Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/gb4qI6zjxfSrtIq7BtSjgkAr8yU.roa
File: gb4qI6zjxfSrtIq7BtSjgkAr8yU.roa (raw, json)
Hash identifier: joW1jJH2+dlVfj9wgWHO0G3rrt5bT0h0/H0nN+61P1s=
Subject key identifier: 81:BE:2A:23:AC:E3:C5:F4:AB:B4:8A:BB:06:D4:A3:82:40:2B:F3:25
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01928BD60546337FD0AAA797FADDA766CF04
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/gb4qI6zjxfSrtIq7BtSjgkAr8yU.roa
Signing time: Mon 14 Oct 2024 16:21:51 +0000
ROA not before: Mon 14 Oct 2024 16:21:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3258
IP address blocks: 45.8.112.0/24 maxlen: 24
45.8.113.0/24 maxlen: 24
45.8.114.0/24 maxlen: 24
45.8.222.0/24 maxlen: 32
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
45.66.216.0/22 maxlen: 24
45.89.232.0/22 maxlen: 32
45.94.40.0/22 maxlen: 32
45.128.208.0/22 maxlen: 32
45.129.8.0/22 maxlen: 24
45.134.168.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.149.156.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
62.106.70.0/24 maxlen: 24
88.214.20.0/22 maxlen: 24
88.218.192.0/22 maxlen: 32
91.200.240.0/22 maxlen: 24
92.60.40.0/22 maxlen: 24
109.107.137.0/24 maxlen: 24
109.107.140.0/24 maxlen: 24
141.98.196.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
149.62.44.0/22 maxlen: 24
176.113.68.0/22 maxlen: 32
176.119.148.0/22 maxlen: 24
176.126.114.0/24 maxlen: 24
185.184.223.0/24 maxlen: 24
185.200.64.0/22 maxlen: 24
185.207.152.0/22 maxlen: 32
193.32.148.0/22 maxlen: 24
193.111.30.0/23 maxlen: 24
194.104.152.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a09:1::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:4::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:7::/36 maxlen: 48
2a09:7::/48 maxlen: 48
2a09:7:1::/48 maxlen: 48
2a09:7:2008::/48 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:d6:05:46:33:7f:d0:aa:a7:97:fa:dd:a7:66:cf:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Oct 14 16:21:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81be2a23ace3c5f4abb48abb06d4a382402bf325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5e:f4:9a:f0:bd:d7:91:8f:3b:d2:a1:2c:89:
d2:f4:dd:1b:5e:d5:7f:a5:56:f9:1d:8e:e2:2f:34:
e5:06:92:3d:85:76:23:5c:3b:d1:b5:5b:38:25:70:
e2:7c:14:51:ff:c1:cd:8f:5b:08:4c:25:bf:6c:39:
53:0a:35:3e:ee:61:15:93:a7:64:5d:cd:d1:7c:fa:
d9:c6:3c:11:23:f0:f5:5f:65:c5:5b:db:52:06:42:
1a:f4:d4:33:ab:ba:41:15:cd:82:90:b1:50:e6:df:
5c:b2:8a:1b:83:84:b8:55:c6:2e:b3:c7:ff:1e:b4:
94:46:1d:15:e3:e4:14:95:b5:7b:7b:3f:db:2c:1b:
de:c4:f6:71:35:b0:ce:ec:e9:2e:fb:5a:44:29:27:
7f:3f:04:cd:08:c6:46:31:12:c3:08:db:8a:33:53:
ef:6c:b0:c4:7d:25:f7:83:d5:5e:d5:cc:d3:3e:6a:
77:13:bc:22:9f:cd:77:a6:14:d0:3e:85:50:e5:3b:
93:df:a3:f3:24:ed:e5:72:1a:a0:45:77:78:fe:11:
ae:b5:03:31:2c:2e:38:aa:a1:2e:3f:0e:25:d5:e5:
8d:7f:71:83:01:2c:a6:e2:75:eb:24:89:2d:8c:cf:
2e:2f:f1:af:3b:63:f0:29:d2:76:42:94:ca:75:c6:
09:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BE:2A:23:AC:E3:C5:F4:AB:B4:8A:BB:06:D4:A3:82:40:2B:F3:25
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/gb4qI6zjxfSrtIq7BtSjgkAr8yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.112.0-45.8.114.255
45.8.222.0/24
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.89.232.0/22
45.94.40.0/22
45.128.208.0/22
45.129.8.0/22
45.134.168.0/22
45.142.124.0/22
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
62.106.70.0/24
88.214.20.0/22
88.218.192.0/22
91.200.240.0/22
92.60.40.0/22
109.107.137.0/24
109.107.140.0/24
141.98.196.0/22
147.78.240.0/21
149.62.44.0/22
176.113.68.0/22
176.119.148.0/22
176.126.114.0/24
185.184.223.0/24
185.200.64.0/22
185.207.152.0/22
193.32.148.0/22
193.111.30.0/23
194.104.152.0/22
195.245.241.0-195.245.242.255
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
2a09:7::/36
2a09:7:2008::/48
2a0d:c7c1::/32
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
14:44:82:c6:e2:b5:3d:bd:b5:cc:a3:ea:7e:46:b2:42:b8:5f:
bf:dd:9c:e4:57:72:aa:86:0d:89:cb:15:e8:57:44:e9:d1:8d:
bf:dc:4d:52:d9:ab:14:ef:a4:b5:ba:00:f2:4f:d9:7d:75:78:
50:bf:24:53:99:eb:3e:ae:11:f4:33:e6:f4:7d:46:a8:01:17:
1c:22:69:5e:5c:1f:a0:1f:d4:80:ed:4a:48:32:4f:0b:13:29:
10:08:3a:c2:ba:8b:94:84:e3:e4:a5:de:18:7d:c2:20:af:af:
34:71:14:2e:cf:50:56:f4:90:a8:3f:84:2b:6c:65:a1:c2:9a:
2a:52:56:44:f1:7a:e7:4e:c6:4f:42:e5:25:0c:d2:73:e9:05:
4b:7c:41:cb:6a:8d:92:2e:6d:6a:67:73:43:c7:84:05:71:d8:
ea:5b:a3:53:a9:1a:e7:db:9f:c8:56:97:68:79:99:a5:4f:10:
9b:e6:a2:91:92:06:14:79:87:4f:25:8e:a9:ea:09:4f:9b:f8:
a4:22:24:6c:3b:72:1d:3e:56:2d:3d:23:6e:15:3e:32:df:c6:
e1:78:24:77:bd:31:d1:6e:7a:14:42:23:36:0b:86:47:c8:7b:
ce:92:c9:1a:5d:5e:e0:f9:03:41:de:7a:1b:fa:fb:5c:22:1f:
ce:83:55:8e
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAZKL1gVGM3/QqqeX+t2nZs8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQxMDE0MTYyMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWJlMmEyM2FjZTNjNWY0YWJiNDhhYmIwNmQ0YTM4MjQwMmJmMzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl70mvC915GPO9KhLInS9N0bXtV/
pVb5HY7iLzTlBpI9hXYjXDvRtVs4JXDifBRR/8HNj1sITCW/bDlTCjU+7mEVk6dk
Xc3RfPrZxjwRI/D1X2XFW9tSBkIa9NQzq7pBFc2CkLFQ5t9csoobg4S4VcYus8f/
HrSURh0V4+QUlbV7ez/bLBvexPZxNbDO7Oku+1pEKSd/PwTNCMZGMRLDCNuKM1Pv
bLDEfSX3g9Ve1czTPmp3E7win813phTQPoVQ5TuT36PzJO3lchqgRXd4/hGutQMx
LC44qqEuPw4l1eWNf3GDASym4nXrJIktjM8uL/GvO2PwKdJ2QpTKdcYJowIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFIG+KiOs48X0q7SKuwbUo4JAK/MlMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvZ2I0cUk2emp4ZlNydElxN0J0U2pna0FyOHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCB9QQCAAEwge4w
DAMEBC0IcAMEAC0IcgMEAC0I3gMEAi0OQAMEAC0ORgMEAC0OaQMEAC0OawMEAi1C
gAMEAi1C2AMEAi1Z6AMEAi1eKAMEAi2A0AMEAi2BCAMEAi2GqAMEAi2OfAMEAi2P
6AMEAi2VnAMEAi2fMAMEAD5qRgMEAljWFAMEAljawAMEAlvI8AMEAlw8KAMEAG1r
iQMEAG1rjAMEAo1ixAMEA5NO8AMEApU+LAMEArBxRAMEArB3lAMEALB+cgMEALm4
3wMEArnIQAMEArnPmAMEAsEglAMEAcFvHgMEAsJomDAMAwQAw/XxAwQAw/XyMFIE
AgACMEwDBwAqCQABAAADBwAqCQACAAADBwAqCQADAAADBwAqCQAEAAADBwAqCQAF
AAADBgQqCQAHAAMHACoJAAcgCAMFACoNx8EDBQMqEASAMA0GCSqGSIb3DQEBCwUA
A4IBAQAURILG4rU9vbXMo+p+RrJCuF+/3ZzkV3Kqhg2JyxXoV0Tp0Y2/3E1S2asU
76S1ugDyT9l9dXhQvyRTmes+rhH0M+b0fUaoARccImleXB+gH9SA7UpIMk8LEykQ
CDrCuouUhOPkpd4YfcIgr680cRQuz1BW9JCoP4QrbGWhwpoqUlZE8XrnTsZPQuUl
DNJz6QVLfEHLao2SLm1qZ3NDx4QFcdjqW6NTqRrn25/IVpdoeZmlTxCb5qKRkgYU
eYdPJY6p6glPm/ikIiRsO3IdPlYtPSNuFT4y38bheCR3vTHRbnoUQiM2C4ZHyHvO
kskaXV7g+QNB3nob+vtcIh/Og1WO
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:52:31 2024 by rpki-client on console-fra.rpki-client.org