Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/x1xyqwj_VYCGf2O9D104_oF9sxY.roa
File: x1xyqwj_VYCGf2O9D104_oF9sxY.roa (raw, json)
Hash identifier: /cjwLhGHBydoJnXBDc4ZVrrcDErdJ4Ki63Oy8LXUtUM=
Subject key identifier: C7:5C:72:AB:08:FF:55:80:86:7F:63:BD:0F:5D:38:FE:81:7D:B3:16
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 0193506B0135FAC02969A102E5B7C93627A7
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/x1xyqwj_VYCGf2O9D104_oF9sxY.roa
Signing time: Thu 21 Nov 2024 20:30:09 +0000
ROA not before: Thu 21 Nov 2024 20:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206805
IP address blocks: 45.84.152.0/23 maxlen: 24
45.84.154.0/24 maxlen: 24
45.84.155.0/24 maxlen: 24
45.145.188.0/23 maxlen: 23
45.145.190.0/23 maxlen: 23
45.145.190.0/24 maxlen: 24
45.145.191.0/24 maxlen: 24
80.85.248.0/23 maxlen: 23
80.85.250.0/23 maxlen: 23
80.85.252.0/24 maxlen: 24
80.85.253.0/24 maxlen: 24
80.85.254.0/23 maxlen: 24
176.119.0.0/21 maxlen: 21
178.159.32.0/23 maxlen: 24
185.159.111.0/24 maxlen: 24
185.228.48.0/22 maxlen: 24
185.247.192.0/22 maxlen: 24
188.64.149.0/24 maxlen: 24
188.64.150.0/23 maxlen: 24
193.19.100.0/23 maxlen: 24
193.141.230.0/23 maxlen: 23
193.142.20.0/23 maxlen: 23
193.246.144.0/24 maxlen: 24
193.246.150.0/24 maxlen: 24
193.246.153.0/24 maxlen: 24
193.246.159.0/24 maxlen: 24
2a0c:ee00::/32 maxlen: 40
2a0c:ee00::/40 maxlen: 40
2a0c:ee00:100::/40 maxlen: 40
2a0c:ee00:200::/40 maxlen: 40
2a0c:ee00:20c::/48 maxlen: 48
2a0c:ee00:300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.mft
rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:6b:01:35:fa:c0:29:69:a1:02:e5:b7:c9:36:27:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Nov 21 20:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c75c72ab08ff5580867f63bd0f5d38fe817db316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5a:5f:e1:a0:a8:56:34:d8:4b:a6:71:1d:ae:
db:4b:76:3b:95:a1:e9:0f:3a:c9:3e:41:da:80:f1:
d5:c0:01:a6:c7:8c:6d:b4:92:bf:00:ca:04:b4:03:
3c:a9:80:be:61:b0:f5:7e:6f:4c:05:00:44:37:fb:
1c:73:a7:86:c9:a3:e3:a6:40:df:48:db:68:81:9c:
2e:1d:66:b7:96:51:82:2b:4e:ee:bd:9b:61:7b:ac:
a1:34:38:b9:60:1c:c4:53:2e:48:18:3e:51:b1:38:
61:78:1f:06:8e:e5:04:c0:8f:81:3f:8f:37:01:cd:
71:04:c4:71:54:d1:99:c1:3d:ff:46:91:1e:54:82:
0e:b8:6c:33:b5:87:ee:18:ff:75:74:38:22:1e:ba:
2a:4c:71:c0:98:af:bd:c3:3a:95:8c:bf:6e:56:3d:
b4:11:09:c8:30:04:0d:ab:ff:18:c2:70:e4:4f:45:
c9:30:1e:d8:31:bd:86:24:d7:92:34:e5:c6:de:80:
64:51:09:f5:02:a4:bf:64:51:8d:42:ae:2a:74:58:
1a:0e:3e:68:6b:34:d9:23:e7:ea:47:cc:2c:b3:6f:
13:8a:67:00:60:8e:7e:ad:08:67:3e:15:1d:fd:28:
61:59:89:54:e6:70:09:d6:18:54:c9:85:9a:5d:d2:
e7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5C:72:AB:08:FF:55:80:86:7F:63:BD:0F:5D:38:FE:81:7D:B3:16
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/x1xyqwj_VYCGf2O9D104_oF9sxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/22
80.85.248.0/21
176.119.0.0/21
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0-188.64.151.255
193.19.100.0/23
193.141.230.0/23
193.142.20.0/23
193.246.144.0/24
193.246.150.0/24
193.246.153.0/24
193.246.159.0/24
IPv6:
2a0c:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
78:f4:b8:8d:5e:b8:89:f4:ea:b2:60:54:ae:d8:64:e2:de:60:
a5:25:12:05:6c:65:75:d7:12:bd:5a:eb:e8:9d:b9:fb:c9:31:
87:5c:bb:23:30:da:23:cb:b0:57:ae:7b:c3:ab:66:aa:7f:4d:
29:ce:42:4b:90:d7:cd:fb:9c:de:d1:0a:c1:83:b4:4f:73:b6:
1d:b7:e9:b2:fe:6a:8b:e8:b8:f2:0a:b4:64:a1:c8:95:c9:41:
af:e7:e1:44:44:f9:95:71:64:9b:dd:86:5f:51:6d:fc:72:66:
24:91:d5:a4:9c:8b:8a:78:fd:ba:86:22:05:20:aa:75:41:52:
d5:ef:ab:02:86:25:72:16:50:e9:70:1a:c9:8c:91:cd:8e:f4:
1b:c0:67:dd:36:2e:5a:5d:61:5f:b3:5d:19:a0:9a:0d:2e:61:
a7:7d:4a:41:a9:37:79:f2:d8:ab:ce:53:a7:a4:3e:99:db:46:
60:93:48:37:7f:8d:55:76:be:90:92:a2:f2:99:09:7d:4f:0c:
5a:88:af:0f:fd:85:06:57:cf:94:2c:47:5f:30:b4:98:a5:57:
db:ab:c9:e1:27:a8:13:0d:1b:9e:0f:0f:bd:0b:9c:f1:bb:5f:
b5:5d:67:3f:46:a2:8f:f0:01:17:c3:cd:20:d4:30:55:13:e1:
41:63:46:65
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZNQawE1+sApaaEC5bfJNienMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkM2Q0MDExMTc1ZTVkZjdhM2Y1N2QzOGU3ODE1MGEyYzA1
ZmRkMWQwHhcNMjQxMTIxMjAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzVjNzJhYjA4ZmY1NTgwODY3ZjYzYmQwZjVkMzhmZTgxN2RiMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFpf4aCoVjTYS6ZxHa7bS3Y7laHp
DzrJPkHagPHVwAGmx4xttJK/AMoEtAM8qYC+YbD1fm9MBQBEN/scc6eGyaPjpkDf
SNtogZwuHWa3llGCK07uvZthe6yhNDi5YBzEUy5IGD5RsThheB8GjuUEwI+BP483
Ac1xBMRxVNGZwT3/RpEeVIIOuGwztYfuGP91dDgiHroqTHHAmK+9wzqVjL9uVj20
EQnIMAQNq/8YwnDkT0XJMB7YMb2GJNeSNOXG3oBkUQn1AqS/ZFGNQq4qdFgaDj5o
azTZI+fqR8wss28TimcAYI5+rQhnPhUd/ShhWYlU5nAJ1hhUyYWaXdLnjQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFMdccqsI/1WAhn9jvQ9dOP6BfbMWMB8GA1UdIwQY
MBaAFN09QBEXXl33o/V9OOeBUKLAX90dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQt
MmQwYTc4YmU4OTJkLzEveDF4eXF3al9WWUNHZjJPOUQxMDRfb0Y5c3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQtMmQwYTc4YmU4OTJk
LzEvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAItVJgD
BAItkbwDBANQVfgDBAOwdwADBAGynyADBAC5n28DBAK55DADBAK598AwDAMEALxA
lQMEA7xAkAMEAcETZAMEAcGN5gMEAcGOFAMEAMH2kAMEAMH2lgMEAMH2mQMEAMH2
nzANBAIAAjAHAwUAKgzuADANBgkqhkiG9w0BAQsFAAOCAQEAePS4jV64ifTqsmBU
rthk4t5gpSUSBWxlddcSvVrr6J25+8kxh1y7IzDaI8uwV657w6tmqn9NKc5CS5DX
zfuc3tEKwYO0T3O2Hbfpsv5qi+i48gq0ZKHIlclBr+fhRET5lXFkm92GX1Ft/HJm
JJHVpJyLinj9uoYiBSCqdUFS1e+rAoYlchZQ6XAayYyRzY70G8Bn3TYuWl1hX7Nd
GaCaDS5hp31KQak3efLYq85Tp6Q+mdtGYJNIN3+NVXa+kJKi8pkJfU8MWoivD/2F
BlfPlCxHXzC0mKVX26vJ4SeoEw0bng8PvQuc8btftV1nP0aij/ABF8PNINQwVRPh
QWNGZQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 08:45:00 2024 by rpki-client on console-fra.rpki-client.org