Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/drD_voSc89fRTwHpi-hKKYrsxZ8.roa
File: drD_voSc89fRTwHpi-hKKYrsxZ8.roa (raw, json)
Hash identifier: WRDEGGXowsCU2eWKfE6Pn3kL+yV3SO8NKL8ns9VmbbU=
Subject key identifier: 76:B0:FF:BE:84:9C:F3:D7:D1:4F:01:E9:8B:E8:4A:29:8A:EC:C5:9F
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191B871C695219C6CE81FD9A71C3F73C840
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/drD_voSc89fRTwHpi-hKKYrsxZ8.roa
Signing time: Tue 03 Sep 2024 15:12:29 +0000
ROA not before: Tue 03 Sep 2024 15:12:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43289
IP address blocks: 45.153.124.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
92.243.67.0/24 maxlen: 24
2a03:f80:373::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b8:71:c6:95:21:9c:6c:e8:1f:d9:a7:1c:3f:73:c8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 3 15:12:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76b0ffbe849cf3d7d14f01e98be84a298aecc59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e2:64:43:69:b9:6f:58:d5:cc:3e:76:fb:5e:
fd:13:65:6e:56:83:d8:1b:46:d4:d0:eb:1b:fc:60:
6d:ca:39:e7:66:fe:a3:99:b8:5f:17:5b:28:5f:83:
f3:ac:82:91:cb:47:74:7a:a5:6d:c1:45:53:7b:7b:
b9:0b:8d:c6:74:04:38:e8:90:29:a9:d5:ea:ec:c4:
d8:e0:97:c7:a6:a7:74:1c:22:8c:34:8f:56:07:08:
3b:9d:43:19:26:8e:e0:fc:a1:e6:29:f8:36:aa:e6:
48:58:ef:30:52:0c:c9:ae:05:34:ab:f6:91:73:67:
d7:08:f3:0a:d1:fb:c4:9d:8d:da:ef:56:59:71:d2:
32:0e:14:7d:5d:8b:0c:cd:65:a2:7e:05:04:1d:a8:
62:a0:37:0e:0e:be:ff:11:47:ac:43:61:c1:5d:f6:
f7:1d:d2:70:2b:6d:ad:2f:9d:53:9b:f2:66:5c:50:
37:cc:6a:0b:e6:ef:40:3f:fb:3b:c3:39:b1:a5:89:
a3:c6:90:12:f9:7c:d1:11:12:4e:65:76:69:1a:7f:
8f:18:a1:24:27:88:5d:93:5d:e0:18:4e:b8:e4:f6:
69:4e:c9:30:ca:9c:db:61:46:51:05:23:24:6b:6b:
38:e5:0d:08:05:3c:e1:bf:6b:a8:d9:1c:fb:98:6c:
f9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B0:FF:BE:84:9C:F3:D7:D1:4F:01:E9:8B:E8:4A:29:8A:EC:C5:9F
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/drD_voSc89fRTwHpi-hKKYrsxZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.124.0/24
89.46.232.0/24
92.243.67.0/24
IPv6:
2a03:f80:373::/48
Signature Algorithm: sha256WithRSAEncryption
2c:1d:72:72:4d:d5:a5:98:ed:69:de:53:be:da:c2:8e:8e:43:
4e:77:52:44:e8:87:07:f4:5d:98:20:c6:eb:8a:de:1b:26:40:
ee:b6:2a:08:3a:48:94:37:64:da:4c:46:c7:39:d0:e7:ee:db:
43:69:e2:8e:82:30:d5:e1:40:97:3d:c5:54:d5:24:0c:47:21:
f6:7e:0a:6c:fb:a7:fc:fd:4b:a3:6f:82:f3:72:80:b9:d4:54:
cf:17:3e:4a:7a:c0:39:81:a6:2c:e4:0a:ab:33:f7:9d:b0:65:
5d:72:cc:8b:67:3c:16:f9:24:23:b8:27:1b:36:bf:f8:ca:3d:
85:cf:86:e5:75:62:5e:0c:ec:f7:cc:de:14:78:10:e8:e7:64:
c2:f5:81:e3:a3:6b:f8:71:e8:fd:1a:ea:e3:97:72:3a:ec:4b:
0f:4e:89:0d:05:0d:e8:18:d1:99:53:af:04:d1:96:46:0f:bc:
48:74:e1:70:ba:c1:71:9b:fb:72:ee:ce:dd:13:40:75:7a:04:
be:91:83:74:80:81:65:3c:24:08:75:7b:8a:4b:2d:ed:fb:99:
4b:92:41:8f:dc:ab:99:e0:e2:ca:53:ae:6f:79:e9:08:fd:a1:
2c:c1:69:c1:b1:ec:92:d5:9f:ef:1d:74:87:b2:f2:e4:c0:dd:
6c:cf:58:82
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZG4ccaVIZxs6B/Zpxw/c8hAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTAzMTUxMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmIwZmZiZTg0OWNmM2Q3ZDE0ZjAxZTk4YmU4NGEyOThhZWNjNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+JkQ2m5b1jVzD52+179E2VuVoPY
G0bU0Osb/GBtyjnnZv6jmbhfF1soX4PzrIKRy0d0eqVtwUVTe3u5C43GdAQ46JAp
qdXq7MTY4JfHpqd0HCKMNI9WBwg7nUMZJo7g/KHmKfg2quZIWO8wUgzJrgU0q/aR
c2fXCPMK0fvEnY3a71ZZcdIyDhR9XYsMzWWifgUEHahioDcODr7/EUesQ2HBXfb3
HdJwK22tL51Tm/JmXFA3zGoL5u9AP/s7wzmxpYmjxpAS+XzRERJOZXZpGn+PGKEk
J4hdk13gGE645PZpTskwypzbYUZRBSMka2s45Q0IBTzhv2uo2Rz7mGz5FQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHaw/76EnPPX0U8B6YvoSimK7MWfMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvZHJEX3ZvU2M4OWZSVHdIcGktaEtLWXJzeFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALZl8AwQA
WS7oAwQAXPNDMA8EAgACMAkDBwAqAw+AA3MwDQYJKoZIhvcNAQELBQADggEBACwd
cnJN1aWY7WneU77awo6OQ053UkTohwf0XZggxuuK3hsmQO62Kgg6SJQ3ZNpMRsc5
0Ofu20Np4o6CMNXhQJc9xVTVJAxHIfZ+Cmz7p/z9S6NvgvNygLnUVM8XPkp6wDmB
pizkCqsz952wZV1yzItnPBb5JCO4Jxs2v/jKPYXPhuV1Yl4M7PfM3hR4EOjnZML1
geOja/hx6P0a6uOXcjrsSw9OiQ0FDegY0ZlTrwTRlkYPvEh04XC6wXGb+3Luzt0T
QHV6BL6Rg3SAgWU8JAh1e4pLLe37mUuSQY/cq5ng4spTrm956Qj9oSzBacGx7JLV
n+8ddIey8uTA3WzPWII=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:27:14 2024 by rpki-client on console-fra.rpki-client.org