Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/L2cj-UQiTHFj2xukqDIIigF4A5A.roa
File: L2cj-UQiTHFj2xukqDIIigF4A5A.roa (raw, json)
Hash identifier: 1nv4FdHmWuFypdwDJuMZZWzFwHGcGQqOKT9NKc6Ju3g=
Subject key identifier: 2F:67:23:F9:44:22:4C:71:63:DB:1B:A4:A8:32:08:8A:01:78:03:90
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348A8A032071EDC99F1FE29253BC828
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/L2cj-UQiTHFj2xukqDIIigF4A5A.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 193.110.134.0/23 maxlen: 24
45.135.10.0/24 maxlen: 24
45.135.8.0/24 maxlen: 24
91.229.25.0/24 maxlen: 24
45.138.78.0/24 maxlen: 24
45.139.34.0/24 maxlen: 24
45.139.32.0/24 maxlen: 24
45.138.76.0/24 maxlen: 24
91.228.231.0/24 maxlen: 24
91.228.251.0/24 maxlen: 24
185.76.150.0/24 maxlen: 24
45.136.218.0/24 maxlen: 24
45.136.216.0/24 maxlen: 24
193.35.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a8:a0:32:07:1e:dc:99:f1:fe:29:25:3b:c8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f6723f944224c7163db1ba4a832088a01780390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e9:48:db:31:04:39:0f:57:52:b3:d1:d3:04:
95:69:d9:f9:e0:85:ba:c6:da:bf:3e:19:3c:8f:79:
40:d2:01:c4:43:1f:f7:cb:b2:e6:d1:93:3c:4f:02:
8a:7d:b8:5e:19:5d:e2:8b:85:25:87:5c:04:61:cf:
26:9a:d1:6a:af:5a:a3:aa:37:d4:1c:b4:b0:8f:5e:
8e:a2:cf:c1:ba:a0:66:4b:8b:91:75:1f:72:34:14:
1a:e8:07:be:19:29:fe:1f:e7:e2:88:6f:ef:56:ca:
53:b5:3b:f1:b6:51:89:3e:74:4d:9d:c3:a7:c2:7c:
f6:46:ea:02:8d:17:57:f7:e6:de:3a:6a:55:9e:3e:
ca:c5:a0:77:f0:82:7e:ef:04:39:dd:82:25:9f:d3:
c3:e9:4e:cf:53:76:e9:4e:d4:90:b3:a1:07:78:a3:
0f:e9:93:53:f0:4c:52:00:aa:57:7e:b6:32:67:a9:
74:a0:50:08:1c:db:96:0e:ec:f0:58:af:47:c6:60:
06:d9:93:c8:bf:4d:ed:cd:de:38:51:e0:aa:1b:a2:
14:2a:b8:63:30:18:7d:67:63:e1:bc:a5:19:5c:5b:
f9:44:fd:57:9e:05:18:31:81:32:3c:f6:c8:0f:7e:
71:f5:d1:34:49:db:b0:96:16:68:5a:74:82:83:88:
ed:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:67:23:F9:44:22:4C:71:63:DB:1B:A4:A8:32:08:8A:01:78:03:90
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/L2cj-UQiTHFj2xukqDIIigF4A5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.8.0/24
45.135.10.0/24
45.136.216.0/24
45.136.218.0/24
45.138.76.0/24
45.138.78.0/24
45.139.32.0/24
45.139.34.0/24
91.228.231.0/24
91.228.251.0/24
91.229.25.0/24
185.76.150.0/24
193.35.231.0/24
193.110.134.0/23
Signature Algorithm: sha256WithRSAEncryption
75:84:63:c7:6f:03:dc:1f:4c:74:f7:95:59:43:a0:30:82:94:
22:7e:d4:d9:1a:fa:95:af:66:57:7e:45:da:c1:2e:c5:22:f4:
55:4b:2b:48:02:68:3c:bf:1d:0f:41:bf:06:b2:b2:37:f0:79:
85:f5:10:58:9b:f0:8b:1f:5c:6b:93:a3:f3:73:56:a3:c1:83:
9e:4a:45:e2:e8:f0:2b:f4:bf:17:ea:73:9b:b7:c2:47:f6:4c:
6c:c2:94:0c:12:28:99:14:5a:f1:d5:f4:9f:00:06:cb:62:15:
b2:f1:f3:43:71:74:c1:83:8b:77:f9:50:78:0a:bc:65:7f:8b:
5e:b3:60:ac:dd:15:80:c7:6c:af:de:58:4d:f5:10:fd:14:17:
c5:ba:53:ad:21:f1:5c:3d:ce:ff:34:74:49:4f:19:8a:cc:73:
e3:41:9c:dc:25:4e:ea:69:39:50:ad:4b:ba:40:e0:8e:97:b0:
a2:2f:41:5e:3e:eb:b5:e0:69:0b:6e:ce:7e:d9:d3:28:94:d8:
ec:7e:5d:d9:55:7f:f7:0e:ca:10:f8:bc:58:aa:e8:b6:d0:5e:
d8:eb:45:15:dc:93:0b:2d:bc:80:e1:2f:87:2c:53:e2:bf:06:
5d:22:32:88:a6:b8:59:39:fd:bf:c4:10:8e:03:1d:3d:71:d9:
7c:71:81:16
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzDSKigMgce3Jnx/iklO8goMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjY3MjNmOTQ0MjI0YzcxNjNkYjFiYTRhODMyMDg4YTAxNzgwMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtulI2zEEOQ9XUrPR0wSVadn54IW6
xtq/Phk8j3lA0gHEQx/3y7Lm0ZM8TwKKfbheGV3ii4Ulh1wEYc8mmtFqr1qjqjfU
HLSwj16Oos/BuqBmS4uRdR9yNBQa6Ae+GSn+H+fiiG/vVspTtTvxtlGJPnRNncOn
wnz2RuoCjRdX9+beOmpVnj7KxaB38IJ+7wQ53YIln9PD6U7PU3bpTtSQs6EHeKMP
6ZNT8ExSAKpXfrYyZ6l0oFAIHNuWDuzwWK9HxmAG2ZPIv03tzd44UeCqG6IUKrhj
MBh9Z2PhvKUZXFv5RP1XngUYMYEyPPbID35x9dE0SduwlhZoWnSCg4jtNwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFC9nI/lEIkxxY9sbpKgyCIoBeAOQMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvTDJjai1VUWlUSEZqMnh1a3FESUlpZ0Y0QTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALYcIAwQA
LYcKAwQALYjYAwQALYjaAwQALYpMAwQALYpOAwQALYsgAwQALYsiAwQAW+TnAwQA
W+T7AwQAW+UZAwQAuUyWAwQAwSPnAwQBwW6GMA0GCSqGSIb3DQEBCwUAA4IBAQB1
hGPHbwPcH0x095VZQ6AwgpQiftTZGvqVr2ZXfkXawS7FIvRVSytIAmg8vx0PQb8G
srI38HmF9RBYm/CLH1xrk6Pzc1ajwYOeSkXi6PAr9L8X6nObt8JH9kxswpQMEiiZ
FFrx1fSfAAbLYhWy8fNDcXTBg4t3+VB4Crxlf4tes2Cs3RWAx2yv3lhN9RD9FBfF
ulOtIfFcPc7/NHRJTxmKzHPjQZzcJU7qaTlQrUu6QOCOl7CiL0FePuu14GkLbs5+
2dMolNjsfl3ZVX/3DsoQ+LxYqui20F7Y60UV3JMLLbyA4S+HLFPivwZdIjKIprhZ
Of2/xBCOAx09cdl8cYEW
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:41 2024 by rpki-client on console-ams.rpki-client.org