Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/kVFUVOoZxAglsDpRALzl_IZxFFU.roa
File: kVFUVOoZxAglsDpRALzl_IZxFFU.roa (raw, json)
Hash identifier: 7WI4ngq3LFGXcHBcChO9KzoIq6BdRRM2wgFOEDsZq+s=
Subject key identifier: 91:51:54:54:EA:19:C4:08:25:B0:3A:51:00:BC:E5:FC:86:71:14:55
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018FBAF8DCC026760A6ED3885F5DAC86DCB1
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/kVFUVOoZxAglsDpRALzl_IZxFFU.roa
Signing time: Mon 27 May 2024 16:53:42 +0000
ROA not before: Mon 27 May 2024 16:53:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 45.15.239.0/24 maxlen: 24
45.129.1.0/24 maxlen: 24
45.132.39.0/24 maxlen: 24
45.135.35.0/24 maxlen: 24
45.138.7.0/24 maxlen: 24
45.138.156.0/24 maxlen: 24
45.138.212.0/24 maxlen: 24
45.138.215.0/24 maxlen: 24
45.140.65.0/24 maxlen: 24
45.149.130.0/24 maxlen: 24
45.149.131.0/24 maxlen: 24
45.152.118.0/24 maxlen: 24
45.152.119.0/24 maxlen: 24
83.138.51.0/24 maxlen: 24
83.138.52.0/24 maxlen: 24
84.246.82.0/24 maxlen: 24
91.206.69.0/24 maxlen: 24
91.237.104.0/24 maxlen: 24
91.237.105.0/24 maxlen: 24
176.116.2.0/24 maxlen: 24
176.116.5.0/24 maxlen: 24
176.116.9.0/24 maxlen: 24
176.116.20.0/24 maxlen: 24
176.116.23.0/24 maxlen: 24
176.126.109.0/24 maxlen: 24
176.126.112.0/24 maxlen: 24
176.126.115.0/24 maxlen: 24
193.0.245.0/24 maxlen: 24
193.0.246.0/24 maxlen: 24
193.5.1.0/24 maxlen: 24
193.58.171.0/24 maxlen: 24
193.58.178.0/24 maxlen: 24
194.107.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:f8:dc:c0:26:76:0a:6e:d3:88:5f:5d:ac:86:dc:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 27 16:53:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91515454ea19c40825b03a5100bce5fc86711455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:66:d4:0a:9d:99:04:e3:9c:f0:8b:dd:8a:6e:
16:8e:31:de:6a:35:77:38:9a:ed:e3:a0:ae:72:37:
38:3c:7d:79:d0:77:38:c3:1f:b5:1f:73:c8:22:b6:
95:da:98:b3:34:30:55:a1:76:30:2d:d5:c8:df:79:
a5:11:15:a1:5a:92:c7:cc:eb:e0:69:69:b2:49:57:
7c:af:f7:65:4d:cd:aa:83:a0:ff:f7:ae:66:c0:ee:
63:5a:12:c7:9f:b1:63:a6:56:7f:18:7c:4e:b5:fa:
0b:65:2e:67:b8:2f:01:55:ff:0e:cc:90:f0:db:4d:
54:2b:62:42:f7:6b:84:01:48:34:c4:6c:b9:bd:f3:
23:8c:13:91:ea:ce:9b:9a:fa:4f:54:40:5f:d7:d1:
23:62:75:1c:6c:e7:3f:01:16:37:ee:bf:d5:3c:12:
34:e7:03:ca:31:4c:57:87:00:c3:82:90:37:a5:e9:
d6:c9:5e:a5:4a:97:b9:16:bf:80:ea:66:1e:87:da:
e3:39:a2:01:f3:30:9a:7f:af:05:b4:73:b4:79:49:
17:25:8a:9f:16:8a:73:73:08:c8:3b:71:1f:f6:41:
bb:7f:eb:28:5b:70:f7:48:61:ff:4a:6b:ce:e8:72:
dc:9d:68:a3:5c:ef:61:f5:65:14:ca:4f:47:25:6b:
14:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:51:54:54:EA:19:C4:08:25:B0:3A:51:00:BC:E5:FC:86:71:14:55
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/kVFUVOoZxAglsDpRALzl_IZxFFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.239.0/24
45.129.1.0/24
45.132.39.0/24
45.135.35.0/24
45.138.7.0/24
45.138.156.0/24
45.138.212.0/24
45.138.215.0/24
45.140.65.0/24
45.149.130.0/23
45.152.118.0/23
83.138.51.0-83.138.52.255
84.246.82.0/24
91.206.69.0/24
91.237.104.0/23
176.116.2.0/24
176.116.5.0/24
176.116.9.0/24
176.116.20.0/24
176.116.23.0/24
176.126.109.0/24
176.126.112.0/24
176.126.115.0/24
193.0.245.0-193.0.246.255
193.5.1.0/24
193.58.171.0/24
193.58.178.0/24
194.107.200.0/24
Signature Algorithm: sha256WithRSAEncryption
53:6c:9a:9c:bd:fb:1f:81:4d:3e:1f:13:67:fc:7a:bb:30:db:
13:c3:35:54:09:8f:ce:aa:67:95:a3:4f:a7:41:d9:f9:07:5d:
5e:a1:70:72:eb:9c:7c:3f:19:a0:24:90:fd:bb:6f:bb:48:30:
90:81:f6:49:2d:da:87:22:6d:89:d5:56:33:37:e8:40:0f:1b:
30:9f:e4:de:bb:45:78:f6:7d:b5:02:ef:a9:29:a8:80:b8:02:
52:51:ef:37:b5:d9:a0:fe:30:5d:e9:05:71:57:8c:fc:a3:45:
c5:e9:bf:c5:8e:2d:4e:cc:3d:31:da:b2:e8:99:bc:31:e9:b8:
09:bf:3e:57:ea:cd:60:87:84:ba:28:e1:48:7c:1e:1d:5f:a5:
66:da:7a:77:99:03:55:db:6b:47:9c:de:51:81:fe:c8:61:a5:
4e:28:cd:9f:b2:26:99:12:00:8b:bb:ab:db:b2:b0:b5:63:db:
28:d0:5e:f6:56:5b:c9:08:4e:6b:9d:ec:61:c3:e7:b7:30:04:
0b:b5:fd:4a:cf:f9:19:ec:cb:99:19:9d:8b:93:76:dc:d2:b7:
e5:f7:a6:20:98:bd:06:fe:7e:16:1c:1d:9f:50:ff:d4:6e:16:
bb:42:c5:67:d3:04:54:fa:61:c4:18:a9:a8:f8:2e:0d:bb:56:
c1:58:62:5f
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAY+6+NzAJnYKbtOIX12shtyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTI3MTY1MzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTUxNTQ1NGVhMTljNDA4MjViMDNhNTEwMGJjZTVmYzg2NzExNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmbUCp2ZBOOc8Ivdim4WjjHeajV3
OJrt46Cucjc4PH150Hc4wx+1H3PIIraV2pizNDBVoXYwLdXI33mlERWhWpLHzOvg
aWmySVd8r/dlTc2qg6D/965mwO5jWhLHn7FjplZ/GHxOtfoLZS5nuC8BVf8OzJDw
201UK2JC92uEAUg0xGy5vfMjjBOR6s6bmvpPVEBf19EjYnUcbOc/ARY37r/VPBI0
5wPKMUxXhwDDgpA3penWyV6lSpe5Fr+A6mYeh9rjOaIB8zCaf68FtHO0eUkXJYqf
FopzcwjIO3Ef9kG7f+soW3D3SGH/SmvO6HLcnWijXO9h9WUUyk9HJWsUAwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFJFRVFTqGcQIJbA6UQC85fyGcRRVMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEva1ZGVVZPb1p4QWdsc0RwUkFMemxfSVp4RkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAAt
D+8DBAAtgQEDBAAthCcDBAAthyMDBAAtigcDBAAtipwDBAAtitQDBAAtitcDBAAt
jEEDBAEtlYIDBAEtmHYwDAMEAFOKMwMEAFOKNAMEAFT2UgMEAFvORQMEAVvtaAME
ALB0AgMEALB0BQMEALB0CQMEALB0FAMEALB0FwMEALB+bQMEALB+cAMEALB+czAM
AwQAwQD1AwQAwQD2AwQAwQUBAwQAwTqrAwQAwTqyAwQAwmvIMA0GCSqGSIb3DQEB
CwUAA4IBAQBTbJqcvfsfgU0+HxNn/Hq7MNsTwzVUCY/OqmeVo0+nQdn5B11eoXBy
65x8PxmgJJD9u2+7SDCQgfZJLdqHIm2J1VYzN+hADxswn+Teu0V49n21Au+pKaiA
uAJSUe83tdmg/jBd6QVxV4z8o0XF6b/Fji1OzD0x2rLombwx6bgJvz5X6s1gh4S6
KOFIfB4dX6Vm2np3mQNV22tHnN5Rgf7IYaVOKM2fsiaZEgCLu6vbsrC1Y9so0F72
VlvJCE5rnexhw+e3MAQLtf1Kz/kZ7MuZGZ2Lk3bc0rfl96YgmL0G/n4WHB2fUP/U
bha7QsVn0wRU+mHEGKmo+C4Nu1bBWGJf
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:22:21 2024 by rpki-client on console-ams.rpki-client.org