Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/BImMHuu-_QHZg1ndoszjD0zxKng.roa
File: BImMHuu-_QHZg1ndoszjD0zxKng.roa (raw, json)
Hash identifier: aeakVm7Gxrp3b+o1SCb0n2k9dSY1AmnkBKWo5skBFt4=
Subject key identifier: 04:89:8C:1E:EB:BE:FD:01:D9:83:59:DD:A2:CC:E3:0F:4C:F1:2A:78
Certificate issuer: /CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Certificate serial: 018CC26D2A3CBA5C7F58FF5FDFC957402AE4
Authority key identifier: 52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/BImMHuu-_QHZg1ndoszjD0zxKng.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209023
IP address blocks: 45.9.38.0/24 maxlen: 24
45.9.37.0/24 maxlen: 24
45.9.36.0/22 maxlen: 22
45.9.36.0/24 maxlen: 24
45.9.39.0/24 maxlen: 24
188.213.219.0/24 maxlen: 24
188.213.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/UuQA66N5CiRc2rS05nu01gu-e0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/UuQA66N5CiRc2rS05nu01gu-e0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2a:3c:ba:5c:7f:58:ff:5f:df:c9:57:40:2a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04898c1eebbefd01d98359dda2cce30f4cf12a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a0:b9:3c:f6:39:7a:99:c8:e0:71:14:06:da:
42:b3:e9:9d:13:8f:87:2f:c2:0c:39:b2:0e:1e:49:
a7:28:f0:67:76:b6:84:96:aa:fc:a1:34:22:08:bf:
07:0b:ca:8b:11:ae:2a:bc:8c:a8:f7:a3:e4:16:17:
99:60:62:e3:7b:94:3c:3b:b9:cf:fc:cc:2f:53:dc:
00:ad:b4:62:60:5e:3a:96:e5:b0:a8:d7:24:31:09:
f6:a4:9f:a0:91:e4:91:22:e5:ff:e6:8a:c6:9d:21:
42:a0:09:bf:7d:d4:4f:fd:81:3f:ad:f6:c4:3d:67:
b2:75:02:83:d6:0e:29:41:d4:de:2a:fd:26:4d:cc:
27:a7:80:27:bb:8a:ac:3d:1e:04:10:d0:62:d8:54:
4a:08:bd:1b:76:68:82:bd:9e:2b:27:53:62:6a:45:
17:50:29:f8:85:fc:1d:8a:21:3d:e9:aa:6d:1f:3b:
24:a5:98:65:65:c7:25:88:72:6d:66:f1:3e:64:69:
13:19:df:ea:95:2b:98:bf:ab:ec:08:43:11:a1:2b:
0e:5a:8b:97:e7:a4:5b:cf:92:d6:24:c6:89:6b:e1:
09:9c:55:8d:5a:0b:ea:cb:19:77:55:cb:f6:6f:7a:
38:d7:93:86:67:9c:f8:48:63:95:86:9f:aa:40:94:
f3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:89:8C:1E:EB:BE:FD:01:D9:83:59:DD:A2:CC:E3:0F:4C:F1:2A:78
X509v3 Authority Key Identifier:
keyid:52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/BImMHuu-_QHZg1ndoszjD0zxKng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/UuQA66N5CiRc2rS05nu01gu-e0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.36.0/22
188.213.219.0/24
188.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:bb:b1:33:64:0e:92:77:0f:e9:c1:59:cd:e9:07:4a:24:e8:
84:ef:e5:84:96:5c:4c:26:5a:bd:96:a0:6d:2a:d3:74:8a:ad:
e5:de:76:ac:dd:33:01:7b:85:9f:a1:7e:ba:cf:ce:2b:d0:8d:
c5:5d:ea:48:13:38:7c:d6:49:90:96:3b:ce:4c:ac:b5:36:7d:
39:23:f7:74:67:e6:d7:9f:60:8a:7b:61:06:0c:13:98:cd:0e:
ee:0e:7a:43:47:c2:b7:ac:49:49:34:27:a8:cd:8d:6e:6f:83:
07:41:51:8e:8d:b3:2c:0d:35:23:f5:a8:9a:9a:3a:a6:08:6e:
b3:5a:05:7b:60:06:cb:49:01:d4:c0:0f:86:3c:6d:4a:df:d5:
c4:e2:41:8d:7d:c5:d2:f5:ae:77:e8:39:0a:73:da:2d:07:80:
8c:d1:00:e4:36:60:ca:75:1d:0d:89:53:f7:16:cf:6d:9f:16:
ee:8d:28:dc:c1:2e:6e:c1:a6:a7:79:1e:78:00:f3:b9:79:18:
9a:8c:64:33:c0:e1:af:c2:73:0e:9e:b4:5e:ad:67:cf:b5:2d:
a6:1d:53:47:3f:1f:34:b3:07:1d:da:68:12:60:5f:f7:b6:1d:
fd:cc:7b:3b:7c:33:e1:41:4e:78:43:d8:6f:53:83:e4:6d:37:
c8:a3:df:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbSo8ulx/WP9f38lXQCrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZTQwMGViYTM3OTBhMjQ1Y2RhYjRiNGU2N2JiNGQ2MGJi
ZTdiNDAwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg5OGMxZWViYmVmZDAxZDk4MzU5ZGRhMmNjZTMwZjRjZjEyYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKC5PPY5epnI4HEUBtpCs+mdE4+H
L8IMObIOHkmnKPBndraElqr8oTQiCL8HC8qLEa4qvIyo96PkFheZYGLje5Q8O7nP
/MwvU9wArbRiYF46luWwqNckMQn2pJ+gkeSRIuX/5orGnSFCoAm/fdRP/YE/rfbE
PWeydQKD1g4pQdTeKv0mTcwnp4Anu4qsPR4EENBi2FRKCL0bdmiCvZ4rJ1NiakUX
UCn4hfwdiiE96aptHzskpZhlZccliHJtZvE+ZGkTGd/qlSuYv6vsCEMRoSsOWouX
56Rbz5LWJMaJa+EJnFWNWgvqyxl3Vcv2b3o415OGZ5z4SGOVhp+qQJTzwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFASJjB7rvv0B2YNZ3aLM4w9M8Sp4MB8GA1UdIwQY
MBaAFFLkAOujeQokXNq0tOZ7tNYLvntAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVRQTY2TjVDaVJjMnJTMDVudTAxZ3UtZTBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lM2QxOWYtMjhmYi00NWNiLWFmZTAt
Zjk3YWQzMDQ0ZTAyLzEvQkltTUh1dS1fUUhaZzFuZG9zempEMHp4S25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lM2QxOWYtMjhmYi00NWNiLWFmZTAtZjk3YWQzMDQ0ZTAy
LzEvVXVRQTY2TjVDaVJjMnJTMDVudTAxZ3UtZTBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQkkAwQA
vNXbAwQAvNXwMA0GCSqGSIb3DQEBCwUAA4IBAQAtu7EzZA6Sdw/pwVnN6QdKJOiE
7+WEllxMJlq9lqBtKtN0iq3l3nas3TMBe4WfoX66z84r0I3FXepIEzh81kmQljvO
TKy1Nn05I/d0Z+bXn2CKe2EGDBOYzQ7uDnpDR8K3rElJNCeozY1ub4MHQVGOjbMs
DTUj9aiamjqmCG6zWgV7YAbLSQHUwA+GPG1K39XE4kGNfcXS9a536DkKc9otB4CM
0QDkNmDKdR0NiVP3Fs9tnxbujSjcwS5uwaaneR54APO5eRiajGQzwOGvwnMOnrRe
rWfPtS2mHVNHPx80swcd2mgSYF/3th39zHs7fDPhQU54Q9hvU4PkbTfIo9/P
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:05:53 2024 by rpki-client on console-fra.rpki-client.org