Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3lPVSmA_xFneLma-xrXRL8m2cPI.roa
File: 3lPVSmA_xFneLma-xrXRL8m2cPI.roa (raw, json)
Hash identifier: uEkwhebbbKRl8ZfbSrYD456TpHHwhVJ68rpSL4GUx5Y=
Subject key identifier: DE:53:D5:4A:60:3F:C4:59:DE:2E:66:BE:C6:B5:D1:2F:C9:B6:70:F2
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019135B81F61DAD659E0C95C012E11432D54
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3lPVSmA_xFneLma-xrXRL8m2cPI.roa
Signing time: Fri 09 Aug 2024 05:59:04 +0000
ROA not before: Fri 09 Aug 2024 05:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206150
IP address blocks: 45.130.140.0/24 maxlen: 24
2a07:e342::/32 maxlen: 48
2a0f:f40::/32 maxlen: 48
2a0f:f41::/32 maxlen: 48
2a0f:f43::/32 maxlen: 48
2a0f:f44::/32 maxlen: 48
2a0f:f45::/32 maxlen: 48
2a0f:f46::/32 maxlen: 48
2a0f:f47::/32 maxlen: 48
2a0f:e386::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:35:b8:1f:61:da:d6:59:e0:c9:5c:01:2e:11:43:2d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Aug 9 05:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de53d54a603fc459de2e66bec6b5d12fc9b670f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b7:be:7c:ca:e2:c5:57:3f:f0:21:fa:20:cc:
13:ca:55:b8:ba:8f:03:ff:bf:97:0a:00:b9:29:46:
44:21:4b:1b:5f:3b:97:14:24:1b:e2:ec:e9:b0:69:
bb:f0:c7:f8:88:63:25:92:81:12:6c:e6:2e:9f:b6:
07:f1:6d:0c:b6:74:7e:cc:26:61:94:66:bf:46:22:
ba:5b:ad:e9:5e:71:99:ab:0e:4b:7b:02:87:df:15:
bf:3d:86:23:f2:d5:4a:ea:46:e0:a5:21:47:31:18:
87:b5:63:f6:02:88:09:3a:e5:b0:11:24:b7:fb:f3:
58:23:31:19:6f:48:cc:33:6e:3e:cf:bb:54:92:81:
34:2b:a2:57:1e:36:10:a8:8f:28:37:a6:26:14:ba:
18:93:f2:f6:ed:f7:b2:a3:51:51:25:16:ad:cb:d3:
98:4e:f3:68:9e:37:a9:83:e2:36:20:da:9f:de:e2:
7e:2e:6c:29:ac:91:64:6c:12:67:a5:e1:30:64:00:
53:d9:b6:d6:6f:50:42:d6:57:6b:b5:c1:52:c7:01:
b6:30:ed:5d:3f:6e:10:ea:f9:48:63:a5:cd:3d:6b:
fe:83:9d:aa:89:95:4c:f6:e2:ee:43:36:95:ec:9c:
9d:5b:af:35:27:85:0b:f3:e6:cb:e8:5c:13:be:20:
3f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:53:D5:4A:60:3F:C4:59:DE:2E:66:BE:C6:B5:D1:2F:C9:B6:70:F2
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3lPVSmA_xFneLma-xrXRL8m2cPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.140.0/24
IPv6:
2a07:e342::/32
2a0f:f40::/31
2a0f:f43::-2a0f:f47:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e386::/32
Signature Algorithm: sha256WithRSAEncryption
04:56:26:92:01:c3:28:79:e4:b0:b5:7f:1e:94:08:09:e4:58:
dc:42:47:5e:1a:62:a5:63:cd:4d:d3:11:61:27:99:3d:9f:0f:
c7:7b:77:4e:00:ec:3d:7a:7c:1c:8a:ba:43:62:d4:d3:c3:10:
7e:89:d6:b0:7f:c4:37:69:c3:83:ef:fd:68:49:9c:78:92:fc:
18:b3:bb:18:71:e7:d7:72:ed:fd:f3:7a:1e:0b:db:10:be:73:
d9:5e:93:2c:dc:67:0b:ab:e7:89:a9:63:84:cf:1b:c5:4f:a4:
f2:33:60:5c:c4:3e:8b:bd:2c:54:6e:49:ce:e6:d6:50:26:f9:
6a:95:1c:61:31:88:7c:8a:b5:68:f4:9d:aa:19:a8:c7:cf:22:
51:20:b9:b8:f0:cb:cf:21:18:af:cd:71:e5:85:96:df:4e:51:
08:9a:52:c9:d8:cf:2b:00:41:71:22:0f:99:f8:ac:dd:48:a7:
2b:52:62:41:96:3d:e6:4a:2a:4d:80:9e:1c:95:73:6f:8e:d7:
f7:8d:c7:0f:47:ed:a6:33:5d:61:10:ad:5b:a6:42:54:07:18:
a8:e2:ce:cb:03:0d:09:2f:01:c3:00:a1:43:ea:69:5d:aa:20:
fb:5d:e5:33:1a:d4:4c:33:62:d7:e6:66:18:8e:74:18:06:ba:
cd:a9:a0:80
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZE1uB9h2tZZ4MlcAS4RQy1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwODA5MDU1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTUzZDU0YTYwM2ZjNDU5ZGUyZTY2YmVjNmI1ZDEyZmM5YjY3MGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Le+fMrixVc/8CH6IMwTylW4uo8D
/7+XCgC5KUZEIUsbXzuXFCQb4uzpsGm78Mf4iGMlkoESbOYun7YH8W0MtnR+zCZh
lGa/RiK6W63pXnGZqw5LewKH3xW/PYYj8tVK6kbgpSFHMRiHtWP2AogJOuWwESS3
+/NYIzEZb0jMM24+z7tUkoE0K6JXHjYQqI8oN6YmFLoYk/L27feyo1FRJRaty9OY
TvNonjepg+I2INqf3uJ+LmwprJFkbBJnpeEwZABT2bbWb1BC1ldrtcFSxwG2MO1d
P24Q6vlIY6XNPWv+g52qiZVM9uLuQzaV7JydW681J4UL8+bL6FwTviA/VwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFN5T1UpgP8RZ3i5mvsa10S/JtnDyMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvM2xQVlNtQV94Rm5lTG1hLXhyWFJMOG0yY1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAMBAIAATAGAwQALYKMMCsE
AgACMCUDBQAqB+NCAwUBKg8PQDAOAwUAKg8PQwMFAyoPD0ADBQAqD+OGMA0GCSqG
SIb3DQEBCwUAA4IBAQAEViaSAcMoeeSwtX8elAgJ5FjcQkdeGmKlY81N0xFhJ5k9
nw/He3dOAOw9enwcirpDYtTTwxB+idawf8Q3acOD7/1oSZx4kvwYs7sYcefXcu39
83oeC9sQvnPZXpMs3GcLq+eJqWOEzxvFT6TyM2BcxD6LvSxUbknO5tZQJvlqlRxh
MYh8irVo9J2qGajHzyJRILm48MvPIRivzXHlhZbfTlEImlLJ2M8rAEFxIg+Z+Kzd
SKcrUmJBlj3mSipNgJ4clXNvjtf3jccPR+2mM11hEK1bpkJUBxio4s7LAw0JLwHD
AKFD6mldqiD7XeUzGtRMM2LX5mYYjnQYBrrNqaCA
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:53:48 2024 by rpki-client on console-fra.rpki-client.org