Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/Y72ZpGYCLaRhTqhuxdEq7lFWowY.roa
File: Y72ZpGYCLaRhTqhuxdEq7lFWowY.roa (raw, json)
Hash identifier: Au0SSV41dTe/nefPwKTSlA/DmCiYJMR1Cuyhbaz83cw=
Subject key identifier: 63:BD:99:A4:66:02:2D:A4:61:4E:A8:6E:C5:D1:2A:EE:51:56:A3:06
Certificate issuer: /CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Certificate serial: 01925257F4BFCB6E92D785843B7096C45F3E
Authority key identifier: DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/Y72ZpGYCLaRhTqhuxdEq7lFWowY.roa
Signing time: Thu 03 Oct 2024 12:25:48 +0000
ROA not before: Thu 03 Oct 2024 12:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204601
IP address blocks: 45.14.12.0/24 maxlen: 24
45.14.13.0/24 maxlen: 24
45.14.14.0/24 maxlen: 24
45.14.15.0/24 maxlen: 24
80.89.224.0/22 maxlen: 24
80.89.228.0/23 maxlen: 23
80.89.230.0/24 maxlen: 24
80.89.234.0/23 maxlen: 23
80.89.237.0/24 maxlen: 24
80.89.238.0/23 maxlen: 23
85.208.184.0/22 maxlen: 22
85.208.184.0/24 maxlen: 24
85.208.185.0/24 maxlen: 24
85.208.186.0/24 maxlen: 24
85.208.187.0/24 maxlen: 24
89.105.198.0/24 maxlen: 24
89.105.213.0/24 maxlen: 24
89.105.217.0/24 maxlen: 24
185.80.234.0/24 maxlen: 24
185.92.148.0/22 maxlen: 24
185.224.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:57:f4:bf:cb:6e:92:d7:85:84:3b:70:96:c4:5f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Validity
Not Before: Oct 3 12:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63bd99a466022da4614ea86ec5d12aee5156a306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d3:10:a3:be:76:b7:e9:8a:b4:43:5d:ce:d1:
c0:47:d7:24:82:76:64:c6:34:31:69:0d:2d:0b:36:
f1:92:3f:11:da:95:92:11:69:0b:d4:c9:9d:aa:7e:
d9:a3:0a:5a:8e:fd:a8:45:61:95:88:25:52:80:2f:
da:6b:3a:f3:45:2a:0f:9a:b5:1a:df:73:72:b7:50:
8b:55:26:81:19:b2:01:c4:14:4d:e4:e2:f8:35:bf:
f7:20:cc:1d:8e:37:c6:d6:0f:71:bb:56:83:04:1f:
ae:b2:59:13:94:e7:a3:4a:36:48:f8:33:5d:22:47:
d4:ae:32:da:1f:dc:be:31:9f:7f:df:4f:41:3a:d6:
e1:5c:3d:77:d9:73:a4:af:e6:06:ea:d1:ee:d7:01:
b4:8d:2a:a6:96:ee:9f:5c:e8:49:61:9f:d1:d3:37:
04:af:00:a0:72:1f:a6:13:11:bf:2a:fb:5e:07:66:
b8:14:76:45:3d:4d:4a:1b:85:12:5b:85:11:b1:ea:
1f:59:13:4c:dc:72:77:b3:98:84:90:83:aa:42:a1:
6b:a7:dd:ab:1c:e6:c1:34:ec:46:a7:c1:ca:e1:f0:
0e:1e:12:7b:52:6e:39:19:b8:5b:c3:fa:33:82:5b:
73:63:99:a5:dc:7e:ae:4d:af:dd:48:28:1f:08:01:
a9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BD:99:A4:66:02:2D:A4:61:4E:A8:6E:C5:D1:2A:EE:51:56:A3:06
X509v3 Authority Key Identifier:
keyid:DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/Y72ZpGYCLaRhTqhuxdEq7lFWowY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.12.0/22
80.89.224.0-80.89.230.255
80.89.234.0/23
80.89.237.0-80.89.239.255
85.208.184.0/22
89.105.198.0/24
89.105.213.0/24
89.105.217.0/24
185.80.234.0/24
185.92.148.0/22
185.224.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:5f:bb:cd:1c:db:88:b3:01:b6:99:40:b4:03:2d:19:f2:bf:
61:53:f8:f7:1f:3a:38:70:64:d6:7a:ed:73:9c:1b:d7:32:4a:
20:b2:2a:17:ef:78:05:c9:31:31:33:c7:1c:81:88:f9:ca:70:
b9:40:d9:10:b5:05:93:77:49:5a:9e:b2:f5:0d:2c:ca:1d:38:
0d:b5:8d:e0:a9:7d:69:e7:e8:53:fe:aa:f7:a0:8a:8f:86:c3:
3e:f9:dc:0a:53:dd:de:6c:78:e6:c8:5f:20:20:5c:a8:c9:23:
90:f9:56:66:56:a7:f4:4c:e2:7e:ac:f8:f8:d6:47:6e:82:6a:
d5:30:0f:83:62:e1:61:25:06:4a:21:dc:c3:b4:39:2b:6f:5e:
5c:4c:06:2e:4b:3a:c1:30:08:68:27:03:4e:1f:af:d3:20:94:
de:56:70:ff:e2:49:cb:fa:fc:a4:fa:ed:48:c6:89:25:81:c2:
9f:63:79:86:55:1d:22:eb:18:44:6e:94:13:be:84:4f:e2:8a:
b7:a5:c6:65:43:b0:51:8d:0f:37:bc:f7:a8:17:18:76:57:37:
d3:f7:94:f8:ff:82:a3:ca:8e:18:31:cf:ae:7f:15:22:2b:1a:
6e:b5:e0:f1:99:1a:79:8f:14:58:2c:b3:ce:70:4d:9f:79:a7:
77:b5:5c:25
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZJSV/S/y26S14WEO3CWxF8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTBlMGFlZTFlY2MzMTA2NmNiNzQ0ZjhhN2ZlZWRlZmIz
Zjc5MzAwHhcNMjQxMDAzMTIyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2JkOTlhNDY2MDIyZGE0NjE0ZWE4NmVjNWQxMmFlZTUxNTZhMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9MQo752t+mKtENdztHAR9ckgnZk
xjQxaQ0tCzbxkj8R2pWSEWkL1Mmdqn7Zowpajv2oRWGViCVSgC/aazrzRSoPmrUa
33Nyt1CLVSaBGbIBxBRN5OL4Nb/3IMwdjjfG1g9xu1aDBB+uslkTlOejSjZI+DNd
IkfUrjLaH9y+MZ9/309BOtbhXD132XOkr+YG6tHu1wG0jSqmlu6fXOhJYZ/R0zcE
rwCgch+mExG/KvteB2a4FHZFPU1KG4USW4URseofWRNM3HJ3s5iEkIOqQqFrp92r
HObBNOxGp8HK4fAOHhJ7Um45Gbhbw/ozgltzY5ml3H6uTa/dSCgfCAGpFwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFGO9maRmAi2kYU6obsXRKu5RVqMGMB8GA1UdIwQY
MBaAFNyQ4K7h7MMQZst0T4p/7t77P3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYt
MDBiY2Q5YjkxYzFiLzEvWTcyWnBHWUNMYVJoVHFodXhkRXE3bEZXb3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYtMDBiY2Q5YjkxYzFi
LzEvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQCLQ4MMAwD
BAVQWeADBABQWeYDBAFQWeowDAMEAFBZ7QMEBFBZ4AMEAlXQuAMEAFlpxgMEAFlp
1QMEAFlp2QMEALlQ6gMEArlclAMEALng1zANBgkqhkiG9w0BAQsFAAOCAQEAel+7
zRzbiLMBtplAtAMtGfK/YVP49x86OHBk1nrtc5wb1zJKILIqF+94BckxMTPHHIGI
+cpwuUDZELUFk3dJWp6y9Q0syh04DbWN4Kl9aefoU/6q96CKj4bDPvncClPd3mx4
5shfICBcqMkjkPlWZlan9Ezifqz4+NZHboJq1TAPg2LhYSUGSiHcw7Q5K29eXEwG
Lks6wTAIaCcDTh+v0yCU3lZw/+JJy/r8pPrtSMaJJYHCn2N5hlUdIusYRG6UE76E
T+KKt6XGZUOwUY0PN7z3qBcYdlc30/eU+P+Co8qOGDHPrn8VIisabrXg8ZkaeY8U
WCyzznBNn3mnd7VcJQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:51:08 2024 by rpki-client on console-ams.rpki-client.org