Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/dgHUDX0P7LU7epPxRn49BoZ8gWk.roa
File: dgHUDX0P7LU7epPxRn49BoZ8gWk.roa (raw, json)
Hash identifier: V93hOl9Aw72rwXh6GiJvKTKjgf8ITqgKqTtgrQKvHlY=
Subject key identifier: 76:01:D4:0D:7D:0F:EC:B5:3B:7A:93:F1:46:7E:3D:06:86:7C:81:69
Certificate issuer: /CN=708612e8703a660889ca0f457cf1b4d8a0d53b4d
Certificate serial: 018CC5DC1DA47D1E5C99F482E336A83B6D11
Authority key identifier: 70:86:12:E8:70:3A:66:08:89:CA:0F:45:7C:F1:B4:D8:A0:D5:3B:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIYS6HA6ZgiJyg9FfPG02KDVO00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/dgHUDX0P7LU7epPxRn49BoZ8gWk.roa
Signing time: Mon 01 Jan 2024 16:29:46 +0000
ROA not before: Mon 01 Jan 2024 16:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8211
IP address blocks: 145.72.108.0/23 maxlen: 23
145.72.108.0/22 maxlen: 22
145.72.110.0/23 maxlen: 23
145.72.120.0/21 maxlen: 21
145.72.124.0/22 maxlen: 22
145.72.120.0/22 maxlen: 22
145.72.94.0/23 maxlen: 23
145.72.94.0/24 maxlen: 24
145.72.95.0/24 maxlen: 24
145.72.96.0/23 maxlen: 23
145.72.96.0/22 maxlen: 22
145.72.98.0/23 maxlen: 23
145.72.100.0/22 maxlen: 22
2a02:cc4:2100::/41 maxlen: 41
2a02:cc4:2f00::/41 maxlen: 41
2a02:cc4:2f00::/42 maxlen: 42
2a02:cc4:2f40::/42 maxlen: 42
2a02:cc4:2f0::/45 maxlen: 45
2a02:cc4:2f0::/44 maxlen: 44
2a02:cc4:210::/44 maxlen: 44
2a02:cc4:2f8::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/cIYS6HA6ZgiJyg9FfPG02KDVO00.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/cIYS6HA6ZgiJyg9FfPG02KDVO00.mft
rsync://rpki.ripe.net/repository/DEFAULT/cIYS6HA6ZgiJyg9FfPG02KDVO00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1d:a4:7d:1e:5c:99:f4:82:e3:36:a8:3b:6d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=708612e8703a660889ca0f457cf1b4d8a0d53b4d
Validity
Not Before: Jan 1 16:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7601d40d7d0fecb53b7a93f1467e3d06867c8169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d2:e0:4a:55:63:97:39:2b:59:3c:73:cc:7a:
02:42:3a:b0:c7:64:d5:ae:ae:ce:23:e1:b8:d0:fd:
92:83:e9:7b:9f:7d:eb:3f:4d:a0:c0:87:3f:e1:b1:
f4:99:91:06:86:8c:f8:17:09:b2:66:c9:8f:e5:08:
e3:ee:9b:5f:d8:ea:08:f8:1d:90:38:96:78:24:ad:
cc:96:10:e1:90:7d:23:82:f5:92:9d:57:bf:64:12:
24:77:87:d8:37:2d:d6:24:f8:65:3d:0b:1b:f1:f7:
19:d3:01:fe:40:ab:45:ad:79:04:5c:b2:2b:60:54:
38:0b:db:8e:f9:83:5a:8b:ca:81:61:8b:f9:2e:73:
5d:f0:48:a3:b8:6a:5d:39:2e:5e:c8:95:42:78:c2:
35:4c:05:8d:e5:4e:a0:90:30:12:88:02:6c:ac:5d:
f2:b3:68:d1:07:04:02:28:5b:48:85:e0:c7:58:80:
b6:17:98:0f:e7:e3:70:5c:52:3e:ab:81:ad:67:2a:
c8:d7:aa:e5:8d:66:4b:74:f8:ec:40:4d:03:9d:d4:
db:ca:b4:e6:4f:e2:29:1d:8c:39:32:f6:af:e6:a4:
6f:10:17:bb:37:2b:29:3a:14:3f:69:19:c6:ac:a0:
d9:44:8b:91:83:d8:7e:84:40:30:76:c8:6c:71:5c:
16:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:01:D4:0D:7D:0F:EC:B5:3B:7A:93:F1:46:7E:3D:06:86:7C:81:69
X509v3 Authority Key Identifier:
keyid:70:86:12:E8:70:3A:66:08:89:CA:0F:45:7C:F1:B4:D8:A0:D5:3B:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIYS6HA6ZgiJyg9FfPG02KDVO00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/dgHUDX0P7LU7epPxRn49BoZ8gWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/cIYS6HA6ZgiJyg9FfPG02KDVO00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.72.94.0-145.72.103.255
145.72.108.0/22
145.72.120.0/21
IPv6:
2a02:cc4:210::/44
2a02:cc4:2f0::/44
2a02:cc4:2100::/41
2a02:cc4:2f00::/41
Signature Algorithm: sha256WithRSAEncryption
57:a6:6c:1e:f3:11:89:1d:a9:09:c3:25:3b:ed:16:8b:90:12:
15:77:e5:70:d0:c6:b8:d1:ce:26:d1:8a:1a:af:d0:22:dd:94:
5e:4d:dd:55:23:3c:cd:f7:de:af:e2:de:73:b4:b7:d9:de:cd:
50:20:c9:7a:9e:8e:94:cd:f9:83:c4:ff:b4:82:71:b0:d7:eb:
36:70:ce:d0:83:43:3f:ff:4f:d5:15:c0:b8:6c:ac:62:87:90:
00:0c:52:5d:6e:14:31:9e:ab:64:a2:04:39:82:d4:92:be:4d:
6b:ce:d8:03:6d:a1:a1:27:a6:53:41:dc:6d:92:13:e9:3f:be:
03:57:3a:39:34:44:80:09:6b:6d:ae:71:bd:aa:ed:04:ef:78:
de:84:3b:33:76:0c:1b:bc:9d:44:17:2e:a4:fe:ac:1e:10:79:
57:44:b2:bf:07:c4:80:3d:1b:39:3d:e5:b6:e3:91:1f:4c:56:
e9:cf:02:93:c2:70:65:8d:fa:68:5c:db:2d:bc:0d:bc:e0:a3:
8f:d5:42:ea:d0:27:91:ab:12:b1:8a:9f:df:53:70:61:d1:3d:
26:c5:92:5a:62:ff:45:47:20:75:fc:89:54:6f:1d:62:d2:4c:
93:68:0a:68:01:ed:30:7b:3b:14:83:0b:49:fa:a8:3a:9e:f4:
31:8d:5d:73
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzF3B2kfR5cmfSC4zaoO20RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODYxMmU4NzAzYTY2MDg4OWNhMGY0NTdjZjFiNGQ4YTBk
NTNiNGQwHhcNMjQwMTAxMTYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjAxZDQwZDdkMGZlY2I1M2I3YTkzZjE0NjdlM2QwNjg2N2M4MTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdLgSlVjlzkrWTxzzHoCQjqwx2TV
rq7OI+G40P2Sg+l7n33rP02gwIc/4bH0mZEGhoz4FwmyZsmP5Qjj7ptf2OoI+B2Q
OJZ4JK3MlhDhkH0jgvWSnVe/ZBIkd4fYNy3WJPhlPQsb8fcZ0wH+QKtFrXkEXLIr
YFQ4C9uO+YNai8qBYYv5LnNd8EijuGpdOS5eyJVCeMI1TAWN5U6gkDASiAJsrF3y
s2jRBwQCKFtIheDHWIC2F5gP5+NwXFI+q4GtZyrI16rljWZLdPjsQE0DndTbyrTm
T+IpHYw5Mvav5qRvEBe7NyspOhQ/aRnGrKDZRIuRg9h+hEAwdshscVwWYQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHYB1A19D+y1O3qT8UZ+PQaGfIFpMB8GA1UdIwQY
MBaAFHCGEuhwOmYIicoPRXzxtNig1TtNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lZUzZIQTZaZ2lKeWc5RmZQRzAyS0RWTzAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yMmIwZmUtOWRjOC00YmVmLWEyOTkt
MzAwOTdhMjQ2YTljLzEvZGdIVURYMFA3TFU3ZXBQeFJuNDlCb1o4Z1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yMmIwZmUtOWRjOC00YmVmLWEyOTktMzAwOTdhMjQ2YTlj
LzEvY0lZUzZIQTZaZ2lKeWc5RmZQRzAyS0RWTzAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAgBAIAATAaMAwDBAGRSF4D
BAORSGADBAKRSGwDBAORSHgwKgQCAAIwJAMHBCoCDMQCEAMHBCoCDMQC8AMHByoC
DMQhAAMHByoCDMQvADANBgkqhkiG9w0BAQsFAAOCAQEAV6ZsHvMRiR2pCcMlO+0W
i5ASFXflcNDGuNHOJtGKGq/QIt2UXk3dVSM8zffer+Lec7S32d7NUCDJep6OlM35
g8T/tIJxsNfrNnDO0INDP/9P1RXAuGysYoeQAAxSXW4UMZ6rZKIEOYLUkr5Na87Y
A22hoSemU0HcbZIT6T++A1c6OTREgAlrba5xvartBO943oQ7M3YMG7ydRBcupP6s
HhB5V0SyvwfEgD0bOT3ltuORH0xW6c8Ck8JwZY36aFzbLbwNvOCjj9VC6tAnkasS
sYqf31NwYdE9JsWSWmL/RUcgdfyJVG8dYtJMk2gKaAHtMHs7FIMLSfqoOp70MY1d
cw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:00 2024 by rpki-client on console-fra.rpki-client.org