Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/5dds8bPZglv-f--RnpeC2FTOmYA.roa
File: 5dds8bPZglv-f--RnpeC2FTOmYA.roa (raw, json)
Hash identifier: mkCYeVYCfDLmrhXX2w78yWX7ItPUaFdM/AXu8JbLrtU=
Subject key identifier: E5:D7:6C:F1:B3:D9:82:5B:FE:7F:EF:91:9E:97:82:D8:54:CE:99:80
Certificate issuer: /CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Certificate serial: 01927ADD3BA098306AC45BCDF14C358A9DEB
Authority key identifier: 3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/5dds8bPZglv-f--RnpeC2FTOmYA.roa
Signing time: Fri 11 Oct 2024 09:16:11 +0000
ROA not before: Fri 11 Oct 2024 09:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202543
IP address blocks: 45.154.176.0/24 maxlen: 24
45.154.177.0/24 maxlen: 24
45.154.178.0/24 maxlen: 24
45.154.179.0/24 maxlen: 24
185.227.6.0/24 maxlen: 24
185.246.168.0/24 maxlen: 24
185.246.169.0/24 maxlen: 24
185.246.170.0/24 maxlen: 24
185.246.171.0/24 maxlen: 24
2a0f:3980::/30 maxlen: 30
2a0f:3984::/30 maxlen: 30
2a0f:c300::/30 maxlen: 30
2a0f:c304::/30 maxlen: 30
2a14:2980::/30 maxlen: 30
2a14:2984::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:dd:3b:a0:98:30:6a:c4:5b:cd:f1:4c:35:8a:9d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Validity
Not Before: Oct 11 09:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5d76cf1b3d9825bfe7fef919e9782d854ce9980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:87:e2:f4:6d:d7:71:e6:04:fc:c0:3a:fa:fb:
20:ef:66:20:10:a6:e4:41:0f:6e:76:34:61:9b:d4:
7f:ac:5b:8c:e6:db:e8:40:48:f2:23:30:8d:09:8e:
1a:f4:98:08:88:1c:8f:3d:57:71:7c:d1:3d:89:ef:
f2:b6:2b:df:b7:62:ff:c5:53:aa:1d:a1:30:40:e7:
e1:2e:55:da:64:fc:ee:7d:7f:e0:02:97:c2:0f:5f:
49:24:70:61:bd:42:d2:d2:6c:df:51:52:eb:26:1d:
bb:b9:e2:85:89:09:58:40:ab:a0:f0:34:ff:20:30:
c9:f0:5a:59:1c:12:d7:09:b0:ea:3a:31:32:18:4d:
99:d1:2f:cd:e8:61:8f:23:6a:2e:64:4f:a8:7e:11:
46:65:c3:58:e2:84:63:13:45:49:cc:13:30:40:96:
b9:6b:c1:fe:8e:fd:e2:2c:dc:0a:fc:83:69:f6:28:
3d:34:26:b2:3d:a2:a2:83:c2:fd:ea:6d:bf:ee:8b:
fa:dc:03:93:23:37:2b:b8:d4:9e:85:ac:b9:5b:ee:
6d:c5:ef:a0:5e:18:e4:02:db:dc:18:d9:95:86:f5:
37:58:1f:90:ec:db:40:53:a7:cf:3b:ac:61:d8:e7:
91:4f:50:a2:60:81:8a:75:a4:59:77:68:ed:59:e8:
a1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D7:6C:F1:B3:D9:82:5B:FE:7F:EF:91:9E:97:82:D8:54:CE:99:80
X509v3 Authority Key Identifier:
keyid:3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/5dds8bPZglv-f--RnpeC2FTOmYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.176.0/22
185.227.6.0/24
185.246.168.0/22
IPv6:
2a0f:3980::/29
2a0f:c300::/29
2a14:2980::/29
Signature Algorithm: sha256WithRSAEncryption
73:58:91:2e:2c:e1:b4:83:c7:64:1b:7a:ef:79:76:3a:23:b4:
bc:6f:23:57:36:f5:27:91:e8:a0:72:e0:44:93:a8:df:6c:34:
17:0d:38:71:76:99:43:19:a2:65:a1:db:a2:b6:67:ba:e6:f5:
5f:44:0b:72:39:ff:94:61:55:0f:dc:c6:e0:9e:3b:a5:ec:e2:
ab:a0:41:ac:cd:71:e1:fb:9d:77:f9:d3:8c:1c:d1:4f:a6:b5:
e3:ed:62:cd:a3:9e:99:36:87:fb:10:98:a6:51:48:41:ee:2b:
75:f5:db:4b:4f:23:24:3e:36:e9:6c:bc:3c:61:95:89:9c:d6:
b3:97:51:12:38:e2:db:42:6c:6e:99:78:03:aa:7d:db:9e:d5:
3c:86:1e:cf:e7:fd:a2:52:05:77:d0:4c:61:5a:e4:a4:06:78:
ae:f1:16:54:5c:f6:de:bf:ee:de:3f:4b:14:0d:5f:1b:dc:a4:
5b:0f:76:85:96:e9:13:a5:34:c2:fe:50:d5:63:f4:ff:a3:1d:
b7:75:b0:11:70:c5:b8:88:fd:ae:83:52:91:eb:6c:d7:72:9c:
4f:10:3f:9d:ae:ee:48:4c:b4:bc:50:3a:35:1a:e1:c7:69:b8:
5e:f4:09:ca:58:55:b2:dc:e0:99:9d:2d:c5:15:2c:09:5b:14:
49:e5:69:0f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZJ63TugmDBqxFvN8Uw1ip3rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZTE0MzI5YjZjMWU2OTUwMTFhODI0MDZmN2FmNDhmNGJi
MTBhZDQwHhcNMjQxMDExMDkxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQ3NmNmMWIzZDk4MjViZmU3ZmVmOTE5ZTk3ODJkODU0Y2U5OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ofi9G3XceYE/MA6+vsg72YgEKbk
QQ9udjRhm9R/rFuM5tvoQEjyIzCNCY4a9JgIiByPPVdxfNE9ie/ytivft2L/xVOq
HaEwQOfhLlXaZPzufX/gApfCD19JJHBhvULS0mzfUVLrJh27ueKFiQlYQKug8DT/
IDDJ8FpZHBLXCbDqOjEyGE2Z0S/N6GGPI2ouZE+ofhFGZcNY4oRjE0VJzBMwQJa5
a8H+jv3iLNwK/INp9ig9NCayPaKig8L96m2/7ov63AOTIzcruNSehay5W+5txe+g
XhjkAtvcGNmVhvU3WB+Q7NtAU6fPO6xh2OeRT1CiYIGKdaRZd2jtWeihuwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOXXbPGz2YJb/n/vkZ6XgthUzpmAMB8GA1UdIwQY
MBaAFD/hQym2weaVARqCQG969I9LsQrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQt
YzNkNTdlMjM4N2NhLzEvNWRkczhiUFpnbHYtZi0tUm5wZUMyRlRPbVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQtYzNkNTdlMjM4N2Nh
LzEvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLZqwAwQA
ueMGAwQCufaoMBsEAgACMBUDBQMqDzmAAwUDKg/DAAMFAyoUKYAwDQYJKoZIhvcN
AQELBQADggEBAHNYkS4s4bSDx2Qbeu95djojtLxvI1c29SeR6KBy4ESTqN9sNBcN
OHF2mUMZomWh26K2Z7rm9V9EC3I5/5RhVQ/cxuCeO6Xs4qugQazNceH7nXf504wc
0U+mtePtYs2jnpk2h/sQmKZRSEHuK3X120tPIyQ+NulsvDxhlYmc1rOXURI44ttC
bG6ZeAOqfdue1TyGHs/n/aJSBXfQTGFa5KQGeK7xFlRc9t6/7t4/SxQNXxvcpFsP
doWW6ROlNML+UNVj9P+jHbd1sBFwxbiI/a6DUpHrbNdynE8QP52u7khMtLxQOjUa
4cdpuF70CcpYVbLc4JmdLcUVLAlbFEnlaQ8=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:35:19 2024 by rpki-client on console-fra.rpki-client.org