Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2PwPYOT75EdzZpQokN3MzoTPUp8.roa
File: 2PwPYOT75EdzZpQokN3MzoTPUp8.roa (raw, json)
Hash identifier: TC8WCnjYUPiblidNmkziUVit+OXcZR6M5s/WUiVajvY=
Subject key identifier: D8:FC:0F:60:E4:FB:E4:47:73:66:94:28:90:DD:CC:CE:84:CF:52:9F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193C1DBB982D3EF58650D5B1B168BEBF777
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2PwPYOT75EdzZpQokN3MzoTPUp8.roa
Signing time: Fri 13 Dec 2024 21:10:22 +0000
ROA not before: Fri 13 Dec 2024 21:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48314
IP address blocks: 5.175.143.0/24 maxlen: 24
5.175.233.0/24 maxlen: 24
5.175.246.0/24 maxlen: 24
5.175.247.0/24 maxlen: 24
77.90.0.0/24 maxlen: 24
77.90.2.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
77.90.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Dec 2024 00:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c1:db:b9:82:d3:ef:58:65:0d:5b:1b:16:8b:eb:f7:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Dec 13 21:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8fc0f60e4fbe4477366942890ddccce84cf529f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ac:5d:38:ec:5a:3d:f9:b4:53:13:b1:51:aa:
fb:9f:4c:06:31:37:6c:8b:db:7f:9b:1d:d0:d3:e9:
e4:f1:db:e7:69:09:d9:27:be:4e:db:19:c3:d6:c2:
85:7e:d2:87:99:5f:d6:b8:7c:25:18:6b:67:5a:2f:
c9:69:fe:12:a8:43:47:dc:9a:70:03:87:73:48:6d:
e6:dc:e0:61:ee:8c:0d:54:5f:37:23:da:e0:ec:4d:
1b:b1:9b:67:cd:33:ff:42:4e:19:e3:cb:f1:a3:05:
b3:8f:bc:49:24:a3:e4:be:fe:9c:3c:1f:9b:15:ad:
91:ef:e0:ac:d7:4a:8b:5d:73:f7:eb:b0:7a:cb:9a:
6a:96:4a:3c:40:84:a9:9b:c8:1a:10:ac:75:71:df:
6b:47:34:04:a8:79:0b:50:d1:14:3b:f3:c5:8d:9e:
7f:0d:a3:a8:ab:88:50:7e:07:54:fa:23:bd:e5:34:
b9:94:4d:01:89:66:7c:8d:8d:35:f8:3e:67:29:b9:
d7:2e:4b:b6:b0:ec:b1:c4:f5:45:fe:cc:cb:05:5d:
c5:3b:31:51:c0:22:36:b9:01:cf:70:8f:d8:9f:d9:
50:6e:a1:29:96:2e:36:21:ea:fd:56:50:37:87:93:
3f:f6:ca:3e:c0:e0:5e:41:ca:b3:0d:4c:c8:71:83:
c0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FC:0F:60:E4:FB:E4:47:73:66:94:28:90:DD:CC:CE:84:CF:52:9F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2PwPYOT75EdzZpQokN3MzoTPUp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.143.0/24
5.175.233.0/24
5.175.246.0/23
77.90.0.0/24
77.90.2.0/24
77.90.8.0/24
77.90.13.0/24
77.90.51.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:f6:2a:88:13:d0:79:af:2d:85:48:5a:25:a1:ba:d8:43:1b:
0c:7e:21:b7:ee:b4:97:ae:16:64:6a:36:06:16:a2:33:0e:9d:
1f:9f:3f:4d:ce:9d:dc:e2:10:70:d9:bd:e5:12:61:93:e6:5d:
bd:44:77:1a:44:5f:ec:18:f0:79:e4:6c:b9:9e:ff:72:e4:d7:
51:8e:5d:de:73:2a:a6:b7:62:80:15:9a:68:82:c8:60:61:0f:
91:5f:0d:73:72:70:b6:96:72:08:76:0e:db:bf:a2:9a:61:b1:
6d:0d:96:4d:c4:25:67:5d:c5:80:14:1b:4b:b7:8f:3a:42:db:
b3:5e:51:88:ea:a1:bb:20:da:e6:a4:74:a8:24:87:2b:35:ec:
44:e2:40:26:09:23:a4:3e:e3:53:9e:a6:4a:fe:e9:84:13:f0:
10:08:6d:84:7b:bc:06:5e:78:f1:d1:a8:5c:ae:4e:0f:3c:30:
24:8c:d1:32:56:31:f5:c6:d6:10:a4:72:7e:8f:59:b9:71:7f:
e3:d2:1c:ea:26:78:e4:98:51:0d:e7:8f:95:31:81:86:0d:2c:
92:c0:90:c1:c7:9d:d9:06:04:14:94:2e:f6:d2:eb:5d:0c:3a:
4c:55:be:ec:5c:09:5b:25:09:79:c1:5b:c0:fe:43:e5:d3:d5:
60:d4:89:22
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZPB27mC0+9YZQ1bGxaL6/d3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMjEzMjExMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZjMGY2MGU0ZmJlNDQ3NzM2Njk0Mjg5MGRkY2NjZTg0Y2Y1MjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqxdOOxaPfm0UxOxUar7n0wGMTds
i9t/mx3Q0+nk8dvnaQnZJ75O2xnD1sKFftKHmV/WuHwlGGtnWi/Jaf4SqENH3Jpw
A4dzSG3m3OBh7owNVF83I9rg7E0bsZtnzTP/Qk4Z48vxowWzj7xJJKPkvv6cPB+b
Fa2R7+Cs10qLXXP367B6y5pqlko8QISpm8gaEKx1cd9rRzQEqHkLUNEUO/PFjZ5/
DaOoq4hQfgdU+iO95TS5lE0BiWZ8jY01+D5nKbnXLku2sOyxxPVF/szLBV3FOzFR
wCI2uQHPcI/Yn9lQbqEpli42Ier9VlA3h5M/9so+wOBeQcqzDUzIcYPAOQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNj8D2Dk++RHc2aUKJDdzM6Ez1KfMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMlB3UFlPVDc1RWR6WnBRb2tOM016b1RQVXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABa+PAwQA
Ba/pAwQBBa/2AwQATVoAAwQATVoCAwQATVoIAwQATVoNAwQATVozMA0GCSqGSIb3
DQEBCwUAA4IBAQCz9iqIE9B5ry2FSFolobrYQxsMfiG37rSXrhZkajYGFqIzDp0f
nz9Nzp3c4hBw2b3lEmGT5l29RHcaRF/sGPB55Gy5nv9y5NdRjl3ecyqmt2KAFZpo
gshgYQ+RXw1zcnC2lnIIdg7bv6KaYbFtDZZNxCVnXcWAFBtLt486QtuzXlGI6qG7
INrmpHSoJIcrNexE4kAmCSOkPuNTnqZK/umEE/AQCG2Ee7wGXnjx0ahcrk4PPDAk
jNEyVjH1xtYQpHJ+j1m5cX/j0hzqJnjkmFEN54+VMYGGDSySwJDBx53ZBgQUlC72
0utdDDpMVb7sXAlbJQl5wVvA/kPl09Vg1Iki
-----END CERTIFICATE-----
Generated at Wed Dec 18 04:28:31 2024 by rpki-client on console-ams.rpki-client.org