Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/3IvwZQtmrsCjl8Rtbv4N6XGscls.roa
File: 3IvwZQtmrsCjl8Rtbv4N6XGscls.roa (raw, json)
Hash identifier: zfR4S3qnZMcaTowLHaiNWbnbIX76wfbyA2+mYttjxAQ=
Subject key identifier: DC:8B:F0:65:0B:66:AE:C0:A3:97:C4:6D:6E:FE:0D:E9:71:AC:72:5B
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018E4653DD23EB89D730DA4084D40F956DBC
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/3IvwZQtmrsCjl8Rtbv4N6XGscls.roa
Signing time: Sat 16 Mar 2024 08:14:44 +0000
ROA not before: Sat 16 Mar 2024 08:14:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48359
IP address blocks: 45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
89.44.242.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
185.239.1.0/24 maxlen: 24
188.212.99.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:46:53:dd:23:eb:89:d7:30:da:40:84:d4:0f:95:6d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Mar 16 08:14:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc8bf0650b66aec0a397c46d6efe0de971ac725b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fb:94:2a:3d:d7:32:36:02:7a:23:50:34:8c:
c1:2f:fa:ba:a8:61:7e:ff:28:15:d2:2e:a9:38:c1:
93:f8:c6:7f:32:75:17:f8:41:a9:bf:0f:87:26:71:
a5:64:e2:48:80:7e:b0:0c:00:53:2d:ef:7c:74:33:
25:20:94:cc:16:ae:f1:ef:09:49:39:c0:2f:81:34:
c1:9c:7e:ce:bd:6e:a9:fe:01:d8:8b:36:81:71:62:
46:77:6f:9e:63:99:e7:57:22:a8:43:42:0b:3c:62:
35:af:c0:00:e4:38:38:48:48:dc:39:1b:7b:a1:98:
2a:46:25:8b:d4:2e:86:48:35:34:50:f6:04:2d:6b:
e7:e8:7d:10:9c:72:53:1e:e6:32:fc:b4:db:c3:f1:
9b:fa:90:6f:ba:55:22:68:9d:57:f6:ce:b9:98:fa:
72:5a:fc:23:f4:dd:de:fd:c9:32:0c:39:2f:87:3d:
71:b9:19:85:e8:48:1d:d9:f3:55:b1:eb:b4:50:9b:
95:56:f5:dc:b6:c2:f9:47:be:68:d6:66:41:ca:d6:
3a:cd:45:4f:2e:d7:07:e0:38:14:33:a7:87:25:14:
ba:15:cb:09:0e:d1:3e:d7:c5:b4:bf:0d:d6:04:b0:
b2:99:29:14:e7:0b:bc:77:37:2c:0a:c7:b2:9c:83:
cd:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8B:F0:65:0B:66:AE:C0:A3:97:C4:6D:6E:FE:0D:E9:71:AC:72:5B
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/3IvwZQtmrsCjl8Rtbv4N6XGscls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/23
89.42.44.0/22
89.44.240.0-89.44.242.255
89.46.217.0/24
185.3.200.0/24
185.239.1.0/24
188.212.99.0/24
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
16:cb:dc:b4:10:7d:84:b7:e4:39:d9:ff:a6:22:ce:3f:98:b6:
2a:4e:00:f1:ae:94:4d:d8:5b:40:4e:bd:00:95:62:1b:78:e0:
b7:87:1b:f8:ec:b7:b8:4e:c5:35:9e:e3:e5:e3:bb:a3:77:b1:
5f:72:69:13:1d:10:94:49:f5:63:e3:0c:35:86:99:08:e9:dd:
44:f5:2a:0f:81:f9:6f:90:d1:68:40:76:0d:a6:29:65:db:8e:
e7:84:10:dd:e3:1a:fe:66:98:84:64:ec:36:04:20:43:a7:a8:
5d:64:1d:66:57:45:11:45:c4:f2:cf:56:38:29:5a:0c:c5:c2:
e3:02:d2:89:45:bc:f2:9c:a0:98:ee:2a:22:a0:5e:7b:e6:11:
f1:1e:2d:0d:b5:24:ce:bf:d0:39:58:ee:c6:89:0e:90:84:53:
5a:ed:58:12:04:b9:7c:03:6d:55:a5:40:f9:bc:f4:c1:ed:bd:
da:38:67:16:40:a0:02:36:cb:11:28:44:76:cf:74:2a:f7:a0:
49:25:46:a3:a6:41:b1:0b:bf:58:8a:eb:79:b7:06:70:83:71:
cc:57:2d:6d:1c:7c:ed:c3:e1:11:83:9f:95:ab:c3:41:79:fa:
8d:8d:2d:99:41:43:4a:1e:1e:b0:3a:f2:c7:b8:26:d4:76:42:
d1:85:95:a5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY5GU90j64nXMNpAhNQPlW28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMzE2MDgxNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzhiZjA2NTBiNjZhZWMwYTM5N2M0NmQ2ZWZlMGRlOTcxYWM3MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfuUKj3XMjYCeiNQNIzBL/q6qGF+
/ygV0i6pOMGT+MZ/MnUX+EGpvw+HJnGlZOJIgH6wDABTLe98dDMlIJTMFq7x7wlJ
OcAvgTTBnH7OvW6p/gHYizaBcWJGd2+eY5nnVyKoQ0ILPGI1r8AA5Dg4SEjcORt7
oZgqRiWL1C6GSDU0UPYELWvn6H0QnHJTHuYy/LTbw/Gb+pBvulUiaJ1X9s65mPpy
Wvwj9N3e/ckyDDkvhz1xuRmF6Egd2fNVseu0UJuVVvXctsL5R75o1mZBytY6zUVP
LtcH4DgUM6eHJRS6FcsJDtE+18W0vw3WBLCymSkU5wu8dzcsCseynIPNOQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNyL8GULZq7Ao5fEbW7+DelxrHJbMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvM0l2d1pRdG1yc0NqbDhSdGJ2NE42WEdzY2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBLV7WAwQC
WSosMAwDBARZLPADBABZLPIDBABZLtkDBAC5A8gDBAC57wEDBAC81GMDBAC88MQw
DQYJKoZIhvcNAQELBQADggEBABbL3LQQfYS35DnZ/6Yizj+YtipOAPGulE3YW0BO
vQCVYht44LeHG/jst7hOxTWe4+Xju6N3sV9yaRMdEJRJ9WPjDDWGmQjp3UT1Kg+B
+W+Q0WhAdg2mKWXbjueEEN3jGv5mmIRk7DYEIEOnqF1kHWZXRRFFxPLPVjgpWgzF
wuMC0olFvPKcoJjuKiKgXnvmEfEeLQ21JM6/0DlY7saJDpCEU1rtWBIEuXwDbVWl
QPm89MHtvdo4ZxZAoAI2yxEoRHbPdCr3oEklRqOmQbELv1iK63m3BnCDccxXLW0c
fO3D4RGDn5Wrw0F5+o2NLZlBQ0oeHrA68se4JtR2QtGFlaU=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:54:05 2024 by rpki-client on console-fra.rpki-client.org