Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/z79tujcPB1r-6gVKD2DntMWUk4I.roa
File: z79tujcPB1r-6gVKD2DntMWUk4I.roa (raw, json)
Hash identifier: Ks9UUDkYedmidPcN39SBy/v/Gkzlji3TDrmm7oZO0H8=
Subject key identifier: CF:BF:6D:BA:37:0F:07:5A:FE:EA:05:4A:0F:60:E7:B4:C5:94:93:82
Certificate issuer: /CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Certificate serial: 018CC94D31E9BFF3CEA51066EBCBBC5ADF2B
Authority key identifier: 9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/z79tujcPB1r-6gVKD2DntMWUk4I.roa
Signing time: Tue 02 Jan 2024 08:32:08 +0000
ROA not before: Tue 02 Jan 2024 08:32:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39761
IP address blocks: 45.14.156.0/22 maxlen: 22
45.87.12.0/22 maxlen: 22
84.246.160.0/21 maxlen: 24
81.90.240.0/20 maxlen: 24
45.83.212.0/22 maxlen: 22
45.11.132.0/22 maxlen: 22
2a0e:6d00::/29 maxlen: 29
2a00:1268::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/m5hvxkb9oM8UXhDZP-GxDrDe5iU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/m5hvxkb9oM8UXhDZP-GxDrDe5iU.mft
rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:31:e9:bf:f3:ce:a5:10:66:eb:cb:bc:5a:df:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Validity
Not Before: Jan 2 08:32:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfbf6dba370f075afeea054a0f60e7b4c5949382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e6:e1:e8:9b:5e:1e:20:83:9c:da:7b:a2:70:
f8:05:89:5b:14:75:ca:67:d3:c4:f2:19:55:b4:a4:
84:64:e8:56:8f:0e:64:e6:f6:3f:b1:77:79:b7:a2:
eb:61:72:f0:b3:74:b6:90:11:22:b8:56:9f:5d:b1:
1c:59:83:6b:90:51:d8:e1:df:db:e8:61:65:b2:73:
52:41:75:6d:1b:e8:ca:f8:73:fc:5a:09:0f:0f:59:
4d:bc:de:d2:59:06:52:e2:1e:98:67:d3:85:b8:d4:
39:e5:22:9f:f2:17:91:61:e3:ed:98:f9:a8:10:91:
e6:00:c7:eb:5f:64:e4:58:f8:d2:77:3e:34:d9:c2:
5d:da:14:a8:91:65:d6:20:7c:3a:2e:92:3d:e9:3f:
3c:9d:35:58:e7:8b:6b:26:8e:0a:f6:3c:7a:27:73:
c2:d9:96:f8:b4:65:2a:df:fd:99:a7:6c:1e:f8:fe:
b3:b1:b1:7b:2c:e7:c6:32:73:5e:48:0d:3b:ae:53:
a8:91:6b:a8:8f:8a:39:b2:a0:3c:a6:f5:a2:8b:d0:
ef:1e:2c:c9:10:9a:1f:69:ce:ea:f4:69:dd:18:a7:
86:2c:be:90:3b:69:f8:81:cb:38:0d:d2:e5:6f:6c:
bf:dd:90:c9:79:1d:5d:3b:98:b1:87:ea:5e:72:29:
87:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:BF:6D:BA:37:0F:07:5A:FE:EA:05:4A:0F:60:E7:B4:C5:94:93:82
X509v3 Authority Key Identifier:
keyid:9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/z79tujcPB1r-6gVKD2DntMWUk4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/m5hvxkb9oM8UXhDZP-GxDrDe5iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.132.0/22
45.14.156.0/22
45.83.212.0/22
45.87.12.0/22
81.90.240.0/20
84.246.160.0/21
IPv6:
2a00:1268::/32
2a0e:6d00::/29
Signature Algorithm: sha256WithRSAEncryption
06:b8:3e:a9:22:c4:60:99:1f:c3:09:7d:d3:e1:3c:64:72:e6:
d2:dc:00:48:c8:65:e6:e0:0a:29:bd:3d:05:7a:cb:2d:62:10:
e0:51:41:90:34:c6:10:90:4b:eb:8a:f5:35:eb:42:91:e2:f7:
7f:98:e2:bf:35:e9:33:45:ec:78:4d:39:46:30:c4:7b:ec:c4:
b4:7e:0e:2c:07:9b:af:bb:67:b7:f4:63:f6:97:47:b6:69:6c:
ec:29:19:27:66:c2:3c:02:f6:7a:14:d4:13:b4:b3:67:6c:fb:
c0:4f:f3:6d:94:56:69:4c:2a:64:4e:3b:d6:86:89:97:98:47:
2c:36:d4:d7:e3:0d:bb:5f:e7:36:81:74:20:07:71:23:20:dc:
de:3e:58:f4:68:a3:76:a1:1e:46:02:93:28:57:71:99:66:81:
a1:6f:fe:c8:d4:f3:c0:08:c0:12:d9:b7:93:8b:a1:f8:0e:f7:
4d:34:36:1f:bc:34:3d:37:24:2f:52:d3:0d:00:d6:ee:77:2e:
1c:e6:a8:f2:6c:9d:dd:fb:4b:2f:4e:f2:11:ed:bf:23:07:49:
84:d2:9a:01:9b:02:4c:91:0d:0a:75:be:0f:a0:80:5b:ea:3f:
59:01:90:89:74:70:71:fc:57:10:10:9d:54:e9:1a:e4:d7:8f:
62:18:1b:48
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzJTTHpv/POpRBm68u8Wt8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTg2ZmM2NDZmZGEwY2YxNDVlMTBkOTNmZTFiMTBlYjBk
ZWU2MjUwHhcNMjQwMTAyMDgzMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmJmNmRiYTM3MGYwNzVhZmVlYTA1NGEwZjYwZTdiNGM1OTQ5MzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+bh6JteHiCDnNp7onD4BYlbFHXK
Z9PE8hlVtKSEZOhWjw5k5vY/sXd5t6LrYXLws3S2kBEiuFafXbEcWYNrkFHY4d/b
6GFlsnNSQXVtG+jK+HP8WgkPD1lNvN7SWQZS4h6YZ9OFuNQ55SKf8heRYePtmPmo
EJHmAMfrX2TkWPjSdz402cJd2hSokWXWIHw6LpI96T88nTVY54trJo4K9jx6J3PC
2Zb4tGUq3/2Zp2we+P6zsbF7LOfGMnNeSA07rlOokWuoj4o5sqA8pvWii9DvHizJ
EJofac7q9GndGKeGLL6QO2n4gcs4DdLlb2y/3ZDJeR1dO5ixh+pecimHLwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFM+/bbo3Dwda/uoFSg9g57TFlJOCMB8GA1UdIwQY
MBaAFJuYb8ZG/aDPFF4Q2T/hsQ6w3uYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVodnhrYjlvTThVWGhEWlAtR3hEckRlNWlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8zNGJiNzctYzg0Ny00MTExLTk2ZjMt
YmRkNWNjNDQwMzk2LzEvejc5dHVqY1BCMXItNmdWS0QyRG50TVdVazRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8zNGJiNzctYzg0Ny00MTExLTk2ZjMtYmRkNWNjNDQwMzk2
LzEvbTVodnhrYjlvTThVWGhEWlAtR3hEckRlNWlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLQuEAwQC
LQ6cAwQCLVPUAwQCLVcMAwQEUVrwAwQDVPagMBQEAgACMA4DBQAqABJoAwUDKg5t
ADANBgkqhkiG9w0BAQsFAAOCAQEABrg+qSLEYJkfwwl90+E8ZHLm0twASMhl5uAK
Kb09BXrLLWIQ4FFBkDTGEJBL64r1NetCkeL3f5jivzXpM0XseE05RjDEe+zEtH4O
LAebr7tnt/Rj9pdHtmls7CkZJ2bCPAL2ehTUE7SzZ2z7wE/zbZRWaUwqZE471oaJ
l5hHLDbU1+MNu1/nNoF0IAdxIyDc3j5Y9GijdqEeRgKTKFdxmWaBoW/+yNTzwAjA
Etm3k4uh+A73TTQ2H7w0PTckL1LTDQDW7ncuHOao8myd3ftLL07yEe2/IwdJhNKa
AZsCTJENCnW+D6CAW+o/WQGQiXRwcfxXEBCdVOka5NePYhgbSA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:34:11 2024 by rpki-client on console-ams.rpki-client.org