Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/v-4-2eG-3uyDfqUZcvqsQ2oVAAc.roa
File: v-4-2eG-3uyDfqUZcvqsQ2oVAAc.roa (raw, json)
Hash identifier: tQQukwBKIovPWiuRfiYaa1uMSdR6hH6EKpS+TKua/FQ=
Subject key identifier: BF:EE:3E:D9:E1:BE:DE:EC:83:7E:A5:19:72:FA:AC:43:6A:15:00:07
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018EA31152B2C3BF6B4AC004473ADF9AE90C
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/v-4-2eG-3uyDfqUZcvqsQ2oVAAc.roa
Signing time: Wed 03 Apr 2024 08:26:45 +0000
ROA not before: Wed 03 Apr 2024 08:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 147.45.34.0/24 maxlen: 24
147.45.36.0/24 maxlen: 24
147.45.65.0/24 maxlen: 24
147.45.192.0/24 maxlen: 24
147.45.207.0/24 maxlen: 24
193.233.16.0/24 maxlen: 24
193.233.30.0/24 maxlen: 24
193.233.61.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
193.233.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 13:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:11:52:b2:c3:bf:6b:4a:c0:04:47:3a:df:9a:e9:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 3 08:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfee3ed9e1bedeec837ea51972faac436a150007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:54:7a:d5:e2:ca:82:da:fe:f6:d5:17:f2:cb:
88:a4:1b:1a:87:25:d4:94:b9:30:67:d9:8d:81:f6:
87:79:62:37:07:8b:50:54:12:d4:9a:a1:d1:10:c9:
8f:9c:a5:d4:6f:c3:27:8e:34:23:b7:bc:5b:01:37:
ee:f8:f3:6e:c9:4b:10:f6:f7:8c:91:eb:9f:12:56:
f2:af:f3:66:c2:fc:5d:f5:1c:ac:4d:29:95:e6:c4:
4c:9e:d0:be:b8:31:75:49:a1:ce:aa:ed:1c:72:2d:
cc:b1:28:c8:7c:2c:bf:24:00:6b:00:46:61:01:b3:
92:80:78:7e:d9:e0:a7:94:bf:82:05:fe:51:14:a3:
b6:2c:10:81:ae:75:68:fc:86:97:62:0f:6d:e6:5b:
c4:ae:96:af:fe:6c:f1:81:d3:53:03:03:e0:b1:96:
bc:65:f6:dd:fd:8a:04:28:a2:8d:f8:46:be:d9:83:
4a:b2:c2:e9:47:f6:75:ae:14:2a:35:41:f6:4f:79:
14:2d:03:d6:6f:38:b0:13:cc:e8:16:12:d5:70:11:
81:a8:ef:79:da:77:d4:91:f0:30:e0:dd:0c:8c:39:
9d:1a:cc:e8:27:d4:9b:b7:69:e9:cd:91:56:92:d1:
04:5d:4c:20:18:19:78:47:1b:f2:84:8b:f0:82:07:
4e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:EE:3E:D9:E1:BE:DE:EC:83:7E:A5:19:72:FA:AC:43:6A:15:00:07
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/v-4-2eG-3uyDfqUZcvqsQ2oVAAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.34.0/24
147.45.36.0/24
147.45.65.0/24
147.45.192.0/24
147.45.207.0/24
193.233.16.0/24
193.233.30.0/24
193.233.61.0/24
193.233.85.0/24
193.233.171.0/24
193.233.175.0/24
193.233.197.0/24
193.233.234.0/24
Signature Algorithm: sha256WithRSAEncryption
09:4d:9d:fa:b2:24:84:80:ac:e8:43:a3:eb:6b:a1:ad:b9:73:
7a:7b:eb:c9:0e:a5:52:7c:48:0f:c0:17:8d:43:3b:25:99:7c:
65:e5:f3:5c:13:55:db:c2:6e:e9:8d:dc:59:4f:f0:bd:70:45:
df:ce:7c:36:f2:b8:4b:27:87:85:25:03:46:48:76:69:05:12:
12:7d:e4:e9:15:0e:b7:32:e1:58:2c:35:15:13:54:d4:df:a2:
18:aa:99:d6:e6:87:3c:a5:17:a3:2a:fa:fa:ad:6d:e4:cc:c4:
65:f8:87:4b:31:5c:9d:4e:83:e3:86:21:b4:5b:f4:9f:cd:6d:
39:66:a3:33:ff:ec:26:c8:84:46:58:97:bb:5b:60:92:4b:c0:
db:ec:65:94:b4:0d:c1:fe:54:7f:7f:9a:ed:59:42:32:a5:26:
86:e9:18:a4:8c:45:fe:0b:26:92:7b:d9:41:44:e8:14:34:66:
d4:55:96:5e:29:e7:7e:0e:a9:9f:b2:53:27:79:87:55:2b:78:
e2:b3:0c:0f:15:1f:86:ed:17:b5:58:90:64:2e:3c:06:e0:69:
65:e2:11:4d:2c:29:ab:b4:b1:f4:06:8f:80:f1:01:dd:9c:50:
d3:c2:c6:d9:54:c0:33:2d:7f:f2:fe:f1:67:09:5d:d8:a1:40:
23:6d:03:24
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY6jEVKyw79rSsAERzrfmukMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNDAzMDgyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmVlM2VkOWUxYmVkZWVjODM3ZWE1MTk3MmZhYWM0MzZhMTUwMDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFR61eLKgtr+9tUX8suIpBsahyXU
lLkwZ9mNgfaHeWI3B4tQVBLUmqHREMmPnKXUb8MnjjQjt7xbATfu+PNuyUsQ9veM
keufElbyr/Nmwvxd9RysTSmV5sRMntC+uDF1SaHOqu0cci3MsSjIfCy/JABrAEZh
AbOSgHh+2eCnlL+CBf5RFKO2LBCBrnVo/IaXYg9t5lvErpav/mzxgdNTAwPgsZa8
Zfbd/YoEKKKN+Ea+2YNKssLpR/Z1rhQqNUH2T3kULQPWbziwE8zoFhLVcBGBqO95
2nfUkfAw4N0MjDmdGszoJ9Sbt2npzZFWktEEXUwgGBl4RxvyhIvwggdOWwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFL/uPtnhvt7sg36lGXL6rENqFQAHMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdi00LTJlRy0zdXlEZnFVWmN2cXNRMm9WQUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAky0iAwQA
ky0kAwQAky1BAwQAky3AAwQAky3PAwQAwekQAwQAwekeAwQAwek9AwQAwelVAwQA
wemrAwQAwemvAwQAwenFAwQAwenqMA0GCSqGSIb3DQEBCwUAA4IBAQAJTZ36siSE
gKzoQ6Pra6GtuXN6e+vJDqVSfEgPwBeNQzslmXxl5fNcE1Xbwm7pjdxZT/C9cEXf
znw28rhLJ4eFJQNGSHZpBRISfeTpFQ63MuFYLDUVE1TU36IYqpnW5oc8pRejKvr6
rW3kzMRl+IdLMVydToPjhiG0W/SfzW05ZqMz/+wmyIRGWJe7W2CSS8Db7GWUtA3B
/lR/f5rtWUIypSaG6RikjEX+CyaSe9lBROgUNGbUVZZeKed+DqmfslMneYdVK3ji
swwPFR+G7Re1WJBkLjwG4Gll4hFNLCmrtLH0Bo+A8QHdnFDTwsbZVMAzLX/y/vFn
CV3YoUAjbQMk
-----END CERTIFICATE-----
Generated at Sat May 4 17:47:54 2024 by rpki-client on console-ams.rpki-client.org