Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/pfvOhTcuT4xAmR1dHIRFJyoYCl4.roa
File: pfvOhTcuT4xAmR1dHIRFJyoYCl4.roa (raw, json)
Hash identifier: nyu+J0wbMTdyUd7vS5oIiWlAkTqnd96ZBp6bn40LDmI=
Subject key identifier: A5:FB:CE:85:37:2E:4F:8C:40:99:1D:5D:1C:84:45:27:2A:18:0A:5E
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018DDF14A4391A525D50692BEA334EDD9373
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/pfvOhTcuT4xAmR1dHIRFJyoYCl4.roa
Signing time: Sun 25 Feb 2024 07:04:48 +0000
ROA not before: Sun 25 Feb 2024 07:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 37.77.151.0/24 maxlen: 24
45.90.12.0/22 maxlen: 24
45.90.116.0/22 maxlen: 24
62.3.53.0/24 maxlen: 24
77.87.126.0/24 maxlen: 24
89.248.65.0/24 maxlen: 24
94.154.115.0/24 maxlen: 24
109.205.63.0/24 maxlen: 24
146.19.119.0/24 maxlen: 24
146.19.231.0/24 maxlen: 24
178.212.79.0/24 maxlen: 24
185.138.165.0/24 maxlen: 24
185.149.150.0/24 maxlen: 24
193.221.208.0/24 maxlen: 24
2a0b:b680::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:df:14:a4:39:1a:52:5d:50:69:2b:ea:33:4e:dd:93:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Feb 25 07:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5fbce85372e4f8c40991d5d1c8445272a180a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a0:6a:ec:74:53:30:f0:9a:f7:2b:66:9c:13:
ae:de:90:cc:2c:ea:2f:26:15:48:9d:d5:8a:1c:0a:
95:2f:7b:b1:6b:23:3b:85:9a:bc:69:1a:9a:7e:28:
cc:3b:c3:35:56:bd:f9:eb:1e:83:bb:96:4d:3d:3a:
de:27:25:1c:68:22:cf:e4:38:09:59:87:61:8d:98:
b2:75:cf:04:97:9f:1c:c3:af:da:12:1d:ea:4e:5c:
7c:bd:89:1e:0e:32:94:84:43:17:d1:c3:85:57:8e:
54:97:f4:65:63:59:af:aa:bf:7a:ad:a8:01:9a:3a:
a5:85:42:e3:90:24:ed:80:78:43:83:b1:73:83:10:
63:48:df:04:ad:e7:8b:da:47:06:4b:5a:13:b4:61:
92:3e:4a:5d:25:81:99:02:78:8e:47:4e:4a:6e:ba:
03:49:4f:85:db:c3:0d:b1:f7:8b:a8:21:5e:bb:09:
39:9a:13:f1:43:0c:09:26:a6:15:f7:9d:32:6d:02:
ad:2a:23:08:7a:f5:1e:00:64:57:4a:5a:8e:9c:ca:
bb:83:bd:69:1d:26:93:32:91:26:77:ec:07:8c:5d:
bd:1b:40:ec:ec:68:be:31:61:e0:d8:ba:14:2f:71:
5a:d5:a0:3c:3a:a7:c3:3a:e2:13:36:19:b2:32:62:
ff:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:FB:CE:85:37:2E:4F:8C:40:99:1D:5D:1C:84:45:27:2A:18:0A:5E
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/pfvOhTcuT4xAmR1dHIRFJyoYCl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.151.0/24
45.90.12.0/22
45.90.116.0/22
62.3.53.0/24
77.87.126.0/24
89.248.65.0/24
94.154.115.0/24
109.205.63.0/24
146.19.119.0/24
146.19.231.0/24
178.212.79.0/24
185.138.165.0/24
185.149.150.0/24
193.221.208.0/24
IPv6:
2a0b:b680::/29
Signature Algorithm: sha256WithRSAEncryption
89:22:26:ac:96:e9:03:e9:95:ca:9e:6a:c0:cb:c0:77:e9:69:
f7:5b:20:bc:45:15:f5:cc:67:78:ab:3b:b6:27:74:e3:23:4d:
b1:43:18:c7:07:8a:e8:26:af:a5:97:1f:c8:ce:6b:32:d0:c2:
78:33:c6:04:0f:91:b4:25:fe:6f:6f:4e:15:bf:74:c4:52:a4:
86:4d:15:e9:c6:ad:a9:b9:d2:9e:b4:dc:0e:8b:ef:5c:7b:b7:
a7:22:47:a0:c3:02:88:27:71:cc:e5:f2:ea:29:66:bd:89:eb:
df:a2:2c:e7:1c:ec:19:d1:5d:25:1e:a9:2e:50:e8:83:5a:7b:
7c:f6:98:d2:94:94:bd:82:5b:26:0e:05:7d:fc:cc:34:44:54:
84:f7:10:e4:bb:c6:ca:f3:16:87:73:e4:0b:ce:8d:ee:b5:cf:
82:5a:71:71:ef:da:57:fa:9e:58:9b:02:fb:d7:1b:b8:c3:40:
92:ea:88:1e:b8:16:56:07:1b:1b:1f:4d:b7:8f:fa:3b:b4:b9:
24:e5:64:ba:0e:6e:49:a3:2f:c6:09:52:cd:de:e7:5b:f6:59:
cf:5a:66:52:62:6e:3f:42:8a:e4:fa:43:f1:6a:14:ea:01:57:
07:48:4c:08:42:65:91:67:94:c6:9b:71:18:fe:8c:e8:40:19:
89:13:ba:5a
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAY3fFKQ5GlJdUGkr6jNO3ZNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMjI1MDcwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWZiY2U4NTM3MmU0ZjhjNDA5OTFkNWQxYzg0NDUyNzJhMTgwYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qBq7HRTMPCa9ytmnBOu3pDMLOov
JhVIndWKHAqVL3uxayM7hZq8aRqafijMO8M1Vr356x6Du5ZNPTreJyUcaCLP5DgJ
WYdhjZiydc8El58cw6/aEh3qTlx8vYkeDjKUhEMX0cOFV45Ul/RlY1mvqr96ragB
mjqlhULjkCTtgHhDg7FzgxBjSN8EreeL2kcGS1oTtGGSPkpdJYGZAniOR05KbroD
SU+F28MNsfeLqCFeuwk5mhPxQwwJJqYV950ybQKtKiMIevUeAGRXSlqOnMq7g71p
HSaTMpEmd+wHjF29G0Ds7Gi+MWHg2LoUL3Fa1aA8OqfDOuITNhmyMmL/iQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFKX7zoU3Lk+MQJkdXRyERScqGApeMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvcGZ2T2hUY3VUNHhBbVIxZEhJUkZKeW9ZQ2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQAJU2XAwQC
LVoMAwQCLVp0AwQAPgM1AwQATVd+AwQAWfhBAwQAXppzAwQAbc0/AwQAkhN3AwQA
khPnAwQAstRPAwQAuYqlAwQAuZWWAwQAwd3QMA0EAgACMAcDBQMqC7aAMA0GCSqG
SIb3DQEBCwUAA4IBAQCJIiaslukD6ZXKnmrAy8B36Wn3WyC8RRX1zGd4qzu2J3Tj
I02xQxjHB4roJq+llx/Izmsy0MJ4M8YED5G0Jf5vb04Vv3TEUqSGTRXpxq2pudKe
tNwOi+9ce7enIkegwwKIJ3HM5fLqKWa9ievfoiznHOwZ0V0lHqkuUOiDWnt89pjS
lJS9glsmDgV9/Mw0RFSE9xDku8bK8xaHc+QLzo3utc+CWnFx79pX+p5YmwL71xu4
w0CS6ogeuBZWBxsbH023j/o7tLkk5WS6Dm5Joy/GCVLN3udb9lnPWmZSYm4/Qork
+kPxahTqAVcHSEwIQmWRZ5TGm3EY/ozoQBmJE7pa
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:37:17 2024 by rpki-client on console-fra.rpki-client.org