Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/3e_-nzSyp60odhirfugM0DNctUM.roa
File: 3e_-nzSyp60odhirfugM0DNctUM.roa (raw, json)
Hash identifier: InsYd7XjmclFxD+RQXl8Ht8iCkOnDnTXouPctbLzaC0=
Subject key identifier: DD:EF:FE:9F:34:B2:A7:AD:28:76:18:AB:7E:E8:0C:D0:33:5C:B5:43
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018E32602317D02FB73530EAF20F2BA82E26
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/3e_-nzSyp60odhirfugM0DNctUM.roa
Signing time: Tue 12 Mar 2024 11:15:45 +0000
ROA not before: Tue 12 Mar 2024 11:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208949
IP address blocks: 45.88.0.0/24 maxlen: 24
45.142.1.0/24 maxlen: 24
45.148.145.0/24 maxlen: 24
45.148.146.0/24 maxlen: 24
185.217.136.0/24 maxlen: 24
185.217.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.mft
rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:60:23:17:d0:2f:b7:35:30:ea:f2:0f:2b:a8:2e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Mar 12 11:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddeffe9f34b2a7ad287618ab7ee80cd0335cb543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:12:3a:1d:8a:78:9d:7b:10:cb:f9:aa:cb:52:
a6:9e:9a:37:ea:18:9e:34:c4:3c:14:b6:6f:b2:28:
b2:75:33:aa:c2:e2:c2:65:37:e5:bf:68:fe:99:8f:
c5:dd:40:9c:bf:39:7e:9d:80:48:39:22:74:1a:57:
62:ef:98:69:79:0f:c2:f7:58:c1:09:5f:c9:23:47:
a0:e1:1d:e6:b6:73:88:7c:d8:c0:6b:bc:d0:27:f2:
ff:22:a1:2b:aa:3c:00:c7:e2:12:7f:fb:b3:6f:43:
36:85:54:24:44:72:14:79:1d:b6:d7:58:b6:6d:fc:
ef:34:25:6e:23:3f:2c:bc:b3:07:0d:84:af:5d:63:
48:5d:c7:ea:64:bb:9c:02:dd:2a:05:82:eb:03:85:
6f:31:f7:24:2e:2f:da:b1:92:8c:f4:f3:b1:1d:8d:
2c:80:44:f8:4f:75:ea:49:d1:c1:a2:9b:65:cd:e6:
2d:5b:4d:c7:a7:ad:10:b1:e5:a6:81:59:d6:09:dd:
61:24:52:eb:43:5e:bf:a1:35:a5:26:71:3b:6b:6d:
be:b3:df:9e:44:a4:28:c7:5e:97:16:d2:5d:3a:f2:
39:04:ca:40:f9:cb:45:dc:74:fb:e6:c3:7d:1b:ee:
96:53:47:82:fb:b5:9a:70:59:b9:42:20:4c:e7:92:
ef:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:EF:FE:9F:34:B2:A7:AD:28:76:18:AB:7E:E8:0C:D0:33:5C:B5:43
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/3e_-nzSyp60odhirfugM0DNctUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.0.0/24
45.142.1.0/24
45.148.145.0-45.148.146.255
185.217.136.0/23
Signature Algorithm: sha256WithRSAEncryption
71:7e:61:54:9e:41:37:03:b4:0e:a1:50:09:fd:82:f7:98:a2:
44:62:e4:dc:f3:3a:2a:ab:47:1a:67:b6:eb:f5:7b:27:60:b5:
c4:77:33:fe:ad:b7:38:39:a1:75:7d:9c:24:0a:2a:31:5d:3a:
9c:ec:1a:02:c0:73:d1:de:84:8f:fe:db:c4:e0:07:45:92:6c:
c3:a9:78:a9:f5:cd:6f:62:9b:68:5b:ce:94:36:a5:64:d4:74:
14:f0:84:11:e0:04:25:e9:0d:c2:55:35:06:35:dc:1d:90:7b:
3c:17:9d:1e:91:70:32:22:3f:d8:cb:f0:78:c0:91:35:83:f7:
2f:aa:12:82:a6:b4:10:35:76:15:12:e9:8f:d6:2a:91:4a:bb:
42:63:0b:5a:cf:c7:db:3b:a9:01:22:79:83:6d:0f:6d:ae:a4:
53:2d:30:1e:a4:91:af:a9:0a:8b:6f:e2:3a:8d:26:f3:e3:9c:
7e:4a:96:1c:98:a3:fb:1c:4c:0a:57:0e:32:53:e8:38:44:db:
79:67:e7:5f:a4:a0:20:fd:f0:09:c8:46:43:c0:5e:6d:d4:77:
77:6f:7d:eb:0e:cf:38:24:9c:07:47:20:71:aa:a6:ed:fe:73:
09:8b:36:91:38:bc:80:c2:2c:8f:32:89:f4:22:e8:37:cd:01:
c2:6b:55:5d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY4yYCMX0C+3NTDq8g8rqC4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMzEyMTExNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGVmZmU5ZjM0YjJhN2FkMjg3NjE4YWI3ZWU4MGNkMDMzNWNiNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxI6HYp4nXsQy/mqy1Kmnpo36hie
NMQ8FLZvsiiydTOqwuLCZTflv2j+mY/F3UCcvzl+nYBIOSJ0Gldi75hpeQ/C91jB
CV/JI0eg4R3mtnOIfNjAa7zQJ/L/IqErqjwAx+ISf/uzb0M2hVQkRHIUeR2211i2
bfzvNCVuIz8svLMHDYSvXWNIXcfqZLucAt0qBYLrA4VvMfckLi/asZKM9POxHY0s
gET4T3XqSdHBoptlzeYtW03Hp60QseWmgVnWCd1hJFLrQ16/oTWlJnE7a22+s9+e
RKQox16XFtJdOvI5BMpA+ctF3HT75sN9G+6WU0eC+7WacFm5QiBM55LvAQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN3v/p80sqetKHYYq37oDNAzXLVDMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvM2VfLW56U3lwNjBvZGhpcmZ1Z00wRE5jdFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALVgAAwQA
LY4BMAwDBAAtlJEDBAAtlJIDBAG52YgwDQYJKoZIhvcNAQELBQADggEBAHF+YVSe
QTcDtA6hUAn9gveYokRi5NzzOiqrRxpntuv1eydgtcR3M/6ttzg5oXV9nCQKKjFd
OpzsGgLAc9HehI/+28TgB0WSbMOpeKn1zW9im2hbzpQ2pWTUdBTwhBHgBCXpDcJV
NQY13B2QezwXnR6RcDIiP9jL8HjAkTWD9y+qEoKmtBA1dhUS6Y/WKpFKu0JjC1rP
x9s7qQEieYNtD22upFMtMB6kka+pCotv4jqNJvPjnH5KlhyYo/scTApXDjJT6DhE
23ln51+koCD98AnIRkPAXm3Ud3dvfesOzzgknAdHIHGqpu3+cwmLNpE4vIDCLI8y
ifQi6DfNAcJrVV0=
-----END CERTIFICATE-----
Generated at Fri May 17 06:51:16 2024 by rpki-client on console-ams.rpki-client.org