Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/FJROu22Iv8drfZ0CNUXjPr6I-ck.roa
File: FJROu22Iv8drfZ0CNUXjPr6I-ck.roa (raw, json)
Hash identifier: WMts81Ck38QyWHvPRQEp3bWMw3hZ5YwMjfKn7o48YWo=
Subject key identifier: 14:94:4E:BB:6D:88:BF:C7:6B:7D:9D:02:35:45:E3:3E:BE:88:F9:C9
Certificate issuer: /CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Certificate serial: 019251722819481B5022F15F7757E1A64D7D
Authority key identifier: DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/FJROu22Iv8drfZ0CNUXjPr6I-ck.roa
Signing time: Thu 03 Oct 2024 08:14:48 +0000
ROA not before: Thu 03 Oct 2024 08:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28756
IP address blocks: 145.64.128.0/21 maxlen: 21
145.64.128.0/22 maxlen: 22
145.64.130.0/24 maxlen: 24
145.64.132.0/22 maxlen: 22
145.64.132.0/23 maxlen: 23
145.64.134.0/24 maxlen: 24
145.64.135.0/24 maxlen: 24
145.64.136.0/22 maxlen: 22
145.64.136.0/24 maxlen: 24
145.64.137.0/24 maxlen: 24
145.64.138.0/24 maxlen: 24
145.64.140.0/22 maxlen: 22
145.64.144.0/20 maxlen: 20
145.64.144.0/23 maxlen: 23
145.64.146.0/24 maxlen: 24
145.64.147.0/24 maxlen: 24
145.64.148.0/24 maxlen: 24
145.64.149.0/24 maxlen: 24
145.64.152.0/23 maxlen: 23
145.64.157.0/24 maxlen: 24
145.64.158.0/24 maxlen: 24
145.64.159.0/24 maxlen: 24
145.64.160.0/20 maxlen: 20
145.64.160.0/24 maxlen: 24
145.64.161.0/24 maxlen: 24
145.64.162.0/24 maxlen: 24
145.64.170.0/24 maxlen: 24
145.64.240.0/21 maxlen: 21
145.64.240.0/22 maxlen: 22
145.64.241.0/24 maxlen: 24
145.64.242.0/24 maxlen: 24
145.64.244.0/22 maxlen: 22
145.64.245.0/24 maxlen: 24
145.64.246.0/24 maxlen: 24
145.64.248.0/21 maxlen: 21
145.64.248.0/22 maxlen: 22
145.64.248.0/24 maxlen: 24
145.64.250.0/24 maxlen: 24
145.64.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:72:28:19:48:1b:50:22:f1:5f:77:57:e1:a6:4d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Validity
Not Before: Oct 3 08:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14944ebb6d88bfc76b7d9d023545e33ebe88f9c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:54:2b:17:23:56:9c:20:8b:e8:5d:cd:92:7e:
18:b8:9c:85:49:e4:30:d2:68:3a:7d:90:5d:48:64:
3a:c5:35:cc:aa:6d:27:ae:01:36:06:01:04:e2:2a:
a6:a8:4e:86:d7:17:62:f7:2d:08:0b:12:9e:f2:1d:
ed:46:22:2a:6e:15:df:9b:87:5f:4d:e1:05:c4:00:
c9:cd:5c:11:b2:c1:d8:a2:97:73:ff:50:68:f3:ec:
6e:ac:03:c2:bb:ae:4e:ad:7f:dc:f3:2f:e8:74:26:
ff:df:84:c1:9c:90:1e:18:40:4a:76:29:98:50:e4:
78:6e:e0:e7:09:ce:ff:ce:25:37:8c:dd:04:46:77:
d1:78:b4:c0:b1:6c:8b:4e:64:b2:9a:a7:0f:9e:82:
98:08:c1:6f:87:28:a7:2e:8d:e4:f0:ef:79:97:bc:
11:a6:35:07:c5:66:2c:83:7d:be:1b:80:61:af:0a:
c8:68:c6:06:44:d6:da:87:60:11:38:ea:eb:23:5c:
fa:aa:07:e3:90:1b:ec:03:41:ae:07:49:56:27:96:
db:6e:b7:16:38:6d:11:38:c8:59:d3:3f:45:bf:46:
ca:1b:aa:04:f8:e2:7b:e1:c4:81:12:bc:3c:50:e9:
42:ea:90:36:49:46:a7:74:95:87:6d:45:2e:01:14:
b4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:94:4E:BB:6D:88:BF:C7:6B:7D:9D:02:35:45:E3:3E:BE:88:F9:C9
X509v3 Authority Key Identifier:
keyid:DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/FJROu22Iv8drfZ0CNUXjPr6I-ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.64.128.0-145.64.175.255
145.64.240.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:19:a3:fa:d3:d3:56:0c:82:48:b2:0c:ae:6f:53:a5:eb:c3:
6d:71:36:59:85:04:1a:6c:c9:89:56:d1:7a:a0:5d:e6:32:7c:
1a:79:42:6c:d1:e7:2c:2b:b5:2a:1b:95:6d:23:3b:46:b0:10:
5d:de:7d:34:37:1a:66:25:12:b8:92:6e:fe:c5:09:2b:36:e1:
ad:a0:c4:9f:a7:56:ce:6d:1e:e7:e8:f7:97:f2:5b:a2:63:d7:
3b:a9:3d:73:c2:15:27:c1:cd:b7:d2:49:b2:b9:12:0c:34:4f:
1b:6d:4a:e2:11:e6:3e:82:54:e8:3a:a3:25:43:e8:d4:40:6d:
25:cc:06:20:45:67:82:a5:9f:68:30:27:e5:18:80:45:77:9d:
bd:53:38:32:d3:15:f0:47:d2:24:c2:ab:15:7a:83:0a:83:f5:
30:30:e7:a6:5e:08:32:16:4d:58:9c:bb:c6:f7:76:58:0f:93:
3f:e8:d6:25:92:78:ab:64:29:ef:6c:a0:d1:38:77:b6:c5:91:
0f:01:eb:e0:23:27:55:71:22:7f:e3:76:d0:8a:13:ee:dc:b5:
cc:fd:3f:08:93:63:b3:ef:70:3f:d2:e7:92:d9:11:40:e7:79:
d6:6d:e4:43:9f:39:e6:88:80:6a:11:21:cb:5f:4c:86:a1:34:
ce:25:35:2e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJRcigZSBtQIvFfd1fhpk19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzc3YjVkMDIyYmYwYmU0YTYyMjRiNDdlZWE2Y2EwYjgx
YmYwMzcwHhcNMjQxMDAzMDgxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDk0NGViYjZkODhiZmM3NmI3ZDlkMDIzNTQ1ZTMzZWJlODhmOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVQrFyNWnCCL6F3Nkn4YuJyFSeQw
0mg6fZBdSGQ6xTXMqm0nrgE2BgEE4iqmqE6G1xdi9y0ICxKe8h3tRiIqbhXfm4df
TeEFxADJzVwRssHYopdz/1Bo8+xurAPCu65OrX/c8y/odCb/34TBnJAeGEBKdimY
UOR4buDnCc7/ziU3jN0ERnfReLTAsWyLTmSymqcPnoKYCMFvhyinLo3k8O95l7wR
pjUHxWYsg32+G4BhrwrIaMYGRNbah2AROOrrI1z6qgfjkBvsA0GuB0lWJ5bbbrcW
OG0ROMhZ0z9Fv0bKG6oE+OJ74cSBErw8UOlC6pA2SUandJWHbUUuARS0LwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBSUTrttiL/Ha32dAjVF4z6+iPnJMB8GA1UdIwQY
MBaAFNw3e10CK/C+SmIktH7qbKC4G/A3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2It
OGIwNWI3NzhlMGQ1LzEvRkpST3UyMkl2OGRyZlowQ05VWGpQcjZJLWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2ItOGIwNWI3NzhlMGQ1
LzEvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAeRQIAD
BASRQKADBASRQPAwDQYJKoZIhvcNAQELBQADggEBAI4Zo/rT01YMgkiyDK5vU6Xr
w21xNlmFBBpsyYlW0XqgXeYyfBp5QmzR5ywrtSoblW0jO0awEF3efTQ3GmYlEriS
bv7FCSs24a2gxJ+nVs5tHufo95fyW6Jj1zupPXPCFSfBzbfSSbK5Egw0TxttSuIR
5j6CVOg6oyVD6NRAbSXMBiBFZ4Kln2gwJ+UYgEV3nb1TODLTFfBH0iTCqxV6gwqD
9TAw56ZeCDIWTVicu8b3dlgPkz/o1iWSeKtkKe9soNE4d7bFkQ8B6+AjJ1VxIn/j
dtCKE+7ctcz9PwiTY7PvcD/S55LZEUDnedZt5EOfOeaIgGoRIctfTIahNM4lNS4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:20 2024 by rpki-client on console-fra.rpki-client.org