Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/ded52LoAYwKexrcAnlp7M2jg8XQ.roa
File: ded52LoAYwKexrcAnlp7M2jg8XQ.roa (raw, json)
Hash identifier: 1gW2MSuREWT6vJIuPdPQhPJ1nwpb52pmaUYj3O7OR+g=
Subject key identifier: 75:E7:79:D8:BA:00:63:02:9E:C6:B7:00:9E:5A:7B:33:68:E0:F1:74
Certificate issuer: /CN=1349cceff4a48a3dab024067e1760dbf58650fda
Certificate serial: 018D87CCB1B23A1066A2E8827EDEAF136370
Authority key identifier: 13:49:CC:EF:F4:A4:8A:3D:AB:02:40:67:E1:76:0D:BF:58:65:0F:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E0nM7_Skij2rAkBn4XYNv1hlD9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/ded52LoAYwKexrcAnlp7M2jg8XQ.roa
Signing time: Thu 08 Feb 2024 08:19:15 +0000
ROA not before: Thu 08 Feb 2024 08:19:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209196
IP address blocks: 45.87.204.0/22 maxlen: 22
45.91.104.0/22 maxlen: 22
45.94.192.0/22 maxlen: 22
45.131.72.0/22 maxlen: 22
45.137.108.0/22 maxlen: 22
45.141.160.0/22 maxlen: 22
45.158.152.0/22 maxlen: 22
92.118.176.0/22 maxlen: 22
212.102.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/E0nM7_Skij2rAkBn4XYNv1hlD9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/E0nM7_Skij2rAkBn4XYNv1hlD9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/E0nM7_Skij2rAkBn4XYNv1hlD9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:cc:b1:b2:3a:10:66:a2:e8:82:7e:de:af:13:63:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1349cceff4a48a3dab024067e1760dbf58650fda
Validity
Not Before: Feb 8 08:19:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75e779d8ba0063029ec6b7009e5a7b3368e0f174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:df:db:5b:a6:c8:7a:4c:96:80:13:42:51:dd:
f3:13:b5:43:e6:ae:c5:69:85:11:8f:83:91:92:f1:
18:d0:37:e7:b2:a2:a4:01:2a:ed:e8:8d:96:bd:c1:
0a:3d:03:e3:3a:8d:e6:61:db:9a:d8:0f:ae:1e:4a:
b1:9f:47:21:d2:ca:a7:35:7a:3e:db:fb:fb:98:fb:
80:f3:ef:eb:c7:d7:53:ba:c4:7c:13:f6:df:33:a1:
dc:42:75:88:26:ce:70:e7:40:ee:c3:b6:df:c0:b9:
4e:f7:78:b5:a5:5f:84:58:d0:7e:86:4b:36:6b:a1:
28:b5:aa:1c:6a:bb:2b:ba:bf:95:0f:40:7b:95:81:
9f:3f:bf:a6:52:25:89:be:b6:88:8b:2e:18:10:86:
eb:ee:cf:2c:88:50:1c:81:b0:1b:ec:b7:32:4c:60:
41:62:60:b4:c7:06:b8:e6:34:44:b3:9d:84:9e:09:
b2:1d:3e:25:c5:fe:8a:fb:6e:f5:87:ee:cc:5b:d6:
50:10:d6:fc:f0:fa:3c:a6:20:c4:85:eb:61:3e:24:
28:c8:27:c3:2f:bf:15:63:f6:27:7c:cb:14:2e:11:
e8:ba:05:cf:51:70:10:d9:2a:99:09:1e:b3:6e:fa:
b2:fe:1a:dc:e8:ec:31:67:6c:4b:76:ba:af:b7:6c:
16:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E7:79:D8:BA:00:63:02:9E:C6:B7:00:9E:5A:7B:33:68:E0:F1:74
X509v3 Authority Key Identifier:
keyid:13:49:CC:EF:F4:A4:8A:3D:AB:02:40:67:E1:76:0D:BF:58:65:0F:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E0nM7_Skij2rAkBn4XYNv1hlD9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/ded52LoAYwKexrcAnlp7M2jg8XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/E0nM7_Skij2rAkBn4XYNv1hlD9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.204.0/22
45.91.104.0/22
45.94.192.0/22
45.131.72.0/22
45.137.108.0/22
45.141.160.0/22
45.158.152.0/22
92.118.176.0/22
212.102.99.0/24
Signature Algorithm: sha256WithRSAEncryption
15:e4:bb:16:19:3a:c3:62:42:52:6d:20:e7:8c:94:05:72:e9:
71:66:96:b7:bd:14:e5:74:ee:28:9b:1d:01:82:cb:b1:61:cf:
56:00:01:b4:64:bb:05:a5:69:6d:f7:61:ef:dc:c6:9d:c5:32:
90:9a:a8:66:97:12:32:8d:c3:f0:08:9a:7b:95:fd:ee:f4:41:
0d:f9:3b:22:bb:81:a2:88:06:bd:6b:44:61:1f:36:7b:63:a9:
ef:5a:68:5d:e0:ed:a4:a0:24:d0:5b:82:35:51:60:af:4f:e9:
a9:63:2d:8c:21:f0:b9:5a:f5:1a:f8:cd:5b:2f:c4:4d:f2:e3:
30:5a:e3:94:4e:9c:7d:ea:c4:5c:28:ce:d8:82:59:95:83:e1:
66:ab:91:c8:1c:c0:36:b5:2d:6a:cd:03:2a:70:07:9b:92:7a:
34:23:ef:9e:1a:77:3a:6d:30:69:2b:b4:99:96:d0:d9:41:4a:
9d:c3:11:c2:39:71:bc:03:64:b0:1f:44:5c:0b:0e:fb:b6:c3:
84:5a:7a:2e:db:78:32:40:66:66:40:0b:2f:a7:9e:b6:5c:55:
29:72:b7:20:9d:75:f6:ea:70:0d:6c:5c:76:7e:e4:25:15:df:
72:a0:ff:ea:2d:01:87:01:5b:a1:f1:45:00:4a:c4:1c:46:0c:
23:51:c2:30
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY2HzLGyOhBmouiCft6vE2NwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNDljY2VmZjRhNDhhM2RhYjAyNDA2N2UxNzYwZGJmNTg2
NTBmZGEwHhcNMjQwMjA4MDgxOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWU3NzlkOGJhMDA2MzAyOWVjNmI3MDA5ZTVhN2IzMzY4ZTBmMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgN/bW6bIekyWgBNCUd3zE7VD5q7F
aYURj4ORkvEY0DfnsqKkASrt6I2WvcEKPQPjOo3mYdua2A+uHkqxn0ch0sqnNXo+
2/v7mPuA8+/rx9dTusR8E/bfM6HcQnWIJs5w50Duw7bfwLlO93i1pV+EWNB+hks2
a6Eotaocarsrur+VD0B7lYGfP7+mUiWJvraIiy4YEIbr7s8siFAcgbAb7LcyTGBB
YmC0xwa45jREs52EngmyHT4lxf6K+271h+7MW9ZQENb88Po8piDEhethPiQoyCfD
L78VY/YnfMsULhHougXPUXAQ2SqZCR6zbvqy/hrc6OwxZ2xLdrqvt2wW0QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHXnedi6AGMCnsa3AJ5aezNo4PF0MB8GA1UdIwQY
MBaAFBNJzO/0pIo9qwJAZ+F2Db9YZQ/aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTBuTTdfU2tpajJyQWtCbjRYWU52MWhsRDlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMzA2ZDAtNGEyMC00YmNmLTg0OGUt
ZDJhZTJjMzM2MzI4LzEvZGVkNTJMb0FZd0tleHJjQW5scDdNMmpnOFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMzA2ZDAtNGEyMC00YmNmLTg0OGUtZDJhZTJjMzM2MzI4
LzEvRTBuTTdfU2tpajJyQWtCbjRYWU52MWhsRDlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLVfMAwQC
LVtoAwQCLV7AAwQCLYNIAwQCLYlsAwQCLY2gAwQCLZ6YAwQCXHawAwQA1GZjMA0G
CSqGSIb3DQEBCwUAA4IBAQAV5LsWGTrDYkJSbSDnjJQFculxZpa3vRTldO4omx0B
gsuxYc9WAAG0ZLsFpWlt92Hv3MadxTKQmqhmlxIyjcPwCJp7lf3u9EEN+Tsiu4Gi
iAa9a0RhHzZ7Y6nvWmhd4O2koCTQW4I1UWCvT+mpYy2MIfC5WvUa+M1bL8RN8uMw
WuOUTpx96sRcKM7YglmVg+Fmq5HIHMA2tS1qzQMqcAebkno0I++eGnc6bTBpK7SZ
ltDZQUqdwxHCOXG8A2SwH0RcCw77tsOEWnou23gyQGZmQAsvp562XFUpcrcgnXX2
6nANbFx2fuQlFd9yoP/qLQGHAVuh8UUASsQcRgwjUcIw
-----END CERTIFICATE-----
Generated at Mon Jun 10 19:35:08 2024 by rpki-client on console-fra.rpki-client.org