Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/4MrTlfPATwtxzMqfdTJmbUxs_Ws.roa
File: 4MrTlfPATwtxzMqfdTJmbUxs_Ws.roa (raw, json)
Hash identifier: 1bpZpw6rksfx3v9fH7vGTw0fZkS7zML6xv7Z0kxDq1c=
Subject key identifier: E0:CA:D3:95:F3:C0:4F:0B:71:CC:CA:9F:75:32:66:6D:4C:6C:FD:6B
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348AA54E8EE2354A1BE46B60C353AE9
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/4MrTlfPATwtxzMqfdTJmbUxs_Ws.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20712
IP address blocks: 45.138.79.0/24 maxlen: 24
45.135.11.0/24 maxlen: 24
45.135.9.0/24 maxlen: 24
45.136.217.0/24 maxlen: 24
45.136.219.0/24 maxlen: 24
45.139.33.0/24 maxlen: 24
45.139.35.0/24 maxlen: 24
45.138.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:aa:54:e8:ee:23:54:a1:be:46:b6:0c:35:3a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0cad395f3c04f0b71ccca9f7532666d4c6cfd6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:65:d6:d4:6e:22:63:99:f3:1b:01:6c:27:99:
d0:8f:62:9c:2e:26:56:c5:d8:03:5d:cc:7e:b9:e8:
4d:93:21:07:74:33:f3:62:1a:d8:7e:f8:c9:1e:df:
d9:a8:c3:e8:6d:df:41:3b:c2:e8:7f:da:6c:40:88:
73:91:d9:a5:22:57:94:05:98:41:c8:44:d5:29:39:
8e:70:17:27:3d:3f:75:36:54:26:dc:3b:51:fc:a2:
8b:55:7c:59:d8:ef:78:e7:1c:64:a7:1a:df:52:43:
0b:99:28:61:bf:49:71:05:d6:5d:2e:1f:c3:4e:fc:
9e:76:3e:c1:d4:f4:c9:13:53:65:de:43:46:fe:de:
22:0e:86:8f:ec:c0:94:ad:49:80:88:b3:cc:14:01:
b4:dd:ae:3a:a9:87:6e:05:58:97:db:4b:71:48:b4:
8a:89:c5:4f:06:04:ed:2d:f7:5c:c5:01:2a:1f:d2:
9c:47:db:90:4a:83:fa:c0:85:56:20:6c:91:c1:c0:
47:51:1f:f4:64:14:5a:0a:37:19:c6:37:5a:43:79:
27:df:62:58:97:3e:c1:10:d5:1a:c3:24:31:48:2d:
57:f6:7a:2a:11:8e:f2:90:d1:10:eb:9c:63:b0:70:
9d:34:d2:8a:ff:11:d6:3a:cf:f7:65:94:dd:7f:4d:
4b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CA:D3:95:F3:C0:4F:0B:71:CC:CA:9F:75:32:66:6D:4C:6C:FD:6B
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/4MrTlfPATwtxzMqfdTJmbUxs_Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.9.0/24
45.135.11.0/24
45.136.217.0/24
45.136.219.0/24
45.138.77.0/24
45.138.79.0/24
45.139.33.0/24
45.139.35.0/24
Signature Algorithm: sha256WithRSAEncryption
af:08:b8:49:a0:41:eb:d6:4a:92:1a:9b:41:32:41:88:65:55:
1b:3f:5e:2b:b9:ef:20:b9:ac:18:c6:19:8b:f3:4e:16:dc:25:
b4:99:44:35:81:16:95:e8:12:79:48:96:d8:42:3f:b1:f9:80:
04:0e:a9:0b:64:0a:98:9e:ae:cb:31:e2:f7:00:cf:af:de:4c:
ad:b5:06:e8:f5:8d:fd:58:da:ea:e1:f5:c0:7a:6d:db:5d:91:
fc:c4:02:21:b9:f7:ae:bc:54:83:c6:1f:27:3c:74:1d:d4:3c:
56:8b:b7:be:63:31:ea:ae:a8:6b:d6:c4:47:12:7c:18:13:c3:
68:e1:68:7f:e9:1c:61:db:30:a5:98:63:dc:42:a6:61:d9:ff:
4b:c5:e0:47:c8:97:98:bb:c6:ed:2b:d6:73:03:7d:8a:35:c2:
ae:26:00:f7:b3:7d:89:24:e6:75:9d:87:20:e9:5b:ee:09:d2:
bf:84:4b:8d:de:74:ea:ba:7e:39:b7:ad:56:a2:d1:d8:a4:43:
33:43:a6:ad:7a:b8:50:55:c6:94:77:2b:3b:86:fa:23:50:13:
c6:c5:c4:f1:cf:da:ae:67:3a:3a:4f:d4:49:d2:35:c0:3e:d7:
3b:aa:9c:8e:c6:2d:dc:da:40:c1:b3:de:9a:2c:eb:c3:54:08:
12:c9:f5:4b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzDSKpU6O4jVKG+RrYMNTrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGNhZDM5NWYzYzA0ZjBiNzFjY2NhOWY3NTMyNjY2ZDRjNmNmZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimXW1G4iY5nzGwFsJ5nQj2KcLiZW
xdgDXcx+uehNkyEHdDPzYhrYfvjJHt/ZqMPobd9BO8Lof9psQIhzkdmlIleUBZhB
yETVKTmOcBcnPT91NlQm3DtR/KKLVXxZ2O945xxkpxrfUkMLmShhv0lxBdZdLh/D
Tvyedj7B1PTJE1Nl3kNG/t4iDoaP7MCUrUmAiLPMFAG03a46qYduBViX20txSLSK
icVPBgTtLfdcxQEqH9KcR9uQSoP6wIVWIGyRwcBHUR/0ZBRaCjcZxjdaQ3kn32JY
lz7BENUawyQxSC1X9noqEY7ykNEQ65xjsHCdNNKK/xHWOs/3ZZTdf01L2QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFODK05XzwE8LcczKn3UyZm1MbP1rMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvNE1yVGxmUEFUd3R4ek1xZmRUSm1iVXhzX1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYcJAwQA
LYcLAwQALYjZAwQALYjbAwQALYpNAwQALYpPAwQALYshAwQALYsjMA0GCSqGSIb3
DQEBCwUAA4IBAQCvCLhJoEHr1kqSGptBMkGIZVUbP14rue8guawYxhmL804W3CW0
mUQ1gRaV6BJ5SJbYQj+x+YAEDqkLZAqYnq7LMeL3AM+v3kyttQbo9Y39WNrq4fXA
em3bXZH8xAIhufeuvFSDxh8nPHQd1DxWi7e+YzHqrqhr1sRHEnwYE8No4Wh/6Rxh
2zClmGPcQqZh2f9LxeBHyJeYu8btK9ZzA32KNcKuJgD3s32JJOZ1nYcg6VvuCdK/
hEuN3nTqun45t61WotHYpEMzQ6aterhQVcaUdys7hvojUBPGxcTxz9quZzo6T9RJ
0jXAPtc7qpyOxi3c2kDBs96aLOvDVAgSyfVL
-----END CERTIFICATE-----
Generated at Fri May 10 09:22:22 2024 by rpki-client on console-ams.rpki-client.org