Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/0cOxRLzYICRp3glDHwvSQq-lKLY.roa
File: 0cOxRLzYICRp3glDHwvSQq-lKLY.roa (raw, json)
Hash identifier: 6witLmBAU9xsIARu+Mk59kF9cLkMRxIRK7GrUkUu0Zk=
Subject key identifier: D1:C3:B1:44:BC:D8:20:24:69:DE:09:43:1F:0B:D2:42:AF:A5:28:B6
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 019044BF6D5330F4D68A2539AAB692048615
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/0cOxRLzYICRp3glDHwvSQq-lKLY.roa
Signing time: Sun 23 Jun 2024 10:58:34 +0000
ROA not before: Sun 23 Jun 2024 10:58:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208555
IP address blocks: 45.129.36.0/22 maxlen: 22
45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/23 maxlen: 23
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
185.53.140.0/22 maxlen: 24
185.53.140.0/23 maxlen: 23
185.53.140.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/23 maxlen: 23
185.53.142.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
185.126.202.0/24 maxlen: 24
2a0a:2fc4::/64 maxlen: 64
2a0e:4a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 30 Jun 2024 10:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:44:bf:6d:53:30:f4:d6:8a:25:39:aa:b6:92:04:86:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Jun 23 10:58:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1c3b144bcd8202469de09431f0bd242afa528b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b3:05:61:8f:bc:6a:20:19:72:4b:28:cc:3a:
0d:9a:18:c7:bc:bc:dc:69:f2:be:81:b4:0e:09:25:
2d:3e:72:74:43:9f:fb:2d:82:22:51:26:06:a1:0c:
3f:ea:13:d6:6b:7a:40:9f:20:ea:3e:60:8d:52:a7:
f7:c3:1f:d4:6a:39:c0:2c:5c:18:0f:19:bf:5c:24:
e5:e3:d2:c1:b8:c7:7e:8c:6d:26:09:f1:a8:e5:33:
8e:11:54:d9:d9:5b:d4:62:fb:84:d1:42:36:a1:c6:
ac:88:02:74:71:4e:4e:7b:ee:d9:39:85:19:fe:c5:
bc:40:5e:5b:b3:53:af:7d:25:f9:8e:1f:60:d1:04:
f9:1a:2a:07:6b:26:d4:c4:73:20:27:96:f2:d7:9c:
2d:0b:6a:f7:5e:95:ca:98:23:e2:b9:bf:6a:43:b9:
8b:a5:3f:81:6f:9e:f6:fc:ce:63:5c:5c:b9:e5:77:
bb:9f:9d:a4:62:89:da:2f:fe:1f:17:96:04:d8:68:
1e:e0:1b:6c:1c:d8:cd:84:f0:be:83:e1:31:7b:6f:
88:5b:fe:e5:19:1e:ee:0e:17:5f:d2:c1:35:19:d1:
02:fd:96:2f:5c:2a:77:d7:cd:61:a0:24:68:53:39:
c2:91:5f:8a:65:f9:e5:4b:85:21:9e:7e:06:3b:75:
2a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C3:B1:44:BC:D8:20:24:69:DE:09:43:1F:0B:D2:42:AF:A5:28:B6
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/0cOxRLzYICRp3glDHwvSQq-lKLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.140.0/22
185.126.202.0/24
IPv6:
2a0a:2fc4::/64
2a0e:4a40::/29
Signature Algorithm: sha256WithRSAEncryption
5b:dd:12:a2:5e:2b:e2:d9:0d:34:9d:40:20:9c:98:aa:af:fe:
fe:0c:3f:92:3b:f7:35:27:52:5d:01:5a:2a:d5:f6:1f:f1:4f:
18:11:34:2f:88:3e:48:61:81:ec:fb:bc:48:66:bb:fd:e9:a8:
95:9d:06:84:17:9c:1b:47:ee:6d:d9:f3:5b:71:4c:26:1f:58:
c5:b2:63:68:59:1e:03:71:37:db:c7:22:eb:75:09:4b:0b:92:
5e:40:af:6e:40:07:d8:7a:02:1b:19:b3:0e:b0:26:2d:59:53:
39:26:7e:f6:89:e2:30:28:0c:05:a7:e6:00:06:af:ee:1e:96:
fd:12:43:b9:2f:d9:56:95:0e:a7:38:dd:10:c0:b8:48:55:fc:
e9:9e:7c:51:06:e6:88:90:28:7b:38:f4:b3:4d:45:cf:e0:b0:
20:e6:fb:38:55:69:86:ae:17:ba:6e:c1:aa:11:c4:9f:3c:45:
d5:f4:e0:48:7b:60:92:56:84:56:eb:a4:36:4f:66:87:4b:11:
de:61:06:c4:56:6a:67:75:2a:4f:0d:1b:ca:c3:52:6d:8b:6d:
2a:a6:e8:07:f1:21:8a:43:1f:fe:4d:a2:41:a1:06:a3:ed:15:
ef:39:db:26:69:53:56:df:56:ce:46:8c:52:9e:22:30:d6:ef:
9a:51:dc:21
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZBEv21TMPTWiiU5qraSBIYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjQwNjIzMTA1ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMzYjE0NGJjZDgyMDI0NjlkZTA5NDMxZjBiZDI0MmFmYTUyOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprMFYY+8aiAZcksozDoNmhjHvLzc
afK+gbQOCSUtPnJ0Q5/7LYIiUSYGoQw/6hPWa3pAnyDqPmCNUqf3wx/UajnALFwY
Dxm/XCTl49LBuMd+jG0mCfGo5TOOEVTZ2VvUYvuE0UI2ocasiAJ0cU5Oe+7ZOYUZ
/sW8QF5bs1OvfSX5jh9g0QT5GioHaybUxHMgJ5by15wtC2r3XpXKmCPiub9qQ7mL
pT+Bb572/M5jXFy55Xe7n52kYonaL/4fF5YE2Gge4BtsHNjNhPC+g+Exe2+IW/7l
GR7uDhdf0sE1GdEC/ZYvXCp3181hoCRoUznCkV+KZfnlS4Uhnn4GO3UqwQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNHDsUS82CAkad4JQx8L0kKvpSi2MB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvMGNPeFJMellJQ1JwM2dsREh3dlNRcS1sS0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCLYEkAwQC
uTWMAwQAuX7KMBgEAgACMBIDCQAqCi/EAAAAAAMFAyoOSkAwDQYJKoZIhvcNAQEL
BQADggEBAFvdEqJeK+LZDTSdQCCcmKqv/v4MP5I79zUnUl0BWirV9h/xTxgRNC+I
Pkhhgez7vEhmu/3pqJWdBoQXnBtH7m3Z81txTCYfWMWyY2hZHgNxN9vHIut1CUsL
kl5Ar25AB9h6AhsZsw6wJi1ZUzkmfvaJ4jAoDAWn5gAGr+4elv0SQ7kv2VaVDqc4
3RDAuEhV/OmefFEG5oiQKHs49LNNRc/gsCDm+zhVaYauF7puwaoRxJ88RdX04Eh7
YJJWhFbrpDZPZodLEd5hBsRWamd1Kk8NG8rDUm2LbSqm6AfxIYpDH/5NokGhBqPt
Fe852yZpU1bfVs5GjFKeIjDW75pR3CE=
-----END CERTIFICATE-----
Generated at Sat Jun 29 13:01:28 2024 by rpki-client on console-ams.rpki-client.org