Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/pDPVkOo2PzBoquTjmnaGLcobNCk.roa
File: pDPVkOo2PzBoquTjmnaGLcobNCk.roa (raw, json)
Hash identifier: AHwla5TxjKqdyN84Nll30qs/lM5QN4iKIwvatgV5xLY=
Subject key identifier: A4:33:D5:90:EA:36:3F:30:68:AA:E4:E3:9A:76:86:2D:CA:1B:34:29
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018EE1BC701F6EB41E27EBC28EAFC67C7EEA
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/pDPVkOo2PzBoquTjmnaGLcobNCk.roa
Signing time: Mon 15 Apr 2024 12:30:06 +0000
ROA not before: Mon 15 Apr 2024 12:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208621
IP address blocks: 45.157.34.0/24 maxlen: 24
80.64.216.0/23 maxlen: 24
80.64.218.0/23 maxlen: 24
194.146.44.0/24 maxlen: 24
194.146.49.0/24 maxlen: 24
194.156.177.0/24 maxlen: 24
195.22.156.0/24 maxlen: 24
195.22.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:bc:70:1f:6e:b4:1e:27:eb:c2:8e:af:c6:7c:7e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 15 12:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a433d590ea363f3068aae4e39a76862dca1b3429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b2:1c:42:d0:26:e3:59:e1:f7:19:4c:4f:7b:
72:d0:44:1b:dd:06:ee:c6:14:b4:ac:a0:c9:7c:b0:
bd:be:2d:8a:c9:45:a5:0f:94:7b:51:b2:6a:b5:99:
8a:65:18:0f:2e:27:e4:f9:bb:3f:dc:48:b3:03:28:
13:4d:12:0e:9d:2a:60:28:ad:85:1a:93:93:c6:0e:
81:9c:46:6d:c2:3c:e4:ba:37:94:4a:55:35:fb:e2:
80:ce:6c:da:69:ef:2a:f6:47:3a:a3:d2:e0:5f:ae:
d7:7a:05:ca:05:e3:42:e8:aa:a7:b5:80:c6:91:5e:
39:6c:0e:d8:e6:0d:6b:9b:85:c7:2c:da:f9:e1:ec:
12:fb:b1:b3:08:ab:0d:a6:c8:89:fe:7b:1b:b0:d0:
64:a0:32:64:66:49:a7:7d:9d:0a:fc:04:b6:c3:7a:
e3:e0:f3:3f:75:3e:1f:35:35:ee:98:13:0a:37:a8:
d6:b1:86:73:e2:66:15:2e:2c:de:13:06:3b:a6:ae:
91:b2:b4:10:a3:ed:98:1b:d8:66:b2:9f:7f:c5:25:
bf:ae:b5:22:1f:0b:73:72:e5:1f:6c:82:18:dc:40:
d9:43:43:35:f3:03:f0:09:ad:3f:c7:52:14:a9:36:
f1:07:b6:ad:f2:b4:be:31:d9:3b:7a:c5:d3:ca:f0:
8e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:33:D5:90:EA:36:3F:30:68:AA:E4:E3:9A:76:86:2D:CA:1B:34:29
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/pDPVkOo2PzBoquTjmnaGLcobNCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.34.0/24
80.64.216.0/22
194.146.44.0/24
194.146.49.0/24
194.156.177.0/24
195.22.156.0/23
Signature Algorithm: sha256WithRSAEncryption
38:d6:a4:21:ed:ff:c8:f1:63:9a:4b:51:cd:bb:d3:c3:16:85:
f3:cb:7b:07:d2:d2:2e:14:d7:9f:8c:8b:48:c4:76:6e:70:84:
ff:e6:f9:39:9a:31:e9:b3:34:ad:9b:51:71:d5:9e:22:c6:76:
97:bd:15:1d:5e:1a:06:6f:63:74:b3:67:93:9e:81:13:bb:9b:
74:a5:18:7a:19:40:34:bb:cc:35:11:85:6f:52:69:7b:c9:40:
c2:ee:d6:ee:d0:fa:cf:57:09:76:b9:b9:80:b7:4d:ab:e2:21:
89:30:45:80:1d:8e:10:d0:4c:13:4e:1d:0b:f3:a0:f1:7e:0e:
23:14:00:92:2a:b3:55:58:66:60:46:be:1d:32:9d:07:67:a5:
ae:5e:df:d9:de:6a:2e:8e:32:ba:6c:d5:89:46:64:30:f9:94:
70:eb:c4:e1:9c:ad:8f:bf:e1:44:23:5e:36:93:d6:9b:60:62:
de:d3:09:c8:d7:51:96:0b:04:41:7e:2c:38:ab:e0:fb:54:d3:
de:4b:78:28:82:fd:37:18:cb:e6:ea:1d:ba:29:7e:41:45:46:
86:24:a2:03:e8:82:b6:0c:6c:58:26:c0:45:43:28:e3:6b:91:
95:49:f9:39:03:08:df:89:df:0e:6f:1c:a7:57:be:b0:21:d3:
9d:6f:44:db
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7hvHAfbrQeJ+vCjq/GfH7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNDE1MTIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMzZDU5MGVhMzYzZjMwNjhhYWU0ZTM5YTc2ODYyZGNhMWIzNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37IcQtAm41nh9xlMT3ty0EQb3Qbu
xhS0rKDJfLC9vi2KyUWlD5R7UbJqtZmKZRgPLifk+bs/3EizAygTTRIOnSpgKK2F
GpOTxg6BnEZtwjzkujeUSlU1++KAzmzaae8q9kc6o9LgX67XegXKBeNC6KqntYDG
kV45bA7Y5g1rm4XHLNr54ewS+7GzCKsNpsiJ/nsbsNBkoDJkZkmnfZ0K/AS2w3rj
4PM/dT4fNTXumBMKN6jWsYZz4mYVLizeEwY7pq6RsrQQo+2YG9hmsp9/xSW/rrUi
HwtzcuUfbIIY3EDZQ0M18wPwCa0/x1IUqTbxB7at8rS+Mdk7esXTyvCOSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKQz1ZDqNj8waKrk45p2hi3KGzQpMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvcERQVmtPbzJQekJvcXVUam1uYUdMY29iTkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZ0iAwQC
UEDYAwQAwpIsAwQAwpIxAwQAwpyxAwQBwxacMA0GCSqGSIb3DQEBCwUAA4IBAQA4
1qQh7f/I8WOaS1HNu9PDFoXzy3sH0tIuFNefjItIxHZucIT/5vk5mjHpszStm1Fx
1Z4ixnaXvRUdXhoGb2N0s2eTnoETu5t0pRh6GUA0u8w1EYVvUml7yUDC7tbu0PrP
Vwl2ubmAt02r4iGJMEWAHY4Q0EwTTh0L86Dxfg4jFACSKrNVWGZgRr4dMp0HZ6Wu
Xt/Z3moujjK6bNWJRmQw+ZRw68ThnK2Pv+FEI142k9abYGLe0wnI11GWCwRBfiw4
q+D7VNPeS3gogv03GMvm6h26KX5BRUaGJKID6IK2DGxYJsBFQyjja5GVSfk5Awjf
id8ObxynV76wIdOdb0Tb
-----END CERTIFICATE-----
Generated at Thu May 2 20:25:13 2024 by rpki-client on console-ams.rpki-client.org