Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/_U9rtl2dTcjQYCHUlx8FMEKieSQ.roa
File: _U9rtl2dTcjQYCHUlx8FMEKieSQ.roa (raw, json)
Hash identifier: pvwCS4i35JfYCU7NmIh9ucGzTYXitu+DXgxqz9J9QXk=
Subject key identifier: FD:4F:6B:B6:5D:9D:4D:C8:D0:60:21:D4:97:1F:05:30:42:A2:79:24
Certificate issuer: /CN=bcc63f010c540bcd4554344bfb9a59a2edbabc29
Certificate serial: 0191E02D92F6087CC3ABEE7600C1400A045D
Authority key identifier: BC:C6:3F:01:0C:54:0B:CD:45:54:34:4B:FB:9A:59:A2:ED:BA:BC:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/_U9rtl2dTcjQYCHUlx8FMEKieSQ.roa
Signing time: Wed 11 Sep 2024 08:22:48 +0000
ROA not before: Wed 11 Sep 2024 08:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60144
IP address blocks: 45.138.36.0/22 maxlen: 24
45.150.76.0/22 maxlen: 24
91.215.156.0/22 maxlen: 24
146.19.105.0/24 maxlen: 24
185.27.236.0/24 maxlen: 32
185.27.237.0/24 maxlen: 32
185.27.238.0/24 maxlen: 32
185.27.239.0/24 maxlen: 32
185.53.8.0/22 maxlen: 24
185.56.28.0/22 maxlen: 24
185.234.218.0/24 maxlen: 32
192.162.136.0/22 maxlen: 24
2a02:5060::/32 maxlen: 48
2a07:f9c0::/29 maxlen: 48
2a12:1680::/29 maxlen: 29
2a12:8f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/vMY_AQxUC81FVDRL-5pZou26vCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/vMY_AQxUC81FVDRL-5pZou26vCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e0:2d:92:f6:08:7c:c3:ab:ee:76:00:c1:40:0a:04:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcc63f010c540bcd4554344bfb9a59a2edbabc29
Validity
Not Before: Sep 11 08:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd4f6bb65d9d4dc8d06021d4971f053042a27924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:94:a1:13:af:c0:f7:9b:b1:12:86:df:fe:26:
42:c4:5d:c6:5a:58:63:c0:7c:67:7d:af:81:fe:3e:
99:62:f1:4b:b2:da:67:d7:8f:d8:42:b2:71:d3:44:
8d:fb:52:1e:b7:90:9e:1e:03:88:d0:82:26:63:48:
6c:6a:f8:1c:99:ec:69:8a:88:15:fb:53:30:d6:33:
72:68:05:c1:a4:5c:15:f5:f2:05:24:f4:ff:ee:f4:
24:18:b7:0f:3f:2a:02:30:f9:9e:b2:c7:ac:82:62:
bd:aa:07:9b:81:24:eb:f9:f7:22:6b:e6:f4:5d:5c:
e7:94:45:26:c8:36:e3:4d:ee:01:23:cf:ab:69:ca:
a1:02:6f:d9:be:9f:d4:31:83:3b:04:00:35:d5:7a:
66:4c:de:dc:54:be:06:a5:6a:48:bd:c4:94:c4:e1:
d0:93:78:6a:cf:f1:42:50:3d:dd:65:7c:dd:19:53:
a6:00:19:a2:af:54:40:7f:99:f4:8c:5e:cc:05:74:
86:b0:3a:63:29:29:2e:e8:c1:0a:8b:e9:1b:f0:23:
be:72:65:e8:36:65:41:1b:e5:63:4d:d7:df:11:7e:
a8:1e:03:22:ef:0d:f7:b4:f8:74:27:80:80:e0:22:
36:b5:69:e1:cb:82:55:0b:9b:1a:aa:4d:46:ec:81:
30:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:4F:6B:B6:5D:9D:4D:C8:D0:60:21:D4:97:1F:05:30:42:A2:79:24
X509v3 Authority Key Identifier:
keyid:BC:C6:3F:01:0C:54:0B:CD:45:54:34:4B:FB:9A:59:A2:ED:BA:BC:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMY_AQxUC81FVDRL-5pZou26vCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/_U9rtl2dTcjQYCHUlx8FMEKieSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a29c67-f24d-4979-b2af-cc41c4a3198d/1/vMY_AQxUC81FVDRL-5pZou26vCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.36.0/22
45.150.76.0/22
91.215.156.0/22
146.19.105.0/24
185.27.236.0/22
185.53.8.0/22
185.56.28.0/22
185.234.218.0/24
192.162.136.0/22
IPv6:
2a02:5060::/32
2a07:f9c0::/29
2a12:1680::/29
2a12:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
8f:a7:02:6c:9c:2a:fa:10:fc:a3:e2:cf:22:9a:f1:98:b5:7d:
5f:90:18:3f:72:d2:77:f3:69:6b:73:63:45:b4:ea:6b:0c:5e:
6f:1f:f8:96:fd:51:57:4d:fb:f9:68:c0:7a:bc:17:80:51:47:
18:82:9f:96:2d:64:4b:f7:18:a2:49:91:77:c8:23:40:43:e9:
8b:fb:18:7d:2d:04:ad:92:8b:c4:09:27:01:9f:2d:8f:46:98:
09:60:f2:62:81:f2:3f:ca:16:79:48:0b:90:38:16:32:b6:27:
6f:a6:ff:b2:b1:79:96:0f:01:ea:f7:7f:9d:5a:c4:ef:21:1a:
82:da:6d:b7:65:6b:61:2c:ba:dd:d5:92:c6:b5:80:12:90:72:
fb:83:4a:47:dc:a6:31:de:d0:f8:f2:dc:92:82:22:44:cd:b0:
d7:bf:08:4a:3d:37:28:8c:36:d3:86:1c:41:b4:05:a4:29:b5:
94:49:61:e3:2b:8d:2b:5e:23:ee:37:f6:a9:f8:da:e4:c0:7c:
45:69:31:86:28:99:9e:25:f3:37:dc:0b:96:01:c2:39:47:c6:
3b:cd:fc:29:f1:73:72:20:4b:fc:86:59:ad:30:88:ed:e2:22:
24:10:97:79:86:13:83:50:00:e5:f5:96:72:3d:42:af:41:c0:
fa:9b:3c:01
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZHgLZL2CHzDq+52AMFACgRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjYzYzZjAxMGM1NDBiY2Q0NTU0MzQ0YmZiOWE1OWEyZWRi
YWJjMjkwHhcNMjQwOTExMDgyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDRmNmJiNjVkOWQ0ZGM4ZDA2MDIxZDQ5NzFmMDUzMDQyYTI3OTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55ShE6/A95uxEobf/iZCxF3GWlhj
wHxnfa+B/j6ZYvFLstpn14/YQrJx00SN+1Iet5CeHgOI0IImY0hsavgcmexpiogV
+1Mw1jNyaAXBpFwV9fIFJPT/7vQkGLcPPyoCMPmessesgmK9qgebgSTr+fcia+b0
XVznlEUmyDbjTe4BI8+racqhAm/Zvp/UMYM7BAA11XpmTN7cVL4GpWpIvcSUxOHQ
k3hqz/FCUD3dZXzdGVOmABmir1RAf5n0jF7MBXSGsDpjKSku6MEKi+kb8CO+cmXo
NmVBG+VjTdffEX6oHgMi7w33tPh0J4CA4CI2tWnhy4JVC5saqk1G7IEweQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFP1Pa7ZdnU3I0GAh1JcfBTBConkkMB8GA1UdIwQY
MBaAFLzGPwEMVAvNRVQ0S/uaWaLturwpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk1ZX0FReFVDODFGVkRSTC01cFpvdTI2dkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMjljNjctZjI0ZC00OTc5LWIyYWYt
Y2M0MWM0YTMxOThkLzEvX1U5cnRsMmRUY2pRWUNIVWx4OEZNRUtpZVNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMjljNjctZjI0ZC00OTc5LWIyYWYtY2M0MWM0YTMxOThk
LzEvdk1ZX0FReFVDODFGVkRSTC01cFpvdTI2dkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQCLYokAwQC
LZZMAwQCW9ecAwQAkhNpAwQCuRvsAwQCuTUIAwQCuTgcAwQAueraAwQCwKKIMCIE
AgACMBwDBQAqAlBgAwUDKgf5wAMFAyoSFoADBQMqEo8AMA0GCSqGSIb3DQEBCwUA
A4IBAQCPpwJsnCr6EPyj4s8imvGYtX1fkBg/ctJ382lrc2NFtOprDF5vH/iW/VFX
Tfv5aMB6vBeAUUcYgp+WLWRL9xiiSZF3yCNAQ+mL+xh9LQStkovECScBny2PRpgJ
YPJigfI/yhZ5SAuQOBYytidvpv+ysXmWDwHq93+dWsTvIRqC2m23ZWthLLrd1ZLG
tYASkHL7g0pH3KYx3tD48tySgiJEzbDXvwhKPTcojDbThhxBtAWkKbWUSWHjK40r
XiPuN/ap+NrkwHxFaTGGKJmeJfM33AuWAcI5R8Y7zfwp8XNyIEv8hlmtMIjt4iIk
EJd5hhODUADl9ZZyPUKvQcD6mzwB
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:20 2024 by rpki-client on console-ams.rpki-client.org