Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/ul-fOt9DG8A7b-9OiqGjBFstYIo.roa
File: ul-fOt9DG8A7b-9OiqGjBFstYIo.roa (raw, json)
Hash identifier: BlW2kK+mveWqFVbsGd2Y7LvK0Lajn9UPNMc3Bv8KwSA=
Subject key identifier: BA:5F:9F:3A:DF:43:1B:C0:3B:6F:EF:4E:8A:A1:A3:04:5B:2D:60:8A
Certificate issuer: /CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Certificate serial: 0192B99EFB378D9837F0E08D769283E74DAD
Authority key identifier: 3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/ul-fOt9DG8A7b-9OiqGjBFstYIo.roa
Signing time: Wed 23 Oct 2024 13:44:16 +0000
ROA not before: Wed 23 Oct 2024 13:44:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35444
IP address blocks: 45.93.220.0/22 maxlen: 22
80.90.80.0/20 maxlen: 20
80.90.80.0/24 maxlen: 24
80.90.83.0/24 maxlen: 24
80.90.87.0/24 maxlen: 24
80.90.89.0/24 maxlen: 24
80.90.90.0/24 maxlen: 24
80.90.91.0/24 maxlen: 24
80.90.92.0/24 maxlen: 24
81.26.200.0/21 maxlen: 21
81.26.200.0/24 maxlen: 24
81.26.201.0/24 maxlen: 24
81.26.202.0/24 maxlen: 24
81.26.203.0/24 maxlen: 24
81.26.204.0/24 maxlen: 24
81.26.205.0/24 maxlen: 24
81.26.206.0/23 maxlen: 24
93.93.168.0/22 maxlen: 22
93.93.168.0/23 maxlen: 23
93.93.170.0/23 maxlen: 23
185.132.92.0/23 maxlen: 23
185.132.92.0/24 maxlen: 24
185.132.93.0/24 maxlen: 24
185.132.94.0/24 maxlen: 24
185.132.95.0/24 maxlen: 24
185.158.0.0/22 maxlen: 22
185.158.0.0/23 maxlen: 23
185.158.0.0/24 maxlen: 24
185.158.1.0/24 maxlen: 24
185.158.2.0/23 maxlen: 23
185.158.2.0/24 maxlen: 24
185.158.3.0/24 maxlen: 24
185.175.252.0/22 maxlen: 22
185.187.0.0/22 maxlen: 23
185.187.0.0/23 maxlen: 23
185.187.0.0/24 maxlen: 24
185.187.1.0/24 maxlen: 24
185.187.2.0/23 maxlen: 23
185.187.2.0/24 maxlen: 24
185.187.3.0/24 maxlen: 24
185.212.188.0/22 maxlen: 22
185.212.188.0/23 maxlen: 23
185.212.188.0/24 maxlen: 24
185.212.189.0/24 maxlen: 24
185.212.190.0/23 maxlen: 23
185.212.190.0/24 maxlen: 24
185.212.191.0/24 maxlen: 24
185.239.8.0/22 maxlen: 22
185.239.8.0/23 maxlen: 23
185.239.8.0/24 maxlen: 24
185.239.9.0/24 maxlen: 24
185.239.10.0/23 maxlen: 23
185.239.10.0/24 maxlen: 24
185.239.11.0/24 maxlen: 24
2a03:2de0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:9e:fb:37:8d:98:37:f0:e0:8d:76:92:83:e7:4d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a92f5d936752baf2d0df713299499cecfa9f48d
Validity
Not Before: Oct 23 13:44:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba5f9f3adf431bc03b6fef4e8aa1a3045b2d608a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7d:2c:a3:94:d9:10:9f:5e:57:13:87:00:44:
5a:ee:97:85:56:86:ec:22:c5:20:70:01:9e:49:76:
16:26:9c:3a:50:7f:a1:bc:24:2a:3d:10:47:37:da:
fe:62:66:4d:7d:da:a0:7d:8f:06:8d:e1:1b:f6:71:
ef:3e:64:61:92:5c:db:eb:da:52:b7:04:58:78:ee:
84:b2:11:ad:1d:37:39:78:4a:2b:4d:21:6f:a0:62:
97:78:e3:46:7e:b9:4e:9b:7d:b3:bb:2f:9f:2a:41:
f6:ba:d2:99:ec:bc:86:6c:08:43:79:6c:08:2e:c4:
ce:d4:57:f1:f2:1e:1a:92:64:00:20:a2:4e:db:aa:
13:b5:a3:8a:79:bd:7c:b0:1c:38:fd:08:51:36:d6:
da:6b:85:39:1c:5c:31:a7:52:14:c7:96:4c:a0:98:
64:2c:37:aa:e1:4b:40:a0:6b:ee:ac:30:1d:cd:c7:
3a:30:63:e7:b1:24:34:6b:80:1c:da:bf:ed:55:58:
94:08:01:a8:c1:7b:49:57:69:42:a4:65:ad:c9:c4:
7e:77:af:26:7c:f3:4f:09:15:16:a9:da:f5:65:cd:
2d:40:70:60:72:25:f6:8e:0c:2c:7b:70:e8:ce:9b:
f8:9b:24:17:e5:90:ab:72:8f:6a:d4:69:ee:3a:aa:
b2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:5F:9F:3A:DF:43:1B:C0:3B:6F:EF:4E:8A:A1:A3:04:5B:2D:60:8A
X509v3 Authority Key Identifier:
keyid:3A:92:F5:D9:36:75:2B:AF:2D:0D:F7:13:29:94:99:CE:CF:A9:F4:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpL12TZ1K68tDfcTKZSZzs-p9I0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/ul-fOt9DG8A7b-9OiqGjBFstYIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7cd157-c58f-4cb9-8252-1696b246cd50/1/OpL12TZ1K68tDfcTKZSZzs-p9I0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.220.0/22
80.90.80.0/20
81.26.200.0/21
93.93.168.0/22
185.132.92.0/22
185.158.0.0/22
185.175.252.0/22
185.187.0.0/22
185.212.188.0/22
185.239.8.0/22
IPv6:
2a03:2de0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:65:d0:fa:da:53:a6:7d:e5:28:c0:dc:f7:fc:43:56:a4:d0:
d3:19:b3:5b:99:6d:03:82:12:5e:36:3f:19:0e:05:a3:00:35:
ae:1e:cf:78:12:22:ab:b7:93:18:2a:bb:20:10:41:8f:45:55:
f0:22:f6:47:44:28:94:b2:bb:57:b2:18:af:33:dd:82:58:ec:
3c:1e:6d:d2:ee:79:5a:10:bb:52:c8:39:18:9e:f8:0a:f0:2d:
57:5e:85:dc:58:fb:ab:06:67:69:99:ec:81:f5:7a:cb:6c:12:
ad:8d:09:b9:44:7d:d8:c9:17:e8:6f:bc:bf:5b:18:2f:7d:80:
5a:9a:e8:7d:d5:0b:52:a2:c1:88:03:50:26:dd:2d:cc:13:5b:
63:7c:da:a8:2d:f2:08:c4:d8:b0:ef:88:a4:f1:04:cb:c8:59:
39:c7:27:88:bf:e1:b5:76:9c:13:e9:e1:5b:75:a9:90:4c:a7:
2d:5a:f1:23:b1:fc:c3:27:1d:14:ed:62:d3:e1:13:e4:94:47:
25:49:1d:ea:7d:5e:f3:15:17:01:84:ba:92:6f:01:78:90:c7:
8f:9c:96:65:f0:b5:38:ce:d1:b9:37:ef:d6:64:09:b9:c5:1d:
69:62:58:fa:33:38:dc:64:9f:c8:c8:65:79:8a:48:b9:d6:e0:
c8:53:97:52
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZK5nvs3jZg38OCNdpKD502tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTJmNWQ5MzY3NTJiYWYyZDBkZjcxMzI5OTQ5OWNlY2Zh
OWY0OGQwHhcNMjQxMDIzMTM0NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTVmOWYzYWRmNDMxYmMwM2I2ZmVmNGU4YWExYTMwNDViMmQ2MDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkH0so5TZEJ9eVxOHAERa7peFVobs
IsUgcAGeSXYWJpw6UH+hvCQqPRBHN9r+YmZNfdqgfY8GjeEb9nHvPmRhklzb69pS
twRYeO6EshGtHTc5eEorTSFvoGKXeONGfrlOm32zuy+fKkH2utKZ7LyGbAhDeWwI
LsTO1Ffx8h4akmQAIKJO26oTtaOKeb18sBw4/QhRNtbaa4U5HFwxp1IUx5ZMoJhk
LDeq4UtAoGvurDAdzcc6MGPnsSQ0a4Ac2r/tVViUCAGowXtJV2lCpGWtycR+d68m
fPNPCRUWqdr1Zc0tQHBgciX2jgwse3Dozpv4myQX5ZCrco9q1GnuOqqymwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFLpfnzrfQxvAO2/vToqhowRbLWCKMB8GA1UdIwQY
MBaAFDqS9dk2dSuvLQ33EymUmc7PqfSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTIt
MTY5NmIyNDZjZDUwLzEvdWwtZk90OURHOEE3Yi05T2lxR2pCRnN0WUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83Y2QxNTctYzU4Zi00Y2I5LTgyNTItMTY5NmIyNDZjZDUw
LzEvT3BMMTJUWjFLNjh0RGZjVEtaU1p6cy1wOUkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLV3cAwQE
UFpQAwQDURrIAwQCXV2oAwQCuYRcAwQCuZ4AAwQCua/8AwQCubsAAwQCudS8AwQC
ue8IMA0EAgACMAcDBQAqAy3gMA0GCSqGSIb3DQEBCwUAA4IBAQAcZdD62lOmfeUo
wNz3/ENWpNDTGbNbmW0DghJeNj8ZDgWjADWuHs94EiKrt5MYKrsgEEGPRVXwIvZH
RCiUsrtXshivM92CWOw8Hm3S7nlaELtSyDkYnvgK8C1XXoXcWPurBmdpmeyB9XrL
bBKtjQm5RH3YyRfob7y/WxgvfYBamuh91QtSosGIA1Am3S3ME1tjfNqoLfIIxNiw
74ik8QTLyFk5xyeIv+G1dpwT6eFbdamQTKctWvEjsfzDJx0U7WLT4RPklEclSR3q
fV7zFRcBhLqSbwF4kMePnJZl8LU4ztG5N+/WZAm5xR1pYlj6MzjcZJ/IyGV5iki5
1uDIU5dS
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:42 2024 by rpki-client on console-ams.rpki-client.org