Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/bJcD6C6Iu8NJr6lb1z0akNhssJ0.roa
File: bJcD6C6Iu8NJr6lb1z0akNhssJ0.roa (raw, json)
Hash identifier: 9KBHxbQdznDobv7o7Q5o8zgKA/1gBDxSyLDMH8sD5oQ=
Subject key identifier: 6C:97:03:E8:2E:88:BB:C3:49:AF:A9:5B:D7:3D:1A:90:D8:6C:B0:9D
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01928C9BC5AD6AF32481F9663BE85CA3B780
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/bJcD6C6Iu8NJr6lb1z0akNhssJ0.roa
Signing time: Mon 14 Oct 2024 19:57:51 +0000
ROA not before: Mon 14 Oct 2024 19:57:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 45.141.204.0/23 maxlen: 23
45.148.51.0/24 maxlen: 24
45.149.90.0/23 maxlen: 23
194.39.216.0/24 maxlen: 24
195.88.191.0/24 maxlen: 24
195.88.210.0/24 maxlen: 24
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8c:9b:c5:ad:6a:f3:24:81:f9:66:3b:e8:5c:a3:b7:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 14 19:57:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c9703e82e88bbc349afa95bd73d1a90d86cb09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:94:36:a0:f6:43:30:0e:02:20:ad:3d:7a:f5:
28:43:fd:d0:fa:81:94:3f:86:d1:0c:60:ff:63:77:
71:af:23:f0:5b:24:c1:40:e5:ad:0f:c1:f0:62:2d:
62:10:1e:39:08:f9:3a:23:ae:3e:c4:72:1f:01:1b:
6e:6d:9c:c5:29:51:0a:80:d5:03:1a:7d:fd:34:c6:
1c:e0:b6:a2:d5:58:d8:6c:24:f8:72:84:1a:2e:f6:
2f:66:fd:3e:02:da:2a:1c:24:ab:9d:6a:2a:c4:ef:
93:61:b1:b0:3d:fe:f1:ea:74:ae:8f:e4:05:60:c8:
dd:54:dd:cf:28:d1:18:d7:1b:1a:7a:ba:ec:99:ee:
5f:46:e2:35:4c:2f:ea:ca:60:45:d3:a5:d8:83:d7:
42:0e:43:a2:8e:5f:7f:b7:82:6c:ae:5b:a1:d0:89:
67:9a:16:3c:a8:fd:ec:ae:ab:73:0f:cb:b0:72:08:
fe:c0:6c:06:c6:1a:71:3e:d5:bb:64:2c:6b:a2:db:
b8:94:69:94:62:9f:41:eb:3e:07:ff:f2:68:38:30:
b2:7f:f0:37:e0:85:f1:06:81:26:89:40:8a:f9:02:
92:11:4c:bf:55:28:a0:a6:5b:07:6c:84:af:4f:3f:
1e:1c:52:a0:06:7d:44:3d:f4:e8:b0:8a:bf:12:47:
47:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:97:03:E8:2E:88:BB:C3:49:AF:A9:5B:D7:3D:1A:90:D8:6C:B0:9D
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/bJcD6C6Iu8NJr6lb1z0akNhssJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.148.51.0/24
45.149.90.0/23
194.39.216.0/24
195.88.191.0/24
195.88.210.0/24
IPv6:
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
b6:a5:7c:13:aa:29:f3:27:15:fe:dd:91:e2:31:c4:6c:aa:d5:
b3:b2:45:2e:06:93:04:73:21:f5:54:3b:74:92:40:4f:f2:99:
7b:c2:88:bf:e8:4f:54:c9:9c:4b:91:50:40:4f:9a:0d:1d:58:
73:1e:c4:ad:0c:39:18:e4:e5:43:57:68:df:db:2a:1c:ca:2e:
e4:12:4e:1c:0d:ae:c2:27:c3:74:11:dd:72:12:20:40:49:82:
d8:8e:dd:91:c9:b1:92:d8:f9:75:d8:6b:3e:21:0e:1e:e2:1e:
66:03:b9:35:9b:84:a2:7f:bf:98:87:32:02:8e:48:f7:71:63:
e1:dc:4a:e7:ea:e3:57:15:30:03:32:ac:bd:be:9c:ed:e8:3c:
8e:15:f5:3e:17:aa:c5:8b:c9:81:58:46:dc:ab:83:80:3d:35:
1a:28:24:9a:0e:e6:d0:11:c7:eb:93:60:e7:f8:7a:6e:d2:5e:
e5:9f:94:56:b1:40:ea:fa:55:22:df:ca:43:f8:46:1e:2b:fa:
6f:03:c7:a1:c6:ac:64:07:2d:c2:76:55:4c:f0:e6:ca:60:5c:
da:f8:5a:80:57:bb:49:be:2b:c3:d2:6f:56:5e:5e:fe:f3:f8:
48:bf:23:ca:4c:49:f1:b2:cc:6e:b1:38:e3:9a:a9:a3:d4:4d:
fb:1a:04:05
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZKMm8WtavMkgflmO+hco7eAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQxMDE0MTk1NzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzk3MDNlODJlODhiYmMzNDlhZmE5NWJkNzNkMWE5MGQ4NmNiMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZQ2oPZDMA4CIK09evUoQ/3Q+oGU
P4bRDGD/Y3dxryPwWyTBQOWtD8HwYi1iEB45CPk6I64+xHIfARtubZzFKVEKgNUD
Gn39NMYc4Lai1VjYbCT4coQaLvYvZv0+AtoqHCSrnWoqxO+TYbGwPf7x6nSuj+QF
YMjdVN3PKNEY1xsaerrsme5fRuI1TC/qymBF06XYg9dCDkOijl9/t4Jsrluh0Iln
mhY8qP3srqtzD8uwcgj+wGwGxhpxPtW7ZCxrotu4lGmUYp9B6z4H//JoODCyf/A3
4IXxBoEmiUCK+QKSEUy/VSigplsHbISvTz8eHFKgBn1EPfTosIq/EkdHDwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGyXA+guiLvDSa+pW9c9GpDYbLCdMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvYkpjRDZDNkl1OE5KcjZsYjF6MGFrTmhzc0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBLY3MAwQA
LZQzAwQBLZVaAwQAwifYAwQAw1i/AwQAw1jSMA0EAgACMAcDBQIqDzuAMA0GCSqG
SIb3DQEBCwUAA4IBAQC2pXwTqinzJxX+3ZHiMcRsqtWzskUuBpMEcyH1VDt0kkBP
8pl7woi/6E9UyZxLkVBAT5oNHVhzHsStDDkY5OVDV2jf2yocyi7kEk4cDa7CJ8N0
Ed1yEiBASYLYjt2RybGS2Pl12Gs+IQ4e4h5mA7k1m4Sif7+YhzICjkj3cWPh3Ern
6uNXFTADMqy9vpzt6DyOFfU+F6rFi8mBWEbcq4OAPTUaKCSaDubQEcfrk2Dn+Hpu
0l7ln5RWsUDq+lUi38pD+EYeK/pvA8ehxqxkBy3CdlVM8ObKYFza+FqAV7tJvivD
0m9WXl7+8/hIvyPKTEnxssxusTjjmqmj1E37GgQF
-----END CERTIFICATE-----
Generated at Tue Oct 22 21:28:51 2024 by rpki-client on console-fra.rpki-client.org