Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/p9icaqo4eZFIFqd3ZGkYRm6LEdE.roa
File: p9icaqo4eZFIFqd3ZGkYRm6LEdE.roa (raw, json)
Hash identifier: vwbGP0kKGPNyqf88Ip6R7Lfe6PRKb9SUUmvZGVoUsbo=
Subject key identifier: A7:D8:9C:6A:AA:38:79:91:48:16:A7:77:64:69:18:46:6E:8B:11:D1
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 018E62840D6204EB8AB743D9340AEC2C233B
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/p9icaqo4eZFIFqd3ZGkYRm6LEdE.roa
Signing time: Thu 21 Mar 2024 19:36:45 +0000
ROA not before: Thu 21 Mar 2024 19:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47952
IP address blocks: 45.139.221.0/24 maxlen: 24
45.139.223.0/24 maxlen: 24
45.145.21.0/24 maxlen: 24
91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.82.220.0/24 maxlen: 24
185.82.221.0/24 maxlen: 24
185.82.222.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0::/48 maxlen: 48
2a0a:c4c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:62:84:0d:62:04:eb:8a:b7:43:d9:34:0a:ec:2c:23:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Mar 21 19:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7d89c6aaa3879914816a777646918466e8b11d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:66:e1:2e:ba:86:15:ad:dc:85:16:76:ad:d5:
f5:ad:1f:75:0e:3e:d2:43:ab:f1:98:d7:b6:35:2a:
9b:9e:a5:46:c9:87:9b:08:ce:e2:33:a4:87:43:4f:
b3:2d:8f:f2:ae:7c:bd:8b:ca:bc:97:ed:96:15:ad:
7c:be:6e:08:94:f4:0b:79:a5:67:17:57:5e:f0:79:
bd:63:a3:53:e5:18:8b:ec:87:53:a3:73:88:a4:da:
03:9f:c6:49:b2:dd:e3:c9:7f:2c:52:fd:81:fc:c8:
f3:00:f3:f2:c4:13:a1:f8:3f:4d:f7:cb:83:2c:ee:
56:ab:6c:8f:6a:54:8a:cb:27:4d:cc:94:1b:9d:49:
05:6a:11:55:c3:78:f9:16:aa:1c:a9:d1:00:9a:f5:
95:2d:fc:09:1c:e5:cc:e1:a5:dc:bf:7e:b7:19:03:
ff:e3:a9:49:3b:33:39:d0:1d:14:cb:3e:25:3c:48:
80:7f:a9:a4:67:16:0f:83:b1:69:0f:e7:36:91:6e:
ce:43:03:4c:aa:c8:e4:2c:54:e4:2a:8f:71:d4:89:
fb:7d:21:f2:57:d1:9a:2a:9e:e0:a9:b1:40:52:99:
5c:a0:85:2c:ea:a9:6b:0c:37:8c:20:8e:91:58:87:
20:b6:d1:2f:2c:35:34:1f:5c:95:c2:1f:6d:b4:f1:
f0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D8:9C:6A:AA:38:79:91:48:16:A7:77:64:69:18:46:6E:8B:11:D1
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/p9icaqo4eZFIFqd3ZGkYRm6LEdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.221.0/24
45.139.223.0/24
45.145.21.0/24
91.194.52.0/24
91.194.54.0/24
185.82.220.0/22
185.201.212.0/22
IPv6:
2a0a:c4c0::/47
Signature Algorithm: sha256WithRSAEncryption
68:b8:86:51:25:ba:0a:67:48:e3:c2:93:d5:d9:72:a6:67:53:
bf:db:34:f7:9e:3d:66:1b:e9:92:9f:e5:fe:41:44:80:52:ee:
fb:bb:aa:48:06:8b:4e:01:14:64:43:bf:61:85:1c:ff:92:26:
2a:98:9c:32:ac:1d:b7:fa:90:66:7c:d6:14:cf:ca:7c:91:89:
c1:87:f0:8e:0a:2e:e2:94:24:5b:c6:d7:73:f3:fb:4f:76:bb:
24:61:ba:fc:e0:6f:3c:f9:9b:74:11:76:ca:5a:71:11:95:40:
bc:4e:8b:41:c3:ca:bb:e4:a4:a4:a2:da:0f:48:3e:0f:2f:c2:
89:67:1f:21:77:50:85:c2:7f:e6:95:42:49:ac:9c:3a:c2:0f:
91:cf:8e:81:32:10:3a:d3:e3:2d:ea:53:b5:c4:ae:3c:72:f6:
3e:16:29:4c:30:2b:12:fc:cc:cb:7c:95:45:bd:3e:d5:45:cd:
2a:8a:6f:3d:d2:a8:91:50:b1:fa:8a:c8:48:9d:90:cc:5e:56:
2b:29:d9:16:3a:9f:f2:fa:a8:47:15:3c:2c:41:21:34:6d:05:
a9:b9:2b:d0:db:8a:6c:3d:e9:c3:6c:c4:60:88:d3:48:70:0a:
d6:ac:4d:39:da:bf:91:b3:cc:59:54:a3:b6:23:d4:2f:4f:3d:
87:11:04:18
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY5ihA1iBOuKt0PZNArsLCM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjQwMzIxMTkzNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Q4OWM2YWFhMzg3OTkxNDgxNmE3Nzc2NDY5MTg0NjZlOGIxMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2bhLrqGFa3chRZ2rdX1rR91Dj7S
Q6vxmNe2NSqbnqVGyYebCM7iM6SHQ0+zLY/yrny9i8q8l+2WFa18vm4IlPQLeaVn
F1de8Hm9Y6NT5RiL7IdTo3OIpNoDn8ZJst3jyX8sUv2B/MjzAPPyxBOh+D9N98uD
LO5Wq2yPalSKyydNzJQbnUkFahFVw3j5FqocqdEAmvWVLfwJHOXM4aXcv363GQP/
46lJOzM50B0Uyz4lPEiAf6mkZxYPg7FpD+c2kW7OQwNMqsjkLFTkKo9x1In7fSHy
V9GaKp7gqbFAUplcoIUs6qlrDDeMII6RWIcgttEvLDU0H1yVwh9ttPHwMwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFKfYnGqqOHmRSBand2RpGEZuixHRMB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvcDlpY2FxbzRlWkZJRnFkM1pHa1lSbTZMRWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQALYvdAwQA
LYvfAwQALZEVAwQAW8I0AwQAW8I2AwQCuVLcAwQCucnUMA8EAgACMAkDBwEqCsTA
AAAwDQYJKoZIhvcNAQELBQADggEBAGi4hlElugpnSOPCk9XZcqZnU7/bNPeePWYb
6ZKf5f5BRIBS7vu7qkgGi04BFGRDv2GFHP+SJiqYnDKsHbf6kGZ81hTPynyRicGH
8I4KLuKUJFvG13Pz+092uyRhuvzgbzz5m3QRdspacRGVQLxOi0HDyrvkpKSi2g9I
Pg8vwolnHyF3UIXCf+aVQkmsnDrCD5HPjoEyEDrT4y3qU7XErjxy9j4WKUwwKxL8
zMt8lUW9PtVFzSqKbz3SqJFQsfqKyEidkMxeVisp2RY6n/L6qEcVPCxBITRtBam5
K9Dbimw96cNsxGCI00hwCtasTTnav5GzzFlUo7Yj1C9PPYcRBBg=
-----END CERTIFICATE-----
Generated at Mon Jun 3 13:54:10 2024 by rpki-client on console-fra.rpki-client.org