Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dIFYjB2YIwAsV3AtZf9PJtXTu60.roa
File: dIFYjB2YIwAsV3AtZf9PJtXTu60.roa (raw, json)
Hash identifier: 0RIGDd0XBGmIV94pEaBMTnmHLvRSAHmWmmAb4V3aLEM=
Subject key identifier: 74:81:58:8C:1D:98:23:00:2C:57:70:2D:65:FF:4F:26:D5:D3:BB:AD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01934E8C312DF780834AE47603B1E32DAD14
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dIFYjB2YIwAsV3AtZf9PJtXTu60.roa
Signing time: Thu 21 Nov 2024 11:47:10 +0000
ROA not before: Thu 21 Nov 2024 11:47:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58057
IP address blocks: 45.12.68.0/22 maxlen: 24
45.136.136.0/22 maxlen: 24
93.88.200.0/21 maxlen: 24
94.177.122.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4e:8c:31:2d:f7:80:83:4a:e4:76:03:b1:e3:2d:ad:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 21 11:47:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7481588c1d9823002c57702d65ff4f26d5d3bbad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:05:05:28:6e:0b:52:1b:69:7e:ce:f4:8f:51:
b5:9b:69:a7:a7:13:09:b9:18:6f:72:1e:0b:b4:e7:
67:7e:1d:4a:28:cc:e5:2f:39:e0:01:cd:a7:23:f3:
28:1a:6f:a4:10:99:86:ae:27:99:e6:5b:c0:fc:3e:
71:dd:61:e8:b1:25:18:c4:b7:58:58:f7:cb:a4:74:
23:b3:7a:85:c6:9c:ce:ce:0e:23:f1:7e:a5:58:62:
17:c1:c7:58:c0:f5:08:e7:66:8c:8a:de:95:b0:ce:
df:0b:0c:71:1e:03:d8:23:4e:1a:b1:1e:83:ae:e5:
ce:89:86:f7:7c:33:bb:38:c8:48:03:70:86:c3:71:
19:5b:7b:b5:bb:fc:54:b7:a2:ed:9a:9f:60:c7:75:
14:24:da:a3:b8:26:8d:53:9c:50:b6:08:e5:18:ef:
74:51:2b:56:ef:f6:8e:8a:3a:11:71:f1:07:43:45:
4e:41:a8:9e:03:19:56:fe:29:16:53:a8:66:fe:8e:
3a:80:6b:67:3e:e8:4c:80:c5:e8:e1:85:84:1c:01:
8d:45:c6:44:3b:9d:2c:5b:d7:91:e9:54:25:8f:76:
c2:cb:33:d8:57:e5:ba:63:57:d0:e3:3e:56:b5:90:
d6:9f:7a:a2:20:bc:30:2d:13:19:da:52:4d:77:9d:
52:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:81:58:8C:1D:98:23:00:2C:57:70:2D:65:FF:4F:26:D5:D3:BB:AD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dIFYjB2YIwAsV3AtZf9PJtXTu60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/22
45.136.136.0/22
93.88.200.0/21
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
43:d7:14:03:81:f7:7d:3d:74:05:dc:73:52:0c:79:4d:7d:0a:
e6:5c:39:61:f6:0d:89:ba:a1:6a:97:b8:77:3e:bf:ae:b6:d1:
ac:17:eb:e9:4c:ba:16:e7:51:a8:de:3f:e8:b5:90:ff:bd:d9:
d6:a4:bb:58:4f:24:f0:f8:d6:47:93:2c:9c:e6:dc:a2:ba:d2:
e3:56:b6:b1:bf:09:68:da:cc:32:10:ea:5d:b0:e5:f0:b4:60:
9e:b6:e8:b3:51:ff:4f:f2:ae:ba:73:77:64:f6:64:1b:56:81:
1a:2e:9b:7f:62:45:21:af:fa:10:3d:1b:ca:9d:e8:3c:4f:09:
f9:04:85:f3:c7:56:17:95:1e:3b:cf:c8:4e:01:2c:09:56:8b:
6a:f4:52:f7:f5:0e:67:1e:7b:21:59:34:81:92:5d:be:68:11:
ec:75:b8:b2:be:ec:e0:6d:c0:9a:be:5c:c3:f2:9e:39:f9:83:
46:5c:ea:86:c9:1b:9e:fd:23:90:3d:14:e5:85:e6:13:ff:38:
e8:67:bf:01:de:35:35:ec:e4:3b:81:d2:f1:85:e1:d7:e0:4e:
c5:0d:92:fe:55:22:44:eb:b9:76:85:f9:d6:a0:f7:eb:9b:1b:
da:a0:a4:a1:df:cf:8b:7b:12:58:fc:d3:75:69:6b:53:f8:34:
09:a0:c4:d4
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZNOjDEt94CDSuR2A7HjLa0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMTIxMTE0NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDgxNTg4YzFkOTgyMzAwMmM1NzcwMmQ2NWZmNGYyNmQ1ZDNiYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQUFKG4LUhtpfs70j1G1m2mnpxMJ
uRhvch4LtOdnfh1KKMzlLzngAc2nI/MoGm+kEJmGrieZ5lvA/D5x3WHosSUYxLdY
WPfLpHQjs3qFxpzOzg4j8X6lWGIXwcdYwPUI52aMit6VsM7fCwxxHgPYI04asR6D
ruXOiYb3fDO7OMhIA3CGw3EZW3u1u/xUt6Ltmp9gx3UUJNqjuCaNU5xQtgjlGO90
UStW7/aOijoRcfEHQ0VOQaieAxlW/ikWU6hm/o46gGtnPuhMgMXo4YWEHAGNRcZE
O50sW9eR6VQlj3bCyzPYV+W6Y1fQ4z5WtZDWn3qiILwwLRMZ2lJNd51SVQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFHSBWIwdmCMALFdwLWX/TybV07utMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZElGWWpCMllJd0FzVjNBdFpmOVBKdFhUdTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjBCBAIAATA8AwQC
LQxEAwQCLYiIAwQDXVjIAwQAXrF6AwQCixxgAwQAueh1AwQBwSFeAwQAwaNWAwQA
wjJcAwQAwjJeMIHPBAIAAjCByDAQAwcAKgTMwP//AwUBKgTMwDAOAwUAKgTMwwMF
AyoEzMADBQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMHBCoOl8AB0AMHBCoOl8ACYAMG
ACoOl8ECAwcEKg6XwwEQAwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6x
BxeGAwcDKg6xByHAAwcEKg6xByIgAwcAKg/kBAECAwcAKhAvAAGNAwcAKhAvAAGP
AwcAKhAvAAGTAwcEKhDMQAJQAwcEKhDMRQEwMA0GCSqGSIb3DQEBCwUAA4IBAQBD
1xQDgfd9PXQF3HNSDHlNfQrmXDlh9g2JuqFql7h3Pr+uttGsF+vpTLoW51Go3j/o
tZD/vdnWpLtYTyTw+NZHkyyc5tyiutLjVraxvwlo2swyEOpdsOXwtGCetuizUf9P
8q66c3dk9mQbVoEaLpt/YkUhr/oQPRvKneg8Twn5BIXzx1YXlR47z8hOASwJVotq
9FL39Q5nHnshWTSBkl2+aBHsdbiyvuzgbcCavlzD8p45+YNGXOqGyRue/SOQPRTl
heYT/zjoZ78B3jU17OQ7gdLxheHX4E7FDZL+VSJE67l2hfnWoPfrmxvaoKSh38+L
exJY/NN1aWtT+DQJoMTU
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:57 2024 by rpki-client on console-ams.rpki-client.org