Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/RTkLxiiqdcx_3Ru9fMiVCGHuqTU.roa
File: RTkLxiiqdcx_3Ru9fMiVCGHuqTU.roa (raw, json)
Hash identifier: 1wlcpCxkWKB5Ako3izH7KIbmmhtSNiV2aZ7tpKfQ6rc=
Subject key identifier: 45:39:0B:C6:28:AA:75:CC:7F:DD:1B:BD:7C:C8:95:08:61:EE:A9:35
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0190FE72A65415A8149B6A296ABA46444FB4
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/RTkLxiiqdcx_3Ru9fMiVCGHuqTU.roa
Signing time: Mon 29 Jul 2024 12:24:04 +0000
ROA not before: Mon 29 Jul 2024 12:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 46.38.152.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.24.151.0/24 maxlen: 24
212.16.78.0/24 maxlen: 24
212.16.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:72:a6:54:15:a8:14:9b:6a:29:6a:ba:46:44:4f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jul 29 12:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45390bc628aa75cc7fdd1bbd7cc8950861eea935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1a:08:8f:c4:fb:b0:58:8d:d6:c5:86:c8:32:
25:91:5a:cc:a0:57:08:f3:73:e2:5b:7a:0c:4c:c9:
29:09:c2:68:57:61:3c:e0:e7:61:ca:84:8c:fb:ba:
04:7f:78:96:68:aa:ad:de:3d:26:f5:9e:0d:a9:8c:
1c:33:f2:3b:3c:72:f5:c6:71:20:99:7c:0c:ed:1f:
a5:5e:5e:de:84:b3:3c:c5:f2:e3:51:8a:08:b2:88:
3f:64:1b:4f:6a:b1:c4:35:18:62:20:d8:c4:04:40:
f6:1c:ac:62:ed:19:11:43:7f:e9:3f:4e:3e:78:18:
29:45:84:4a:44:2f:30:17:ce:8b:b2:d2:72:ac:94:
d7:f6:69:52:2f:ea:6d:8c:0c:07:db:dd:2b:47:6a:
9a:67:c7:e9:2f:f0:ad:19:4b:2b:7b:cc:56:df:a7:
d0:73:bf:95:8a:e7:14:51:84:e8:b0:e4:29:7d:66:
d5:4e:41:7e:de:77:6f:d2:38:8b:a5:8f:94:1b:a1:
af:37:46:c4:e2:c0:74:57:fb:1c:bf:73:10:c8:fd:
66:c7:e5:3e:a3:07:97:6b:1a:24:2b:5b:1d:ff:32:
94:15:21:56:f7:8e:fb:5b:4c:c4:5a:df:3a:74:9c:
80:3d:1e:28:3c:39:d5:d3:62:5f:04:b2:a6:4f:c9:
94:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:39:0B:C6:28:AA:75:CC:7F:DD:1B:BD:7C:C8:95:08:61:EE:A9:35
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/RTkLxiiqdcx_3Ru9fMiVCGHuqTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.152.0/24
185.24.150.0/23
212.16.78.0/24
212.16.94.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:5e:ab:f9:ae:e8:39:4b:3b:8d:5b:78:89:b8:41:a6:79:ea:
e1:03:a5:d6:eb:2c:ec:a0:09:8d:d3:e1:ec:ee:8b:88:e3:dc:
7a:ed:f6:4d:72:fc:a6:bf:a0:df:6b:d8:db:1b:f8:98:dd:92:
9f:b4:9b:94:20:72:90:db:4a:5f:fe:cc:ff:b6:58:fb:d9:c3:
fc:0b:97:d2:b5:24:57:34:3a:88:a5:64:66:40:8a:ca:e2:c4:
a2:36:e9:9c:55:ae:27:bd:ad:a7:3f:96:f7:c1:4d:93:27:84:
c5:3d:4d:07:1c:79:66:82:fd:1b:83:76:be:de:b8:ce:a0:e0:
b3:f8:d4:88:d5:f8:63:23:df:82:f3:88:23:da:5c:e8:62:1f:
62:f9:cf:d9:6f:39:f8:ef:0d:d2:af:bd:c4:75:03:6e:56:c5:
bd:b2:30:16:e2:b7:ab:fe:5d:78:68:e9:64:46:f4:ba:ff:97:
d8:57:52:30:52:4b:28:2e:d4:ed:be:29:f9:5f:39:ce:33:0f:
5a:35:6e:07:72:90:2d:0f:d3:4b:d7:f1:c3:4e:32:15:d3:fc:
75:4b:43:54:fc:75:74:cc:6e:e7:a1:99:68:3c:d9:96:4a:83:
a1:9d:7d:14:b0:4f:bf:6d:79:10:18:f6:52:1b:55:2d:3a:3f:
ca:24:c9:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZD+cqZUFagUm2oparpGRE+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwNzI5MTIyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTM5MGJjNjI4YWE3NWNjN2ZkZDFiYmQ3Y2M4OTUwODYxZWVhOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBoIj8T7sFiN1sWGyDIlkVrMoFcI
83PiW3oMTMkpCcJoV2E84OdhyoSM+7oEf3iWaKqt3j0m9Z4NqYwcM/I7PHL1xnEg
mXwM7R+lXl7ehLM8xfLjUYoIsog/ZBtParHENRhiINjEBED2HKxi7RkRQ3/pP04+
eBgpRYRKRC8wF86LstJyrJTX9mlSL+ptjAwH290rR2qaZ8fpL/CtGUsre8xW36fQ
c7+ViucUUYTosOQpfWbVTkF+3ndv0jiLpY+UG6GvN0bE4sB0V/scv3MQyP1mx+U+
oweXaxokK1sd/zKUFSFW9477W0zEWt86dJyAPR4oPDnV02JfBLKmT8mUIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEU5C8YoqnXMf90bvXzIlQhh7qk1MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUlRrTHhpaXFkY3hfM1J1OWZNaVZDR0h1cVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiaYAwQB
uRiWAwQA1BBOAwQA1BBeMA0GCSqGSIb3DQEBCwUAA4IBAQAMXqv5rug5SzuNW3iJ
uEGmeerhA6XW6yzsoAmN0+Hs7ouI49x67fZNcvymv6Dfa9jbG/iY3ZKftJuUIHKQ
20pf/sz/tlj72cP8C5fStSRXNDqIpWRmQIrK4sSiNumcVa4nva2nP5b3wU2TJ4TF
PU0HHHlmgv0bg3a+3rjOoOCz+NSI1fhjI9+C84gj2lzoYh9i+c/Zbzn47w3Sr73E
dQNuVsW9sjAW4rer/l14aOlkRvS6/5fYV1IwUksoLtTtvin5XznOMw9aNW4HcpAt
D9NL1/HDTjIV0/x1S0NU/HV0zG7noZloPNmWSoOhnX0UsE+/bXkQGPZSG1UtOj/K
JMk7
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:53:49 2024 by rpki-client on console-fra.rpki-client.org