Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/2Arxz2tvbeiF6rVnXyGF2TXttJE.roa
File: 2Arxz2tvbeiF6rVnXyGF2TXttJE.roa (raw, json)
Hash identifier: L3wvaIEQs48R5U/l9Vu91jBeZPOS04RDCO0fKrnNbKs=
Subject key identifier: D8:0A:F1:CF:6B:6F:6D:E8:85:EA:B5:67:5F:21:85:D9:35:ED:B4:91
Certificate issuer: /CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Certificate serial: 019344D176867A5654F96E5323C80AB3B16A
Authority key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/2Arxz2tvbeiF6rVnXyGF2TXttJE.roa
Signing time: Tue 19 Nov 2024 14:26:38 +0000
ROA not before: Tue 19 Nov 2024 14:26:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.136.104.0/24 maxlen: 24
45.136.105.0/24 maxlen: 24
45.136.106.0/24 maxlen: 24
45.136.107.0/24 maxlen: 24
185.26.144.0/24 maxlen: 24
185.26.145.0/24 maxlen: 24
185.26.146.0/24 maxlen: 24
185.26.147.0/24 maxlen: 24
185.126.176.0/24 maxlen: 24
185.126.177.0/24 maxlen: 24
185.126.178.0/24 maxlen: 24
185.126.179.0/24 maxlen: 24
185.153.228.0/24 maxlen: 24
185.153.229.0/24 maxlen: 24
185.153.230.0/24 maxlen: 24
185.153.231.0/24 maxlen: 24
185.162.144.0/24 maxlen: 24
185.162.147.0/24 maxlen: 24
185.171.24.0/24 maxlen: 24
185.171.25.0/24 maxlen: 24
185.171.26.0/24 maxlen: 24
185.171.27.0/24 maxlen: 24
185.247.136.0/24 maxlen: 24
185.247.137.0/24 maxlen: 24
185.247.138.0/24 maxlen: 24
185.247.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:d1:76:86:7a:56:54:f9:6e:53:23:c8:0a:b3:b1:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Validity
Not Before: Nov 19 14:26:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d80af1cf6b6f6de885eab5675f2185d935edb491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fd:66:ff:a1:98:e7:fa:f4:b6:61:a3:16:17:
66:7d:bf:be:48:d3:bb:7f:03:c6:3c:c9:56:3d:1f:
78:1a:f3:25:c8:5f:26:38:3b:ab:08:b4:52:e1:15:
1c:a8:0d:c4:28:44:3f:85:49:c8:34:80:67:01:23:
71:53:92:bc:3e:04:c8:fd:30:20:15:f5:dc:c1:69:
0f:8c:20:d9:bc:24:e4:a0:bc:35:8d:5d:9d:9a:fe:
70:58:81:0f:cc:e2:1c:d9:5b:d2:04:9c:70:44:b1:
2b:79:f9:a5:db:75:e5:b5:da:cb:95:3c:0b:75:6e:
0e:d4:58:7b:36:c0:fa:0e:25:7f:03:e6:ee:21:d4:
2b:5e:89:eb:d3:e0:5b:4a:df:96:b9:f1:6c:08:10:
21:c8:91:a9:58:46:59:40:f1:ce:16:b1:d5:f4:58:
32:55:60:f4:3c:78:f5:79:48:c4:74:cf:4d:c6:d5:
3b:09:63:44:aa:f1:fd:19:c5:cf:d6:f1:62:80:f2:
25:09:09:48:c3:70:31:4c:71:cf:4b:73:01:5c:bf:
2d:e7:8c:50:80:ac:7f:b4:7f:d6:09:f2:59:27:0b:
cb:21:8f:db:37:a3:b6:a3:2b:72:50:10:91:77:12:
58:f7:ba:0e:9a:0e:07:f7:84:83:ce:1a:55:8d:48:
be:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0A:F1:CF:6B:6F:6D:E8:85:EA:B5:67:5F:21:85:D9:35:ED:B4:91
X509v3 Authority Key Identifier:
keyid:F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/2Arxz2tvbeiF6rVnXyGF2TXttJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.104.0/22
185.26.144.0/22
185.126.176.0/22
185.153.228.0/22
185.162.144.0/24
185.162.147.0/24
185.171.24.0/22
185.247.136.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:14:cb:af:8d:e5:b7:da:e1:3f:6a:e1:c4:9c:19:71:27:c7:
7b:16:ec:2a:48:1a:e2:22:98:eb:6b:49:31:83:8d:86:33:8f:
39:95:07:9f:9e:5c:82:22:00:ff:16:64:6c:60:14:4b:5b:b6:
bf:a7:52:9b:73:d2:fe:cb:0c:a4:8e:3d:26:17:74:b3:67:3c:
c9:a7:8d:e6:d8:55:85:cf:75:8d:31:a5:39:c7:fc:35:1a:bc:
37:47:cc:fa:f0:98:18:4d:c5:1f:f7:c3:61:21:40:e4:78:67:
66:61:38:ff:a3:55:d7:76:2b:f1:58:01:5d:ca:be:7e:c9:55:
30:c5:59:a1:08:c8:67:c0:45:0a:5c:17:44:72:bf:4f:e8:32:
7a:5e:fe:c1:b0:4c:7d:46:fa:05:1f:6f:a3:3e:65:80:21:ae:
36:82:1b:cb:cc:51:b3:07:17:3d:37:c2:97:aa:27:64:c9:73:
94:bf:fa:2d:cb:de:30:57:e6:7e:94:2b:50:01:e3:74:a5:ce:
dd:69:13:81:ec:c9:df:e8:01:61:ab:61:3b:93:57:a2:b3:ba:
c2:05:b2:c8:68:8c:ef:af:4c:6c:c6:0e:93:38:68:55:42:18:
7f:62:4f:48:f4:25:76:f4:d5:79:f8:79:d2:9f:f4:39:67:a6:
c4:1f:73:9a
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZNE0XaGelZU+W5TI8gKs7FqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjAzYTBjMDRiODFmZTE3NjZmYTQxYmQzMWI3M2I1ODgx
ODhhYzcwHhcNMjQxMTE5MTQyNjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODBhZjFjZjZiNmY2ZGU4ODVlYWI1Njc1ZjIxODVkOTM1ZWRiNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3P1m/6GY5/r0tmGjFhdmfb++SNO7
fwPGPMlWPR94GvMlyF8mODurCLRS4RUcqA3EKEQ/hUnINIBnASNxU5K8PgTI/TAg
FfXcwWkPjCDZvCTkoLw1jV2dmv5wWIEPzOIc2VvSBJxwRLErefml23XltdrLlTwL
dW4O1Fh7NsD6DiV/A+buIdQrXonr0+BbSt+WufFsCBAhyJGpWEZZQPHOFrHV9Fgy
VWD0PHj1eUjEdM9NxtU7CWNEqvH9GcXP1vFigPIlCQlIw3AxTHHPS3MBXL8t54xQ
gKx/tH/WCfJZJwvLIY/bN6O2oytyUBCRdxJY97oOmg4H94SDzhpVjUi+dQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNgK8c9rb23oheq1Z18hhdk17bSRMB8GA1UdIwQY
MBaAFPggOgwEuB/hdm+kG9Mbc7WIGIrHMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DQTZEQVM0SC1GMmI2UWIweHR6dFlnWWlzYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNh
LTMzODk2MjBjMWJkNy8xLzJBcnh6MnR2YmVpRjZyVm5YeUdGMlRYdHRKRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNhLTMzODk2MjBjMWJk
Ny8xLzEtQ0E2REFTNEgtRjJiNlFiMHh0enRZZ1lpc2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAItiGgD
BAK5GpADBAK5frADBAK5meQDBAC5opADBAC5opMDBAK5qxgDBAK594gwDQYJKoZI
hvcNAQELBQADggEBAF4Uy6+N5bfa4T9q4cScGXEnx3sW7CpIGuIimOtrSTGDjYYz
jzmVB5+eXIIiAP8WZGxgFEtbtr+nUptz0v7LDKSOPSYXdLNnPMmnjebYVYXPdY0x
pTnH/DUavDdHzPrwmBhNxR/3w2EhQOR4Z2ZhOP+jVdd2K/FYAV3Kvn7JVTDFWaEI
yGfARQpcF0Ryv0/oMnpe/sGwTH1G+gUfb6M+ZYAhrjaCG8vMUbMHFz03wpeqJ2TJ
c5S/+i3L3jBX5n6UK1AB43Slzt1pE4Hsyd/oAWGrYTuTV6KzusIFsshojO+vTGzG
DpM4aFVCGH9iT0j0JXb01Xn4edKf9DlnpsQfc5o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:33:42 2024 by rpki-client on console-fra.rpki-client.org