Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/n_OEmPnn5E5MmCdF7k_h41Lvpnk.roa
File: n_OEmPnn5E5MmCdF7k_h41Lvpnk.roa (raw, json)
Hash identifier: u+7YB0QnzB+LmXTGaFBlJCj7+x2FkeA0PtkBv9HX0Fw=
Subject key identifier: 9F:F3:84:98:F9:E7:E4:4E:4C:98:27:45:EE:4F:E1:E3:52:EF:A6:79
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 0190348D0101BAABF92D3B756F98347942F4
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/n_OEmPnn5E5MmCdF7k_h41Lvpnk.roa
Signing time: Thu 20 Jun 2024 07:29:34 +0000
ROA not before: Thu 20 Jun 2024 07:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203936
IP address blocks: 45.148.72.0/24 maxlen: 24
45.148.73.0/24 maxlen: 24
45.148.74.0/23 maxlen: 24
45.148.74.0/24 maxlen: 24
45.148.75.0/24 maxlen: 24
185.118.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:34:8d:01:01:ba:ab:f9:2d:3b:75:6f:98:34:79:42:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Jun 20 07:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ff38498f9e7e44e4c982745ee4fe1e352efa679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f4:10:0c:4a:0e:54:19:06:2d:10:ab:aa:6a:
87:90:ff:14:29:5c:03:9e:3b:38:fd:32:0a:65:14:
2f:4f:9d:73:ea:bb:1c:26:87:da:f7:3a:9a:c2:2d:
47:9c:7a:d5:ac:e2:34:94:20:f6:e1:a1:08:98:49:
4b:b0:7c:1e:f8:49:7f:1b:be:99:34:c3:d6:7f:ee:
c5:db:3f:15:08:25:ab:68:98:27:9f:e3:8d:16:05:
43:b8:b8:84:50:2e:af:93:c9:08:76:d5:7a:15:fc:
33:67:02:c0:fc:a1:78:30:75:07:4f:c6:4d:3a:67:
bb:15:d7:d8:f3:30:b5:d4:a4:1e:a6:49:1b:31:ce:
a4:2a:c7:ab:86:6c:41:85:4e:53:3c:d3:4a:19:b9:
d0:2c:8a:84:b0:29:dd:c7:a0:aa:55:57:c8:45:22:
8d:13:44:e4:be:4f:75:0a:e7:db:43:c4:a6:d8:8f:
6f:61:19:bc:5f:37:f8:6d:76:6a:7c:b9:ee:6e:49:
6e:26:c4:73:47:a6:83:80:3b:fd:73:68:3f:f2:4e:
37:99:d5:5e:06:f9:81:7d:38:20:c9:5f:4f:eb:d4:
84:a9:93:3f:6a:02:94:79:2d:16:8a:2e:b7:e6:40:
04:06:2e:8b:bd:eb:70:42:72:db:44:fb:03:3d:de:
de:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F3:84:98:F9:E7:E4:4E:4C:98:27:45:EE:4F:E1:E3:52:EF:A6:79
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/n_OEmPnn5E5MmCdF7k_h41Lvpnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.72.0/22
185.118.188.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:30:e7:66:50:27:dc:5d:ce:d5:96:69:10:55:84:ef:4c:2b:
1c:38:3d:53:c3:bb:b8:a3:66:f7:75:90:eb:7b:9b:2f:43:3d:
d0:10:ba:cf:58:a5:77:9b:f5:70:1f:cf:df:7a:e2:87:d0:de:
f7:37:b0:34:9f:5c:e2:82:ba:4a:d5:70:20:e8:c1:97:bf:03:
32:db:35:0e:1b:4d:8e:d4:dc:fc:f9:df:8c:a6:24:66:d3:e1:
9a:b1:cf:8a:c2:07:26:3d:cd:b9:a0:c4:8c:d7:85:93:9d:f3:
bc:b6:34:86:33:eb:9b:3e:e7:97:70:a7:3f:de:06:7a:28:8d:
02:9e:d6:fd:1c:74:bd:c6:9d:6e:50:60:44:2f:a7:e5:23:6f:
b3:91:a8:6f:3c:f4:b2:76:83:01:5f:3f:fb:cc:0b:11:75:a7:
27:b1:c3:6b:b7:43:63:f9:f8:c7:1f:ae:1d:17:b2:ed:d2:e6:
de:a1:2f:8f:1a:89:31:17:26:a1:47:1d:4a:55:af:25:2d:de:
09:57:4b:47:a0:29:58:fd:bb:de:0f:14:6a:c1:bf:fa:37:bc:
2a:20:06:e8:19:97:98:bc:ba:6f:d8:b4:13:30:48:cc:b0:db:
4c:d7:d6:37:ec:48:aa:f0:02:ef:7c:d4:41:95:f9:bc:5b:4b:
fd:b9:6d:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZA0jQEBuqv5LTt1b5g0eUL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjQwNjIwMDcyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmYzODQ5OGY5ZTdlNDRlNGM5ODI3NDVlZTRmZTFlMzUyZWZhNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/QQDEoOVBkGLRCrqmqHkP8UKVwD
njs4/TIKZRQvT51z6rscJofa9zqawi1HnHrVrOI0lCD24aEImElLsHwe+El/G76Z
NMPWf+7F2z8VCCWraJgnn+ONFgVDuLiEUC6vk8kIdtV6FfwzZwLA/KF4MHUHT8ZN
Ome7FdfY8zC11KQepkkbMc6kKserhmxBhU5TPNNKGbnQLIqEsCndx6CqVVfIRSKN
E0Tkvk91CufbQ8Sm2I9vYRm8Xzf4bXZqfLnubkluJsRzR6aDgDv9c2g/8k43mdVe
BvmBfTggyV9P69SEqZM/agKUeS0Wii635kAEBi6LvetwQnLbRPsDPd7etwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ/zhJj55+ROTJgnRe5P4eNS76Z5MB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvbl9PRW1Qbm41RTVNbUNkRjdrX2g0MUx2cG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZRIAwQC
uXa8MA0GCSqGSIb3DQEBCwUAA4IBAQCdMOdmUCfcXc7VlmkQVYTvTCscOD1Tw7u4
o2b3dZDre5svQz3QELrPWKV3m/VwH8/feuKH0N73N7A0n1zigrpK1XAg6MGXvwMy
2zUOG02O1Nz8+d+MpiRm0+Gasc+KwgcmPc25oMSM14WTnfO8tjSGM+ubPueXcKc/
3gZ6KI0Cntb9HHS9xp1uUGBEL6flI2+zkahvPPSydoMBXz/7zAsRdacnscNrt0Nj
+fjHH64dF7Lt0ubeoS+PGokxFyahRx1KVa8lLd4JV0tHoClY/bveDxRqwb/6N7wq
IAboGZeYvLpv2LQTMEjMsNtM19Y37Eiq8ALvfNRBlfm8W0v9uW2K
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:55 2024 by rpki-client on console-fra.rpki-client.org