Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/edql84I1AEY1kF155bhcAdOFE1k.roa
File: edql84I1AEY1kF155bhcAdOFE1k.roa (raw, json)
Hash identifier: HSpe0C8iJr88BJogkWmLvdTVgaLoHlydz66zKcMAvY8=
Subject key identifier: 79:DA:A5:F3:82:35:00:46:35:90:5D:79:E5:B8:5C:01:D3:85:13:59
Certificate issuer: /CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
Certificate serial: 0190EE74901B5C65B7FC3B944AC4EF0CE550
Authority key identifier: 18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/edql84I1AEY1kF155bhcAdOFE1k.roa
Signing time: Fri 26 Jul 2024 09:52:14 +0000
ROA not before: Fri 26 Jul 2024 09:52:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15466
IP address blocks: 45.150.28.0/22 maxlen: 22
45.150.28.0/24 maxlen: 24
45.150.29.0/24 maxlen: 24
45.150.30.0/24 maxlen: 24
45.150.31.0/24 maxlen: 24
217.169.224.0/20 maxlen: 20
217.169.224.0/24 maxlen: 24
217.169.225.0/24 maxlen: 24
217.169.226.0/24 maxlen: 24
217.169.227.0/24 maxlen: 24
217.169.228.0/24 maxlen: 24
217.169.229.0/24 maxlen: 24
217.169.230.0/24 maxlen: 24
217.169.231.0/24 maxlen: 24
217.169.232.0/24 maxlen: 24
217.169.233.0/24 maxlen: 24
217.169.234.0/24 maxlen: 24
217.169.235.0/24 maxlen: 24
217.169.236.0/24 maxlen: 24
217.169.237.0/24 maxlen: 24
217.169.238.0/24 maxlen: 24
217.169.239.0/24 maxlen: 24
2a04:8f80:2000::/36 maxlen: 36
2a04:8f80:2007::/48 maxlen: 48
2a04:8f80:2011::/48 maxlen: 48
2a04:8f80:2105::/48 maxlen: 48
2a04:8f80:2107::/48 maxlen: 48
2a04:8f80:2111::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:74:90:1b:5c:65:b7:fc:3b:94:4a:c4:ef:0c:e5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
Validity
Not Before: Jul 26 09:52:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79daa5f38235004635905d79e5b85c01d3851359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:15:62:1d:67:aa:ab:88:a5:2c:5d:e8:1a:e5:
fd:0a:87:48:3c:bd:3c:43:27:a4:58:dd:3a:8b:02:
e0:f9:f3:fe:d1:23:26:08:a4:ea:4c:d0:da:83:60:
3b:a1:e9:16:dd:b0:ce:9e:de:e1:2f:61:b4:2e:5f:
50:1a:ce:54:96:49:ba:8c:22:66:5e:31:36:8c:a1:
cf:da:4a:92:47:19:84:b6:a5:36:34:e2:02:6b:8e:
14:83:61:a3:10:98:c6:26:e2:cd:74:96:4f:76:92:
0e:e5:80:b1:d7:cc:88:0e:4b:d3:8c:34:35:c3:eb:
35:53:f6:36:a3:39:b5:d1:ea:a3:23:5b:3f:30:cb:
19:2b:63:f0:cf:19:4d:6a:0b:24:4b:d9:bd:68:7a:
c4:f7:6a:dc:00:83:34:03:d5:e4:18:0b:6e:d1:62:
94:a4:f4:41:bf:c0:1b:f1:7b:43:9c:64:01:8c:41:
f8:41:7b:42:11:3b:70:93:4b:fa:e3:08:04:06:6d:
b1:b6:06:b6:70:0f:14:d7:c6:83:21:59:9c:4f:8f:
56:65:83:d4:e7:f8:bb:79:10:26:28:8a:57:ce:1d:
b4:4d:aa:c0:74:4c:a0:73:dd:f7:cc:0a:2a:d5:72:
d5:cc:07:ac:b9:53:8d:5c:77:02:bd:43:b4:13:e4:
cb:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:DA:A5:F3:82:35:00:46:35:90:5D:79:E5:B8:5C:01:D3:85:13:59
X509v3 Authority Key Identifier:
keyid:18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/edql84I1AEY1kF155bhcAdOFE1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.28.0/22
217.169.224.0/20
IPv6:
2a04:8f80:2000::/36
Signature Algorithm: sha256WithRSAEncryption
bb:fa:8d:fe:5a:a1:8a:61:27:5e:76:55:66:34:ad:fc:c6:84:
77:8d:05:22:88:06:d3:ea:c0:56:4d:3d:3e:30:c7:4c:92:53:
43:9d:6c:80:82:69:12:b6:57:f2:bc:39:70:87:a4:34:7a:a9:
4c:1e:95:28:a2:7a:e0:59:1a:94:1b:58:88:40:9d:1e:69:10:
6c:f4:be:6b:55:cd:2b:04:64:59:69:48:df:a8:d8:f5:16:53:
a1:be:f8:85:e8:23:89:34:90:22:e7:89:d8:a1:48:d2:79:cc:
d6:a6:8e:a2:05:9c:fd:ef:17:d1:39:d4:6d:b7:d6:df:97:f2:
a5:71:3a:ad:8f:ab:43:8c:b3:b9:34:bd:53:8c:c9:a5:74:aa:
ca:b7:e4:e6:4a:65:2e:52:fc:53:6b:c4:0b:8a:50:7a:94:be:
8c:91:52:a6:f0:61:33:c6:73:49:93:e5:a5:05:16:17:7f:95:
f4:31:ab:a6:f4:2c:23:25:a2:83:7a:5c:66:68:c7:2d:62:99:
c9:b1:30:3a:ca:d2:10:13:7f:5c:50:7c:af:93:be:8b:39:1a:
28:06:b8:32:a8:e2:24:31:e3:ba:3a:e2:57:b9:87:3d:da:da:
34:be:86:82:96:7d:c8:5d:45:97:a1:2c:2e:ff:25:28:a9:2d:
23:65:87:47
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZDudJAbXGW3/DuUSsTvDOVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MzBlNjAzZTljYThjMDVkNGMxYmM2MmIwYjc2ZTdiZDlk
MTg5MDkwHhcNMjQwNzI2MDk1MjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWRhYTVmMzgyMzUwMDQ2MzU5MDVkNzllNWI4NWMwMWQzODUxMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxViHWeqq4ilLF3oGuX9CodIPL08
QyekWN06iwLg+fP+0SMmCKTqTNDag2A7oekW3bDOnt7hL2G0Ll9QGs5Ulkm6jCJm
XjE2jKHP2kqSRxmEtqU2NOICa44Ug2GjEJjGJuLNdJZPdpIO5YCx18yIDkvTjDQ1
w+s1U/Y2ozm10eqjI1s/MMsZK2PwzxlNagskS9m9aHrE92rcAIM0A9XkGAtu0WKU
pPRBv8Ab8XtDnGQBjEH4QXtCETtwk0v64wgEBm2xtga2cA8U18aDIVmcT49WZYPU
5/i7eRAmKIpXzh20TarAdEygc933zAoq1XLVzAesuVONXHcCvUO0E+TLnQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHnapfOCNQBGNZBdeeW4XAHThRNZMB8GA1UdIwQY
MBaAFBgw5gPpyowF1MG8YrC3bnvZ0YkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYt
MTc4OWU2NGQzMjEwLzEvZWRxbDg0STFBRVkxa0YxNTViaGNBZE9GRTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYtMTc4OWU2NGQzMjEw
LzEvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCLZYcAwQE
2angMA4EAgACMAgDBgQqBI+AIDANBgkqhkiG9w0BAQsFAAOCAQEAu/qN/lqhimEn
XnZVZjSt/MaEd40FIogG0+rAVk09PjDHTJJTQ51sgIJpErZX8rw5cIekNHqpTB6V
KKJ64FkalBtYiECdHmkQbPS+a1XNKwRkWWlI36jY9RZTob74hegjiTSQIueJ2KFI
0nnM1qaOogWc/e8X0TnUbbfW35fypXE6rY+rQ4yzuTS9U4zJpXSqyrfk5kplLlL8
U2vEC4pQepS+jJFSpvBhM8ZzSZPlpQUWF3+V9DGrpvQsIyWig3pcZmjHLWKZybEw
OsrSEBN/XFB8r5O+izkaKAa4MqjiJDHjujriV7mHPdraNL6GgpZ9yF1Fl6EsLv8l
KKktI2WHRw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:04 2024 by rpki-client on console-fra.rpki-client.org