Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/67UDCkeH8syd-uyu8WZ4DcoDPh4.roa
File: 67UDCkeH8syd-uyu8WZ4DcoDPh4.roa (raw, json)
Hash identifier: pmhnNUDsfSG90IMAmyLnq5l0HosLx4grRcnjTMdRB/0=
Subject key identifier: EB:B5:03:0A:47:87:F2:CC:9D:FA:EC:AE:F1:66:78:0D:CA:03:3E:1E
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 0192855E22A22E26C5CAABA79BFBF8EDDEF4
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/67UDCkeH8syd-uyu8WZ4DcoDPh4.roa
Signing time: Sun 13 Oct 2024 10:13:11 +0000
ROA not before: Sun 13 Oct 2024 10:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 5.44.42.0/24 maxlen: 24
45.129.185.0/24 maxlen: 24
2a05:541:102::/48 maxlen: 48
2a05:541:103::/48 maxlen: 48
2a05:541:104::/48 maxlen: 48
2a05:541:105::/48 maxlen: 48
2a05:541:106::/48 maxlen: 48
2a05:541:107::/48 maxlen: 48
2a05:541:108::/48 maxlen: 48
2a05:541:109::/48 maxlen: 48
2a05:541:110::/48 maxlen: 48
2a05:541:111::/48 maxlen: 48
2a05:541:112::/48 maxlen: 48
2a05:541:113::/48 maxlen: 48
2a05:541:114::/48 maxlen: 48
2a05:541:115::/48 maxlen: 48
2a05:541:116::/48 maxlen: 48
2a05:541:117::/48 maxlen: 48
2a05:541:118::/48 maxlen: 48
2a05:541:119::/48 maxlen: 48
2a05:541:121::/48 maxlen: 48
2a05:541:122::/48 maxlen: 48
2a05:541:123::/48 maxlen: 48
2a05:541:124::/48 maxlen: 48
2a05:541:125::/48 maxlen: 48
2a05:541:126::/48 maxlen: 48
2a05:541:127::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
2a05:541:131::/48 maxlen: 48
2a05:541:133::/48 maxlen: 48
2a05:541:134::/48 maxlen: 48
2a05:541:135::/48 maxlen: 48
2a05:541:136::/48 maxlen: 48
2a05:541:137::/48 maxlen: 48
2a05:541:138::/48 maxlen: 48
2a05:541:139::/48 maxlen: 48
2a05:541:141::/48 maxlen: 48
2a05:541:152::/48 maxlen: 48
2a05:541:153::/48 maxlen: 48
2a05:541:156::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:85:5e:22:a2:2e:26:c5:ca:ab:a7:9b:fb:f8:ed:de:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Oct 13 10:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebb5030a4787f2cc9dfaecaef166780dca033e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:11:81:2d:b4:66:e1:de:b3:cd:4d:c4:37:02:
0b:3c:c2:e0:ee:95:47:82:62:19:d9:af:a0:86:38:
ec:12:9a:1e:1e:33:db:70:d9:7e:4a:99:6f:24:eb:
c5:12:ae:39:1a:f5:d7:29:e4:c6:19:28:9c:82:b7:
7e:fc:37:2c:7d:ca:ea:5c:f7:30:39:33:5d:68:37:
20:7e:79:71:10:e3:d7:80:cb:65:a2:d7:24:44:43:
94:4b:0d:79:6b:fb:27:db:22:6b:0f:05:39:4f:f6:
31:4f:29:0d:3d:4f:26:35:91:fb:b0:9c:0c:05:91:
9a:7b:0b:49:39:ff:4b:58:48:7e:68:fe:f7:a8:a5:
b7:f8:84:a4:13:1f:03:40:90:45:5e:e4:b1:ef:37:
1b:e6:71:65:fa:48:83:fc:8c:39:9a:d9:bb:5d:20:
46:56:e9:c4:c3:22:c7:e0:7d:79:d8:9f:1a:39:b5:
79:d7:f2:b5:8e:07:b4:f6:aa:7e:4d:09:52:99:f2:
93:18:8b:d5:8c:64:48:cd:5e:d6:6a:6e:ba:1f:96:
9e:2a:7c:d1:f5:42:b3:93:a1:8a:c2:12:35:41:68:
75:d5:2b:89:ea:f6:d4:58:a3:d1:af:6b:5f:20:68:
b9:9b:51:76:48:0b:57:b1:32:fe:51:55:67:e6:57:
50:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B5:03:0A:47:87:F2:CC:9D:FA:EC:AE:F1:66:78:0D:CA:03:3E:1E
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/67UDCkeH8syd-uyu8WZ4DcoDPh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
45.129.185.0/24
IPv6:
2a05:541:102::-2a05:541:109:ffff:ffff:ffff:ffff:ffff
2a05:541:110::-2a05:541:119:ffff:ffff:ffff:ffff:ffff
2a05:541:121::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
2a05:541:129::/48
2a05:541:131::/48
2a05:541:133::-2a05:541:139:ffff:ffff:ffff:ffff:ffff
2a05:541:141::/48
2a05:541:152::/47
2a05:541:156::/48
Signature Algorithm: sha256WithRSAEncryption
76:ee:67:31:d6:81:09:ed:ed:f0:24:6a:d3:73:a3:11:76:1c:
71:1b:f6:08:da:0d:f0:ff:07:6c:dd:1c:65:49:89:f9:a6:e4:
9c:eb:47:31:4c:97:fd:f6:6d:1a:79:e8:0b:66:48:6d:67:3f:
5b:71:5c:1c:42:cb:ba:51:64:cc:60:c5:5c:33:ad:a4:0f:de:
17:ba:91:d6:94:5f:e4:71:cc:1f:36:66:05:94:73:6c:2c:00:
f4:24:04:d3:3d:90:e5:4d:75:2e:f7:c6:59:08:27:cf:76:ab:
d4:b9:fd:ab:da:78:91:f1:87:f4:26:e6:ed:0f:78:0c:9f:ea:
a3:95:8c:e4:b4:d5:56:15:51:35:a1:dc:2f:97:d0:4b:ad:2c:
b6:57:73:eb:7c:de:1d:70:4d:57:96:9f:b2:62:3c:21:67:7f:
86:88:2c:94:ab:2f:aa:73:8d:e3:db:46:45:72:5d:c6:90:d7:
f3:c7:7c:5a:1d:83:01:c1:6e:31:1e:5b:8d:1a:57:7a:74:30:
e1:60:2b:48:c4:04:5e:3a:db:1c:05:dc:46:64:75:71:f6:0d:
c4:63:c0:f5:4b:33:d5:14:29:6a:30:7a:b5:65:06:6c:dd:e8:
01:70:01:8f:4b:33:c5:a6:cb:c3:c7:6c:0a:49:38:6c:11:6c:
cf:2a:b8:e7
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZKFXiKiLibFyqunm/v47d70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjQxMDEzMTAxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmI1MDMwYTQ3ODdmMmNjOWRmYWVjYWVmMTY2NzgwZGNhMDMzZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxGBLbRm4d6zzU3ENwILPMLg7pVH
gmIZ2a+ghjjsEpoeHjPbcNl+SplvJOvFEq45GvXXKeTGGSicgrd+/DcsfcrqXPcw
OTNdaDcgfnlxEOPXgMtlotckREOUSw15a/sn2yJrDwU5T/YxTykNPU8mNZH7sJwM
BZGaewtJOf9LWEh+aP73qKW3+ISkEx8DQJBFXuSx7zcb5nFl+kiD/Iw5mtm7XSBG
VunEwyLH4H152J8aObV51/K1jge09qp+TQlSmfKTGIvVjGRIzV7Wam66H5aeKnzR
9UKzk6GKwhI1QWh11SuJ6vbUWKPRr2tfIGi5m1F2SAtXsTL+UVVn5ldQbQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFOu1AwpHh/LMnfrsrvFmeA3KAz4eMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvNjdVRENrZUg4c3lkLXV5dThXWjREY29EUGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjASBAIAATAMAwQABSwq
AwQALYG5MIGDBAIAAjB9MBIDBwEqBQVBAQIDBwEqBQVBAQgwEgMHBCoFBUEBEAMH
ASoFBUEBGDASAwcAKgUFQQEhAwcDKgUFQQEgAwcAKgUFQQEpAwcAKgUFQQExMBID
BwAqBQVBATMDBwEqBQVBATgDBwAqBQVBAUEDBwEqBQVBAVIDBwAqBQVBAVYwDQYJ
KoZIhvcNAQELBQADggEBAHbuZzHWgQnt7fAkatNzoxF2HHEb9gjaDfD/B2zdHGVJ
ifmm5JzrRzFMl/32bRp56AtmSG1nP1txXBxCy7pRZMxgxVwzraQP3he6kdaUX+Rx
zB82ZgWUc2wsAPQkBNM9kOVNdS73xlkIJ892q9S5/avaeJHxh/Qm5u0PeAyf6qOV
jOS01VYVUTWh3C+X0EutLLZXc+t83h1wTVeWn7JiPCFnf4aILJSrL6pzjePbRkVy
XcaQ1/PHfFodgwHBbjEeW40aV3p0MOFgK0jEBF462xwF3EZkdXH2DcRjwPVLM9UU
KWowerVlBmzd6AFwAY9LM8Wmy8PHbApJOGwRbM8quOc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:49 2024 by rpki-client on console-ams.rpki-client.org