Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/1-twt7w7mIitMLsMHX6lPmmqy3NY.roa
File: 1-twt7w7mIitMLsMHX6lPmmqy3NY.roa (raw, json)
Hash identifier: uzM5SzgxHNOIS16oLyU7Zw5NP9v27eJuldsF0SUMFmY=
Subject key identifier: FA:DC:2D:EF:0E:E6:22:2B:4C:2E:C3:07:5F:A9:4F:9A:6A:B2:DC:D6
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 018CC7933CAE2FF6037BA087817AFF83F971
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/1-twt7w7mIitMLsMHX6lPmmqy3NY.roa
Signing time: Tue 02 Jan 2024 00:29:24 +0000
ROA not before: Tue 02 Jan 2024 00:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50673
IP address blocks: 37.252.3.0/24 maxlen: 24
5.45.76.0/22 maxlen: 22
5.45.72.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3c:ae:2f:f6:03:7b:a0:87:81:7a:ff:83:f9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 2 00:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fadc2def0ee6222b4c2ec3075fa94f9a6ab2dcd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:08:aa:1c:04:9c:43:c0:75:7a:45:ad:fd:05:
85:71:e5:0f:c4:c1:94:83:3b:33:8b:af:45:74:f7:
a4:a9:7d:16:dd:ed:78:6a:7e:2f:e4:b5:67:0b:c4:
d4:dd:10:f3:16:0f:8f:c1:1c:cc:8c:d0:67:7b:91:
a0:9a:6b:d5:4e:39:90:53:6f:29:e1:9b:9b:43:44:
1b:b3:32:c3:e2:f2:9c:fb:e2:3c:87:8f:42:a8:e9:
df:79:67:4a:40:4b:04:13:e5:7b:f8:ea:56:e8:b8:
88:bf:b5:79:be:ee:b7:cf:c3:3e:fe:f6:8c:9a:74:
3f:4a:ce:9e:e2:6f:fb:0d:39:a1:19:5f:18:98:09:
2f:1a:a6:79:4a:84:43:c0:e0:2d:20:d2:33:9f:88:
04:b7:6b:b2:1f:fe:e9:8a:ac:09:81:c1:81:34:75:
e3:64:79:34:93:88:8c:ef:dd:53:90:a9:6e:d5:dd:
95:96:98:41:8c:e4:6a:b5:aa:53:ec:05:30:59:21:
ce:21:7d:c3:e1:04:2a:27:1a:10:f2:ba:dd:c0:7e:
49:87:19:fc:74:c7:e6:2c:b4:2b:f6:5d:97:8e:05:
95:66:80:d4:df:41:9a:9e:e1:3c:11:32:65:be:e2:
1c:bc:39:bd:36:2b:2a:f1:9b:58:fa:55:06:74:1b:
eb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DC:2D:EF:0E:E6:22:2B:4C:2E:C3:07:5F:A9:4F:9A:6A:B2:DC:D6
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/1-twt7w7mIitMLsMHX6lPmmqy3NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.72.0/21
5.45.88.0/22
37.252.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:b8:2f:22:6f:42:91:6d:1b:0e:fa:de:28:92:53:67:71:8f:
fd:a8:2f:7b:0e:ae:61:b0:5f:f0:24:71:70:ac:34:12:40:bb:
a0:65:bf:85:d2:e9:df:98:8a:03:50:db:a3:01:9d:f1:3e:09:
8c:c5:a8:ff:39:e8:fd:bd:a5:cb:30:fb:e7:82:b4:25:e1:c7:
d3:71:3c:2c:f9:32:b6:f5:82:8e:96:43:c3:6b:5a:12:54:f4:
fc:9a:04:07:4a:41:35:f0:96:42:07:11:21:05:b7:a3:44:7b:
22:b9:c6:93:48:9c:b0:dd:2d:51:f8:14:68:e5:67:10:ab:a2:
30:8b:17:f1:c6:d9:62:1a:bc:b7:2d:d1:5e:b3:ae:38:c4:af:
ce:ec:76:fd:4e:e7:1f:ae:0d:3e:33:4e:34:f4:85:3a:3d:20:
cb:7d:5b:9e:d7:00:b2:c7:e0:76:c6:71:1c:38:94:22:97:88:
6b:2d:ba:f9:c4:27:7f:51:9c:c5:2c:39:ba:c6:5c:5a:c1:fc:
49:57:a6:cd:d4:8e:d7:fe:ea:b2:49:7b:e7:cc:3c:c2:43:a1:
a7:14:fe:86:87:c3:cb:7c:0b:0a:9b:ae:ca:7c:c7:74:62:36:
06:ff:1a:b0:d5:dc:a5:46:d1:27:7e:22:69:78:8a:b2:ab:7b:
80:e9:3e:c3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzHkzyuL/YDe6CHgXr/g/lxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQwMTAyMDAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRjMmRlZjBlZTYyMjJiNGMyZWMzMDc1ZmE5NGY5YTZhYjJkY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAiqHAScQ8B1ekWt/QWFceUPxMGU
gzszi69FdPekqX0W3e14an4v5LVnC8TU3RDzFg+PwRzMjNBne5GgmmvVTjmQU28p
4ZubQ0QbszLD4vKc++I8h49CqOnfeWdKQEsEE+V7+OpW6LiIv7V5vu63z8M+/vaM
mnQ/Ss6e4m/7DTmhGV8YmAkvGqZ5SoRDwOAtINIzn4gEt2uyH/7piqwJgcGBNHXj
ZHk0k4iM791TkKlu1d2VlphBjORqtapT7AUwWSHOIX3D4QQqJxoQ8rrdwH5Jhxn8
dMfmLLQr9l2XjgWVZoDU30GanuE8ETJlvuIcvDm9Nisq8ZtY+lUGdBvrYQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPrcLe8O5iIrTC7DB1+pT5pqstzWMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvMS10d3Q3dzdtSWl0TUxzTUhYNmxQbW1xeTNOWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvMjI2ZjA0LWY3ZGItNDkxYS1iYWZiLWVlNDM1ZDNjZDU4
NS8xL0R2WExMMWtOQkJaVTlOX2JZS0tQbWhWRTlFUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAwUtSAME
AgUtWAMEACX8AzANBgkqhkiG9w0BAQsFAAOCAQEAD7gvIm9CkW0bDvreKJJTZ3GP
/agvew6uYbBf8CRxcKw0EkC7oGW/hdLp35iKA1DbowGd8T4JjMWo/zno/b2lyzD7
54K0JeHH03E8LPkytvWCjpZDw2taElT0/JoEB0pBNfCWQgcRIQW3o0R7IrnGk0ic
sN0tUfgUaOVnEKuiMIsX8cbZYhq8ty3RXrOuOMSvzux2/U7nH64NPjNONPSFOj0g
y31bntcAssfgdsZxHDiUIpeIay26+cQnf1GcxSw5usZcWsH8SVemzdSO1/7qskl7
58w8wkOhpxT+hofDy3wLCpuuynzHdGI2Bv8asNXcpUbRJ34iaXiKsqt7gOk+ww==
-----END CERTIFICATE-----
Generated at Sun May 19 01:08:13 2024 by rpki-client on console-fra.rpki-client.org