Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/DMzTZfjD6MPmY1lHf9SJTVEXzv8.roa
File: DMzTZfjD6MPmY1lHf9SJTVEXzv8.roa (raw, json)
Hash identifier: V0OlVA9aDMXoHNDDItiHY/VeM3/pMCRs0kQa127T/8o=
Subject key identifier: 0C:CC:D3:65:F8:C3:E8:C3:E6:63:59:47:7F:D4:89:4D:51:17:CE:FF
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018CC9BC9E1901313A5D53B197011F1C33A6
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/DMzTZfjD6MPmY1lHf9SJTVEXzv8.roa
Signing time: Tue 02 Jan 2024 10:33:50 +0000
ROA not before: Tue 02 Jan 2024 10:33:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1103
IP address blocks: 145.97.16.0/22 maxlen: 22
145.137.128.0/18 maxlen: 18
145.97.20.0/22 maxlen: 22
145.97.24.0/21 maxlen: 21
145.124.0.0/15 maxlen: 15
145.23.0.0/19 maxlen: 19
145.23.0.0/16 maxlen: 16
192.87.0.0/16 maxlen: 16
145.97.48.0/20 maxlen: 20
194.171.0.0/16 maxlen: 16
145.107.0.0/16 maxlen: 22
145.33.0.0/16 maxlen: 16
145.20.0.0/16 maxlen: 16
145.97.128.0/18 maxlen: 18
145.138.0.0/16 maxlen: 16
145.74.0.0/15 maxlen: 15
145.37.0.0/16 maxlen: 16
145.144.0.0/12 maxlen: 12
145.97.64.0/18 maxlen: 18
145.76.0.0/16 maxlen: 16
145.116.128.0/18 maxlen: 18
145.103.0.0/16 maxlen: 16
145.140.0.0/14 maxlen: 14
145.2.0.0/15 maxlen: 15
145.109.128.0/17 maxlen: 17
145.96.0.0/16 maxlen: 16
145.116.64.0/18 maxlen: 18
145.116.224.0/19 maxlen: 19
145.127.0.0/17 maxlen: 17
145.100.0.0/15 maxlen: 15
145.90.0.0/16 maxlen: 16
145.90.10.0/23 maxlen: 23
145.117.0.0/16 maxlen: 16
145.19.0.0/16 maxlen: 16
145.116.192.0/20 maxlen: 20
145.120.0.0/14 maxlen: 14
145.9.0.0/16 maxlen: 16
145.28.0.0/15 maxlen: 15
145.92.0.0/15 maxlen: 15
145.146.0.0/16 maxlen: 25
145.48.0.0/15 maxlen: 15
145.102.0.0/16 maxlen: 16
145.38.0.0/15 maxlen: 15
145.116.0.0/20 maxlen: 20
145.52.0.0/16 maxlen: 16
145.116.16.0/21 maxlen: 21
145.116.24.0/21 maxlen: 21
145.136.0.0/15 maxlen: 15
145.126.0.0/16 maxlen: 16
145.108.0.0/16 maxlen: 16
145.44.0.0/16 maxlen: 16
145.98.0.0/16 maxlen: 16
145.0.0.0/16 maxlen: 16
145.97.192.0/18 maxlen: 18
145.91.0.0/16 maxlen: 16
145.118.0.0/16 maxlen: 16
145.81.0.0/16 maxlen: 16
145.95.0.0/16 maxlen: 16
145.85.0.0/16 maxlen: 16
145.24.0.0/16 maxlen: 16
145.88.0.0/15 maxlen: 15
145.51.0.0/16 maxlen: 16
195.169.0.0/16 maxlen: 16
2001:610::/29 maxlen: 29
2001:610:130::/48 maxlen: 64
2001:610::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:9e:19:01:31:3a:5d:53:b1:97:01:1f:1c:33:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 10:33:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cccd365f8c3e8c3e66359477fd4894d5117ceff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:42:7a:c4:ef:41:fe:2d:4f:0e:86:84:d1:
56:6f:60:5f:67:51:9d:e2:43:f5:71:62:6e:f6:2b:
3b:01:06:73:48:f0:46:47:1c:9b:f8:e7:8b:05:75:
89:50:f3:74:8a:a0:26:eb:7b:a4:e7:fe:53:6f:a3:
26:b5:d5:e1:0b:5a:2f:b6:5c:e8:3b:a4:76:9b:56:
01:90:b2:bb:be:b8:82:7a:15:8a:e4:7c:eb:9a:28:
f1:31:5a:1c:4c:ae:e3:46:0d:63:c1:88:83:a3:a5:
0c:19:f4:36:fb:a7:70:7d:e6:07:3d:3f:70:b2:44:
a6:2e:32:05:51:16:9f:52:63:5f:2e:4e:36:7a:fb:
b5:f5:03:c3:90:72:ce:80:7b:5f:11:61:49:d1:90:
94:72:2a:64:0c:31:cc:7e:6d:ef:8b:a8:05:2f:62:
23:ab:6e:ba:71:dc:33:12:13:29:57:90:dd:3c:b7:
70:7a:98:ea:fa:b7:07:ed:d8:a5:ee:a5:54:27:29:
24:be:29:f8:4a:c1:be:cf:30:e0:bf:a1:b9:41:0a:
5e:3d:b5:9b:07:44:18:81:ab:c5:59:f1:88:dd:ed:
1c:00:06:8e:34:6d:06:a6:9d:59:2c:86:10:df:cd:
4c:e4:f0:ae:55:72:74:82:4c:df:8d:c7:ce:e4:32:
f9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:CC:D3:65:F8:C3:E8:C3:E6:63:59:47:7F:D4:89:4D:51:17:CE:FF
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/DMzTZfjD6MPmY1lHf9SJTVEXzv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.0.0.0/16
145.2.0.0/15
145.9.0.0/16
145.19.0.0-145.20.255.255
145.23.0.0-145.24.255.255
145.28.0.0/15
145.33.0.0/16
145.37.0.0-145.39.255.255
145.44.0.0/16
145.48.0.0/15
145.51.0.0-145.52.255.255
145.74.0.0-145.76.255.255
145.81.0.0/16
145.85.0.0/16
145.88.0.0-145.93.255.255
145.95.0.0-145.96.255.255
145.97.16.0/20
145.97.48.0-145.98.255.255
145.100.0.0/14
145.107.0.0-145.108.255.255
145.109.128.0/17
145.116.0.0/19
145.116.64.0-145.116.207.255
145.116.224.0-145.118.255.255
145.120.0.0-145.127.127.255
145.136.0.0-145.138.255.255
145.140.0.0-145.159.255.255
192.87.0.0/16
194.171.0.0/16
195.169.0.0/16
IPv6:
2001:610::/29
Signature Algorithm: sha256WithRSAEncryption
2d:bb:d4:95:70:15:32:39:6b:64:a6:92:3f:1f:10:e9:a9:ad:
26:73:7a:ce:3b:31:2b:8a:5d:39:b3:ef:49:34:e9:65:f4:fe:
33:11:80:8c:d6:66:c4:4a:57:b5:9f:38:bb:39:f6:f7:ed:ca:
16:5d:c8:3b:cb:c3:6a:b4:bb:0d:2e:2b:75:80:f8:13:5b:8b:
00:58:66:9c:b3:67:2f:6b:ed:9c:bd:83:eb:1c:31:7a:85:c7:
7d:19:77:8e:df:cb:20:8a:30:48:aa:f7:2f:cc:b3:2b:2f:1a:
0b:6d:89:45:25:ea:93:e7:59:3b:5d:4e:dd:4d:2d:d7:10:ad:
8d:99:c0:be:47:d9:39:7f:02:4a:49:c7:ff:77:e3:4f:1c:4a:
45:06:36:09:1f:ab:a9:55:2e:ba:ae:36:16:1f:8f:e8:6a:01:
13:cf:e9:cd:c7:1e:3f:84:1e:6b:c6:f0:69:16:11:fd:1c:09:
af:be:21:41:7c:94:6b:85:ac:1e:35:db:8e:b2:78:7c:0b:92:
60:b4:c6:aa:c4:18:99:6f:ed:28:88:4f:60:e2:5f:d0:4c:55:
cc:12:03:17:03:58:6b:26:fb:3b:6e:df:c0:88:b2:e8:6a:db:
e1:be:a0:99:8b:47:37:99:36:4a:c4:e1:c6:80:6c:9a:f8:20:
73:22:d3:56
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgISAYzJvJ4ZATE6XVOxlwEfHDOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQwMTAyMTAzMzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2NjZDM2NWY4YzNlOGMzZTY2MzU5NDc3ZmQ0ODk0ZDUxMTdjZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHpCesTvQf4tTw6GhNFWb2BfZ1Gd
4kP1cWJu9is7AQZzSPBGRxyb+OeLBXWJUPN0iqAm63uk5/5Tb6MmtdXhC1ovtlzo
O6R2m1YBkLK7vriCehWK5HzrmijxMVocTK7jRg1jwYiDo6UMGfQ2+6dwfeYHPT9w
skSmLjIFURafUmNfLk42evu19QPDkHLOgHtfEWFJ0ZCUcipkDDHMfm3vi6gFL2Ij
q266cdwzEhMpV5DdPLdwepjq+rcH7dil7qVUJykkvin4SsG+zzDgv6G5QQpePbWb
B0QYgavFWfGI3e0cAAaONG0Gpp1ZLIYQ381M5PCuVXJ0gkzfjcfO5DL5YQIDAQAB
o4IDHDCCAxgwHQYDVR0OBBYEFAzM02X4w+jD5mNZR3/UiU1RF87/MB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvRE16VFpmakQ2TVBtWTFsSGY5U0pUVkVYenY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMAYIKwYBBQUHAQcBAf8EggEfMIIBGzCCAQgEAgABMIIB
AAMDAJEAAwMBkQIDAwCRCTAKAwMAkRMDAwCRFDAKAwMAkRcDAwCRGAMDAZEcAwMA
kSEwCgMDAJElAwMDkSADAwCRLAMDAZEwMAoDAwCRMwMDAJE0MAoDAwGRSgMDAJFM
AwMAkVEDAwCRVTAKAwMDkVgDAwGRXDAKAwMAkV8DAwCRYAMEBJFhEDALAwQEkWEw
AwMAkWIDAwKRZDAKAwMAkWsDAwCRbAMEB5FtgAMEBZF0ADAMAwQGkXRAAwQEkXTA
MAsDBAWRdOADAwCRdjALAwMDkXgDBAeRfwAwCgMDA5GIAwMAkYowCgMDApGMAwMF
kYADAwDAVwMDAMKrAwMAw6kwDQQCAAIwBwMFAyABBhAwDQYJKoZIhvcNAQELBQAD
ggEBAC271JVwFTI5a2Smkj8fEOmprSZzes47MSuKXTmz70k06WX0/jMRgIzWZsRK
V7WfOLs59vftyhZdyDvLw2q0uw0uK3WA+BNbiwBYZpyzZy9r7Zy9g+scMXqFx30Z
d47fyyCKMEiq9y/MsysvGgttiUUl6pPnWTtdTt1NLdcQrY2ZwL5H2Tl/AkpJx/93
408cSkUGNgkfq6lVLrquNhYfj+hqARPP6c3HHj+EHmvG8GkWEf0cCa++IUF8lGuF
rB41246yeHwLkmC0xqrEGJlv7SiIT2DiX9BMVcwSAxcDWGsm+ztu38CIsuhq2+G+
oJmLRzeZNkrE4caAbJr4IHMi01Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:48:10 2024 by rpki-client on console-fra.rpki-client.org