Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/aP1DvXKE9ZUimpGTBFs_V0NpIN0.roa
File: aP1DvXKE9ZUimpGTBFs_V0NpIN0.roa (raw, json)
Hash identifier: aGzjLjBHJu6T8kFuHFOIMYfMTarItKhfMk/DWdFZ3Ko=
Subject key identifier: 68:FD:43:BD:72:84:F5:95:22:9A:91:93:04:5B:3F:57:43:69:20:DD
Certificate issuer: /CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Certificate serial: 0191FE6308AE753B21CA403B8DF359638F96
Authority key identifier: 98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/aP1DvXKE9ZUimpGTBFs_V0NpIN0.roa
Signing time: Tue 17 Sep 2024 05:09:48 +0000
ROA not before: Tue 17 Sep 2024 05:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.131.228.0/22 maxlen: 24
45.139.228.0/24 maxlen: 24
45.139.230.0/24 maxlen: 24
62.3.60.0/24 maxlen: 24
62.233.52.0/24 maxlen: 24
146.19.123.0/24 maxlen: 24
176.116.11.0/24 maxlen: 24
194.104.239.0/24 maxlen: 24
212.18.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/mGihmSu4A33egdDIzcBpX87hfCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/mGihmSu4A33egdDIzcBpX87hfCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fe:63:08:ae:75:3b:21:ca:40:3b:8d:f3:59:63:8f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Validity
Not Before: Sep 17 05:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68fd43bd7284f595229a9193045b3f57436920dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3e:89:f0:d6:e0:5c:72:c8:b9:a7:ab:ee:5b:
d4:41:8b:db:79:0f:2c:12:c4:73:65:b1:a5:09:dd:
83:5c:ec:e5:94:34:1a:d8:7c:a4:48:6f:13:38:d1:
9d:1a:ce:81:86:76:66:93:82:76:63:e5:d3:f2:c8:
45:e0:0a:0f:9e:5d:be:e7:d0:f4:16:2e:cd:d7:c4:
a0:07:62:d4:26:68:5e:d6:b2:6d:d9:5c:72:d2:d4:
91:64:24:0d:7b:b7:48:84:85:66:1d:88:41:e2:51:
ad:88:8c:e9:40:63:ae:13:68:d3:bb:fc:be:2f:16:
ea:10:2d:2b:53:48:96:41:b7:f6:8e:96:8c:5d:26:
0b:71:a2:a4:db:a4:10:d9:1a:2b:d7:cd:0e:cd:34:
81:f4:74:13:67:21:f4:ba:25:d1:73:e3:e1:f8:a0:
25:0a:48:bf:ee:1f:d3:c5:a0:6d:9c:a6:22:72:22:
5b:91:00:62:02:df:b9:9a:b4:d1:b8:7a:53:93:02:
33:84:8e:d8:1e:ac:62:7f:78:4f:57:8f:76:b8:f7:
c4:44:01:4e:63:8e:b4:79:86:8f:59:3e:b0:d4:3e:
36:6e:74:aa:a6:87:2c:b1:4f:80:b5:47:64:c9:0e:
66:49:9e:e3:ab:c9:76:e0:85:5c:4f:34:f3:91:9e:
de:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FD:43:BD:72:84:F5:95:22:9A:91:93:04:5B:3F:57:43:69:20:DD
X509v3 Authority Key Identifier:
keyid:98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/aP1DvXKE9ZUimpGTBFs_V0NpIN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/mGihmSu4A33egdDIzcBpX87hfCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.228.0/22
45.139.228.0/24
45.139.230.0/24
62.3.60.0/24
62.233.52.0/24
146.19.123.0/24
176.116.11.0/24
194.104.239.0/24
212.18.124.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:08:b1:43:76:c8:1f:2c:a4:6b:68:c8:85:90:b2:9f:34:95:
38:6b:b9:bf:9e:9c:f3:63:bf:ca:99:a1:d3:23:f6:6f:04:b0:
66:08:a1:fc:31:17:d5:c2:3c:85:6c:bf:25:ea:2c:bb:25:2b:
06:69:ae:41:6d:f5:b9:99:b6:f9:7d:6b:4c:68:9d:d0:48:1e:
e7:6b:8b:34:bf:ed:a1:66:41:e5:33:bc:2e:13:11:d8:29:88:
d2:4e:bf:9b:99:7c:c0:c9:f0:74:c6:06:0e:8c:aa:08:a7:09:
e4:c0:51:2c:78:22:d9:1b:d2:4a:44:32:94:1c:64:3d:d5:66:
7c:62:e2:2e:d8:e7:52:30:3a:85:88:b0:ac:7c:cf:70:40:8e:
ed:ed:7e:4b:ba:73:0e:b1:7c:bc:d8:3b:c1:66:6f:22:00:8f:
98:fa:2e:db:16:d6:85:57:da:eb:8b:7b:77:57:b8:fb:e8:6d:
c2:2f:32:c5:5a:9c:69:3b:bb:a3:7f:5d:30:0a:89:1f:77:77:
b8:be:d7:f0:97:e1:ed:8b:da:b2:79:ad:b6:35:15:41:c7:a9:
b5:a4:1c:a9:7b:8e:30:fa:4e:6c:0d:14:df:1a:db:08:b3:a6:
ff:06:34:7d:68:d1:4a:3d:d2:43:72:fe:cb:4a:ab:f2:38:2d:
da:37:05:cc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZH+YwiudTshykA7jfNZY4+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjhhMTk5MmJiODAzN2RkZTgxZDBjOGNkYzA2OTVmY2Vl
MTdjMjcwHhcNMjQwOTE3MDUwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZkNDNiZDcyODRmNTk1MjI5YTkxOTMwNDViM2Y1NzQzNjkyMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj6J8NbgXHLIuaer7lvUQYvbeQ8s
EsRzZbGlCd2DXOzllDQa2HykSG8TONGdGs6BhnZmk4J2Y+XT8shF4AoPnl2+59D0
Fi7N18SgB2LUJmhe1rJt2Vxy0tSRZCQNe7dIhIVmHYhB4lGtiIzpQGOuE2jTu/y+
LxbqEC0rU0iWQbf2jpaMXSYLcaKk26QQ2Ror180OzTSB9HQTZyH0uiXRc+Ph+KAl
Cki/7h/TxaBtnKYiciJbkQBiAt+5mrTRuHpTkwIzhI7YHqxif3hPV492uPfERAFO
Y460eYaPWT6w1D42bnSqpocssU+AtUdkyQ5mSZ7jq8l24IVcTzTzkZ7ePQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGj9Q71yhPWVIpqRkwRbP1dDaSDdMB8GA1UdIwQY
MBaAFJhooZkruAN93oHQyM3AaV/O4XwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2It
ZDc4ZDU2MzFkN2Y2LzEvYVAxRHZYS0U5WlVpbXBHVEJGc19WME5wSU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2ItZDc4ZDU2MzFkN2Y2
LzEvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLYPkAwQA
LYvkAwQALYvmAwQAPgM8AwQAPuk0AwQAkhN7AwQAsHQLAwQAwmjvAwQA1BJ8MA0G
CSqGSIb3DQEBCwUAA4IBAQA/CLFDdsgfLKRraMiFkLKfNJU4a7m/npzzY7/KmaHT
I/ZvBLBmCKH8MRfVwjyFbL8l6iy7JSsGaa5BbfW5mbb5fWtMaJ3QSB7na4s0v+2h
ZkHlM7wuExHYKYjSTr+bmXzAyfB0xgYOjKoIpwnkwFEseCLZG9JKRDKUHGQ91WZ8
YuIu2OdSMDqFiLCsfM9wQI7t7X5LunMOsXy82DvBZm8iAI+Y+i7bFtaFV9rri3t3
V7j76G3CLzLFWpxpO7ujf10wCokfd3e4vtfwl+Hti9qyea22NRVBx6m1pBype44w
+k5sDRTfGtsIs6b/BjR9aNFKPdJDcv7LSqvyOC3aNwXM
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:29:18 2024 by rpki-client on console-ams.rpki-client.org