Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/xOgqaNCDIHxji6PamQXBkAWHCnw.roa
File: xOgqaNCDIHxji6PamQXBkAWHCnw.roa (raw, json)
Hash identifier: UpM7Vp+4YBZIHTDBe6UWaRbh1VgduDuWAFoCVD1XKFY=
Subject key identifier: C4:E8:2A:68:D0:83:20:7C:63:8B:A3:DA:99:05:C1:90:05:87:0A:7C
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0191718C41FC1A8ED42ABEB397EB24EF90D7
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/xOgqaNCDIHxji6PamQXBkAWHCnw.roa
Signing time: Tue 20 Aug 2024 20:48:22 +0000
ROA not before: Tue 20 Aug 2024 20:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4785
IP address blocks: 45.8.112.0/22 maxlen: 24
45.8.220.0/24 maxlen: 24
45.8.221.0/24 maxlen: 24
45.8.222.0/24 maxlen: 24
45.8.223.0/24 maxlen: 24
45.14.70.0/24 maxlen: 24
45.14.71.0/24 maxlen: 24
45.14.104.0/24 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.106.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.87.92.0/24 maxlen: 24
45.87.93.0/24 maxlen: 24
45.87.94.0/24 maxlen: 24
45.87.95.0/24 maxlen: 24
45.89.216.0/22 maxlen: 24
45.131.155.0/24 maxlen: 24
45.135.40.0/24 maxlen: 24
45.135.41.0/24 maxlen: 24
45.135.42.0/24 maxlen: 24
45.135.43.0/24 maxlen: 24
45.141.44.0/22 maxlen: 24
45.142.124.0/22 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
185.248.84.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
194.36.24.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
194.114.136.0/24 maxlen: 24
195.245.229.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a10:480::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:71:8c:41:fc:1a:8e:d4:2a:be:b3:97:eb:24:ef:90:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Aug 20 20:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4e82a68d083207c638ba3da9905c19005870a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9e:d5:ca:1b:2a:b7:f6:54:01:7c:8f:dc:63:
c8:ab:e4:29:f1:ef:43:5c:ac:c7:ac:44:69:c3:9a:
41:56:1e:f9:c7:8e:4b:fd:56:fc:b2:6c:1a:f9:44:
f1:5f:6f:03:c8:35:ea:89:22:0a:2d:09:a8:12:ea:
65:4c:27:39:99:04:d5:0f:9f:83:94:ea:3b:49:4c:
9b:25:3a:ca:83:9c:ce:de:9c:24:70:e2:bd:5c:26:
02:9b:3d:4a:36:c6:9c:68:58:60:8a:4f:7e:12:2b:
b1:8d:e9:59:39:f8:50:b5:05:1a:1c:87:f4:b0:9a:
ca:cd:a6:49:6a:cc:a3:c7:1b:3a:c9:b4:b2:a0:8d:
9c:76:fe:01:b4:31:04:3c:8b:a0:fd:29:f0:37:9f:
2d:d0:b0:fd:b9:2a:0f:2f:87:e0:98:ee:a7:fb:9c:
ce:52:e0:c2:28:b6:51:67:14:2f:98:d4:bb:cf:40:
75:d2:88:0d:f5:74:c8:b2:4b:42:0c:87:e3:0b:92:
30:77:69:30:fe:74:5c:0b:22:4c:cf:4b:b2:d2:ce:
0e:2c:12:dc:c5:f6:6d:51:16:00:26:c0:f0:09:16:
ed:6c:24:b8:bb:72:62:e5:e3:e1:0b:d3:5d:aa:3c:
b0:7e:73:b6:34:a7:2e:6e:1c:b1:03:83:69:b3:c2:
06:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E8:2A:68:D0:83:20:7C:63:8B:A3:DA:99:05:C1:90:05:87:0A:7C
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/xOgqaNCDIHxji6PamQXBkAWHCnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.112.0/22
45.8.220.0/22
45.14.70.0/23
45.14.104.0/22
45.87.92.0/22
45.89.216.0/22
45.131.155.0/24
45.135.40.0/22
45.141.44.0/22
45.142.124.0/22
91.200.242.0/23
149.62.44.0/24
185.248.84.0/24
193.32.148.0/22
194.36.24.0/24
194.104.144.0/24
194.114.136.0/24
195.245.229.0/24
195.245.241.0-195.245.242.255
IPv6:
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
02:e3:e2:53:17:d8:92:fb:28:93:c1:62:92:cf:a2:02:8b:cc:
ed:e0:c1:52:0c:14:cb:2d:e9:9e:f2:cb:18:55:b7:cb:60:f6:
95:df:75:6a:3e:f3:6b:51:02:ab:23:5d:eb:cd:10:b2:d4:ba:
31:50:12:43:c6:d3:e1:2e:6e:c5:63:5e:a5:e4:6f:b6:c7:8c:
12:d5:75:18:06:69:d9:85:d6:62:aa:4d:85:95:16:d1:ff:c3:
8a:cb:7e:20:17:92:9b:c6:8a:01:0f:a7:51:06:ed:db:63:02:
13:80:80:4f:7d:a3:6c:08:03:d0:ad:8d:0b:76:78:07:ef:1b:
73:1a:7c:c5:d1:ad:ec:ec:fd:a5:0a:11:a0:d3:9e:23:8d:8d:
a1:f5:d2:70:c3:da:59:94:c3:eb:35:b0:3f:a6:8a:a8:87:ed:
2e:d1:c6:23:72:69:e9:01:68:98:4b:d7:5e:f2:23:d5:35:79:
4a:4e:ba:b1:d6:a8:c0:50:ac:da:1f:4b:ee:4c:00:d0:11:a5:
9f:8e:db:f1:1d:5e:6a:c9:b0:64:be:d9:9c:f2:87:19:c2:e9:
42:4a:b0:7d:d7:30:be:71:a7:e7:a2:63:98:d4:51:31:71:37:
b6:fb:11:3e:40:23:d2:64:e8:d1:3a:6c:cf:e5:f8:a3:8c:62:
70:cf:7f:6b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZFxjEH8Go7UKr6zl+sk75DXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwODIwMjA0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGU4MmE2OGQwODMyMDdjNjM4YmEzZGE5OTA1YzE5MDA1ODcwYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp7Vyhsqt/ZUAXyP3GPIq+Qp8e9D
XKzHrERpw5pBVh75x45L/Vb8smwa+UTxX28DyDXqiSIKLQmoEuplTCc5mQTVD5+D
lOo7SUybJTrKg5zO3pwkcOK9XCYCmz1KNsacaFhgik9+EiuxjelZOfhQtQUaHIf0
sJrKzaZJasyjxxs6ybSyoI2cdv4BtDEEPIug/SnwN58t0LD9uSoPL4fgmO6n+5zO
UuDCKLZRZxQvmNS7z0B10ogN9XTIsktCDIfjC5Iwd2kw/nRcCyJMz0uy0s4OLBLc
xfZtURYAJsDwCRbtbCS4u3Ji5ePhC9NdqjywfnO2NKcubhyxA4Nps8IG6wIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFMToKmjQgyB8Y4uj2pkFwZAFhwp8MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEveE9ncWFOQ0RJSHhqaTZQYW1RWEJrQVdIQ253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBgAQCAAEwegMEAi0I
cAMEAi0I3AMEAS0ORgMEAi0OaAMEAi1XXAMEAi1Z2AMEAC2DmwMEAi2HKAMEAi2N
LAMEAi2OfAMEAVvI8gMEAJU+LAMEALn4VAMEAsEglAMEAMIkGAMEAMJokAMEAMJy
iAMEAMP15TAMAwQAw/XxAwQAw/XyMA0EAgACMAcDBQMqEASAMA0GCSqGSIb3DQEB
CwUAA4IBAQAC4+JTF9iS+yiTwWKSz6ICi8zt4MFSDBTLLeme8ssYVbfLYPaV33Vq
PvNrUQKrI13rzRCy1LoxUBJDxtPhLm7FY16l5G+2x4wS1XUYBmnZhdZiqk2FlRbR
/8OKy34gF5KbxooBD6dRBu3bYwITgIBPfaNsCAPQrY0LdngH7xtzGnzF0a3s7P2l
ChGg054jjY2h9dJww9pZlMPrNbA/poqoh+0u0cYjcmnpAWiYS9de8iPVNXlKTrqx
1qjAUKzaH0vuTADQEaWfjtvxHV5qybBkvtmc8ocZwulCSrB91zC+cafnomOY1FEx
cTe2+xE+QCPSZOjROmzP5fijjGJwz39r
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:55:50 2024 by rpki-client on console-ams.rpki-client.org