Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/rwt5oht0TgJH3_j0YKODiMyqDPQ.roa
File: rwt5oht0TgJH3_j0YKODiMyqDPQ.roa (raw, json)
Hash identifier: 7JeYqHcrWUAeOJEmLbTWMhgHfLaiqcWRE/5+38j9Obo=
Subject key identifier: AF:0B:79:A2:1B:74:4E:02:47:DF:F8:F4:60:A3:83:88:CC:AA:0C:F4
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 0190424238D38620C61EE7662A8DA81A7A09
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/rwt5oht0TgJH3_j0YKODiMyqDPQ.roa
Signing time: Sat 22 Jun 2024 23:22:34 +0000
ROA not before: Sat 22 Jun 2024 23:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35661
IP address blocks: 45.157.116.0/22 maxlen: 24
185.10.16.0/22 maxlen: 24
185.154.152.0/22 maxlen: 24
188.214.24.0/24 maxlen: 24
194.147.97.0/24 maxlen: 24
194.147.105.0/24 maxlen: 24
194.147.109.0/24 maxlen: 24
2a03:5840::/32 maxlen: 32
2a07:8dc0::/29 maxlen: 32
2a0d:e680::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:42:42:38:d3:86:20:c6:1e:e7:66:2a:8d:a8:1a:7a:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jun 22 23:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af0b79a21b744e0247dff8f460a38388ccaa0cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:94:15:2b:a9:97:24:0b:07:23:9d:40:09:cc:
ec:6d:9a:96:1f:7e:82:63:7b:0d:4a:70:29:7c:5b:
b7:4c:8a:e2:42:9a:18:5b:39:87:33:85:e1:23:56:
c4:a8:d8:7a:40:db:fd:71:2c:f4:fa:39:dd:d3:9c:
da:f5:fc:21:21:2e:14:96:4a:44:26:f9:aa:8b:2c:
3b:53:e1:fb:83:e9:79:37:d5:f0:87:3d:c0:5b:05:
cf:2f:f0:83:60:41:27:a5:89:2b:4f:17:8b:c0:7c:
4f:09:67:55:46:e0:54:53:68:ac:7b:da:be:b8:21:
7f:f3:39:81:81:73:ec:7f:b6:5d:de:ef:10:94:83:
46:59:d7:6b:55:01:47:ca:6b:7f:de:ff:09:c4:6f:
f0:88:a8:b0:aa:b8:ec:cf:74:2f:4a:4b:20:5a:13:
05:42:87:01:78:a2:fd:5e:64:d8:1e:f3:c2:4c:46:
c7:99:5f:b8:77:b0:cd:ac:c2:62:f5:64:a4:ed:6a:
bc:dd:4b:82:0d:16:0f:ef:80:b0:86:70:fe:99:f2:
54:cf:3e:29:53:c4:89:9c:01:65:e7:ed:af:2f:d5:
c9:4d:ed:2c:12:3a:42:be:d3:5f:68:dc:cd:c6:10:
08:11:69:64:e0:74:38:c2:69:62:04:fb:ec:b6:66:
5b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0B:79:A2:1B:74:4E:02:47:DF:F8:F4:60:A3:83:88:CC:AA:0C:F4
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/rwt5oht0TgJH3_j0YKODiMyqDPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.116.0/22
185.10.16.0/22
185.154.152.0/22
188.214.24.0/24
194.147.97.0/24
194.147.105.0/24
194.147.109.0/24
IPv6:
2a03:5840::/32
2a07:8dc0::/29
2a0d:e680::/29
Signature Algorithm: sha256WithRSAEncryption
3d:34:b0:b2:84:7e:3e:e5:33:90:71:d5:49:ef:9a:e7:8d:0e:
04:e6:83:bb:0e:e0:de:2b:62:21:81:c0:df:b1:f5:4a:21:be:
a7:6b:e0:e6:21:37:7a:f8:f5:40:d6:d6:e6:83:0c:cb:f0:69:
9c:1e:d1:8b:c1:87:67:56:6c:c6:55:44:ed:15:f7:8c:b3:2e:
fa:3f:e7:9b:ce:1d:60:ab:42:b7:fd:05:a8:c2:bd:0e:3f:2b:
85:b0:3c:e3:f8:b0:fa:c5:bb:8a:55:fb:7a:4e:45:d7:47:67:
29:32:38:79:13:27:91:94:10:92:bb:56:b3:cc:2a:a3:df:b0:
b4:70:7d:8d:d2:b8:8a:e5:55:57:f7:87:0b:32:b3:a2:07:b3:
47:4f:0c:9d:2d:43:c4:b5:aa:89:d8:f3:0a:63:6d:8e:ca:67:
71:15:c3:ac:05:c6:93:64:ad:2b:5d:d4:0c:04:ea:4b:ad:d5:
01:db:be:9b:8a:5d:97:6d:93:df:6e:6f:fb:ea:f4:bc:a6:01:
1d:42:5e:74:fd:df:f7:f1:0e:1c:92:c7:8c:8b:ca:f3:b2:1e:
3c:6d:9b:3a:2a:d4:62:d7:d4:bd:9f:91:5b:d9:9a:6e:8d:5d:
21:cd:d6:30:b8:1f:9d:3d:52:49:09:90:40:5c:e2:c8:74:98:
52:30:a8:f9
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZBCQjjThiDGHudmKo2oGnoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjQwNjIyMjMyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjBiNzlhMjFiNzQ0ZTAyNDdkZmY4ZjQ2MGEzODM4OGNjYWEwY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZQVK6mXJAsHI51ACczsbZqWH36C
Y3sNSnApfFu3TIriQpoYWzmHM4XhI1bEqNh6QNv9cSz0+jnd05za9fwhIS4UlkpE
Jvmqiyw7U+H7g+l5N9Xwhz3AWwXPL/CDYEEnpYkrTxeLwHxPCWdVRuBUU2ise9q+
uCF/8zmBgXPsf7Zd3u8QlINGWddrVQFHymt/3v8JxG/wiKiwqrjsz3QvSksgWhMF
QocBeKL9XmTYHvPCTEbHmV+4d7DNrMJi9WSk7Wq83UuCDRYP74CwhnD+mfJUzz4p
U8SJnAFl5+2vL9XJTe0sEjpCvtNfaNzNxhAIEWlk4HQ4wmliBPvstmZbQwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFK8LeaIbdE4CR9/49GCjg4jMqgz0MB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvcnd0NW9odDBUZ0pIM19qMFlLT0RpTXlxRFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQCLZ10AwQC
uQoQAwQCuZqYAwQAvNYYAwQAwpNhAwQAwpNpAwQAwpNtMBsEAgACMBUDBQAqA1hA
AwUDKgeNwAMFAyoN5oAwDQYJKoZIhvcNAQELBQADggEBAD00sLKEfj7lM5Bx1Unv
mueNDgTmg7sO4N4rYiGBwN+x9Uohvqdr4OYhN3r49UDW1uaDDMvwaZwe0YvBh2dW
bMZVRO0V94yzLvo/55vOHWCrQrf9BajCvQ4/K4WwPOP4sPrFu4pV+3pORddHZyky
OHkTJ5GUEJK7VrPMKqPfsLRwfY3SuIrlVVf3hwsys6IHs0dPDJ0tQ8S1qonY8wpj
bY7KZ3EVw6wFxpNkrStd1AwE6kut1QHbvpuKXZdtk99ub/vq9LymAR1CXnT93/fx
DhySx4yLyvOyHjxtmzoq1GLX1L2fkVvZmm6NXSHN1jC4H509UkkJkEBc4sh0mFIw
qPk=
-----END CERTIFICATE-----
Generated at Tue Nov 26 06:37:27 2024 by rpki-client on console-fra.rpki-client.org