Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/_vbbx0zjEhhryN2SAKiY5PKPJYs.roa
File: _vbbx0zjEhhryN2SAKiY5PKPJYs.roa (raw, json)
Hash identifier: xfwcKNrowVLb9upD5301kZIToJrdZwnWC7YdL+p2a98=
Subject key identifier: FE:F6:DB:C7:4C:E3:12:18:6B:C8:DD:92:00:A8:98:E4:F2:8F:25:8B
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 018E37D1924586DAB11D7EB9004158EF33E3
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/_vbbx0zjEhhryN2SAKiY5PKPJYs.roa
Signing time: Wed 13 Mar 2024 12:37:44 +0000
ROA not before: Wed 13 Mar 2024 12:37:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44592
IP address blocks: 45.142.180.0/24 maxlen: 24
45.142.181.0/24 maxlen: 24
45.142.182.0/24 maxlen: 24
45.153.32.0/24 maxlen: 24
45.153.34.0/24 maxlen: 24
45.153.35.0/24 maxlen: 24
92.246.84.0/24 maxlen: 24
92.246.85.0/24 maxlen: 24
92.246.86.0/24 maxlen: 24
146.19.169.0/24 maxlen: 24
195.62.46.0/24 maxlen: 24
2a0d:c2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:d1:92:45:86:da:b1:1d:7e:b9:00:41:58:ef:33:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Mar 13 12:37:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fef6dbc74ce312186bc8dd9200a898e4f28f258b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:66:f8:5c:33:19:c9:fd:c6:13:60:24:6b:19:
dd:b3:f8:b3:9d:8f:f4:a8:94:9b:56:ac:f4:05:86:
09:a2:33:53:b3:40:81:0d:75:71:b2:04:2a:cc:9a:
50:cc:53:41:24:59:9c:11:d3:0f:03:a4:8b:a6:49:
df:2a:03:2e:8d:f6:ea:84:b0:e8:3f:76:42:01:26:
9f:21:40:2b:eb:22:92:86:9b:e4:cf:f8:3e:c5:94:
b7:a8:73:bb:e5:84:b7:66:65:de:d5:e8:52:c5:cc:
05:1d:21:41:47:d6:2b:e6:05:8c:ad:c7:50:46:a1:
e6:91:1e:9f:46:f1:11:4d:a0:57:1e:76:c4:15:cf:
4f:4f:32:6a:07:c5:5b:41:87:78:20:1d:cc:73:66:
65:68:ef:3d:14:b5:46:26:ad:0c:7c:ea:c9:c3:1a:
14:3a:07:3c:4f:71:77:dd:a8:38:a0:99:4c:16:15:
4c:08:7b:3c:7c:a7:64:26:8f:4a:cb:74:60:b5:ab:
64:f2:b8:94:a8:e6:3b:00:01:7c:76:1b:35:47:a4:
ab:2a:31:99:7b:f8:9d:c0:f5:ba:c0:32:4a:41:a0:
7d:90:21:a6:ba:11:b5:27:6d:ca:d0:a9:64:ac:17:
af:ed:1c:dc:ed:b8:3d:ed:aa:89:f3:91:52:61:d8:
3b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F6:DB:C7:4C:E3:12:18:6B:C8:DD:92:00:A8:98:E4:F2:8F:25:8B
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/_vbbx0zjEhhryN2SAKiY5PKPJYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.180.0-45.142.182.255
45.153.32.0/24
45.153.34.0/23
92.246.84.0-92.246.86.255
146.19.169.0/24
195.62.46.0/24
IPv6:
2a0d:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
cc:48:30:5e:a2:ba:3f:b7:ef:41:fc:a2:19:8a:31:bb:6c:88:
bb:e0:2e:19:f8:14:1d:fd:75:0f:2d:ae:e7:8c:39:b7:68:d3:
cc:fe:22:60:51:c3:27:be:81:0d:cd:66:eb:8b:f1:40:38:78:
45:03:d1:bd:47:8a:66:46:c2:77:fa:12:56:23:af:93:a7:cf:
b9:c9:65:3f:7d:85:5d:2f:66:e8:11:2d:91:52:52:03:8b:bb:
01:87:6f:19:c1:93:ec:26:74:ce:30:1a:09:0a:85:56:52:fa:
27:62:a1:81:57:12:72:dc:f1:38:a5:6b:eb:8e:1b:bf:27:0b:
3a:11:35:ef:86:44:6f:d8:e1:d7:f1:e5:71:7e:7e:55:df:d6:
b2:54:8d:e3:5f:18:16:d6:f7:b5:11:c6:14:53:8b:23:90:fa:
74:08:bc:04:cf:c3:e8:f2:51:a1:d3:c2:ec:9e:7c:9c:67:8e:
8f:f1:99:71:a0:5f:4a:66:76:4f:09:c5:0b:b8:a6:a1:89:fc:
6d:6c:c6:d7:64:7e:96:86:28:59:f9:60:30:f3:43:03:93:d4:
50:74:a1:28:3d:bb:22:f9:88:6e:83:44:6c:e2:98:44:d9:4b:
72:94:b0:90:f5:0a:49:d7:7f:4c:de:6d:f8:63:e8:84:22:ef:
04:2b:df:80
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAY430ZJFhtqxHX65AEFY7zPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjQwMzEzMTIzNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWY2ZGJjNzRjZTMxMjE4NmJjOGRkOTIwMGE4OThlNGYyOGYyNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGb4XDMZyf3GE2Akaxnds/iznY/0
qJSbVqz0BYYJojNTs0CBDXVxsgQqzJpQzFNBJFmcEdMPA6SLpknfKgMujfbqhLDo
P3ZCASafIUAr6yKShpvkz/g+xZS3qHO75YS3ZmXe1ehSxcwFHSFBR9Yr5gWMrcdQ
RqHmkR6fRvERTaBXHnbEFc9PTzJqB8VbQYd4IB3Mc2ZlaO89FLVGJq0MfOrJwxoU
Ogc8T3F33ag4oJlMFhVMCHs8fKdkJo9Ky3Rgtatk8riUqOY7AAF8dhs1R6SrKjGZ
e/idwPW6wDJKQaB9kCGmuhG1J23K0KlkrBev7Rzc7bg97aqJ85FSYdg7NQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFP7228dM4xIYa8jdkgComOTyjyWLMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvX3ZiYngwempFaGhyeU4yU0FLaVk1UEtQSllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0MAwDBAItjrQD
BAAtjrYDBAAtmSADBAEtmSIwDAMEAlz2VAMEAFz2VgMEAJITqQMEAMM+LjANBAIA
AjAHAwUDKg3CwDANBgkqhkiG9w0BAQsFAAOCAQEAzEgwXqK6P7fvQfyiGYoxu2yI
u+AuGfgUHf11Dy2u54w5t2jTzP4iYFHDJ76BDc1m64vxQDh4RQPRvUeKZkbCd/oS
ViOvk6fPucllP32FXS9m6BEtkVJSA4u7AYdvGcGT7CZ0zjAaCQqFVlL6J2KhgVcS
ctzxOKVr644bvycLOhE174ZEb9jh1/HlcX5+Vd/WslSN418YFtb3tRHGFFOLI5D6
dAi8BM/D6PJRodPC7J58nGeOj/GZcaBfSmZ2TwnFC7imoYn8bWzG12R+loYoWflg
MPNDA5PUUHShKD27IvmIboNEbOKYRNlLcpSwkPUKSdd/TN5t+GPohCLvBCvfgA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:53:41 2024 by rpki-client on console-fra.rpki-client.org