Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/4De5PEQxtabZErw8Fai8iWAyh7I.roa
File: 4De5PEQxtabZErw8Fai8iWAyh7I.roa (raw, json)
Hash identifier: knU6en48JHTKK5yvNdwb2zG6fyEsr7qX2izroTHqc7g=
Subject key identifier: E0:37:B9:3C:44:31:B5:A6:D9:12:BC:3C:15:A8:BC:89:60:32:87:B2
Certificate issuer: /CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Certificate serial: 018F9B0236856FC3C78DB6C0D62594BBB34C
Authority key identifier: FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/4De5PEQxtabZErw8Fai8iWAyh7I.roa
Signing time: Tue 21 May 2024 11:56:04 +0000
ROA not before: Tue 21 May 2024 11:56:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25581
IP address blocks: 45.81.12.0/22 maxlen: 22
45.90.8.0/22 maxlen: 22
91.207.130.0/23 maxlen: 23
185.34.148.0/22 maxlen: 22
185.34.149.0/24 maxlen: 24
185.170.216.0/21 maxlen: 21
2a00:da60::/32 maxlen: 32
2a00:da60:b01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/1-83RF-rHV7b485QoZTrhJQjMaYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/1-83RF-rHV7b485QoZTrhJQjMaYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:02:36:85:6f:c3:c7:8d:b6:c0:d6:25:94:bb:b3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Validity
Not Before: May 21 11:56:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e037b93c4431b5a6d912bc3c15a8bc89603287b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ab:b1:94:18:4b:05:1f:0d:22:c7:7e:b2:32:
8e:7e:f7:e9:a1:d5:d8:18:26:60:2d:eb:e2:6c:44:
1e:02:c1:e3:7e:9d:af:4a:31:08:f8:47:30:b4:9a:
c3:56:1c:54:bd:ee:02:28:6a:e5:88:b9:63:28:f1:
8c:61:9b:31:ad:59:1d:7d:a3:cc:3f:5d:e8:5d:30:
ea:e5:16:3c:03:6a:7d:0f:06:34:b2:31:64:80:d4:
d6:20:c6:ca:e5:ba:10:21:74:e8:89:8e:d2:5d:52:
5b:57:2f:e7:17:ed:62:05:2d:6f:6b:bc:80:37:c2:
a3:fb:f5:4c:24:55:6d:d8:8f:43:b3:c1:2b:ee:6f:
7b:70:18:50:2e:50:ff:d5:98:a0:f6:04:91:ee:ae:
2b:96:70:80:d7:37:b8:45:8a:82:2d:aa:84:f2:03:
4b:50:a7:80:66:c3:4a:5e:cd:8c:03:94:af:86:6f:
39:e5:03:db:95:31:c2:9e:04:28:b7:ba:e8:70:39:
d8:2f:b1:f3:da:79:61:e4:7f:3e:ae:49:7c:8f:41:
a1:ad:e8:92:e4:f9:97:d1:3b:b6:db:ce:f6:66:8a:
89:50:56:18:f0:7b:35:17:b7:4b:8d:08:72:4b:dd:
54:b3:c9:92:e5:e7:db:ac:8c:3d:53:e1:a8:53:2e:
f3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:37:B9:3C:44:31:B5:A6:D9:12:BC:3C:15:A8:BC:89:60:32:87:B2
X509v3 Authority Key Identifier:
keyid:FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/4De5PEQxtabZErw8Fai8iWAyh7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/1-83RF-rHV7b485QoZTrhJQjMaYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.12.0/22
45.90.8.0/22
91.207.130.0/23
185.34.148.0/22
185.170.216.0/21
IPv6:
2a00:da60::/32
Signature Algorithm: sha256WithRSAEncryption
61:51:c6:6d:75:3f:4c:0d:cc:a2:71:30:74:e1:3c:6f:43:d3:
49:04:cd:ea:4d:d5:d6:e0:49:c8:04:56:3d:10:e5:09:b7:c1:
c0:b7:23:81:22:1a:e9:2c:c2:11:c3:67:ea:12:2c:5f:f2:8f:
88:22:c7:1e:3f:46:3f:07:3d:98:4c:90:22:79:4a:59:f4:12:
16:9e:df:25:38:c2:75:1c:68:25:b0:fe:05:6c:bd:55:2a:61:
53:d4:7a:77:81:80:ff:58:35:5b:65:db:ce:a9:af:fb:ab:5a:
32:39:c8:ab:98:76:fa:dc:ba:03:7f:d0:7a:ef:b6:e7:a3:e4:
bb:88:d4:a6:55:b1:21:ed:4a:62:1b:4c:db:45:17:b8:24:6d:
1d:60:d0:e1:37:7a:eb:ae:dc:dd:5a:c9:db:75:08:70:15:fb:
91:60:30:f7:8b:ad:c0:5e:ac:31:e6:ce:85:1d:44:6f:9d:36:
23:12:42:fc:b9:3b:46:06:33:b7:57:f7:83:d9:de:21:ef:35:
dd:6b:04:67:52:13:f1:45:10:22:37:8e:f6:d7:e0:f3:2f:48:
99:2e:77:60:16:45:f5:c6:e2:07:a5:2a:f1:4d:7f:2e:84:38:
38:86:32:39:47:c5:60:01:93:0b:ca:f6:1b:b4:5b:04:81:88:
4d:ae:f5:e8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY+bAjaFb8PHjbbA1iWUu7NMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2RkMTE3ZWFjNzU3YjZmOGYzOTQyODY1M2FlMTI1MDhj
YzY5ODkwHhcNMjQwNTIxMTE1NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDM3YjkzYzQ0MzFiNWE2ZDkxMmJjM2MxNWE4YmM4OTYwMzI4N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4quxlBhLBR8NIsd+sjKOfvfpodXY
GCZgLevibEQeAsHjfp2vSjEI+EcwtJrDVhxUve4CKGrliLljKPGMYZsxrVkdfaPM
P13oXTDq5RY8A2p9DwY0sjFkgNTWIMbK5boQIXToiY7SXVJbVy/nF+1iBS1va7yA
N8Kj+/VMJFVt2I9Ds8Er7m97cBhQLlD/1Zig9gSR7q4rlnCA1ze4RYqCLaqE8gNL
UKeAZsNKXs2MA5Svhm855QPblTHCngQot7rocDnYL7Hz2nlh5H8+rkl8j0GhreiS
5PmX0Tu22872ZoqJUFYY8Hs1F7dLjQhyS91Us8mS5efbrIw9U+GoUy7zZQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOA3uTxEMbWm2RK8PBWovIlgMoeyMB8GA1UdIwQY
MBaAFPvN0Rfqx1e2+POUKGU64SUIzGmJMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04M1JGLXJIVjdiNDg1UW9aVHJoSlFqTWFZay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIvOWFhOTlkLWJlNDMtNGQ3NC1hZmM5
LTk2NDQyNWMxOGM2Zi8xLzREZTVQRVF4dGFiWkVydzhGYWk4aVdBeWg3SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWIvOWFhOTlkLWJlNDMtNGQ3NC1hZmM5LTk2NDQyNWMxOGM2
Zi8xLzEtODNSRi1ySFY3YjQ4NVFvWlRyaEpRak1hWWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBAItUQwD
BAItWggDBAFbz4IDBAK5IpQDBAO5qtgwDQQCAAIwBwMFACoA2mAwDQYJKoZIhvcN
AQELBQADggEBAGFRxm11P0wNzKJxMHThPG9D00kEzepN1dbgScgEVj0Q5Qm3wcC3
I4EiGukswhHDZ+oSLF/yj4gixx4/Rj8HPZhMkCJ5Sln0Ehae3yU4wnUcaCWw/gVs
vVUqYVPUeneBgP9YNVtl286pr/urWjI5yKuYdvrcugN/0Hrvtuej5LuI1KZVsSHt
SmIbTNtFF7gkbR1g0OE3euuu3N1aydt1CHAV+5FgMPeLrcBerDHmzoUdRG+dNiMS
Qvy5O0YGM7dX94PZ3iHvNd1rBGdSE/FFECI3jvbX4PMvSJkud2AWRfXG4gelKvFN
fy6EODiGMjlHxWABkwvK9hu0WwSBiE2u9eg=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:48:25 2024 by rpki-client on console-fra.rpki-client.org