Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/zdHaP3_9oJxpfOCsVWyleFmn5HA.roa
File: zdHaP3_9oJxpfOCsVWyleFmn5HA.roa (raw, json)
Hash identifier: kT92hzdVkM29zxngQYTbSaxqz5pMF8OxrTF+1o5q2pQ=
Subject key identifier: CD:D1:DA:3F:7F:FD:A0:9C:69:7C:E0:AC:55:6C:A5:78:59:A7:E4:70
Certificate issuer: /CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Certificate serial: 018CC56ECEF5BE190F90DF3CE681E73104B4
Authority key identifier: 72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/zdHaP3_9oJxpfOCsVWyleFmn5HA.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44307
IP address blocks: 45.93.76.0/22 maxlen: 24
45.86.252.0/22 maxlen: 24
45.142.148.0/22 maxlen: 24
45.135.20.0/22 maxlen: 24
45.95.60.0/22 maxlen: 24
45.84.180.0/22 maxlen: 24
45.148.180.0/22 maxlen: 24
45.87.71.0/24 maxlen: 24
45.138.60.0/22 maxlen: 24
45.15.76.0/22 maxlen: 24
45.129.112.0/22 maxlen: 24
45.81.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ce:f5:be:19:0f:90:df:3c:e6:81:e7:31:04:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdd1da3f7ffda09c697ce0ac556ca57859a7e470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7f:bb:f2:06:80:b3:ec:7e:09:23:ee:c6:4c:
ca:8a:eb:ba:33:82:bb:1d:64:60:8c:30:b7:8e:92:
8c:bc:0c:54:fb:92:23:7e:b5:6f:51:65:c8:07:ec:
e7:ce:b0:80:6d:04:ce:cf:02:4e:ca:bc:b8:c5:24:
7e:f7:d7:e2:ef:62:0e:ee:9c:04:c9:9f:08:d6:7e:
48:cd:ac:87:e7:c1:e1:e3:ff:d8:2a:3c:0d:2f:6a:
35:86:15:d3:2a:4f:88:43:b8:51:b6:67:b2:86:3c:
1c:79:bf:7f:75:a4:e6:72:e7:b5:04:87:8f:93:e8:
fb:8e:67:2e:3f:be:f5:ce:7d:5e:39:31:50:5c:94:
25:f3:c4:06:e3:e1:61:b6:fc:f7:b3:6c:bd:b0:fe:
0b:6e:75:ac:11:7c:85:1d:b7:5b:4f:91:6a:e2:e4:
3a:d6:6c:3d:0c:f0:76:fa:12:36:4d:1d:2b:d5:69:
c7:8a:98:01:ea:a4:15:f8:d1:ba:8f:8d:1e:fa:2f:
6b:78:72:7f:1a:e6:8e:08:e0:18:71:96:3b:2f:94:
66:2c:aa:53:54:ca:40:5e:3b:0b:c4:dc:a9:d5:46:
76:49:8b:6c:a1:0a:ef:83:7a:de:94:13:31:bd:84:
af:9f:eb:9e:8a:44:81:d4:f2:ca:73:e1:ac:a4:71:
e0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D1:DA:3F:7F:FD:A0:9C:69:7C:E0:AC:55:6C:A5:78:59:A7:E4:70
X509v3 Authority Key Identifier:
keyid:72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/zdHaP3_9oJxpfOCsVWyleFmn5HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.76.0/22
45.81.216.0/22
45.84.180.0/22
45.86.252.0/22
45.87.71.0/24
45.93.76.0/22
45.95.60.0/22
45.129.112.0/22
45.135.20.0/22
45.138.60.0/22
45.142.148.0/22
45.148.180.0/22
Signature Algorithm: sha256WithRSAEncryption
70:d7:fe:18:e8:ac:a8:1b:c8:41:d2:f0:2d:ef:69:c6:85:19:
41:b0:be:ed:99:7c:c5:d2:66:45:a8:ef:0a:13:38:fa:92:4a:
26:0c:9e:a5:4c:73:fc:a4:b8:3e:e4:57:d9:26:08:6c:11:3f:
68:24:bc:9b:e8:e9:f4:23:a8:51:5b:80:bb:6a:ec:5d:b6:29:
51:78:1e:ed:ce:c2:01:90:cb:16:33:05:dd:0a:e3:26:9f:eb:
54:08:a4:f9:1b:07:7d:b3:f8:95:19:4a:41:7d:02:d7:c5:79:
3b:51:e0:79:3e:4b:f6:94:3e:df:7f:7f:21:dc:62:aa:61:c6:
eb:9d:5d:d2:a2:db:2f:b2:42:25:30:45:06:fa:a0:7b:3b:48:
1b:a7:3c:5a:db:1f:69:91:47:47:b8:d5:33:c4:8a:6a:9a:87:
1f:b5:7c:a4:25:ab:03:cd:21:bd:d8:bd:b6:ae:b3:ad:89:56:
86:a4:08:5c:5e:33:4e:ae:f3:8f:a0:a0:88:86:1e:62:6b:81:
89:42:a4:0b:8f:cd:94:17:60:50:71:78:0a:3f:3a:44:b8:9f:
a1:ff:a1:4b:5b:84:d8:f9:cd:db:18:50:10:fb:f1:8b:a9:16:
0e:cf:3f:db:f1:b1:1f:b8:e9:49:f3:eb:c5:81:d6:a6:87:ef:
27:b1:89:8a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzFbs71vhkPkN885oHnMQS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTRiYWY5OWFiODQwMTI5MTMzMjg1ZmU5YWQ3YjgzZmQx
MzBjMzkwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQxZGEzZjdmZmRhMDljNjk3Y2UwYWM1NTZjYTU3ODU5YTdlNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun+78gaAs+x+CSPuxkzKiuu6M4K7
HWRgjDC3jpKMvAxU+5IjfrVvUWXIB+znzrCAbQTOzwJOyry4xSR+99fi72IO7pwE
yZ8I1n5IzayH58Hh4//YKjwNL2o1hhXTKk+IQ7hRtmeyhjwceb9/daTmcue1BIeP
k+j7jmcuP771zn1eOTFQXJQl88QG4+Fhtvz3s2y9sP4LbnWsEXyFHbdbT5Fq4uQ6
1mw9DPB2+hI2TR0r1WnHipgB6qQV+NG6j40e+i9reHJ/GuaOCOAYcZY7L5RmLKpT
VMpAXjsLxNyp1UZ2SYtsoQrvg3relBMxvYSvn+ueikSB1PLKc+GspHHg/wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFM3R2j9//aCcaXzgrFVspXhZp+RwMB8GA1UdIwQY
MBaAFHLkuvmauEASkTMoX+mte4P9Eww5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2Qt
YThkNjVkY2NiOTZiLzEvemRIYVAzXzlvSnhwZk9Dc1ZXeWxlRm1uNUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2QtYThkNjVkY2NiOTZi
LzEvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCLQ9MAwQC
LVHYAwQCLVS0AwQCLVb8AwQALVdHAwQCLV1MAwQCLV88AwQCLYFwAwQCLYcUAwQC
LYo8AwQCLY6UAwQCLZS0MA0GCSqGSIb3DQEBCwUAA4IBAQBw1/4Y6KyoG8hB0vAt
72nGhRlBsL7tmXzF0mZFqO8KEzj6kkomDJ6lTHP8pLg+5FfZJghsET9oJLyb6On0
I6hRW4C7auxdtilReB7tzsIBkMsWMwXdCuMmn+tUCKT5Gwd9s/iVGUpBfQLXxXk7
UeB5Pkv2lD7ff38h3GKqYcbrnV3SotsvskIlMEUG+qB7O0gbpzxa2x9pkUdHuNUz
xIpqmocftXykJasDzSG92L22rrOtiVaGpAhcXjNOrvOPoKCIhh5ia4GJQqQLj82U
F2BQcXgKPzpEuJ+h/6FLW4TY+c3bGFAQ+/GLqRYOzz/b8bEfuOlJ8+vFgdamh+8n
sYmK
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:04:18 2024 by rpki-client on console-ams.rpki-client.org