Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/dBxPIG81JzZ-areNNkFbuh_J2mw.roa
File: dBxPIG81JzZ-areNNkFbuh_J2mw.roa (raw, json)
Hash identifier: ypbimx/GSFQbDSpbjgVERc3a6KQKMFrunpLSh/4FagE=
Subject key identifier: 74:1C:4F:20:6F:35:27:36:7E:6A:B7:8D:36:41:5B:BA:1F:C9:DA:6C
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018E9F3920F0AC718D943A21D0D8AC4CC74A
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/dBxPIG81JzZ-areNNkFbuh_J2mw.roa
Signing time: Tue 02 Apr 2024 14:31:45 +0000
ROA not before: Tue 02 Apr 2024 14:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208258
IP address blocks: 45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
195.88.226.0/24 maxlen: 24
195.88.227.0/24 maxlen: 24
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:39:20:f0:ac:71:8d:94:3a:21:d0:d8:ac:4c:c7:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 2 14:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=741c4f206f3527367e6ab78d36415bba1fc9da6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cc:d2:34:e4:42:40:e7:71:89:9d:6a:b3:bd:
77:a5:43:80:c1:0b:d0:20:8b:66:6d:2d:21:ad:bb:
9d:50:e0:af:0f:fa:9b:da:39:4d:ee:b9:21:b4:e3:
63:08:50:02:3c:26:9f:2f:bf:49:54:cc:a2:20:e4:
56:8c:8b:4a:6b:56:d2:ab:f2:d8:c1:3d:e7:ef:e9:
0e:d2:9e:a0:61:0e:c2:95:4f:1d:82:68:b8:46:da:
52:a9:cf:0e:49:21:29:f0:a4:39:1e:1e:ab:9d:08:
da:2f:ad:5a:ce:96:1b:81:d0:d0:f8:71:70:6c:6e:
ef:03:33:81:78:b9:c8:49:fc:6c:4b:ea:4b:a8:55:
46:70:71:41:e6:81:2d:7f:67:47:8f:66:40:5b:44:
ab:79:df:8c:06:d1:46:80:93:93:cb:08:f9:d8:a8:
96:34:78:99:ef:08:1b:e9:74:c5:bb:36:86:95:fd:
f9:d1:bd:4a:c7:09:93:dd:f6:84:ef:2d:f0:57:69:
0e:e9:25:f9:31:ae:c9:ac:00:9f:f0:f2:90:a4:1e:
75:b3:33:4a:f0:f0:a9:00:b1:3d:ea:fd:26:30:f2:
ab:18:2a:6b:8a:00:07:22:19:9e:3d:48:91:60:f7:
31:ae:78:4f:67:e8:0a:4a:32:a8:1d:cf:5b:9f:a8:
01:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:1C:4F:20:6F:35:27:36:7E:6A:B7:8D:36:41:5B:BA:1F:C9:DA:6C
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/dBxPIG81JzZ-areNNkFbuh_J2mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
195.88.226.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
12:e4:9a:a2:fa:b5:02:6e:20:70:93:19:87:d0:0a:5b:13:93:
98:a5:a1:b3:a6:34:d6:1d:c6:a1:91:35:dc:20:16:60:57:73:
e4:ea:bb:d1:76:eb:de:79:07:17:02:ab:4e:27:6a:1d:18:b1:
65:b5:df:06:f3:f8:34:0f:55:0c:e7:cd:56:b9:3f:71:6c:e8:
b3:c3:a1:51:35:d4:7f:a7:6a:f1:c9:65:41:13:e4:e0:0d:24:
ec:10:7a:2a:8f:da:4f:b0:00:c5:5b:2c:9e:82:18:bc:32:6a:
22:d7:f3:1b:72:72:75:f8:70:95:19:02:a2:55:ce:44:b4:84:
83:dd:3e:23:2d:02:2c:76:d4:f3:02:4c:fd:ce:7c:22:49:24:
cf:dc:7b:54:66:ce:b1:b2:27:41:b3:04:c6:c4:37:a3:4b:c4:
98:a5:04:6c:3c:bf:f0:44:14:a9:fe:63:e3:37:02:43:a1:7e:
1c:42:96:62:45:63:3e:08:1d:9f:1e:ee:bb:24:df:53:fe:6b:
1f:da:cf:66:d8:91:f0:80:c1:5d:8a:6b:42:25:49:09:9f:bf:
a7:72:34:c4:b8:a6:de:da:37:66:32:25:f5:c7:64:ab:21:92:
9f:42:1b:bc:dd:b7:94:4f:26:20:ed:22:ba:fd:f9:5b:48:0a:
ee:ed:54:6e
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY6fOSDwrHGNlDoh0NisTMdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNDAyMTQzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDFjNGYyMDZmMzUyNzM2N2U2YWI3OGQzNjQxNWJiYTFmYzlkYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMzSNORCQOdxiZ1qs713pUOAwQvQ
IItmbS0hrbudUOCvD/qb2jlN7rkhtONjCFACPCafL79JVMyiIORWjItKa1bSq/LY
wT3n7+kO0p6gYQ7ClU8dgmi4RtpSqc8OSSEp8KQ5Hh6rnQjaL61azpYbgdDQ+HFw
bG7vAzOBeLnISfxsS+pLqFVGcHFB5oEtf2dHj2ZAW0Sred+MBtFGgJOTywj52KiW
NHiZ7wgb6XTFuzaGlf350b1KxwmT3faE7y3wV2kO6SX5Ma7JrACf8PKQpB51szNK
8PCpALE96v0mMPKrGCprigAHIhmePUiRYPcxrnhPZ+gKSjKoHc9bn6gBwQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFHQcTyBvNSc2fmq3jTZBW7ofydpsMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvZEJ4UElHODFKelotYXJlTk5rRmJ1aF9KMm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jBMBAIAATBGMAwDBAIt
kPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEArnQ0AMEALnjUgMEALnkUwMEAbnzcAME
AMKSMAMEAcMaBgMEAcNY4jCBgQQCAAIwewMHACoLPEAAAQMHACoLPEAACTASAwcA
Kgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxAABADBwEqCzxAACADBwAq
CzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoOVUAAEAMHACoOVUAAEgMHACoO
VUABADANBgkqhkiG9w0BAQsFAAOCAQEAEuSaovq1Am4gcJMZh9AKWxOTmKWhs6Y0
1h3GoZE13CAWYFdz5Oq70Xbr3nkHFwKrTidqHRixZbXfBvP4NA9VDOfNVrk/cWzo
s8OhUTXUf6dq8cllQRPk4A0k7BB6Ko/aT7AAxVssnoIYvDJqItfzG3JydfhwlRkC
olXORLSEg90+Iy0CLHbU8wJM/c58Ikkkz9x7VGbOsbInQbMExsQ3o0vEmKUEbDy/
8EQUqf5j4zcCQ6F+HEKWYkVjPggdnx7uuyTfU/5rH9rPZtiR8IDBXYprQiVJCZ+/
p3I0xLim3to3ZjIl9cdkqyGSn0IbvN23lE8mIO0iuv35W0gK7u1Ubg==
-----END CERTIFICATE-----
Generated at Thu May 2 21:12:40 2024 by rpki-client on console-fra.rpki-client.org