Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/jwbNcQQ_rU-WTSMSkEL2AEywEAk.roa
File: jwbNcQQ_rU-WTSMSkEL2AEywEAk.roa (raw, json)
Hash identifier: P0tFfVNTTUoW+7ylk+eSw+R2mbWrgyTdsCMCWkLFkc8=
Subject key identifier: 8F:06:CD:71:04:3F:AD:4F:96:4D:23:12:90:42:F6:00:4C:B0:10:09
Certificate issuer: /CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Certificate serial: 019349EA925BBB56EC74E345308D62B0062F
Authority key identifier: 51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/jwbNcQQ_rU-WTSMSkEL2AEywEAk.roa
Signing time: Wed 20 Nov 2024 14:12:09 +0000
ROA not before: Wed 20 Nov 2024 14:12:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208366
IP address blocks: 45.142.220.0/22 maxlen: 22
45.142.220.0/24 maxlen: 24
45.142.221.0/24 maxlen: 24
45.142.222.0/24 maxlen: 24
45.142.223.0/24 maxlen: 24
2a0e:dbc0::/29 maxlen: 29
2a0e:dbc0::/48 maxlen: 48
2a0e:dbc0:1::/48 maxlen: 48
2a0e:dbc0:2::/48 maxlen: 48
2a0e:dbc0:3::/48 maxlen: 48
2a0e:dbc0:4::/48 maxlen: 48
2a0e:dbc0:5::/48 maxlen: 48
2a0e:dbc0:6::/48 maxlen: 48
2a0e:dbc0:7::/48 maxlen: 48
2a0e:dbc0:8::/48 maxlen: 48
2a0e:dbc0:9::/48 maxlen: 48
2a0e:dbc0:a::/48 maxlen: 48
2a0e:dbc0:b::/48 maxlen: 48
2a0e:dbc0:c::/48 maxlen: 48
2a0e:dbc0:d::/48 maxlen: 48
2a0e:dbc0:e::/48 maxlen: 48
2a0e:dbc0:f::/48 maxlen: 48
2a0e:dbc0:1000::/48 maxlen: 48
2a0e:dbc0:1001::/48 maxlen: 48
2a0e:dbc0:1002::/48 maxlen: 48
2a0e:dbc0:1003::/48 maxlen: 48
2a0e:dbc0:1004::/48 maxlen: 48
2a0e:dbc0:1005::/48 maxlen: 48
2a0e:dbc0:1006::/48 maxlen: 48
2a0e:dbc0:1007::/48 maxlen: 48
2a0e:dbc0:1008::/48 maxlen: 48
2a0e:dbc0:1009::/48 maxlen: 48
2a0e:dbc0:100a::/48 maxlen: 48
2a0e:dbc0:100b::/48 maxlen: 48
2a0e:dbc0:100c::/48 maxlen: 48
2a0e:dbc0:100d::/48 maxlen: 48
2a0e:dbc0:100e::/48 maxlen: 48
2a0e:dbc0:100f::/48 maxlen: 48
2a0e:dbc0:2000::/48 maxlen: 48
2a0e:dbc0:2001::/48 maxlen: 48
2a0e:dbc0:2002::/48 maxlen: 48
2a0e:dbc0:2003::/48 maxlen: 48
2a0e:dbc0:2004::/48 maxlen: 48
2a0e:dbc0:2005::/48 maxlen: 48
2a0e:dbc0:2006::/48 maxlen: 48
2a0e:dbc0:2007::/48 maxlen: 48
2a0e:dbc0:2008::/48 maxlen: 48
2a0e:dbc0:2009::/48 maxlen: 48
2a0e:dbc0:200a::/48 maxlen: 48
2a0e:dbc0:200b::/48 maxlen: 48
2a0e:dbc0:200c::/48 maxlen: 48
2a0e:dbc0:200d::/48 maxlen: 48
2a0e:dbc0:200e::/48 maxlen: 48
2a0e:dbc0:200f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:ea:92:5b:bb:56:ec:74:e3:45:30:8d:62:b0:06:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Validity
Not Before: Nov 20 14:12:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f06cd71043fad4f964d23129042f6004cb01009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7b:9e:08:25:1a:bc:b7:0e:bf:21:c0:bb:f6:
72:86:8d:e2:b4:61:36:e8:a6:e6:cf:69:50:d3:9d:
4d:21:6a:a4:b4:39:70:c9:96:9c:c9:fe:9d:be:59:
2b:90:07:b8:94:50:f7:36:75:68:69:1c:52:c2:82:
ce:54:f6:ff:a5:73:4c:29:f0:81:8c:93:15:9a:4f:
cf:d5:e3:dc:50:82:c8:20:88:f0:53:ae:d6:50:37:
dc:73:33:64:15:97:67:e4:45:bd:4f:0e:ee:2c:6a:
75:c5:8b:79:c8:fa:1c:02:ce:98:8a:aa:6b:93:53:
22:b1:50:e8:41:d1:af:66:c9:b0:25:a9:d8:13:91:
a4:20:c0:6f:a6:1d:05:21:9a:53:b9:fd:17:80:ba:
2b:52:7c:a2:87:08:a2:f3:d0:0b:81:20:ca:b4:35:
da:d7:69:07:20:b9:af:8e:e9:fb:49:19:28:d5:37:
14:a1:ec:94:f1:83:81:c0:cb:08:f7:be:aa:8f:4b:
78:43:5e:92:8e:59:19:62:6e:ed:e5:3a:78:88:31:
b2:68:71:ce:de:59:e2:22:55:00:ce:1a:ef:a8:2a:
7f:12:78:7d:0d:48:7b:89:e1:9a:80:9d:1f:b4:83:
82:30:52:16:39:77:e8:c8:38:4c:25:b9:b0:57:32:
4a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:06:CD:71:04:3F:AD:4F:96:4D:23:12:90:42:F6:00:4C:B0:10:09
X509v3 Authority Key Identifier:
keyid:51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/jwbNcQQ_rU-WTSMSkEL2AEywEAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.220.0/22
IPv6:
2a0e:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
36:4d:2a:7f:dd:e3:5d:99:3f:03:78:f1:f1:af:cd:75:03:15:
01:84:cd:e2:a5:ba:a4:0c:40:a0:05:76:c5:66:9c:ea:9e:e9:
31:df:90:22:34:1f:81:e2:d4:f9:7d:cc:86:21:6c:b9:15:4f:
c2:20:9e:35:41:bf:b8:53:80:bd:44:33:07:62:6a:8d:3b:e4:
9f:34:ac:0a:ef:3a:48:f2:e9:c2:c5:b5:07:de:22:3c:76:51:
0c:58:9e:14:46:78:87:13:2c:48:91:37:aa:97:1f:d4:91:12:
f9:02:5c:05:44:71:d7:c5:6c:11:49:51:b0:08:b0:c3:22:1f:
c9:0e:40:81:85:57:c5:1b:46:c2:85:34:d9:2c:21:ef:1d:98:
0c:8b:4d:47:5c:5c:49:f5:b3:dd:08:42:cc:0e:44:0a:07:5d:
6d:d9:e8:22:41:90:8d:83:c6:b9:aa:42:7f:59:9a:70:4d:a3:
4d:7f:de:1a:96:96:b7:c9:e2:ea:3c:e8:73:10:d0:9e:5c:13:
a2:60:a3:42:50:7b:6b:56:25:74:a6:0c:d1:9d:4e:9c:17:83:
aa:38:fc:e2:a0:e0:06:f8:4b:3d:83:2f:66:9a:7d:1a:84:01:
9e:8d:e4:42:bf:bf:ff:d1:98:41:53:02:3e:07:b9:bd:6c:a4:
a3:86:fb:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNJ6pJbu1bsdONFMI1isAYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxODhkZWRhY2RjMjQwYjRiMmY3ODZmMTIzNDJlMGE4M2Q4
YWU4MGYwHhcNMjQxMTIwMTQxMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjA2Y2Q3MTA0M2ZhZDRmOTY0ZDIzMTI5MDQyZjYwMDRjYjAxMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3ueCCUavLcOvyHAu/Zyho3itGE2
6Kbmz2lQ051NIWqktDlwyZacyf6dvlkrkAe4lFD3NnVoaRxSwoLOVPb/pXNMKfCB
jJMVmk/P1ePcUILIIIjwU67WUDfcczNkFZdn5EW9Tw7uLGp1xYt5yPocAs6Yiqpr
k1MisVDoQdGvZsmwJanYE5GkIMBvph0FIZpTuf0XgLorUnyihwii89ALgSDKtDXa
12kHILmvjun7SRko1TcUoeyU8YOBwMsI976qj0t4Q16SjlkZYm7t5Tp4iDGyaHHO
3lniIlUAzhrvqCp/Enh9DUh7ieGagJ0ftIOCMFIWOXfoyDhMJbmwVzJK/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI8GzXEEP61Plk0jEpBC9gBMsBAJMB8GA1UdIwQY
MBaAFFGI3trNwkC0sveG8SNC4Kg9iugPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQt
NzliM2RiNjU5ZGZjLzEvandiTmNRUV9yVS1XVFNNU2tFTDJBRXl3RUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQtNzliM2RiNjU5ZGZj
LzEvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY7cMA0E
AgACMAcDBQMqDtvAMA0GCSqGSIb3DQEBCwUAA4IBAQA2TSp/3eNdmT8DePHxr811
AxUBhM3ipbqkDECgBXbFZpzqnukx35AiNB+B4tT5fcyGIWy5FU/CIJ41Qb+4U4C9
RDMHYmqNO+SfNKwK7zpI8unCxbUH3iI8dlEMWJ4URniHEyxIkTeqlx/UkRL5AlwF
RHHXxWwRSVGwCLDDIh/JDkCBhVfFG0bChTTZLCHvHZgMi01HXFxJ9bPdCELMDkQK
B11t2egiQZCNg8a5qkJ/WZpwTaNNf94alpa3yeLqPOhzENCeXBOiYKNCUHtrViV0
pgzRnU6cF4OqOPzioOAG+Es9gy9mmn0ahAGejeRCv7//0ZhBUwI+B7m9bKSjhvsB
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:22:08 2024 by rpki-client on console-fra.rpki-client.org