Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hhGQdb0gUs0rM7eARMGyPkve2pk.roa
File: hhGQdb0gUs0rM7eARMGyPkve2pk.roa (raw, json)
Hash identifier: T/S++TalorieoLa2CZwE8UGHH+8o6AVSmyTcTYJeBIY=
Subject key identifier: 86:11:90:75:BD:20:52:CD:2B:33:B7:80:44:C1:B2:3E:4B:DE:DA:99
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801D273A51357ED21FE539B3B6049F2
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hhGQdb0gUs0rM7eARMGyPkve2pk.roa
Signing time: Tue 02 Jan 2024 02:30:11 +0000
ROA not before: Tue 02 Jan 2024 02:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4785
IP address blocks: 45.14.104.0/24 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.106.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.142.124.0/22 maxlen: 24
45.87.92.0/24 maxlen: 24
45.87.94.0/24 maxlen: 24
45.87.93.0/24 maxlen: 24
45.87.95.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
185.184.223.0/24 maxlen: 24
45.141.44.0/22 maxlen: 24
45.131.155.0/24 maxlen: 24
45.8.112.0/22 maxlen: 24
194.114.136.0/24 maxlen: 24
195.245.229.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
185.248.84.0/24 maxlen: 24
45.14.71.0/24 maxlen: 24
45.14.70.0/24 maxlen: 24
45.135.40.0/24 maxlen: 24
45.135.42.0/24 maxlen: 24
45.135.41.0/24 maxlen: 24
45.135.43.0/24 maxlen: 24
45.8.221.0/24 maxlen: 24
45.8.223.0/24 maxlen: 24
45.8.220.0/24 maxlen: 24
45.8.222.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
45.89.216.0/22 maxlen: 24
2a10:480::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d2:73:a5:13:57:ed:21:fe:53:9b:3b:60:49:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86119075bd2052cd2b33b78044c1b23e4bdeda99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:15:98:04:b0:54:07:18:e1:b4:0d:54:9b:1f:
fc:48:79:fc:eb:08:86:b0:50:37:c0:f5:75:91:67:
a7:74:74:a4:16:a1:0b:a3:74:2b:65:49:db:51:ca:
87:24:8b:ab:bd:91:33:d2:d2:5d:2f:79:db:7e:69:
3e:95:b7:9c:97:17:73:e1:6c:1d:7f:81:de:ae:a1:
7e:7d:f9:ba:ab:f3:6f:bc:aa:94:41:f3:2f:14:e8:
53:c6:ee:d0:c0:d5:2f:43:bd:41:5f:5d:0a:70:a0:
fa:e4:24:50:bd:6d:ee:97:c6:d8:8f:de:9f:99:d2:
92:3e:ad:0b:a4:fd:6d:e5:a2:77:f2:f3:cc:2d:d0:
d1:33:18:bc:3d:9f:c2:74:25:13:2d:38:83:9a:6f:
a6:77:1d:a5:e9:68:6e:a8:40:73:a4:28:a6:22:b0:
76:d7:14:de:90:f0:79:97:34:3d:2f:99:40:d1:08:
e8:16:7a:d6:a0:04:34:3a:16:b1:dc:98:28:b4:2e:
88:22:33:ae:ce:fc:e0:37:2e:72:6d:78:0e:0f:79:
79:82:94:fd:07:49:5a:e3:45:07:6d:e9:82:64:73:
9c:e8:b7:86:e6:e3:ae:54:e4:cd:a4:7c:bf:d3:e4:
ac:7b:bb:53:4b:4e:1b:79:24:56:8b:68:5d:51:bd:
6b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:11:90:75:BD:20:52:CD:2B:33:B7:80:44:C1:B2:3E:4B:DE:DA:99
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/hhGQdb0gUs0rM7eARMGyPkve2pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.112.0/22
45.8.220.0/22
45.14.70.0/23
45.14.104.0/22
45.87.92.0/22
45.89.216.0/22
45.131.155.0/24
45.135.40.0/22
45.141.44.0/22
45.142.124.0/22
91.200.242.0/23
149.62.44.0/24
185.184.223.0/24
185.248.84.0/24
193.32.148.0/22
194.36.24.0/24
194.104.144.0/24
194.114.136.0/24
195.245.229.0/24
195.245.241.0-195.245.242.255
IPv6:
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
76:32:3d:6d:dc:65:78:c9:29:20:a4:b7:5c:14:4d:23:49:6a:
0b:28:5b:75:f9:0c:7b:a2:75:99:2c:9e:b3:fa:c7:a7:44:d2:
76:c0:72:2a:e8:a2:d4:ff:70:d9:37:37:6f:4d:c7:80:9b:ee:
85:9c:31:93:bd:89:93:fd:38:d6:07:db:fb:88:f7:54:78:df:
35:0e:8c:2e:12:aa:eb:57:95:a5:b1:40:bf:fc:8e:2e:a9:57:
17:27:32:e6:27:8e:59:97:29:45:8c:c0:8d:d8:47:ca:fc:3a:
a9:e0:6c:83:52:14:d1:0e:f0:c5:be:fe:4f:96:f5:22:5b:eb:
e9:07:47:aa:21:71:13:88:c9:6e:66:12:ad:dc:bc:29:2b:e1:
c0:fd:11:0e:b5:ba:c7:4c:45:57:26:0a:78:d8:ea:87:b4:eb:
e8:c2:93:a3:55:c4:a5:f4:0d:b8:5e:ca:1d:d5:8b:c7:f0:92:
a4:a5:8b:61:1c:62:0b:a1:f6:7b:b3:4b:9b:40:17:31:bf:45:
9e:41:9d:18:d9:a4:45:6b:a8:94:15:56:a8:7b:c9:a0:ad:52:
63:f8:73:3b:99:d4:bb:da:1b:7a:bb:bc:30:53:a8:20:3d:10:
0c:99:33:b7:53:ed:5e:2b:97:02:68:26:f8:f0:69:2f:0f:be:
7c:19:6e:5b
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYzIAdJzpRNX7SH+U5s7YEnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjExOTA3NWJkMjA1MmNkMmIzM2I3ODA0NGMxYjIzZTRiZGVkYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRWYBLBUBxjhtA1Umx/8SHn86wiG
sFA3wPV1kWendHSkFqELo3QrZUnbUcqHJIurvZEz0tJdL3nbfmk+lbeclxdz4Wwd
f4HerqF+ffm6q/NvvKqUQfMvFOhTxu7QwNUvQ71BX10KcKD65CRQvW3ul8bYj96f
mdKSPq0LpP1t5aJ38vPMLdDRMxi8PZ/CdCUTLTiDmm+mdx2l6WhuqEBzpCimIrB2
1xTekPB5lzQ9L5lA0QjoFnrWoAQ0Ohax3JgotC6IIjOuzvzgNy5ybXgOD3l5gpT9
B0la40UHbemCZHOc6LeG5uOuVOTNpHy/0+Sse7tTS04beSRWi2hdUb1rPwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFIYRkHW9IFLNKzO3gETBsj5L3tqZMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvaGhHUWRiMGdVczByTTdlQVJNR3lQa3ZlMnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBhwQCAAEwgYADBAIt
CHADBAItCNwDBAEtDkYDBAItDmgDBAItV1wDBAItWdgDBAAtg5sDBAIthygDBAIt
jSwDBAItjnwDBAFbyPIDBACVPiwDBAC5uN8DBAC5+FQDBALBIJQDBADCJBgDBADC
aJADBADCcogDBADD9eUwDAMEAMP18QMEAMP18jANBAIAAjAHAwUDKhAEgDANBgkq
hkiG9w0BAQsFAAOCAQEAdjI9bdxleMkpIKS3XBRNI0lqCyhbdfkMe6J1mSyes/rH
p0TSdsByKuii1P9w2Tc3b03HgJvuhZwxk72Jk/041gfb+4j3VHjfNQ6MLhKq61eV
pbFAv/yOLqlXFycy5ieOWZcpRYzAjdhHyvw6qeBsg1IU0Q7wxb7+T5b1Ilvr6QdH
qiFxE4jJbmYSrdy8KSvhwP0RDrW6x0xFVyYKeNjqh7Tr6MKTo1XEpfQNuF7KHdWL
x/CSpKWLYRxiC6H2e7NLm0AXMb9FnkGdGNmkRWuolBVWqHvJoK1SY/hzO5nUu9ob
eru8MFOoID0QDJkzt1PtXiuXAmgm+PBpLw++fBluWw==
-----END CERTIFICATE-----
Generated at Sun May 5 19:14:56 2024 by rpki-client on console-fra.rpki-client.org