Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/8chLrQJZBM2ehbM6ngISNL4ft0E.roa
File: 8chLrQJZBM2ehbM6ngISNL4ft0E.roa (raw, json)
Hash identifier: IJ3cIllvxoPm4uRO4mO9XD4bQB1+BdKJH7rI1OC3XLQ=
Subject key identifier: F1:C8:4B:AD:02:59:04:CD:9E:85:B3:3A:9E:02:12:34:BE:1F:B7:41
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018F2DEC28A3951DBB2648D772CC0A576243
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/8chLrQJZBM2ehbM6ngISNL4ft0E.roa
Signing time: Tue 30 Apr 2024 07:33:22 +0000
ROA not before: Tue 30 Apr 2024 07:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 45.93.213.0/24 maxlen: 24
45.93.214.0/24 maxlen: 24
45.151.234.0/24 maxlen: 24
45.151.235.0/24 maxlen: 24
77.83.246.0/24 maxlen: 24
160.20.156.0/24 maxlen: 24
160.20.157.0/24 maxlen: 24
185.68.186.0/24 maxlen: 24
185.68.187.0/24 maxlen: 24
185.71.214.0/24 maxlen: 24
185.71.215.0/24 maxlen: 24
185.73.180.0/24 maxlen: 24
185.73.181.0/24 maxlen: 24
185.75.132.0/24 maxlen: 24
185.77.138.0/24 maxlen: 24
185.77.139.0/24 maxlen: 24
185.79.132.0/24 maxlen: 24
185.79.133.0/24 maxlen: 24
185.88.98.0/24 maxlen: 24
185.88.99.0/24 maxlen: 24
185.95.228.0/24 maxlen: 24
185.100.156.0/24 maxlen: 24
185.102.114.0/24 maxlen: 24
185.111.24.0/24 maxlen: 24
185.182.130.0/24 maxlen: 24
185.182.131.0/24 maxlen: 24
193.38.228.0/24 maxlen: 24
193.38.229.0/24 maxlen: 24
193.38.230.0/24 maxlen: 24
193.38.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:ec:28:a3:95:1d:bb:26:48:d7:72:cc:0a:57:62:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Apr 30 07:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1c84bad025904cd9e85b33a9e021234be1fb741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2b:32:8e:00:66:52:a1:b4:a7:1e:26:a6:6b:
2a:f7:7e:17:3e:58:c9:02:18:c2:3d:cb:f7:95:bd:
e9:7b:ab:c6:c4:a0:fc:dd:c8:71:5d:36:e4:9d:96:
3c:96:4b:29:20:63:8f:06:be:78:31:f5:f9:7d:79:
49:a1:79:71:ee:b2:cd:86:db:44:8c:72:6e:19:31:
68:f0:ce:f1:d7:42:80:68:de:8d:a6:63:cd:03:c3:
ad:f7:47:a1:58:83:12:c9:9c:93:8f:93:72:b0:2d:
24:1a:c0:0b:24:78:be:d6:05:90:23:a7:fd:32:f1:
d7:84:da:cb:5c:b6:10:c2:dd:f2:67:63:fa:b6:8a:
93:db:84:4e:42:d1:7c:4e:6c:07:9f:58:4b:c4:2e:
87:c1:4e:d9:e4:fe:d7:af:6e:3e:7e:41:8e:a6:d6:
21:1a:d8:bf:28:ad:9b:ca:97:68:16:3c:0a:fd:66:
7d:ac:07:0f:2a:3c:e7:f3:d3:93:d7:cc:bf:1f:b8:
b8:57:09:64:8e:a8:5d:67:40:82:a0:3f:a4:5c:99:
e1:a6:35:55:eb:a7:40:58:29:b0:cb:49:b2:88:d0:
5b:31:30:81:62:1c:a3:46:6a:4d:6d:74:d8:fc:fc:
28:0f:e5:2d:bb:6b:b5:9e:46:95:ea:cf:7a:e1:73:
d0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C8:4B:AD:02:59:04:CD:9E:85:B3:3A:9E:02:12:34:BE:1F:B7:41
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/8chLrQJZBM2ehbM6ngISNL4ft0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.213.0-45.93.214.255
45.151.234.0/23
77.83.246.0/24
160.20.156.0/23
185.68.186.0/23
185.71.214.0/23
185.73.180.0/23
185.75.132.0/24
185.77.138.0/23
185.79.132.0/23
185.88.98.0/23
185.95.228.0/24
185.100.156.0/24
185.102.114.0/24
185.111.24.0/24
185.182.130.0/23
193.38.228.0/22
Signature Algorithm: sha256WithRSAEncryption
94:f9:8b:2e:6f:25:7c:e3:57:b3:1e:a7:34:f1:01:f3:6a:de:
72:0e:12:4e:67:6d:f0:74:14:f4:7c:82:7c:48:a6:e9:b2:cb:
08:41:04:8a:8f:d7:e3:b2:d1:b4:3c:f8:7e:eb:3e:2c:3d:72:
2b:16:a1:f9:23:41:23:b9:0b:ba:8d:e1:59:42:56:24:74:a4:
4f:10:99:96:be:2a:3c:78:88:17:a3:8a:8f:70:f6:84:67:e5:
7f:fc:f2:a2:75:da:ea:94:a2:c0:31:5b:ca:7e:e4:d7:40:30:
33:c0:71:4c:c0:db:74:37:a7:28:23:80:e0:bf:50:a0:e2:31:
e3:8e:ef:28:49:6a:20:39:2f:47:f3:67:ba:ad:d0:27:2c:30:
61:b2:8e:53:a4:85:c9:2a:4c:9a:a7:11:2a:06:d9:a9:b2:5b:
66:9d:03:f4:29:55:0b:cc:df:b5:ae:2c:36:b5:9b:a6:ec:74:
e3:64:d9:ac:74:0d:8e:96:ee:26:e5:bc:5c:b2:df:59:ed:ba:
0a:c7:00:90:83:a8:20:03:a4:a0:81:fa:d1:7d:e8:48:83:f0:
04:42:84:8c:9f:79:89:1f:5a:7e:08:61:d9:e2:21:20:a7:f9:
3a:3b:72:bd:ad:eb:22:c2:73:0d:11:9d:33:cd:1a:52:a6:23:
46:73:98:cc
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY8t7CijlR27JkjXcswKV2JDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwNDMwMDczMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWM4NGJhZDAyNTkwNGNkOWU4NWIzM2E5ZTAyMTIzNGJlMWZiNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ysyjgBmUqG0px4mpmsq934XPljJ
AhjCPcv3lb3pe6vGxKD83chxXTbknZY8lkspIGOPBr54MfX5fXlJoXlx7rLNhttE
jHJuGTFo8M7x10KAaN6NpmPNA8Ot90ehWIMSyZyTj5NysC0kGsALJHi+1gWQI6f9
MvHXhNrLXLYQwt3yZ2P6toqT24ROQtF8TmwHn1hLxC6HwU7Z5P7Xr24+fkGOptYh
Gti/KK2bypdoFjwK/WZ9rAcPKjzn89OT18y/H7i4VwlkjqhdZ0CCoD+kXJnhpjVV
66dAWCmwy0myiNBbMTCBYhyjRmpNbXTY/PwoD+Utu2u1nkaV6s964XPQNwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFPHIS60CWQTNnoWzOp4CEjS+H7dBMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvOGNoTHJRSlpCTTJlaGJNNm5nSVNOTDRmdDBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbjAMAwQALV3V
AwQALV3WAwQBLZfqAwQATVP2AwQBoBScAwQBuUS6AwQBuUfWAwQBuUm0AwQAuUuE
AwQBuU2KAwQBuU+EAwQBuVhiAwQAuV/kAwQAuWScAwQAuWZyAwQAuW8YAwQBubaC
AwQCwSbkMA0GCSqGSIb3DQEBCwUAA4IBAQCU+YsubyV841ezHqc08QHzat5yDhJO
Z23wdBT0fIJ8SKbpsssIQQSKj9fjstG0PPh+6z4sPXIrFqH5I0EjuQu6jeFZQlYk
dKRPEJmWvio8eIgXo4qPcPaEZ+V//PKiddrqlKLAMVvKfuTXQDAzwHFMwNt0N6co
I4Dgv1Cg4jHjju8oSWogOS9H82e6rdAnLDBhso5TpIXJKkyapxEqBtmpsltmnQP0
KVULzN+1riw2tZum7HTjZNmsdA2Olu4m5bxcst9Z7boKxwCQg6ggA6SggfrRfehI
g/AEQoSMn3mJH1p+CGHZ4iEgp/k6O3K9resiwnMNEZ0zzRpSpiNGc5jM
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:43:39 2024 by rpki-client on console-fra.rpki-client.org