Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/sUXNq6VPxMrfPQkizTRBj_C8jvI.roa
File: sUXNq6VPxMrfPQkizTRBj_C8jvI.roa (raw, json)
Hash identifier: 7HjA1Jb0bTUTCXbqUrP4+H3nyYjc6kUsvDllUZHLdEY=
Subject key identifier: B1:45:CD:AB:A5:4F:C4:CA:DF:3D:09:22:CD:34:41:8F:F0:BC:8E:F2
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018D3034A0540520C0303232B26339427F75
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/sUXNq6VPxMrfPQkizTRBj_C8jvI.roa
Signing time: Mon 22 Jan 2024 08:06:11 +0000
ROA not before: Mon 22 Jan 2024 08:06:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 45.8.156.0/24 maxlen: 24
45.85.64.0/24 maxlen: 24
45.85.67.0/24 maxlen: 24
45.144.38.0/24 maxlen: 24
45.145.3.0/24 maxlen: 24
85.8.187.0/24 maxlen: 24
185.21.140.0/24 maxlen: 24
194.32.250.0/24 maxlen: 24
194.61.234.0/24 maxlen: 24
194.61.235.0/24 maxlen: 24
213.139.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:34:a0:54:05:20:c0:30:32:32:b2:63:39:42:7f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 22 08:06:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b145cdaba54fc4cadf3d0922cd34418ff0bc8ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b0:85:47:1d:c9:9a:9a:4e:71:fa:fb:d8:1d:
2a:c7:b4:ee:be:50:06:e8:4b:1a:34:06:a1:6c:98:
e3:d0:ca:6b:52:81:8e:59:4b:c2:75:a4:83:08:e6:
02:61:ae:20:a9:de:43:43:8c:26:61:cb:44:1e:a6:
fc:e8:fd:ed:18:16:9b:7c:21:b9:73:e9:d8:a5:ff:
bc:9e:2c:74:89:38:68:87:f4:14:8b:32:ae:21:19:
39:e3:84:7d:39:94:bc:74:66:1e:70:2f:c8:4b:72:
25:db:cc:88:e9:11:d0:cc:31:78:63:28:84:94:24:
ad:eb:d9:28:2d:8d:82:9d:86:d8:a5:2c:8b:0e:ea:
07:71:1a:bb:7e:c7:d4:d1:9e:f6:21:51:81:22:56:
53:8e:f8:ec:13:00:0a:e2:14:22:ba:08:44:f1:82:
7d:67:8c:7c:13:48:d1:39:2f:70:6d:ae:c8:21:34:
87:fa:06:89:e3:d0:b4:f5:98:48:4d:ab:bc:48:58:
2e:93:12:09:63:14:5a:92:a1:c6:4b:4c:00:32:ee:
cc:e1:df:71:47:db:df:b4:11:de:b3:2c:cb:4a:86:
67:6e:75:fc:8e:6c:26:1b:45:ea:d8:cf:1f:f1:81:
8b:c3:29:a0:a4:8a:39:74:30:56:84:e7:e3:1d:ae:
07:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:45:CD:AB:A5:4F:C4:CA:DF:3D:09:22:CD:34:41:8F:F0:BC:8E:F2
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/sUXNq6VPxMrfPQkizTRBj_C8jvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.156.0/24
45.85.64.0/24
45.85.67.0/24
45.144.38.0/24
45.145.3.0/24
85.8.187.0/24
185.21.140.0/24
194.32.250.0/24
194.61.234.0/23
213.139.231.0/24
Signature Algorithm: sha256WithRSAEncryption
30:03:e6:b6:b4:3e:47:34:c4:ca:b9:bc:05:e4:74:8c:cf:8b:
ab:bd:1a:f6:63:5b:77:4e:f9:05:83:42:54:2d:c8:a1:b0:17:
8e:ef:cb:ea:73:f2:f7:71:c1:73:8a:0b:44:a6:96:d0:1b:70:
be:8b:c2:6a:89:12:81:d5:02:ef:39:d4:c4:9e:cd:5f:32:d5:
cf:a1:2e:76:7e:40:f2:c3:b6:be:a8:63:37:d5:c4:aa:cd:b9:
13:aa:fe:6e:22:c8:bb:74:4d:39:94:db:14:05:e4:39:f9:85:
3a:15:dc:0b:3b:60:28:19:7a:ea:50:94:ea:73:26:d5:b5:57:
80:d3:9c:0f:43:1b:5b:05:ac:8f:51:e8:d1:f7:53:e7:00:d3:
1f:94:86:d9:10:c8:ed:00:b0:00:f3:e0:ea:ee:25:94:af:ef:
35:fe:17:21:2b:67:c8:48:2b:e5:3a:be:86:12:47:18:d2:c0:
5d:5b:d1:1c:56:a5:e5:b6:88:09:4b:71:64:90:67:f0:95:75:
03:4c:03:a9:27:b3:8b:5b:02:01:b7:5f:d1:22:de:8b:71:0e:
40:80:d8:bf:86:64:f6:58:9b:da:69:b6:9b:75:b3:91:26:59:
4b:91:c7:b4:f1:08:16:d1:cb:ec:de:53:f3:4e:e4:4a:90:ae:
d0:bf:5d:a2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY0wNKBUBSDAMDIysmM5Qn91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTIyMDgwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ1Y2RhYmE1NGZjNGNhZGYzZDA5MjJjZDM0NDE4ZmYwYmM4ZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibCFRx3JmppOcfr72B0qx7TuvlAG
6EsaNAahbJjj0MprUoGOWUvCdaSDCOYCYa4gqd5DQ4wmYctEHqb86P3tGBabfCG5
c+nYpf+8nix0iThoh/QUizKuIRk544R9OZS8dGYecC/IS3Il28yI6RHQzDF4YyiE
lCSt69koLY2CnYbYpSyLDuoHcRq7fsfU0Z72IVGBIlZTjvjsEwAK4hQiughE8YJ9
Z4x8E0jROS9wba7IITSH+gaJ49C09ZhITau8SFgukxIJYxRakqHGS0wAMu7M4d9x
R9vftBHesyzLSoZnbnX8jmwmG0Xq2M8f8YGLwymgpIo5dDBWhOfjHa4HWQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLFFzaulT8TK3z0JIs00QY/wvI7yMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvc1VYTnE2VlB4TXJmUFFraXpUUkJqX0M4anZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQicAwQA
LVVAAwQALVVDAwQALZAmAwQALZEDAwQAVQi7AwQAuRWMAwQAwiD6AwQBwj3qAwQA
1YvnMA0GCSqGSIb3DQEBCwUAA4IBAQAwA+a2tD5HNMTKubwF5HSMz4urvRr2Y1t3
TvkFg0JULcihsBeO78vqc/L3ccFzigtEppbQG3C+i8JqiRKB1QLvOdTEns1fMtXP
oS52fkDyw7a+qGM31cSqzbkTqv5uIsi7dE05lNsUBeQ5+YU6FdwLO2AoGXrqUJTq
cybVtVeA05wPQxtbBayPUejR91PnANMflIbZEMjtALAA8+Dq7iWUr+81/hchK2fI
SCvlOr6GEkcY0sBdW9EcVqXltogJS3FkkGfwlXUDTAOpJ7OLWwIBt1/RIt6LcQ5A
gNi/hmT2WJvaababdbORJllLkce08QgW0cvs3lPzTuRKkK7Qv12i
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:54:49 2024 by rpki-client on console-ams.rpki-client.org