Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7L3ZCzAMfITh0T3WiugytKgaaIM.roa
File: 7L3ZCzAMfITh0T3WiugytKgaaIM.roa (raw, json)
Hash identifier: NCXcxRB9l+EGjjuXy6vvKHJhuI3QPH9fwQ6uqQaqLr0=
Subject key identifier: EC:BD:D9:0B:30:0C:7C:84:E1:D1:3D:D6:8A:E8:32:B4:A8:1A:68:83
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 0193549DD516C74D976D7864EB7F99BE1F84
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7L3ZCzAMfITh0T3WiugytKgaaIM.roa
Signing time: Fri 22 Nov 2024 16:04:09 +0000
ROA not before: Fri 22 Nov 2024 16:04:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 45.137.52.0/24 maxlen: 24
45.137.53.0/24 maxlen: 24
45.137.55.0/24 maxlen: 24
45.137.191.0/24 maxlen: 24
45.139.28.0/24 maxlen: 24
45.139.31.0/24 maxlen: 24
45.140.171.0/24 maxlen: 24
45.140.173.0/24 maxlen: 24
45.141.186.0/24 maxlen: 24
45.141.187.0/24 maxlen: 24
45.145.162.0/24 maxlen: 24
45.147.1.0/24 maxlen: 24
45.149.83.0/24 maxlen: 24
45.152.225.0/24 maxlen: 24
45.154.162.0/24 maxlen: 24
85.202.166.0/24 maxlen: 24
85.202.167.0/24 maxlen: 24
91.212.82.0/24 maxlen: 24
91.220.84.0/24 maxlen: 24
91.220.90.0/24 maxlen: 24
91.220.126.0/24 maxlen: 24
91.221.38.0/24 maxlen: 24
92.249.13.0/24 maxlen: 24
92.249.14.0/24 maxlen: 24
193.150.98.0/24 maxlen: 24
193.150.170.0/24 maxlen: 24
193.150.171.0/24 maxlen: 24
193.163.199.0/24 maxlen: 24
194.33.8.0/24 maxlen: 24
194.33.9.0/24 maxlen: 24
194.55.103.0/24 maxlen: 24
194.55.104.0/24 maxlen: 24
194.61.76.0/24 maxlen: 24
195.245.110.0/24 maxlen: 24
213.139.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:54:9d:d5:16:c7:4d:97:6d:78:64:eb:7f:99:be:1f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Nov 22 16:04:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ecbdd90b300c7c84e1d13dd68ae832b4a81a6883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:37:25:5d:63:02:03:82:f9:f3:29:dc:16:e7:
f9:74:8a:e4:b3:e9:87:2a:d4:ae:6e:4d:9b:a5:26:
ce:02:a4:63:a1:98:35:bc:dd:29:07:8a:ed:2e:39:
d9:dd:d3:6e:4c:db:e6:ec:f1:0e:9e:f3:f2:6e:90:
32:4d:4a:69:8b:70:c9:48:f8:7b:02:d8:25:2d:6f:
c6:6b:63:ff:f7:0a:e7:5f:b1:bf:ac:ba:06:11:23:
e4:72:82:97:6a:b8:b3:19:94:60:d9:eb:22:3a:9e:
d6:d4:a7:77:a4:70:07:87:c7:88:7b:ba:3b:37:9f:
67:0c:ad:e0:43:e4:ef:b3:6d:07:4a:17:b2:83:9e:
38:ca:83:ec:40:bb:be:75:23:db:ad:48:51:92:33:
0f:48:3d:20:98:e3:ab:bd:25:71:d7:c0:f1:3f:1f:
be:d7:5b:5e:b5:b6:0a:40:f1:4e:78:3e:80:6e:90:
9c:a8:7f:4f:76:26:b8:5e:94:31:9a:13:e4:70:b7:
b5:a3:15:2d:08:d0:ad:bc:7e:7e:a1:0b:34:3c:3a:
12:ee:ac:2b:eb:ae:65:48:4b:18:34:0e:7b:b9:c4:
09:a7:ae:ee:9f:fa:4d:69:f0:9a:91:96:7b:ec:dc:
89:b9:fd:89:9e:d8:16:c0:2d:60:36:95:0c:22:5d:
d3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:BD:D9:0B:30:0C:7C:84:E1:D1:3D:D6:8A:E8:32:B4:A8:1A:68:83
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/7L3ZCzAMfITh0T3WiugytKgaaIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.52.0/23
45.137.55.0/24
45.137.191.0/24
45.139.28.0/24
45.139.31.0/24
45.140.171.0/24
45.140.173.0/24
45.141.186.0/23
45.145.162.0/24
45.147.1.0/24
45.149.83.0/24
45.152.225.0/24
45.154.162.0/24
85.202.166.0/23
91.212.82.0/24
91.220.84.0/24
91.220.90.0/24
91.220.126.0/24
91.221.38.0/24
92.249.13.0-92.249.14.255
193.150.98.0/24
193.150.170.0/23
193.163.199.0/24
194.33.8.0/23
194.55.103.0-194.55.104.255
194.61.76.0/24
195.245.110.0/24
213.139.194.0/24
Signature Algorithm: sha256WithRSAEncryption
00:da:5d:e7:2d:de:ca:4e:21:00:76:78:fc:4d:8e:b8:44:ef:
fc:62:a2:a5:7c:7d:bd:e2:e9:b5:7c:37:43:2c:a2:62:8e:d3:
e5:e5:b0:7d:af:4c:bb:d3:cd:ce:19:44:8e:41:a8:ce:ad:6b:
db:b7:79:11:ed:c9:1c:2c:2c:69:53:00:cf:e0:8a:9b:4f:29:
42:b4:83:46:0c:66:43:e3:c6:28:f5:41:60:d5:f9:72:2f:16:
ac:e5:7e:ea:9c:b8:77:13:d8:60:ec:14:e9:34:b2:7a:92:3e:
d6:4f:d0:b6:2f:d8:3c:82:af:fd:38:4e:e4:fc:d1:0e:9d:4e:
09:b9:f9:20:d9:f9:93:e7:9a:7c:ac:25:e6:95:95:d9:de:20:
d3:a0:d2:52:f3:f5:41:34:2c:b3:be:25:ee:b6:44:d2:ea:8d:
b2:cd:2b:dd:5a:b8:47:66:ab:9d:d7:df:ec:66:8d:8b:4b:71:
99:d1:cb:52:9b:aa:36:85:b3:7f:9f:37:9c:df:f2:f7:d9:dc:
ac:90:87:2e:0b:5a:0b:11:45:7c:28:cb:47:9d:b0:bb:74:37:
b1:71:67:8b:35:b2:3a:98:e2:82:42:4c:73:cc:64:31:37:20:
70:d7:a9:4b:66:f2:eb:73:7c:cb:6c:2d:4e:0d:3c:82:07:e0:
12:70:3d:93
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZNUndUWx02XbXhk63+Zvh+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQxMTIyMTYwNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2JkZDkwYjMwMGM3Yzg0ZTFkMTNkZDY4YWU4MzJiNGE4MWE2ODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljclXWMCA4L58yncFuf5dIrks+mH
KtSubk2bpSbOAqRjoZg1vN0pB4rtLjnZ3dNuTNvm7PEOnvPybpAyTUppi3DJSPh7
AtglLW/Ga2P/9wrnX7G/rLoGESPkcoKXarizGZRg2esiOp7W1Kd3pHAHh8eIe7o7
N59nDK3gQ+Tvs20HSheyg544yoPsQLu+dSPbrUhRkjMPSD0gmOOrvSVx18DxPx++
11tetbYKQPFOeD6AbpCcqH9Pdia4XpQxmhPkcLe1oxUtCNCtvH5+oQs0PDoS7qwr
665lSEsYNA57ucQJp67un/pNafCakZZ77NyJuf2JntgWwC1gNpUMIl3T/QIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFOy92QswDHyE4dE91oroMrSoGmiDMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvN0wzWkN6QU1mSVRoMFQzV2l1Z3l0S2dhYUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAEt
iTQDBAAtiTcDBAAtib8DBAAtixwDBAAtix8DBAAtjKsDBAAtjK0DBAEtjboDBAAt
kaIDBAAtkwEDBAAtlVMDBAAtmOEDBAAtmqIDBAFVyqYDBABb1FIDBABb3FQDBABb
3FoDBABb3H4DBABb3SYwDAMEAFz5DQMEAFz5DgMEAMGWYgMEAcGWqgMEAMGjxwME
AcIhCDAMAwQAwjdnAwQAwjdoAwQAwj1MAwQAw/VuAwQA1YvCMA0GCSqGSIb3DQEB
CwUAA4IBAQAA2l3nLd7KTiEAdnj8TY64RO/8YqKlfH294um1fDdDLKJijtPl5bB9
r0y7083OGUSOQajOrWvbt3kR7ckcLCxpUwDP4IqbTylCtINGDGZD48Yo9UFg1fly
Lxas5X7qnLh3E9hg7BTpNLJ6kj7WT9C2L9g8gq/9OE7k/NEOnU4Jufkg2fmT55p8
rCXmlZXZ3iDToNJS8/VBNCyzviXutkTS6o2yzSvdWrhHZqud19/sZo2LS3GZ0ctS
m6o2hbN/nzec3/L32dyskIcuC1oLEUV8KMtHnbC7dDexcWeLNbI6mOKCQkxzzGQx
NyBw16lLZvLrc3zLbC1ODTyCB+AScD2T
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:22:07 2024 by rpki-client on console-ams.rpki-client.org