Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/nmUkDfDDTPgitfz3dY_aY1tDCjg.roa
File: nmUkDfDDTPgitfz3dY_aY1tDCjg.roa (raw, json)
Hash identifier: NP7P+2GDvkLL/CYJj9Vth6JTrRX3cU6c3OGkFaNoM5o=
Subject key identifier: 9E:65:24:0D:F0:C3:4C:F8:22:B5:FC:F7:75:8F:DA:63:5B:43:0A:38
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 0192ED562FF0E2F7EACE90836411A3DB68B9
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/nmUkDfDDTPgitfz3dY_aY1tDCjg.roa
Signing time: Sat 02 Nov 2024 14:45:01 +0000
ROA not before: Sat 02 Nov 2024 14:45:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6134
IP address blocks: 45.10.68.0/24 maxlen: 24
45.83.236.0/24 maxlen: 24
45.150.198.0/23 maxlen: 24
91.208.104.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.216.169.0/24 maxlen: 24
91.216.190.0/24 maxlen: 24
91.217.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ed:56:2f:f0:e2:f7:ea:ce:90:83:64:11:a3:db:68:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Nov 2 14:45:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e65240df0c34cf822b5fcf7758fda635b430a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:5d:3f:1c:03:33:14:4c:e6:84:9a:4d:0d:9c:
52:20:13:96:63:f1:32:1b:e5:39:86:3b:aa:4f:06:
dd:e2:8a:1e:5d:c7:9d:14:db:47:c2:6c:c2:70:14:
dc:b1:5f:a4:6f:79:99:b4:c5:b4:c4:be:b6:81:3d:
05:93:88:d7:aa:87:9e:87:a2:1a:07:b0:31:47:e1:
30:5d:35:6f:25:e5:4c:13:6c:ac:ac:0a:ba:37:4c:
af:69:f2:39:33:54:18:5d:b0:23:a9:24:4c:4a:b0:
05:b4:df:e5:c0:74:c4:8a:34:e5:ec:ae:a9:0d:d3:
7d:87:11:80:a8:90:a5:30:aa:ce:43:96:61:49:2a:
c3:50:36:aa:a8:b1:7a:67:6a:da:bb:88:a8:27:02:
ec:5c:75:da:86:5a:9f:ce:d1:d5:6f:0d:ab:b3:ce:
65:19:51:99:5c:78:19:90:64:b6:80:f2:74:db:6a:
2e:fb:43:3c:ca:fe:9e:3b:33:f7:26:32:2f:69:58:
6e:c4:61:99:03:5c:da:36:6c:fe:a6:b1:7a:d9:a9:
3e:d8:74:71:b2:d5:df:a2:da:b4:bf:8f:ad:f8:6a:
8d:2e:fe:bc:c6:39:6c:b4:18:94:11:bd:a7:1a:89:
f0:1f:32:15:48:5f:b3:dc:4e:35:3c:1d:3e:61:09:
97:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:65:24:0D:F0:C3:4C:F8:22:B5:FC:F7:75:8F:DA:63:5B:43:0A:38
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/nmUkDfDDTPgitfz3dY_aY1tDCjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.68.0/24
45.83.236.0/24
45.150.198.0/23
91.208.104.0/24
91.213.200.0/24
91.216.169.0/24
91.216.190.0/24
91.217.135.0/24
Signature Algorithm: sha256WithRSAEncryption
37:86:ee:d3:00:7b:60:04:95:3e:0a:20:65:02:f9:6d:d5:3d:
ad:56:35:b8:18:e9:4e:06:d0:89:e9:1d:80:36:59:f5:b0:17:
4c:b3:8c:9b:68:5c:d4:2c:be:ee:33:cf:38:4e:8d:7c:67:b6:
9a:ad:96:75:14:a2:0e:39:00:ed:02:28:5c:38:12:97:4e:99:
8f:06:ff:4a:da:85:8f:7b:bc:bf:d5:7a:9a:de:49:c8:36:57:
b3:00:b8:c8:9d:71:24:c5:c4:56:33:a8:66:c0:2d:c5:86:06:
39:6f:cf:e0:77:2e:dd:ec:14:1f:d6:da:99:1c:12:2e:01:6f:
a2:89:88:bf:db:db:35:0f:04:e9:0a:2e:ef:c6:ca:5e:a3:77:
35:9c:44:7c:d1:1d:b5:78:cb:a5:34:70:a6:85:fe:66:28:3c:
a9:53:20:c0:9c:9e:4e:cb:af:b8:78:11:11:34:aa:cb:e7:e1:
27:7d:5e:bf:7a:2d:dd:d3:61:ae:59:15:4e:9f:66:f1:1a:30:
b3:9e:b0:d1:c4:db:d3:2a:61:27:bc:a6:9a:08:61:8c:fe:27:
4b:c6:a2:b2:81:eb:f2:1a:ee:60:05:92:43:ff:4c:2f:76:1e:
cb:bc:d1:af:9c:65:6e:a1:c3:fa:9f:4c:e3:78:5e:c2:29:9f:
c5:3e:64:c8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZLtVi/w4vfqzpCDZBGj22i5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjQxMTAyMTQ0NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTY1MjQwZGYwYzM0Y2Y4MjJiNWZjZjc3NThmZGE2MzViNDMwYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8F0/HAMzFEzmhJpNDZxSIBOWY/Ey
G+U5hjuqTwbd4ooeXcedFNtHwmzCcBTcsV+kb3mZtMW0xL62gT0Fk4jXqoeeh6Ia
B7AxR+EwXTVvJeVME2ysrAq6N0yvafI5M1QYXbAjqSRMSrAFtN/lwHTEijTl7K6p
DdN9hxGAqJClMKrOQ5ZhSSrDUDaqqLF6Z2rau4ioJwLsXHXahlqfztHVbw2rs85l
GVGZXHgZkGS2gPJ022ou+0M8yv6eOzP3JjIvaVhuxGGZA1zaNmz+prF62ak+2HRx
stXfotq0v4+t+GqNLv68xjlstBiUEb2nGonwHzIVSF+z3E41PB0+YQmXGQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJ5lJA3ww0z4IrX893WP2mNbQwo4MB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvbm1Va0RmRERUUGdpdGZ6M2RZX2FZMXREQ2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQpEAwQA
LVPsAwQBLZbGAwQAW9BoAwQAW9XIAwQAW9ipAwQAW9i+AwQAW9mHMA0GCSqGSIb3
DQEBCwUAA4IBAQA3hu7TAHtgBJU+CiBlAvlt1T2tVjW4GOlOBtCJ6R2ANln1sBdM
s4ybaFzULL7uM884To18Z7aarZZ1FKIOOQDtAihcOBKXTpmPBv9K2oWPe7y/1Xqa
3knINlezALjInXEkxcRWM6hmwC3FhgY5b8/gdy7d7BQf1tqZHBIuAW+iiYi/29s1
DwTpCi7vxspeo3c1nER80R21eMulNHCmhf5mKDypUyDAnJ5Oy6+4eBERNKrL5+En
fV6/ei3d02GuWRVOn2bxGjCznrDRxNvTKmEnvKaaCGGM/idLxqKygevyGu5gBZJD
/0wvdh7LvNGvnGVuocP6n0zjeF7CKZ/FPmTI
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:32:39 2024 by rpki-client on console-fra.rpki-client.org