Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/uHMNzOkCa1KTDvHlQgECVTtz10E.roa
File: uHMNzOkCa1KTDvHlQgECVTtz10E.roa (raw, json)
Hash identifier: 9ghVpE4KDTZ9yLji//LZ/X9tSFxavwn7QvK8yqqFI3s=
Subject key identifier: B8:73:0D:CC:E9:02:6B:52:93:0E:F1:E5:42:01:02:55:3B:73:D7:41
Certificate issuer: /CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
Certificate serial: 018D9DC973F47C987B975CDDD7047E8DAA7B
Authority key identifier: DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/uHMNzOkCa1KTDvHlQgECVTtz10E.roa
Signing time: Mon 12 Feb 2024 14:47:21 +0000
ROA not before: Mon 12 Feb 2024 14:47:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201446
IP address blocks: 89.46.88.0/24 maxlen: 24
89.46.89.0/24 maxlen: 24
89.46.90.0/24 maxlen: 24
89.46.91.0/24 maxlen: 24
185.18.198.0/24 maxlen: 24
185.18.199.0/24 maxlen: 24
185.23.116.0/24 maxlen: 24
185.23.117.0/24 maxlen: 24
185.23.118.0/24 maxlen: 24
185.23.119.0/24 maxlen: 24
185.45.73.0/24 maxlen: 24
185.45.74.0/24 maxlen: 24
185.45.75.0/24 maxlen: 24
185.68.108.0/24 maxlen: 24
185.68.109.0/24 maxlen: 24
185.68.110.0/24 maxlen: 24
185.68.111.0/24 maxlen: 24
185.92.244.0/24 maxlen: 24
185.92.245.0/24 maxlen: 24
185.92.246.0/24 maxlen: 24
185.92.247.0/24 maxlen: 24
185.177.152.0/24 maxlen: 24
185.177.153.0/24 maxlen: 24
185.177.154.0/24 maxlen: 24
185.177.155.0/24 maxlen: 24
212.63.108.0/24 maxlen: 24
212.63.109.0/24 maxlen: 24
212.63.110.0/24 maxlen: 24
212.63.111.0/24 maxlen: 24
217.148.138.0/24 maxlen: 24
217.148.139.0/24 maxlen: 24
2a03:f6c0::/32 maxlen: 32
2a03:f6c0::/52 maxlen: 52
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/3DyyDFynxO2OQgeLGmcoeg2ZHOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/3DyyDFynxO2OQgeLGmcoeg2ZHOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:c9:73:f4:7c:98:7b:97:5c:dd:d7:04:7e:8d:aa:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
Validity
Not Before: Feb 12 14:47:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8730dcce9026b52930ef1e5420102553b73d741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:90:a2:a8:8c:95:78:1f:c7:59:e4:4f:4b:88:
dc:6b:76:3c:b8:73:20:08:cc:d8:f4:8a:5d:50:af:
36:90:85:22:58:e9:fc:f6:f6:c4:c6:9d:dc:78:3d:
99:13:db:10:f4:5c:51:47:8a:54:0e:6a:05:f6:eb:
e0:95:f8:79:cd:18:92:13:c8:04:41:d8:74:d8:be:
29:40:72:07:5a:50:8d:21:29:1c:ec:71:82:0a:e7:
07:90:31:fb:06:57:ea:f5:a5:d4:54:ff:88:a2:c2:
59:5f:12:be:69:30:91:a8:23:45:0d:6c:b5:81:2d:
6c:25:57:03:6d:b8:44:f0:d3:c6:f3:ff:6a:1d:29:
e9:6f:15:df:e5:4e:1d:b7:3d:5c:7b:b6:ab:32:37:
73:32:ad:dc:6d:0a:d8:f8:64:c9:9a:f8:07:65:ff:
70:d8:33:46:25:7a:ad:0b:24:b0:ff:31:88:b1:bc:
99:7a:1e:2b:46:43:a0:63:a5:67:10:50:38:4b:2b:
69:f8:4f:91:0c:53:10:76:ee:a0:5d:91:fc:c4:ae:
0c:0c:49:84:7b:3a:42:6a:98:41:5d:9d:4a:31:e4:
d4:6a:06:86:76:bf:13:45:aa:21:9a:da:78:46:6e:
fd:5b:23:d6:4f:34:24:25:4d:c1:9f:ca:a3:2d:ea:
f1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:73:0D:CC:E9:02:6B:52:93:0E:F1:E5:42:01:02:55:3B:73:D7:41
X509v3 Authority Key Identifier:
keyid:DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/uHMNzOkCa1KTDvHlQgECVTtz10E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/3DyyDFynxO2OQgeLGmcoeg2ZHOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.88.0/22
185.18.198.0/23
185.23.116.0/22
185.45.73.0-185.45.75.255
185.68.108.0/22
185.92.244.0/22
185.177.152.0/22
212.63.108.0/22
217.148.138.0/23
IPv6:
2a03:f6c0::/32
Signature Algorithm: sha256WithRSAEncryption
39:b9:3d:2f:e6:a8:1f:73:03:80:98:19:cf:34:66:b7:f1:5d:
c5:1b:70:9d:ab:8e:b5:a8:3e:35:e5:29:e9:0a:c4:0d:30:16:
b4:8e:d1:65:4e:f9:7a:fd:98:bf:48:a0:d8:9a:8f:9d:3c:2f:
d7:ac:a1:c4:2f:ad:c4:88:5d:86:be:33:f8:62:a1:d3:0b:d2:
a0:81:b5:6c:7c:01:39:db:71:7f:5e:bb:2a:fd:c6:cd:29:9a:
b3:b2:08:f0:fc:82:ba:00:af:60:1f:1d:c5:37:3a:70:41:ed:
06:12:5b:b7:03:36:4e:72:08:5d:20:89:f5:5e:e1:a9:a4:c3:
0a:6b:1d:8f:f0:c1:58:fa:a7:c9:8b:5a:b7:af:c8:ff:59:c4:
d7:2b:75:88:c9:83:03:54:71:58:f8:31:99:64:20:05:a1:0d:
10:fe:95:8e:ce:df:cd:19:ff:6c:28:a6:86:6a:fd:4c:33:a6:
7d:45:ce:18:f1:2f:a0:62:53:9c:4c:a1:cf:29:8d:cc:b6:ed:
bd:8c:72:b6:a6:e9:83:e3:5a:c9:83:c0:85:a6:86:d2:96:aa:
15:66:26:65:fb:8c:06:b2:66:94:19:29:f2:d9:ee:62:1e:6e:
63:e9:9c:48:f6:db:4f:9c:9a:53:1d:2f:a3:33:25:4d:be:d2:
9d:70:a7:da
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY2dyXP0fJh7l1zd1wR+jap7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2NiMjBjNWNhN2M0ZWQ4ZTQyMDc4YjFhNjcyODdhMGQ5
OTFjZWMwHhcNMjQwMjEyMTQ0NzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODczMGRjY2U5MDI2YjUyOTMwZWYxZTU0MjAxMDI1NTNiNzNkNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZCiqIyVeB/HWeRPS4jca3Y8uHMg
CMzY9IpdUK82kIUiWOn89vbExp3ceD2ZE9sQ9FxRR4pUDmoF9uvglfh5zRiSE8gE
Qdh02L4pQHIHWlCNISkc7HGCCucHkDH7Blfq9aXUVP+IosJZXxK+aTCRqCNFDWy1
gS1sJVcDbbhE8NPG8/9qHSnpbxXf5U4dtz1ce7arMjdzMq3cbQrY+GTJmvgHZf9w
2DNGJXqtCySw/zGIsbyZeh4rRkOgY6VnEFA4Sytp+E+RDFMQdu6gXZH8xK4MDEmE
ezpCaphBXZ1KMeTUagaGdr8TRaohmtp4Rm79WyPWTzQkJU3Bn8qjLerxcwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFLhzDczpAmtSkw7x5UIBAlU7c9dBMB8GA1UdIwQY
MBaAFNw8sgxcp8TtjkIHixpnKHoNmRzsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0R5eURGeW54TzJPUWdlTEdtY29lZzJaSE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hODVmM2QtNjVhMi00ZjZjLTljYjkt
ODI2NjBlZTRlYWM0LzEvdUhNTnpPa0NhMUtURHZIbFFnRUNWVHR6MTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hODVmM2QtNjVhMi00ZjZjLTljYjktODI2NjBlZTRlYWM0
LzEvM0R5eURGeW54TzJPUWdlTEdtY29lZzJaSE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCWS5YAwQB
uRLGAwQCuRd0MAwDBAC5LUkDBAK5LUgDBAK5RGwDBAK5XPQDBAK5sZgDBALUP2wD
BAHZlIowDQQCAAIwBwMFACoD9sAwDQYJKoZIhvcNAQELBQADggEBADm5PS/mqB9z
A4CYGc80ZrfxXcUbcJ2rjrWoPjXlKekKxA0wFrSO0WVO+Xr9mL9IoNiaj508L9es
ocQvrcSIXYa+M/hiodML0qCBtWx8ATnbcX9euyr9xs0pmrOyCPD8groAr2AfHcU3
OnBB7QYSW7cDNk5yCF0gifVe4amkwwprHY/wwVj6p8mLWrevyP9ZxNcrdYjJgwNU
cVj4MZlkIAWhDRD+lY7O380Z/2wopoZq/Uwzpn1FzhjxL6BiU5xMoc8pjcy27b2M
cram6YPjWsmDwIWmhtKWqhVmJmX7jAayZpQZKfLZ7mIebmPpnEj220+cmlMdL6Mz
JU2+0p1wp9o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:48:27 2024 by rpki-client on console-ams.rpki-client.org