Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/PaHamQfTMj0_NspNSv8DYetnMvY.roa
File: PaHamQfTMj0_NspNSv8DYetnMvY.roa (raw, json)
Hash identifier: 3XO3xUuErqFUAlMeWtzqhk9ZxGAOyYPJWiLMumuc/8s=
Subject key identifier: 3D:A1:DA:99:07:D3:32:3D:3F:36:CA:4D:4A:FF:03:61:EB:67:32:F6
Certificate issuer: /CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Certificate serial: 01930A03CD4E399BCBB67C146953A2B00468
Authority key identifier: 45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/PaHamQfTMj0_NspNSv8DYetnMvY.roa
Signing time: Fri 08 Nov 2024 04:24:01 +0000
ROA not before: Fri 08 Nov 2024 04:24:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49289
IP address blocks: 93.185.112.0/20 maxlen: 20
159.255.136.0/22 maxlen: 22
159.255.144.0/24 maxlen: 24
171.22.232.0/24 maxlen: 24
171.22.233.0/24 maxlen: 24
171.22.234.0/24 maxlen: 24
171.22.235.0/24 maxlen: 24
178.239.32.0/22 maxlen: 22
178.239.36.0/24 maxlen: 24
178.239.40.0/22 maxlen: 22
178.239.44.0/23 maxlen: 23
178.239.46.0/23 maxlen: 23
185.63.132.0/23 maxlen: 23
185.63.135.0/24 maxlen: 24
188.94.120.0/21 maxlen: 21
2a00:c50::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/RfnjL_avPV5dd727mNo30LjkRRk.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/RfnjL_avPV5dd727mNo30LjkRRk.mft
rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0a:03:cd:4e:39:9b:cb:b6:7c:14:69:53:a2:b0:04:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45f9e32ff6af3d5e5d77bdbb98da37d0b8e44519
Validity
Not Before: Nov 8 04:24:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3da1da9907d3323d3f36ca4d4aff0361eb6732f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ce:4b:79:ec:95:31:f2:c8:da:ad:87:97:dd:
85:8b:9a:03:1d:14:5d:47:34:5e:37:a2:d5:fb:78:
a4:8f:d3:45:89:89:fd:82:ae:2d:c9:d8:1e:cc:bf:
dc:32:7b:f4:0c:8a:4f:21:ef:57:60:ec:79:51:71:
fd:ba:b5:eb:06:d8:df:e7:e0:a6:33:2a:d0:80:56:
8e:63:e6:de:06:ba:72:93:c1:a9:5a:f1:ad:91:61:
74:89:e6:c3:65:75:67:66:67:34:c6:fe:37:9a:35:
e3:12:4f:07:54:37:3d:de:2a:58:71:62:0d:52:b5:
5d:d6:a6:88:3a:b3:78:ca:ad:5a:4e:bd:86:db:5a:
3c:2c:03:bb:7d:9e:c1:ae:fd:4d:b9:40:61:03:74:
f4:98:27:a9:25:76:93:b4:92:2a:aa:28:3b:e4:3c:
97:66:f3:98:e8:b7:f6:3a:1d:4e:62:9c:96:e8:89:
93:ce:14:f2:37:64:57:6a:85:ba:40:ea:0a:5e:cb:
66:cd:57:bd:73:cd:8c:4a:35:3d:1c:57:23:44:9c:
9d:0a:02:cd:f8:66:58:b5:f1:23:e9:65:05:2a:2a:
56:a0:fc:be:59:11:73:ef:84:99:b1:17:d7:a9:1f:
76:07:b4:8c:be:67:8d:27:fe:20:94:e2:7b:0b:75:
a5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A1:DA:99:07:D3:32:3D:3F:36:CA:4D:4A:FF:03:61:EB:67:32:F6
X509v3 Authority Key Identifier:
keyid:45:F9:E3:2F:F6:AF:3D:5E:5D:77:BD:BB:98:DA:37:D0:B8:E4:45:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RfnjL_avPV5dd727mNo30LjkRRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/PaHamQfTMj0_NspNSv8DYetnMvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9def08-7552-4b5a-966f-8ee0a12a359b/1/RfnjL_avPV5dd727mNo30LjkRRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.112.0/20
159.255.136.0/22
159.255.144.0/24
171.22.232.0/22
178.239.32.0-178.239.36.255
178.239.40.0/21
185.63.132.0/23
185.63.135.0/24
188.94.120.0/21
IPv6:
2a00:c50::/29
Signature Algorithm: sha256WithRSAEncryption
00:38:55:70:d5:cc:e5:30:0d:9a:d2:a9:5c:b8:71:04:7d:7c:
14:67:41:e3:6f:52:23:07:3f:04:c4:fe:8f:d3:85:e7:5d:f5:
09:6a:00:1c:15:89:e5:70:30:1b:4f:f4:e6:18:53:3f:58:1f:
dd:28:c9:10:ff:19:13:04:ab:78:01:e8:af:d2:41:9d:0d:2e:
f5:bf:19:62:85:3c:7d:fa:e1:78:c4:c5:7c:9a:9c:4c:30:79:
fd:d3:57:10:ec:10:75:3a:53:e6:33:1d:12:4a:61:a8:bc:b9:
fe:f2:98:2f:b7:0b:e3:d8:04:8a:d3:17:45:aa:fb:9c:cd:b8:
ec:3e:48:29:7f:54:a2:07:cd:17:18:05:de:e5:44:9b:fb:63:
9f:3f:2c:45:a7:f7:4a:c3:f5:4c:15:d7:d0:c5:cd:aa:90:94:
48:15:3e:0a:f4:f9:5d:77:33:d7:2d:e1:8a:86:95:3d:3e:0b:
c0:b3:03:a0:c7:f9:74:1b:ff:1a:2a:65:7c:b2:ff:16:83:4c:
77:0a:7f:66:3e:22:2d:b2:dc:e9:c4:8f:c5:57:12:31:5c:5c:
dc:21:0c:20:d8:7a:18:07:b4:2f:97:ee:f6:54:bb:13:57:b2:
49:b4:49:24:7e:74:41:7f:f0:da:6f:59:03:7b:33:db:17:40:
43:ff:5e:20
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZMKA81OOZvLtnwUaVOisARoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZjllMzJmZjZhZjNkNWU1ZDc3YmRiYjk4ZGEzN2QwYjhl
NDQ1MTkwHhcNMjQxMTA4MDQyNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGExZGE5OTA3ZDMzMjNkM2YzNmNhNGQ0YWZmMDM2MWViNjczMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc5LeeyVMfLI2q2Hl92Fi5oDHRRd
RzReN6LV+3ikj9NFiYn9gq4tydgezL/cMnv0DIpPIe9XYOx5UXH9urXrBtjf5+Cm
MyrQgFaOY+beBrpyk8GpWvGtkWF0iebDZXVnZmc0xv43mjXjEk8HVDc93ipYcWIN
UrVd1qaIOrN4yq1aTr2G21o8LAO7fZ7Brv1NuUBhA3T0mCepJXaTtJIqqig75DyX
ZvOY6Lf2Oh1OYpyW6ImTzhTyN2RXaoW6QOoKXstmzVe9c82MSjU9HFcjRJydCgLN
+GZYtfEj6WUFKipWoPy+WRFz74SZsRfXqR92B7SMvmeNJ/4glOJ7C3WljQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFD2h2pkH0zI9PzbKTUr/A2HrZzL2MB8GA1UdIwQY
MBaAFEX54y/2rz1eXXe9u5jaN9C45EUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYt
OGVlMGExMmEzNTliLzEvUGFIYW1RZlRNajBfTnNwTlN2OERZZXRuTXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85ZGVmMDgtNzU1Mi00YjVhLTk2NmYtOGVlMGExMmEzNTli
LzEvUmZuakxfYXZQVjVkZDcyN21ObzMwTGprUlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQEXblwAwQC
n/+IAwQAn/+QAwQCqxboMAwDBAWy7yADBACy7yQDBAOy7ygDBAG5P4QDBAC5P4cD
BAO8XngwDQQCAAIwBwMFAyoADFAwDQYJKoZIhvcNAQELBQADggEBAAA4VXDVzOUw
DZrSqVy4cQR9fBRnQeNvUiMHPwTE/o/Thedd9QlqABwVieVwMBtP9OYYUz9YH90o
yRD/GRMEq3gB6K/SQZ0NLvW/GWKFPH364XjExXyanEwwef3TVxDsEHU6U+YzHRJK
Yai8uf7ymC+3C+PYBIrTF0Wq+5zNuOw+SCl/VKIHzRcYBd7lRJv7Y58/LEWn90rD
9UwV19DFzaqQlEgVPgr0+V13M9ct4YqGlT0+C8CzA6DH+XQb/xoqZXyy/xaDTHcK
f2Y+Ii2y3OnEj8VXEjFcXNwhDCDYehgHtC+X7vZUuxNXskm0SSR+dEF/8NpvWQN7
M9sXQEP/XiA=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:32:21 2024 by rpki-client on console-ams.rpki-client.org