Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/FizIZCgrUxnb91F-1lnA1kJnmPo.roa
File: FizIZCgrUxnb91F-1lnA1kJnmPo.roa (raw, json)
Hash identifier: qcJ/tc8fiDickn1OFx/Kmw0vCrRTYCU0WqoJNNzoZC0=
Subject key identifier: 16:2C:C8:64:28:2B:53:19:DB:F7:51:7E:D6:59:C0:D6:42:67:98:FA
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 01932CBB54EF1E814947EA0DD334C0B0DEFC
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/FizIZCgrUxnb91F-1lnA1kJnmPo.roa
Signing time: Thu 14 Nov 2024 22:11:34 +0000
ROA not before: Thu 14 Nov 2024 22:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47952
IP address blocks: 45.139.220.0/24 maxlen: 24
45.139.221.0/24 maxlen: 24
45.139.223.0/24 maxlen: 24
45.145.21.0/24 maxlen: 24
45.145.22.0/24 maxlen: 24
45.145.23.0/24 maxlen: 24
91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.82.220.0/24 maxlen: 24
185.82.221.0/24 maxlen: 24
185.82.222.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0::/48 maxlen: 48
2a0a:c4c0:1::/48 maxlen: 48
2a0a:c4c0:2::/48 maxlen: 48
2a0a:c4c0:3::/48 maxlen: 48
2a0a:c4c0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2c:bb:54:ef:1e:81:49:47:ea:0d:d3:34:c0:b0:de:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Nov 14 22:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=162cc864282b5319dbf7517ed659c0d6426798fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ae:3a:74:17:35:28:77:27:2c:87:ef:6b:9f:
42:ac:4e:05:28:b8:fb:ab:bd:cd:60:e5:bb:ca:6c:
64:56:6e:70:c3:5b:9f:76:50:6c:64:1f:3b:ad:83:
2f:23:44:ed:1c:97:51:1e:a8:d2:99:10:bd:3f:d6:
c8:11:7c:7c:3f:7a:7e:90:5c:02:86:5a:a3:59:52:
0f:70:44:6f:c5:c7:be:8a:07:8b:a2:7f:98:c7:aa:
d6:61:ae:80:69:e2:0f:cb:b7:0d:4d:08:06:da:e8:
0c:6b:4e:d2:af:b8:d2:44:3b:b9:23:a3:b3:cb:4c:
e9:a5:75:04:86:f0:d6:d2:5c:14:d4:98:2c:ca:04:
44:2b:3d:62:c8:a7:5c:d0:8b:f3:3c:a0:0f:da:f1:
8c:75:81:b6:0e:dd:18:bf:48:9b:8d:a9:15:2b:14:
19:d6:4f:4d:85:ab:7e:b9:fc:f5:72:2c:ec:63:8e:
df:d0:c1:58:a8:78:42:18:55:ae:a0:6c:df:12:36:
1a:bb:6e:15:5d:c7:c0:04:3e:1b:88:84:00:a2:8f:
66:10:76:97:58:80:35:51:8e:31:09:c6:09:8a:f0:
3c:c4:88:17:4b:4d:e6:fd:76:21:6b:57:81:e3:b8:
18:36:89:9c:f7:68:9c:91:f1:7c:4e:94:91:10:da:
04:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2C:C8:64:28:2B:53:19:DB:F7:51:7E:D6:59:C0:D6:42:67:98:FA
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/FizIZCgrUxnb91F-1lnA1kJnmPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.220.0/23
45.139.223.0/24
45.145.21.0-45.145.23.255
91.194.52.0/24
91.194.54.0/24
185.82.220.0/22
185.201.212.0/22
IPv6:
2a0a:c4c0::/46
2a0a:c4c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
7c:fb:1d:37:88:78:bc:7c:cd:63:55:b2:84:1f:a4:37:01:a9:
5d:ec:e4:3e:62:25:0c:cc:44:24:43:a9:b6:4e:f9:99:61:73:
6f:cb:34:d7:14:b7:51:10:eb:ce:07:6c:9d:33:41:48:db:6d:
55:cd:1e:10:ae:b4:4d:4f:14:c1:5a:3e:01:07:e0:6a:7d:e3:
02:47:20:40:c8:17:37:b8:22:a0:27:ae:89:64:fa:08:ca:e9:
f2:85:1d:18:87:56:f5:81:ac:7f:45:85:bc:56:ad:e3:f2:11:
5b:1c:b4:b1:50:bb:96:ba:60:fa:fa:57:2c:e8:c5:e8:76:34:
cb:6e:61:0d:a2:20:f8:67:69:ec:2c:e1:04:fc:94:2f:b7:75:
f1:d5:ce:0c:3d:99:ad:e1:8c:a8:44:19:58:3b:21:c8:bf:97:
7d:0e:bd:c5:ae:38:38:27:93:e4:76:18:27:32:f5:5f:f6:95:
ec:62:e1:a2:25:8c:99:e1:3a:c2:4f:0d:c7:30:a9:38:f3:f5:
95:66:06:f6:92:99:f5:c1:bc:64:ae:14:fb:4e:48:53:a6:1f:
38:78:2a:41:d9:d4:84:47:c9:e8:fb:df:57:0e:86:71:95:5f:
93:96:76:c7:f5:ad:a1:f0:46:41:a1:87:52:10:03:83:f2:af:
3b:d5:3f:c7
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZMsu1TvHoFJR+oN0zTAsN78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjQxMTE0MjIxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjJjYzg2NDI4MmI1MzE5ZGJmNzUxN2VkNjU5YzBkNjQyNjc5OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs646dBc1KHcnLIfva59CrE4FKLj7
q73NYOW7ymxkVm5ww1ufdlBsZB87rYMvI0TtHJdRHqjSmRC9P9bIEXx8P3p+kFwC
hlqjWVIPcERvxce+igeLon+Yx6rWYa6AaeIPy7cNTQgG2ugMa07Sr7jSRDu5I6Oz
y0zppXUEhvDW0lwU1JgsygREKz1iyKdc0IvzPKAP2vGMdYG2Dt0Yv0ibjakVKxQZ
1k9Nhat+ufz1cizsY47f0MFYqHhCGFWuoGzfEjYau24VXcfABD4biIQAoo9mEHaX
WIA1UY4xCcYJivA8xIgXS03m/XYha1eB47gYNomc92ickfF8TpSRENoEewIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFBYsyGQoK1MZ2/dRftZZwNZCZ5j6MB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvRml6SVpDZ3JVeG5iOTFGLTFsbkExa0pubVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA4BAIAATAyAwQBLYvcAwQA
LYvfMAwDBAAtkRUDBAMtkRADBABbwjQDBABbwjYDBAK5UtwDBAK5ydQwGAQCAAIw
EgMHAioKxMAAAAMHACoKxMABADANBgkqhkiG9w0BAQsFAAOCAQEAfPsdN4h4vHzN
Y1WyhB+kNwGpXezkPmIlDMxEJEOptk75mWFzb8s01xS3URDrzgdsnTNBSNttVc0e
EK60TU8UwVo+AQfgan3jAkcgQMgXN7gioCeuiWT6CMrp8oUdGIdW9YGsf0WFvFat
4/IRWxy0sVC7lrpg+vpXLOjF6HY0y25hDaIg+Gdp7CzhBPyUL7d18dXODD2ZreGM
qEQZWDshyL+XfQ69xa44OCeT5HYYJzL1X/aV7GLhoiWMmeE6wk8NxzCpOPP1lWYG
9pKZ9cG8ZK4U+05IU6YfOHgqQdnUhEfJ6PvfVw6GcZVfk5Z2x/WtofBGQaGHUhAD
g/KvO9U/xw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:08:54 2024 by rpki-client on console-ams.rpki-client.org