Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/RdELbu1K4J7u7V8EQHEwwtIWGnE.roa
File: RdELbu1K4J7u7V8EQHEwwtIWGnE.roa (raw, json)
Hash identifier: EM3/ycQlm3Rwu97YXm0Vf9GkaBovbHM1o5RuwZM8Rfk=
Subject key identifier: 45:D1:0B:6E:ED:4A:E0:9E:EE:ED:5F:04:40:71:30:C2:D2:16:1A:71
Certificate issuer: /CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Certificate serial: 018CC56EFC991E1E466041FBB25DEE2F1245
Authority key identifier: 9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/RdELbu1K4J7u7V8EQHEwwtIWGnE.roa
Signing time: Mon 01 Jan 2024 14:30:34 +0000
ROA not before: Mon 01 Jan 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196925
IP address blocks: 149.126.112.0/20 maxlen: 20
149.126.118.0/24 maxlen: 24
149.126.117.0/24 maxlen: 24
149.126.116.0/24 maxlen: 24
149.126.119.0/24 maxlen: 24
185.138.12.0/22 maxlen: 22
109.235.192.0/21 maxlen: 21
109.235.193.0/24 maxlen: 24
109.235.199.0/24 maxlen: 24
5.133.224.0/20 maxlen: 20
134.19.208.0/20 maxlen: 20
131.117.128.0/20 maxlen: 20
134.19.217.0/24 maxlen: 24
134.19.216.0/24 maxlen: 24
2a00:9100::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 05:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fc:99:1e:1e:46:60:41:fb:b2:5d:ee:2f:12:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Validity
Not Before: Jan 1 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45d10b6eed4ae09eeeed5f04407130c2d2161a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:91:02:ee:fc:64:76:95:45:17:36:2e:1c:10:
ef:ab:87:bf:d2:2a:81:b0:6c:fd:d3:57:30:0e:a1:
45:bc:0e:46:99:73:cc:f7:3f:ec:92:7c:47:d9:1b:
0d:e3:48:50:78:3e:f3:ce:67:b3:0f:73:56:3a:ce:
b6:b5:81:3f:54:8f:4d:40:80:ab:e0:af:8c:87:43:
05:87:23:3a:d0:3d:fd:8c:68:5f:11:db:cf:39:ef:
94:a5:f1:e3:98:20:8a:bb:5e:53:34:20:ea:d8:12:
f7:a4:a8:20:1e:8a:b4:36:7a:51:73:ee:44:74:b0:
40:5a:a1:d9:31:8a:df:e0:f9:a5:42:9d:bc:f1:de:
0e:f2:39:1c:cd:cf:db:a6:59:4e:c5:34:65:5c:a7:
79:b0:05:8e:36:ca:4a:1b:7b:99:f0:97:88:5b:f9:
72:e9:fd:20:12:c9:8d:a1:c4:ba:47:67:87:51:92:
60:92:e8:a1:e9:5d:62:56:96:f5:7a:c5:70:3f:16:
6a:01:8b:fd:90:f7:98:e9:5f:74:1d:9a:01:c9:fb:
1d:a8:c8:76:4e:7f:63:f4:cb:35:be:7b:49:db:d3:
e1:67:cf:7c:bb:90:55:3f:9e:38:38:4e:1c:ff:7c:
8e:da:f2:dc:a6:c8:8d:77:ca:6a:b2:cc:04:aa:21:
0f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D1:0B:6E:ED:4A:E0:9E:EE:ED:5F:04:40:71:30:C2:D2:16:1A:71
X509v3 Authority Key Identifier:
keyid:9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/RdELbu1K4J7u7V8EQHEwwtIWGnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.224.0/20
109.235.192.0/21
131.117.128.0/20
134.19.208.0/20
149.126.112.0/20
185.138.12.0/22
IPv6:
2a00:9100::/32
Signature Algorithm: sha256WithRSAEncryption
39:ec:2a:fd:a4:e2:58:94:c2:14:69:4a:90:99:bc:af:c5:27:
05:33:9b:d6:d6:2f:d4:ae:75:bf:b3:ed:0b:38:9a:57:75:67:
c7:5e:37:65:50:78:a5:c9:b0:46:50:0a:c1:ea:80:b4:39:f7:
92:dd:b3:8f:1e:6c:6e:a2:75:89:a2:38:f1:30:83:cd:d7:d6:
af:fb:8e:d9:5d:15:0b:79:68:2c:20:43:0b:21:dd:fa:f3:de:
40:50:c7:f2:7b:d2:b9:d9:79:ee:7a:78:a1:b8:30:cf:85:4a:
26:7e:28:4b:f4:d0:23:79:68:d3:82:ad:fc:81:e8:6a:8f:28:
23:99:80:f8:cb:66:69:1d:72:22:f0:ec:e5:0c:e4:4b:da:39:
05:c2:50:05:e1:16:e1:cf:e5:22:43:16:4e:e2:54:85:71:68:
e7:11:e6:b1:ec:f1:67:89:97:b1:f7:16:36:e8:37:2f:91:8a:
35:cc:35:b8:5b:36:35:19:2f:59:26:76:94:ef:cd:dc:84:01:
21:85:a7:0c:86:24:40:ec:79:7c:df:be:d0:87:32:87:c4:55:
85:56:c7:a7:63:b2:fc:6f:2c:f3:16:67:e1:66:1a:f9:a5:47:
7a:9b:f5:e0:44:f9:5a:7f:98:6b:6e:ef:16:16:28:13:df:07:
91:91:2b:22
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzFbvyZHh5GYEH7sl3uLxJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZWQzNmFmMTNkYTQ4MmZkZjc5ZmI1NDAzZTUwNzQ4NjBl
ZWNkMGQwHhcNMjQwMTAxMTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQxMGI2ZWVkNGFlMDllZWVlZDVmMDQ0MDcxMzBjMmQyMTYxYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5EC7vxkdpVFFzYuHBDvq4e/0iqB
sGz901cwDqFFvA5GmXPM9z/sknxH2RsN40hQeD7zzmezD3NWOs62tYE/VI9NQICr
4K+Mh0MFhyM60D39jGhfEdvPOe+UpfHjmCCKu15TNCDq2BL3pKggHoq0NnpRc+5E
dLBAWqHZMYrf4PmlQp288d4O8jkczc/bpllOxTRlXKd5sAWONspKG3uZ8JeIW/ly
6f0gEsmNocS6R2eHUZJgkuih6V1iVpb1esVwPxZqAYv9kPeY6V90HZoByfsdqMh2
Tn9j9Ms1vntJ29PhZ898u5BVP544OE4c/3yO2vLcpsiNd8pqsswEqiEPuQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEXRC27tSuCe7u1fBEBxMMLSFhpxMB8GA1UdIwQY
MBaAFJvtNq8T2kgv33n7VAPlB0hg7s0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS0wMnJ4UGFTQ19mZWZ0VUEtVUhTR0R1elEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80YjAyODMtYTkwYy00ZDY0LTgzMDEt
ZDIyMWViZDA4MThkLzEvUmRFTGJ1MUs0Sjd1N1Y4RVFIRXd3dElXR25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80YjAyODMtYTkwYy00ZDY0LTgzMDEtZDIyMWViZDA4MThk
LzEvbS0wMnJ4UGFTQ19mZWZ0VUEtVUhTR0R1elEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEBYXgAwQD
bevAAwQEg3WAAwQEhhPQAwQElX5wAwQCuYoMMA0EAgACMAcDBQAqAJEAMA0GCSqG
SIb3DQEBCwUAA4IBAQA57Cr9pOJYlMIUaUqQmbyvxScFM5vW1i/UrnW/s+0LOJpX
dWfHXjdlUHilybBGUArB6oC0OfeS3bOPHmxuonWJojjxMIPN19av+47ZXRULeWgs
IEMLId36895AUMfye9K52XnuenihuDDPhUomfihL9NAjeWjTgq38gehqjygjmYD4
y2ZpHXIi8OzlDORL2jkFwlAF4Rbhz+UiQxZO4lSFcWjnEeax7PFniZex9xY26Dcv
kYo1zDW4WzY1GS9ZJnaU783chAEhhacMhiRA7Hl8377QhzKHxFWFVsenY7L8byzz
FmfhZhr5pUd6m/XgRPlaf5hrbu8WFigT3weRkSsi
-----END CERTIFICATE-----
Generated at Wed Jun 26 14:04:02 2024 by rpki-client on console-fra.rpki-client.org