Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/vuY3gyX-gaFTnvgWA17X6nJR5IY.roa
File: vuY3gyX-gaFTnvgWA17X6nJR5IY.roa (raw, json)
Hash identifier: 6RvZTWoRAvIM8YPV0+qHdGRH0dO6505xms72gymMkAw=
Subject key identifier: BE:E6:37:83:25:FE:81:A1:53:9E:F8:16:03:5E:D7:EA:72:51:E4:86
Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial: 018F9BCBA093F2911CA2CE91621889D1E08C
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/vuY3gyX-gaFTnvgWA17X6nJR5IY.roa
Signing time: Tue 21 May 2024 15:36:04 +0000
ROA not before: Tue 21 May 2024 15:36:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51185
IP address blocks: 45.157.64.0/24 maxlen: 24
45.157.65.0/24 maxlen: 24
45.157.66.0/24 maxlen: 24
45.157.67.0/24 maxlen: 24
94.124.64.0/21 maxlen: 21
94.124.64.0/24 maxlen: 24
94.124.65.0/24 maxlen: 24
94.124.66.0/24 maxlen: 24
94.124.67.0/24 maxlen: 24
94.124.68.0/24 maxlen: 24
94.124.69.0/24 maxlen: 24
94.124.70.0/24 maxlen: 24
94.124.71.0/24 maxlen: 24
178.248.48.0/24 maxlen: 24
178.248.49.0/24 maxlen: 24
178.248.50.0/24 maxlen: 24
178.248.51.0/24 maxlen: 24
178.248.52.0/24 maxlen: 24
178.248.53.0/24 maxlen: 24
178.248.54.0/24 maxlen: 24
178.248.55.0/24 maxlen: 24
185.45.208.0/24 maxlen: 24
185.45.209.0/24 maxlen: 24
185.45.210.0/24 maxlen: 24
185.45.211.0/24 maxlen: 24
185.187.156.0/24 maxlen: 24
185.187.157.0/24 maxlen: 24
185.187.158.0/24 maxlen: 24
185.187.159.0/24 maxlen: 24
2a02:2890::/48 maxlen: 48
2a02:2890:ffff::/48 maxlen: 48
2a02:2891::/48 maxlen: 48
2a02:2891:1::/48 maxlen: 48
2a02:2891:2::/48 maxlen: 48
2a02:2891:4::/48 maxlen: 48
2a02:2891:9::/48 maxlen: 48
2a02:2891:10::/48 maxlen: 48
2a02:2891:11::/48 maxlen: 48
2a02:2891:12::/48 maxlen: 48
2a02:2891:13::/48 maxlen: 48
2a02:2891:15::/48 maxlen: 48
2a02:2891:16::/48 maxlen: 48
2a02:2891:18::/48 maxlen: 48
2a02:2891:29::/48 maxlen: 48
2a02:2891:32::/48 maxlen: 48
2a02:2891:40::/48 maxlen: 48
2a02:2891:ff::/48 maxlen: 48
2a02:2892:32::/48 maxlen: 48
2a02:2892:40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:cb:a0:93:f2:91:1c:a2:ce:91:62:18:89:d1:e0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Validity
Not Before: May 21 15:36:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bee6378325fe81a1539ef816035ed7ea7251e486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:72:ed:4f:03:b9:f9:74:f2:db:72:4d:62:4c:
ed:c2:c8:a2:a2:b1:44:c3:d3:27:dd:f6:46:6f:ab:
a8:7a:d1:73:cd:9f:ac:f9:2c:f1:7b:23:3b:c5:49:
12:74:6a:35:70:64:9d:3a:b5:b0:cf:14:62:fb:9a:
95:e4:eb:ee:e1:c7:4e:c5:c9:3d:3f:8c:f5:af:a1:
52:d8:3a:3a:ae:be:a9:97:7d:44:4a:43:ff:14:34:
0f:2c:78:60:ca:6a:79:02:00:1c:28:8f:6c:35:ce:
72:52:ca:ab:5b:aa:ee:4f:88:4c:23:a2:46:a0:b3:
5e:4d:e8:51:98:22:86:3e:1e:0b:c3:55:f8:1e:1b:
5f:d9:63:f3:f5:70:5b:9b:0a:d3:21:4e:bd:83:09:
0d:ac:7f:27:57:da:74:61:93:9d:6a:91:13:b2:12:
5a:2b:d7:0d:d6:55:cd:e1:99:7e:38:2f:a2:18:62:
83:84:0c:2b:dc:8c:a8:0b:17:98:07:9e:b8:57:f4:
fb:a3:da:62:74:94:02:4a:b1:a9:a7:8c:87:3d:af:
11:9c:2d:ee:66:90:68:49:a4:99:a4:b5:6b:40:4a:
0a:ac:4b:4c:01:48:a6:17:87:59:88:bc:a5:f5:a5:
95:0c:e2:c9:dd:78:a6:6d:f0:41:af:43:d4:7b:bc:
40:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:E6:37:83:25:FE:81:A1:53:9E:F8:16:03:5E:D7:EA:72:51:E4:86
X509v3 Authority Key Identifier:
keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/vuY3gyX-gaFTnvgWA17X6nJR5IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.64.0/22
94.124.64.0/21
178.248.48.0/21
185.45.208.0/22
185.187.156.0/22
IPv6:
2a02:2890::/48
2a02:2890:ffff::-2a02:2891:2:ffff:ffff:ffff:ffff:ffff
2a02:2891:4::/48
2a02:2891:9::/48
2a02:2891:10::/46
2a02:2891:15::-2a02:2891:16:ffff:ffff:ffff:ffff:ffff
2a02:2891:18::/48
2a02:2891:29::/48
2a02:2891:32::/48
2a02:2891:40::/48
2a02:2891:ff::/48
2a02:2892:32::/48
2a02:2892:40::/48
Signature Algorithm: sha256WithRSAEncryption
27:52:5c:ed:af:a2:21:be:dd:59:d4:4f:c0:2b:f4:46:fd:31:
66:08:18:04:f4:9f:dd:f5:91:b7:a4:03:a6:71:1e:db:76:ea:
af:96:5d:df:48:35:0b:5f:52:c8:67:ce:19:51:1e:d4:2d:1c:
34:65:c5:3f:66:24:11:28:e5:c0:59:9f:6a:30:b5:ff:58:e8:
0f:12:f9:92:34:bb:9b:6d:20:fe:0b:05:5b:48:ed:26:07:a0:
e1:8c:59:ac:1c:38:78:f4:c2:77:3b:9e:cf:f2:56:3c:8b:3d:
21:cb:b5:1a:21:3e:ae:7c:64:e4:0c:37:f6:4f:97:ff:03:5a:
56:07:02:d1:4e:cf:e2:9a:a5:85:6d:c0:ba:6d:ad:a1:83:c7:
10:0c:65:03:c5:1a:1c:79:68:17:a1:c9:85:49:4f:e0:66:ad:
e7:66:5d:5a:72:f5:4f:31:1f:15:1f:dc:b8:81:ce:2c:ba:84:
4e:7d:0c:e3:78:59:f9:97:59:52:e4:b0:03:ad:19:31:1d:98:
f3:b9:dd:2b:f6:0c:b8:51:29:c4:76:6b:24:04:f7:af:00:9b:
b3:d8:14:37:36:27:79:a0:ee:34:9f:b2:6b:d7:33:fa:7a:bd:
98:05:d6:33:d3:8c:28:a1:08:0e:bd:af:07:99:20:a9:b6:03:
b4:20:0b:24
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAY+by6CT8pEcos6RYhiJ0eCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjQwNTIxMTUzNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWU2Mzc4MzI1ZmU4MWExNTM5ZWY4MTYwMzVlZDdlYTcyNTFlNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXLtTwO5+XTy23JNYkztwsiiorFE
w9Mn3fZGb6uoetFzzZ+s+SzxeyM7xUkSdGo1cGSdOrWwzxRi+5qV5Ovu4cdOxck9
P4z1r6FS2Do6rr6pl31ESkP/FDQPLHhgymp5AgAcKI9sNc5yUsqrW6ruT4hMI6JG
oLNeTehRmCKGPh4Lw1X4Hhtf2WPz9XBbmwrTIU69gwkNrH8nV9p0YZOdapETshJa
K9cN1lXN4Zl+OC+iGGKDhAwr3IyoCxeYB564V/T7o9pidJQCSrGpp4yHPa8RnC3u
ZpBoSaSZpLVrQEoKrEtMAUimF4dZiLyl9aWVDOLJ3XimbfBBr0PUe7xAEQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFL7mN4Ml/oGhU574FgNe1+pyUeSGMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEvdnVZM2d5WC1nYUZUbnZnV0ExN1g2bkpSNUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzAkBAIAATAeAwQCLZ1A
AwQDXnxAAwQDsvgwAwQCuS3QAwQCubucMIGSBAIAAjCBiwMHACoCKJAAADASAwcA
KgIokP//AwcAKgIokQACAwcAKgIokQAEAwcAKgIokQAJAwcCKgIokQAQMBIDBwAq
AiiRABUDBwAqAiiRABYDBwAqAiiRABgDBwAqAiiRACkDBwAqAiiRADIDBwAqAiiR
AEADBwAqAiiRAP8DBwAqAiiSADIDBwAqAiiSAEAwDQYJKoZIhvcNAQELBQADggEB
ACdSXO2voiG+3VnUT8Ar9Eb9MWYIGAT0n931kbekA6ZxHtt26q+WXd9INQtfUshn
zhlRHtQtHDRlxT9mJBEo5cBZn2owtf9Y6A8S+ZI0u5ttIP4LBVtI7SYHoOGMWawc
OHj0wnc7ns/yVjyLPSHLtRohPq58ZOQMN/ZPl/8DWlYHAtFOz+KapYVtwLptraGD
xxAMZQPFGhx5aBehyYVJT+BmredmXVpy9U8xHxUf3LiBziy6hE59DON4WfmXWVLk
sAOtGTEdmPO53Sv2DLhRKcR2ayQE968Am7PYFDc2J3mg7jSfsmvXM/p6vZgF1jPT
jCihCA69rweZIKm2A7QgCyQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:29 2024 by rpki-client on console-fra.rpki-client.org