Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/CRXcoD0Rw2BtY6X3Ch9MQYKX-es.roa
File: CRXcoD0Rw2BtY6X3Ch9MQYKX-es.roa (raw, json)
Hash identifier: uSKDke1JZO/ps3sFDxZ68FxrA7bYo76JHGBEG260vzc=
Subject key identifier: 09:15:DC:A0:3D:11:C3:60:6D:63:A5:F7:0A:1F:4C:41:82:97:F9:EB
Certificate issuer: /CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Certificate serial: 0190DFA4D336C85700A73E4C5F9E7EF62327
Authority key identifier: C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/CRXcoD0Rw2BtY6X3Ch9MQYKX-es.roa
Signing time: Tue 23 Jul 2024 12:50:39 +0000
ROA not before: Tue 23 Jul 2024 12:50:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202125
IP address blocks: 45.13.9.0/24 maxlen: 24
45.13.10.0/24 maxlen: 24
185.50.204.0/23 maxlen: 23
185.50.207.0/24 maxlen: 24
185.247.164.0/22 maxlen: 24
185.247.164.0/24 maxlen: 24
185.247.165.0/24 maxlen: 24
185.247.166.0/24 maxlen: 24
185.247.167.0/24 maxlen: 24
188.119.104.0/22 maxlen: 24
193.43.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:a4:d3:36:c8:57:00:a7:3e:4c:5f:9e:7e:f6:23:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Validity
Not Before: Jul 23 12:50:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0915dca03d11c3606d63a5f70a1f4c418297f9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:35:05:a4:97:a9:53:6c:55:1f:33:b9:cc:ff:
42:50:5a:f0:95:fc:39:bc:9f:53:4b:29:9e:a9:6a:
5e:40:a2:9b:70:79:ec:05:cb:61:dc:5b:0b:ce:b2:
71:87:ee:91:5a:73:02:25:30:46:91:1f:51:0b:b9:
75:b8:20:38:91:ae:db:60:f2:72:7c:e4:92:c8:88:
07:d3:3f:20:b0:3a:07:69:a8:f4:7a:aa:d1:cb:d6:
49:f4:52:cf:3f:72:e2:62:cb:b3:5f:75:19:3d:91:
4f:1c:87:21:ee:e8:55:c7:8f:e7:dd:d4:e3:52:a2:
8e:9e:10:ef:3c:5d:b9:43:8c:6c:e5:0d:bb:88:d5:
e9:86:e5:0c:52:a3:8a:66:a3:47:2c:af:fe:b4:86:
11:0b:f9:c7:bf:6b:87:18:bf:f1:3f:aa:2c:b7:ff:
90:92:ea:32:d2:b9:5f:22:52:38:43:2c:6c:fd:ed:
a3:cb:72:0c:53:b6:d4:9f:8c:99:38:68:83:25:60:
46:49:91:54:04:16:5a:49:33:df:23:dc:09:73:3d:
1d:be:2e:cf:c3:74:9e:3b:2b:f0:6b:44:22:d3:2b:
be:ba:86:ed:10:ef:f8:ef:1e:0b:6e:74:cf:d4:d6:
17:ff:1a:a7:f9:8c:c2:93:63:37:b6:eb:ac:06:11:
2c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:15:DC:A0:3D:11:C3:60:6D:63:A5:F7:0A:1F:4C:41:82:97:F9:EB
X509v3 Authority Key Identifier:
keyid:C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/CRXcoD0Rw2BtY6X3Ch9MQYKX-es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.9.0-45.13.10.255
185.50.204.0/23
185.50.207.0/24
185.247.164.0/22
188.119.104.0/22
193.43.74.0/24
Signature Algorithm: sha256WithRSAEncryption
22:35:ae:80:95:84:1d:87:c7:3a:fc:17:88:8f:d5:59:b6:e7:
8e:de:ba:87:e2:9d:db:34:27:34:71:92:e5:a4:dd:35:d5:2f:
c7:6b:c0:b4:52:86:26:81:bb:78:cd:c0:7b:ba:af:22:56:5d:
69:e8:6f:d0:4f:91:a5:9c:90:b7:4d:20:5d:70:a5:7b:ae:1b:
d3:96:ac:9f:5c:e0:16:35:61:00:ec:ef:20:93:14:b6:93:a4:
6c:79:dd:21:fb:0b:a7:9e:4d:38:26:59:48:0a:7b:f4:12:1f:
10:ab:38:63:61:ee:22:11:77:e5:27:05:8f:2e:ec:4f:37:8a:
90:63:1c:f2:42:7f:53:cf:04:33:40:cf:f1:07:0d:52:36:87:
4c:fe:9a:b9:b2:7b:c9:2b:ab:fe:60:df:4c:3f:12:95:c1:d5:
7e:61:b0:c7:b9:7e:6a:dd:fa:9c:a0:71:a1:b4:a0:e9:a5:cf:
88:ac:6d:6b:0f:8c:11:b3:93:86:ee:86:94:25:9d:d3:40:17:
30:a9:97:19:be:ad:17:bd:55:bd:6e:24:de:60:1a:62:ee:33:
bb:0b:1b:20:6b:ca:e8:0b:53:f1:a8:9c:62:56:1d:27:71:11:
30:ac:05:f5:3d:69:05:ce:4b:07:ed:4d:b7:ff:4e:cd:9b:6b:
78:04:1a:6c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZDfpNM2yFcApz5MX55+9iMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYjBkNTM1ZWViY2YyOGU2MGFjOThhZTQ5NWIzNDk4MWI1
YTkzZWMwHhcNMjQwNzIzMTI1MDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTE1ZGNhMDNkMTFjMzYwNmQ2M2E1ZjcwYTFmNGM0MTgyOTdmOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzUFpJepU2xVHzO5zP9CUFrwlfw5
vJ9TSymeqWpeQKKbcHnsBcth3FsLzrJxh+6RWnMCJTBGkR9RC7l1uCA4ka7bYPJy
fOSSyIgH0z8gsDoHaaj0eqrRy9ZJ9FLPP3LiYsuzX3UZPZFPHIch7uhVx4/n3dTj
UqKOnhDvPF25Q4xs5Q27iNXphuUMUqOKZqNHLK/+tIYRC/nHv2uHGL/xP6ost/+Q
kuoy0rlfIlI4Qyxs/e2jy3IMU7bUn4yZOGiDJWBGSZFUBBZaSTPfI9wJcz0dvi7P
w3SeOyvwa0Qi0yu+uobtEO/47x4LbnTP1NYX/xqn+YzCk2M3tuusBhEstwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAkV3KA9EcNgbWOl9wofTEGCl/nrMB8GA1UdIwQY
MBaAFMOw1TXuvPKOYKyYrklbNJgbWpPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmIt
OTUxOTY5M2VhYTdiLzEvQ1JYY29EMFJ3MkJ0WTZYM0NoOU1RWUtYLWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmItOTUxOTY5M2VhYTdi
LzEvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAAtDQkD
BAAtDQoDBAG5MswDBAC5Ms8DBAK596QDBAK8d2gDBADBK0owDQYJKoZIhvcNAQEL
BQADggEBACI1roCVhB2Hxzr8F4iP1Vm2547euofinds0JzRxkuWk3TXVL8drwLRS
hiaBu3jNwHu6ryJWXWnob9BPkaWckLdNIF1wpXuuG9OWrJ9c4BY1YQDs7yCTFLaT
pGx53SH7C6eeTTgmWUgKe/QSHxCrOGNh7iIRd+UnBY8u7E83ipBjHPJCf1PPBDNA
z/EHDVI2h0z+mrmye8krq/5g30w/EpXB1X5hsMe5fmrd+pygcaG0oOmlz4isbWsP
jBGzk4buhpQlndNAFzCplxm+rRe9Vb1uJN5gGmLuM7sLGyBryugLU/GonGJWHSdx
ETCsBfU9aQXOSwftTbf/Ts2ba3gEGmw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:13 2024 by rpki-client on console-fra.rpki-client.org