxlen: 24
93.123.84.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.179.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.226.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:54:31:cd:fe:fc:4a:ae:87:39:36:00:15:98:23:c8:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 22 14:06:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06a75dd2dcce1f6e7eb9d05d824b58399c66de72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6b:a3:8b:44:bc:83:8e:09:e7:28:c3:c0:ed:
9d:b9:60:7b:4e:d7:52:e4:4e:aa:e2:78:1d:99:26:
5d:27:44:d0:fb:65:07:b9:6c:7f:7e:fc:7a:34:5e:
17:e4:87:eb:33:c1:d2:40:13:3d:ed:47:1c:f5:2d:
73:4b:c5:91:ee:a5:60:0e:25:0e:7d:b9:5d:90:16:
ac:f7:36:dd:ee:d8:07:7c:32:bc:5a:b0:6d:38:ca:
47:6c:5d:cf:e7:a3:a6:1b:c8:ef:5b:82:14:f8:0a:
1c:81:e0:2a:9e:86:56:df:08:68:96:9a:66:b6:9a:
7d:bc:02:1c:cd:f3:bc:5c:00:bc:77:a6:e2:c8:72:
83:fa:2d:16:1e:5a:c6:46:37:2e:98:6a:0d:5d:ef:
5a:5e:4c:42:b2:c3:2f:8c:0e:f8:52:e9:36:d6:f6:
8a:0a:98:88:01:2d:f6:09:ae:9d:6f:ff:40:8c:29:
75:0f:51:38:f9:d8:14:9d:5a:8d:8b:0a:19:0a:f9:
30:e3:f3:81:37:20:64:ee:da:f9:26:6a:ce:34:22:
ce:e5:4f:96:b0:9a:0d:e5:f0:36:2a:f4:93:1c:3f:
a9:96:98:e6:3d:f2:79:5c:cf:0a:b6:9c:e8:01:13:
15:6b:fb:19:66:c6:e5:3b:78:3e:1d:69:49:46:16:
6a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A7:5D:D2:DC:CE:1F:6E:7E:B9:D0:5D:82:4B:58:39:9C:66:DE:72
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Bqdd0tzOH25-udBdgktYOZxm3nI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.246.0/24
45.14.164.0/24
45.66.228.0/24
45.88.64.0/24
45.90.88.0/24
45.139.106.0/24
45.141.158.0/24
45.151.89.0-45.151.91.255
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.166.0/24
87.121.45.0/24
87.121.87.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
93.123.84.0/24
94.154.160.0/22
94.156.11.0/24
94.156.64.0/21
94.156.179.0/24
141.98.1.0/24
147.78.100.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
185.226.174.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:d1:98:8a:e4:1c:b7:0b:37:f0:0e:b5:5d:7f:66:18:9a:20:
e8:9a:5c:00:4b:c5:50:55:4a:99:73:22:eb:69:1f:fd:b8:8e:
49:76:d1:8c:45:c9:29:3d:1a:c0:cd:ce:ce:c4:b3:a8:cc:6e:
ab:5c:15:b3:78:b9:05:80:6f:c0:12:72:d3:37:6f:18:61:04:
92:8f:7f:64:8e:3e:17:66:24:b0:9b:d6:2d:93:01:08:09:53:
f1:36:b8:03:e4:e9:8c:96:e1:58:53:d1:08:6d:54:98:44:c3:
fd:32:84:48:26:9e:f7:29:5c:53:d7:96:70:a2:f1:06:03:7f:
97:75:2e:2f:8b:9c:34:70:a4:b2:e7:cc:ce:ae:86:04:8c:7a:
9f:3f:3d:12:be:11:07:4b:0d:b6:a8:bc:2b:88:04:45:d7:9d:
45:ff:e7:e1:04:d0:81:d6:87:fd:93:c2:5f:33:63:3b:b5:fb:
72:70:3e:96:cf:a8:aa:21:a4:4d:f4:fa:c9:c1:5b:dc:81:f6:
78:d1:93:e9:3d:1a:c1:01:51:9f:86:1a:33:63:cb:4a:2c:50:
8e:4d:a1:b1:2d:dc:fc:c2:c0:5d:31:30:4d:26:c8:de:d6:31:
77:c0:ce:74:d6:77:cd:62:54:3b:4b:9c:91:9a:ca:4a:53:c0:
6a:64:a6:d8
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZNUMc3+/Equhzk2ABWYI8gdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTIyMTQwNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE3NWRkMmRjY2UxZjZlN2ViOWQwNWQ4MjRiNTgzOTljNjZkZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2uji0S8g44J5yjDwO2duWB7TtdS
5E6q4ngdmSZdJ0TQ+2UHuWx/fvx6NF4X5IfrM8HSQBM97Ucc9S1zS8WR7qVgDiUO
fbldkBas9zbd7tgHfDK8WrBtOMpHbF3P56OmG8jvW4IU+AocgeAqnoZW3wholppm
tpp9vAIczfO8XAC8d6biyHKD+i0WHlrGRjcumGoNXe9aXkxCssMvjA74Uuk21vaK
CpiIAS32Ca6db/9AjCl1D1E4+dgUnVqNiwoZCvkw4/OBNyBk7tr5JmrONCLO5U+W
sJoN5fA2KvSTHD+plpjmPfJ5XM8KtpzoARMVa/sZZsblO3g+HWlJRhZqLQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFAanXdLczh9ufrnQXYJLWDmcZt5yMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQnFkZDB0ek9IMjUtdWRCZGdrdFlPWnhtM25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAf
DfYDBAAtDqQDBAAtQuQDBAAtWEADBAAtWlgDBAAti2oDBAAtjZ4wDAMEAC2XWQME
Ai2XWAMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4pgMEAFd5LQMEAFd5VwMEAVd5fAME
AFd5ogMEAFd5pQMEBFtc8AMEAVx3xAMEAF17VAMEAl6aoAMEAF6cCwMEA16cQAME
AF6cswMEAI1iAQMEAJNOZAMEAqsWSAMEArnYVAMEArnaVAMEALnirjANBgkqhkiG
9w0BAQsFAAOCAQEAoNGYiuQctws38A61XX9mGJog6JpcAEvFUFVKmXMi62kf/biO
SXbRjEXJKT0awM3OzsSzqMxuq1wVs3i5BYBvwBJy0zdvGGEEko9/ZI4+F2YksJvW
LZMBCAlT8Ta4A+TpjJbhWFPRCG1UmETD/TKESCae9ylcU9eWcKLxBgN/l3UuL4uc
NHCksufMzq6GBIx6nz89Er4RB0sNtqi8K4gERdedRf/n4QTQgdaH/ZPCXzNjO7X7
cnA+ls+oqiGkTfT6ycFb3IH2eNGT6T0awQFRn4YaM2PLSixQjk2hsS3c/MLAXTEw
TSbI3tYxd8DOdNZ3zWJUO0uckZrKSlPAamSm2A==
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:48:56 2024 by rpki-client on console-ams.rpki-client.org