Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/S9_aEzIET9Tl2hp9m5pRg183KsU.roa
File: S9_aEzIET9Tl2hp9m5pRg183KsU.roa (raw, json)
Hash identifier: 9m6tHjFEEuvSIfG+FMLnPi7J/36F9zimXFG5478uO0I=
Subject key identifier: 4B:DF:DA:13:32:04:4F:D4:E5:DA:1A:7D:9B:9A:51:83:5F:37:2A:C5
Certificate issuer: /CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Certificate serial: 018CC6B77F4ABE36DB19A91087A22496B511
Authority key identifier: 74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/S9_aEzIET9Tl2hp9m5pRg183KsU.roa
Signing time: Mon 01 Jan 2024 20:29:23 +0000
ROA not before: Mon 01 Jan 2024 20:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.15.21.0/24 maxlen: 24
194.53.136.0/24 maxlen: 24
194.53.137.0/24 maxlen: 24
194.53.138.0/24 maxlen: 24
194.53.139.0/24 maxlen: 24
2a0e:1d80:117::/64 maxlen: 64
2a0e:1d80:12::/48 maxlen: 48
2a0e:1d80:10::/48 maxlen: 48
2a0e:1d80:6::/48 maxlen: 48
2a0e:1d80:11::/48 maxlen: 48
2a0e:1d80:14::/48 maxlen: 48
2a0e:1d80:15::/48 maxlen: 48
2a0e:1d80:8::/48 maxlen: 48
2a0e:1d80:13::/48 maxlen: 48
2a0e:1d80:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:7f:4a:be:36:db:19:a9:10:87:a2:24:96:b5:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Validity
Not Before: Jan 1 20:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bdfda1332044fd4e5da1a7d9b9a51835f372ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:42:78:90:6b:4b:96:a0:e6:7d:bc:d8:8c:85:
18:13:53:e9:6e:e5:bf:1c:70:1f:ad:5f:1f:c3:ff:
8b:4b:11:30:99:1e:c7:3a:09:71:58:e4:55:7c:b7:
52:3d:b3:bd:ae:b7:5e:5c:2b:2a:8e:e6:c3:0f:9c:
10:8a:fd:38:9e:40:f2:93:7f:6e:51:c7:d0:43:c2:
54:85:f2:01:f1:82:48:40:a4:c9:72:00:be:b0:73:
12:f1:d9:03:93:f0:91:6e:54:88:63:1c:33:b4:c9:
c1:a0:17:71:8b:ee:42:e4:5a:b8:df:fc:97:31:54:
13:e1:2d:cd:cf:4b:bd:fb:1b:8a:f5:4a:ba:fb:17:
cf:cc:aa:68:10:8d:df:14:86:3c:21:8d:ee:e2:90:
78:19:98:95:d4:a6:b5:48:4d:d5:fc:10:27:69:a6:
8e:ed:8f:06:68:5a:bd:93:d8:77:c1:6a:0c:62:e4:
1e:b7:0c:2c:67:e3:44:ef:ee:63:e2:c1:a7:82:00:
a2:c5:23:57:fe:bf:a1:5c:28:89:6c:af:4f:61:dc:
f3:1f:5d:b9:62:ee:f4:a0:f0:26:79:e8:9a:0e:43:
55:c8:a9:bc:3b:6f:6c:eb:98:0a:03:cc:e0:9a:11:
1a:20:bc:e9:cb:33:3d:ec:b1:84:0a:d5:28:9a:bb:
31:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DF:DA:13:32:04:4F:D4:E5:DA:1A:7D:9B:9A:51:83:5F:37:2A:C5
X509v3 Authority Key Identifier:
keyid:74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/S9_aEzIET9Tl2hp9m5pRg183KsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.21.0/24
194.53.136.0/22
IPv6:
2a0e:1d80:6::/48
2a0e:1d80:8::/47
2a0e:1d80:10::-2a0e:1d80:15:ffff:ffff:ffff:ffff:ffff
2a0e:1d80:117::/64
Signature Algorithm: sha256WithRSAEncryption
6a:40:13:75:3b:3c:44:bb:ea:e1:38:13:d6:ff:1a:28:bf:07:
1e:d9:c0:a2:18:5f:53:45:3b:f9:4c:9b:8a:ee:1c:57:03:9f:
84:d9:cc:93:a5:4c:de:19:41:db:b1:c9:70:f5:ff:67:6a:a0:
bc:0c:3e:59:09:f0:ae:2f:73:17:ad:eb:6b:07:a5:4b:f6:21:
47:81:84:73:eb:52:01:cd:84:70:d7:95:a5:f6:1c:e3:1c:8b:
9d:15:8a:8b:32:28:c9:29:99:98:2c:00:92:6a:26:4a:8c:44:
69:73:1c:0e:e1:41:4c:f1:45:3e:6c:7f:dc:7c:39:44:e8:6a:
43:01:e9:be:68:c6:ca:2f:82:41:f7:3b:68:ba:70:06:17:4a:
0b:d0:80:86:ad:47:f8:83:da:3c:30:ab:c3:13:cd:fe:6d:1a:
0c:db:b2:4b:0f:28:f9:49:6a:5c:0b:a6:c8:af:19:1a:20:e3:
39:d6:d1:25:06:3f:73:02:65:6d:2b:c9:71:44:2b:57:64:a9:
e3:15:0a:3c:be:e8:bf:3e:9d:24:88:20:bc:6c:3e:04:52:5c:
67:85:c9:7b:4f:29:30:b3:2a:69:59:a3:09:30:1c:46:b7:dd:
8d:ed:e2:ef:71:55:de:aa:e3:83:7b:fa:48:ba:2d:71:65:88:
58:44:ed:85
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzGt39KvjbbGakQh6IklrURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWViYzE1NGE1NmM4MzAyNWNiZDg2NDFhOWFjMzE1Y2I1
NTFjMDYwHhcNMjQwMTAxMjAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmRmZGExMzMyMDQ0ZmQ0ZTVkYTFhN2Q5YjlhNTE4MzVmMzcyYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUJ4kGtLlqDmfbzYjIUYE1PpbuW/
HHAfrV8fw/+LSxEwmR7HOglxWORVfLdSPbO9rrdeXCsqjubDD5wQiv04nkDyk39u
UcfQQ8JUhfIB8YJIQKTJcgC+sHMS8dkDk/CRblSIYxwztMnBoBdxi+5C5Fq43/yX
MVQT4S3Nz0u9+xuK9Uq6+xfPzKpoEI3fFIY8IY3u4pB4GZiV1Ka1SE3V/BAnaaaO
7Y8GaFq9k9h3wWoMYuQetwwsZ+NE7+5j4sGnggCixSNX/r+hXCiJbK9PYdzzH125
Yu70oPAmeeiaDkNVyKm8O29s65gKA8zgmhEaILzpyzM97LGECtUomrsx0QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFEvf2hMyBE/U5doafZuaUYNfNyrFMB8GA1UdIwQY
MBaAFHSuvBVKVsgwJcvYZBqawxXLVRwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEs2OEZVcFd5REFseTloa0dwckRGY3RWSEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82ZGU3YTAtNDA3My00MjcyLWJmNDQt
MDdhMWQ2NTU0OGJhLzEvUzlfYUV6SUVUOVRsMmhwOW01cFJnMTgzS3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82ZGU3YTAtNDA3My00MjcyLWJmNDQtMDdhMWQ2NTU0OGJh
LzEvZEs2OEZVcFd5REFseTloa0dwckRGY3RWSEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTASBAIAATAMAwQALQ8VAwQC
wjWIMDcEAgACMDEDBwAqDh2AAAYDBwEqDh2AAAgwEgMHBCoOHYAAEAMHASoOHYAA
FAMJACoOHYABFwAAMA0GCSqGSIb3DQEBCwUAA4IBAQBqQBN1OzxEu+rhOBPW/xoo
vwce2cCiGF9TRTv5TJuK7hxXA5+E2cyTpUzeGUHbsclw9f9naqC8DD5ZCfCuL3MX
retrB6VL9iFHgYRz61IBzYRw15Wl9hzjHIudFYqLMijJKZmYLACSaiZKjERpcxwO
4UFM8UU+bH/cfDlE6GpDAem+aMbKL4JB9ztounAGF0oL0ICGrUf4g9o8MKvDE83+
bRoM27JLDyj5SWpcC6bIrxkaIOM51tElBj9zAmVtK8lxRCtXZKnjFQo8vui/Pp0k
iCC8bD4EUlxnhcl7TykwsyppWaMJMBxGt92N7eLvcVXequODe/pIui1xZYhYRO2F
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:55 2024 by rpki-client on console-ams.rpki-client.org