Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/ORlp1QE8Ll2GKDUnm3cYWAtUT2k.roa
File: ORlp1QE8Ll2GKDUnm3cYWAtUT2k.roa (raw, json)
Hash identifier: XGOAOkBlarLy7DGSzn8EJkaXAuHFZeLFwO/f5aAhjKA=
Subject key identifier: 39:19:69:D5:01:3C:2E:5D:86:28:35:27:9B:77:18:58:0B:54:4F:69
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 0190F878CCFE0FE720C198B4D1C81E190824
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/ORlp1QE8Ll2GKDUnm3cYWAtUT2k.roa
Signing time: Sun 28 Jul 2024 08:33:04 +0000
ROA not before: Sun 28 Jul 2024 08:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136038
IP address blocks: 2.59.152.0/22 maxlen: 22
2.59.154.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
45.91.226.0/24 maxlen: 24
45.91.227.0/24 maxlen: 24
45.142.152.0/24 maxlen: 24
45.142.155.0/24 maxlen: 24
185.202.103.0/24 maxlen: 24
193.239.150.0/24 maxlen: 24
193.239.154.0/24 maxlen: 24
194.126.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f8:78:cc:fe:0f:e7:20:c1:98:b4:d1:c8:1e:19:08:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jul 28 08:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=391969d5013c2e5d862835279b7718580b544f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:de:6b:54:ec:1b:99:90:52:2b:88:05:30:b3:
1e:43:65:1f:26:a5:70:b9:da:60:f7:77:76:77:bb:
a7:e5:cd:24:da:39:ca:31:5d:97:32:25:f5:ea:18:
67:bc:23:ad:d3:0c:3c:8e:32:e4:af:1c:1f:01:46:
6a:bb:66:6f:63:f2:da:2f:77:38:29:21:35:0e:a0:
80:1c:9e:1f:7c:db:42:58:af:a6:04:18:8e:55:01:
66:16:2e:1f:79:80:d8:25:3c:ca:2c:03:5e:33:24:
b7:e2:ab:fb:b6:a3:55:db:c0:fe:e8:f1:3f:e6:f3:
e6:e6:1d:49:a3:2e:a3:a1:5a:99:32:f3:6f:d0:b2:
d9:8f:5b:8a:75:6a:7e:62:70:ff:fa:3a:23:ff:4c:
ac:51:49:e4:d5:5b:fb:10:17:25:80:35:93:8a:f5:
26:95:91:b3:7c:3d:42:be:6f:c8:b8:1f:b2:dc:83:
6e:28:18:8f:ba:16:04:d0:66:c3:18:46:af:5a:f8:
09:84:3b:54:85:d3:f9:f4:91:73:80:1b:48:99:b4:
66:95:15:4a:33:2a:0c:f6:e5:b4:be:19:b0:8d:db:
a1:0f:5d:77:3d:0e:27:96:4c:66:8b:6c:5e:16:16:
27:86:3e:05:ef:a8:a2:eb:96:5d:0e:4b:a5:d1:e8:
05:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:19:69:D5:01:3C:2E:5D:86:28:35:27:9B:77:18:58:0B:54:4F:69
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/ORlp1QE8Ll2GKDUnm3cYWAtUT2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/22
45.91.226.0/23
45.142.152.0/24
45.142.155.0/24
185.202.103.0/24
193.239.150.0/24
193.239.154.0/24
194.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
12:79:71:56:72:ed:44:fb:61:cd:d9:66:6f:91:43:ed:e0:20:
fc:b7:eb:7d:65:7b:52:fd:31:d4:f9:41:a2:d2:4f:24:61:ea:
97:d5:fd:7e:3d:49:9a:78:95:8c:16:dd:07:5d:12:d8:12:c8:
5e:a0:0b:c7:58:99:8d:83:82:60:e8:cf:b2:98:7a:f8:6c:7a:
ce:68:5a:ce:02:0e:b3:f2:2e:07:c2:19:01:1a:3d:18:56:7e:
85:62:07:0f:e6:f3:4e:f7:17:4a:ca:fb:78:05:e9:08:db:4d:
dd:d3:c8:f9:aa:0a:ce:ba:4d:26:e1:27:54:33:5b:39:99:37:
b8:32:7a:9f:7f:15:bf:bd:95:20:7a:e8:8a:e4:97:2c:b0:38:
ff:f6:e8:df:f4:13:fb:22:74:64:5d:a3:11:49:de:c8:4a:eb:
8b:24:f1:b4:bb:9c:5f:76:ce:dd:51:15:19:60:fd:88:12:ae:
c7:99:ff:ca:3f:2e:90:01:da:8d:58:85:b2:d1:d9:fa:c0:6e:
60:f6:7d:57:78:1e:78:8f:86:22:c6:80:29:54:ac:41:2b:6c:
c9:3b:93:0b:f3:03:35:55:92:af:94:49:15:16:27:7a:a7:ae:
7a:49:5d:0e:1e:38:4f:2e:a5:70:8f:39:b7:f1:49:d7:3d:81:
ce:7f:7d:46
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZD4eMz+D+cgwZi00cgeGQgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwNzI4MDgzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTE5NjlkNTAxM2MyZTVkODYyODM1Mjc5Yjc3MTg1ODBiNTQ0ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj95rVOwbmZBSK4gFMLMeQ2UfJqVw
udpg93d2d7un5c0k2jnKMV2XMiX16hhnvCOt0ww8jjLkrxwfAUZqu2ZvY/LaL3c4
KSE1DqCAHJ4ffNtCWK+mBBiOVQFmFi4feYDYJTzKLANeMyS34qv7tqNV28D+6PE/
5vPm5h1Joy6joVqZMvNv0LLZj1uKdWp+YnD/+joj/0ysUUnk1Vv7EBclgDWTivUm
lZGzfD1Cvm/IuB+y3INuKBiPuhYE0GbDGEavWvgJhDtUhdP59JFzgBtImbRmlRVK
MyoM9uW0vhmwjduhD113PQ4nlkxmi2xeFhYnhj4F76ii65ZdDkul0egFuwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDkZadUBPC5dhig1J5t3GFgLVE9pMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvT1JscDFRRThMbDJHS0RVbm0zY1lXQXRVVDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCAjuYAwQB
LVviAwQALY6YAwQALY6bAwQAucpnAwQAwe+WAwQAwe+aAwQAwn7KMA0GCSqGSIb3
DQEBCwUAA4IBAQASeXFWcu1E+2HN2WZvkUPt4CD8t+t9ZXtS/THU+UGi0k8kYeqX
1f1+PUmaeJWMFt0HXRLYEsheoAvHWJmNg4Jg6M+ymHr4bHrOaFrOAg6z8i4HwhkB
Gj0YVn6FYgcP5vNO9xdKyvt4BekI203d08j5qgrOuk0m4SdUM1s5mTe4MnqffxW/
vZUgeuiK5JcssDj/9ujf9BP7InRkXaMRSd7ISuuLJPG0u5xfds7dURUZYP2IEq7H
mf/KPy6QAdqNWIWy0dn6wG5g9n1XeB54j4YixoApVKxBK2zJO5ML8wM1VZKvlEkV
Fid6p656SV0OHjhPLqVwjzm38UnXPYHOf31G
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:20:38 2024 by rpki-client on console-ams.rpki-client.org