Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/w21Q9_ZXM-H6VGNSoQCtMro9Pg8.roa
File: w21Q9_ZXM-H6VGNSoQCtMro9Pg8.roa (raw, json)
Hash identifier: xYXhsNq3riprb5mbg1v1yBZMTZTnZ5UhU58ySv4QWYM=
Subject key identifier: C3:6D:50:F7:F6:57:33:E1:FA:54:63:52:A1:00:AD:32:BA:3D:3E:0F
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018CD4FF952FE5A2B6A4EFD7E5C41CFA73CF
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/w21Q9_ZXM-H6VGNSoQCtMro9Pg8.roa
Signing time: Thu 04 Jan 2024 15:02:48 +0000
ROA not before: Thu 04 Jan 2024 15:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 45.91.52.0/22 maxlen: 32
45.155.52.0/22 maxlen: 32
195.16.74.0/24 maxlen: 24
45.150.64.0/24 maxlen: 32
45.150.67.0/24 maxlen: 32
45.150.65.0/24 maxlen: 32
45.140.166.0/24 maxlen: 32
5.181.20.0/24 maxlen: 32
45.140.167.0/24 maxlen: 32
5.181.22.0/24 maxlen: 32
5.181.21.0/24 maxlen: 32
185.234.247.0/24 maxlen: 32
5.181.23.0/24 maxlen: 32
45.144.29.0/24 maxlen: 32
45.144.28.0/24 maxlen: 32
45.144.31.0/24 maxlen: 32
45.144.30.0/24 maxlen: 32
45.14.246.0/24 maxlen: 24
45.14.245.0/24 maxlen: 24
45.14.244.0/24 maxlen: 24
45.14.247.0/24 maxlen: 24
45.140.147.0/24 maxlen: 32
45.140.146.0/24 maxlen: 32
146.19.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d4:ff:95:2f:e5:a2:b6:a4:ef:d7:e5:c4:1c:fa:73:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 4 15:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c36d50f7f65733e1fa546352a100ad32ba3d3e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e4:d2:e6:f0:ef:05:30:c7:65:bd:b3:25:4c:
93:9f:13:04:57:d2:c3:ac:7c:2a:6d:6e:ef:41:18:
11:36:54:9c:da:60:fa:4c:d1:78:16:60:4c:e3:ed:
bb:42:fb:d8:6a:45:35:16:75:be:32:9f:a3:d2:0f:
56:26:20:23:8e:9a:f6:81:d8:64:f9:0f:24:0d:0a:
58:0d:2b:79:96:23:58:a9:46:65:fa:ec:3b:32:4b:
7f:99:10:ee:06:3d:93:26:f6:2d:96:db:64:32:52:
31:a2:3f:1f:60:c8:e0:50:96:72:62:37:80:46:2c:
35:f3:d0:f3:c8:f2:56:7b:66:fe:33:f7:22:3f:61:
62:22:2a:b7:38:1c:07:09:43:37:24:30:6d:8d:dc:
15:19:7b:23:83:1c:30:3d:a5:a6:91:ae:e5:b1:87:
62:16:2d:59:8a:df:9a:ad:e0:f4:1f:70:84:e7:7c:
89:1c:54:09:fa:0b:a6:a8:38:55:b8:d5:5b:a0:ff:
5c:be:dc:73:b3:e5:81:f0:0e:8b:e3:68:71:ea:88:
42:5f:72:cf:b0:20:1c:9e:5e:b6:06:e8:a4:5d:78:
8f:d2:28:71:af:1f:39:08:1f:1a:06:1e:77:8b:d2:
e2:ce:4b:2a:71:65:28:0b:19:ea:b4:d3:e4:6b:0a:
21:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:6D:50:F7:F6:57:33:E1:FA:54:63:52:A1:00:AD:32:BA:3D:3E:0F
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/w21Q9_ZXM-H6VGNSoQCtMro9Pg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0/22
45.14.244.0/22
45.91.52.0/22
45.140.146.0/23
45.140.166.0/23
45.144.28.0/22
45.150.64.0/23
45.150.67.0/24
45.155.52.0/22
146.19.230.0/24
185.234.247.0/24
195.16.74.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:dd:16:fb:d4:18:4b:7a:ab:5e:7b:f8:d8:c2:4f:ad:04:79:
b7:8a:87:fc:3e:fc:53:45:37:13:94:31:19:bb:12:51:ce:fe:
79:64:c5:0e:b4:80:79:cb:b9:b0:0d:44:d4:cb:ea:ed:8e:9e:
34:a3:4f:f6:38:59:26:2c:2d:43:a5:cc:c2:cf:9c:bd:76:99:
e7:30:aa:7c:75:07:da:85:74:8b:f7:23:fc:f6:f7:02:23:29:
11:6e:d7:e5:3f:0a:1f:1c:73:77:c3:4f:19:43:15:8e:87:b2:
87:c7:26:bd:82:63:d6:1f:9d:29:44:c9:a3:5e:5c:0a:fa:27:
8d:21:25:81:5e:e4:95:3d:81:54:a0:10:49:8a:49:4b:84:a1:
16:32:fd:5f:24:20:c0:a7:79:5e:c4:bb:a1:e2:dd:40:59:4a:
a3:cf:59:b2:5a:f2:06:3e:69:bd:ae:52:c3:35:52:88:07:c0:
07:6e:c5:5b:63:00:91:6f:99:7a:d1:f3:81:c9:d6:65:de:05:
31:a1:53:47:59:47:e4:d9:a8:26:53:bf:4e:8e:46:e7:e9:7b:
e1:6c:23:5b:a6:bd:0a:2f:89:5d:7a:57:08:3f:bb:ae:f8:ad:
0f:ae:f6:25:e0:b6:96:2e:74:04:d7:8f:36:af:4c:6f:46:06:
39:13:1b:5b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzU/5Uv5aK2pO/X5cQc+nPPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwMTA0MTUwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzZkNTBmN2Y2NTczM2UxZmE1NDYzNTJhMTAwYWQzMmJhM2QzZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+TS5vDvBTDHZb2zJUyTnxMEV9LD
rHwqbW7vQRgRNlSc2mD6TNF4FmBM4+27QvvYakU1FnW+Mp+j0g9WJiAjjpr2gdhk
+Q8kDQpYDSt5liNYqUZl+uw7Mkt/mRDuBj2TJvYtlttkMlIxoj8fYMjgUJZyYjeA
Riw189DzyPJWe2b+M/ciP2FiIiq3OBwHCUM3JDBtjdwVGXsjgxwwPaWmka7lsYdi
Fi1Zit+areD0H3CE53yJHFQJ+gumqDhVuNVboP9cvtxzs+WB8A6L42hx6ohCX3LP
sCAcnl62BuikXXiP0ihxrx85CB8aBh53i9LizksqcWUoCxnqtNPkawohUQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMNtUPf2VzPh+lRjUqEArTK6PT4PMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvdzIxUTlfWlhNLUg2VkdOU29RQ3RNcm85UGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCBbUUAwQC
LQ70AwQCLVs0AwQBLYySAwQBLYymAwQCLZAcAwQBLZZAAwQALZZDAwQCLZs0AwQA
khPmAwQAuer3AwQAwxBKMA0GCSqGSIb3DQEBCwUAA4IBAQB83Rb71BhLeqtee/jY
wk+tBHm3iof8PvxTRTcTlDEZuxJRzv55ZMUOtIB5y7mwDUTUy+rtjp40o0/2OFkm
LC1DpczCz5y9dpnnMKp8dQfahXSL9yP89vcCIykRbtflPwofHHN3w08ZQxWOh7KH
xya9gmPWH50pRMmjXlwK+ieNISWBXuSVPYFUoBBJiklLhKEWMv1fJCDAp3lexLuh
4t1AWUqjz1myWvIGPmm9rlLDNVKIB8AHbsVbYwCRb5l60fOBydZl3gUxoVNHWUfk
2agmU79Ojkbn6XvhbCNbpr0KL4ldelcIP7uu+K0PrvYl4LaWLnQE1482r0xvRgY5
Extb
-----END CERTIFICATE-----
Generated at Tue May 7 18:24:43 2024 by rpki-client on console-fra.rpki-client.org