Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/UQjb3sJkEVaAVZMwsW3Bgx90-dc.roa
File: UQjb3sJkEVaAVZMwsW3Bgx90-dc.roa (raw, json)
Hash identifier: hKhFAjCCMKSUu7GRWm6tcudHbr/P67AMFg4V4qsO6+w=
Subject key identifier: 51:08:DB:DE:C2:64:11:56:80:55:93:30:B1:6D:C1:83:1F:74:F9:D7
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018D6BAFC0C6DDBDAA725E639E971C86EB6B
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/UQjb3sJkEVaAVZMwsW3Bgx90-dc.roa
Signing time: Fri 02 Feb 2024 21:18:16 +0000
ROA not before: Fri 02 Feb 2024 21:18:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210636
IP address blocks: 45.88.246.0/24 maxlen: 24
45.88.247.0/24 maxlen: 24
45.94.28.0/24 maxlen: 24
45.132.192.0/24 maxlen: 24
45.148.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6b:af:c0:c6:dd:bd:aa:72:5e:63:9e:97:1c:86:eb:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Feb 2 21:18:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5108dbdec264115680559330b16dc1831f74f9d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ae:65:bc:3f:44:17:8f:57:25:6e:41:7f:b2:
7f:e8:db:3c:70:76:78:74:21:b8:3b:0e:f7:b6:ed:
03:e7:60:27:e4:79:28:f0:11:38:9b:15:ec:47:44:
25:fc:7f:23:7c:ea:f6:32:1c:2f:81:1f:b3:02:d3:
7f:b6:d8:f0:e0:f2:25:98:66:c9:d7:14:c6:20:bc:
3b:cb:6d:2c:85:66:f9:95:9d:a1:2a:de:34:eb:10:
03:13:df:db:15:48:18:53:ec:33:57:08:ac:c8:a7:
34:61:8d:df:db:b7:0d:a8:3e:88:ce:d7:02:38:53:
d0:9d:65:0b:54:97:5c:fa:dc:59:c1:a5:ef:91:e1:
72:5a:a1:65:e2:fd:7d:1f:30:12:41:3e:80:a3:59:
a3:cc:c6:5d:71:f2:02:df:8b:e3:7d:db:77:50:c9:
a5:3b:ec:95:c0:ce:8d:5d:e6:cd:48:72:27:96:73:
3c:c1:01:42:39:b0:6b:3e:db:1b:3f:df:10:b8:b9:
1e:ba:1d:25:40:95:08:f5:4f:bc:96:66:5e:b4:a8:
25:6e:8b:79:69:4c:95:65:a0:06:37:08:bc:70:08:
6c:52:e7:9b:16:af:92:c4:a8:f5:fa:8e:b2:fb:36:
60:84:a8:80:7d:a1:28:c5:df:17:7a:ca:10:cc:e0:
97:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:08:DB:DE:C2:64:11:56:80:55:93:30:B1:6D:C1:83:1F:74:F9:D7
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/UQjb3sJkEVaAVZMwsW3Bgx90-dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.246.0/23
45.94.28.0/24
45.132.192.0/24
45.148.26.0/24
Signature Algorithm: sha256WithRSAEncryption
04:89:69:54:fe:f6:94:19:2d:86:3e:65:e9:93:dd:f7:7a:49:
c2:92:ae:d4:80:17:90:42:ad:5b:9c:42:82:c6:d9:c3:b6:61:
f5:5e:7e:58:66:87:ae:12:99:e6:b0:f0:43:3e:aa:93:12:cb:
b9:86:c1:5e:f8:0a:fc:46:f6:e9:d3:af:13:bc:f5:ff:95:57:
df:d1:d9:62:58:f9:85:9b:91:64:ef:fb:6f:ba:7f:01:3d:9c:
5a:11:35:49:3d:98:2f:9e:d8:e2:bb:2b:f0:2b:ad:3e:ab:9a:
59:c0:be:6b:7c:00:e7:0f:e3:52:63:8d:65:9f:d1:05:c6:04:
ce:d0:dc:4c:6b:b5:b3:9e:92:85:b1:8b:d5:b6:2f:50:3d:dc:
7e:62:4a:34:45:3c:18:33:e2:47:4b:cc:1d:01:f1:4e:25:e0:
da:73:b1:49:1f:84:59:ac:68:c2:e3:ae:8e:2e:f7:16:e4:f9:
51:94:10:9a:16:77:7b:4c:a0:f0:2a:3b:7f:1c:71:c3:69:a2:
82:50:b4:23:0d:ca:82:fc:43:88:bd:89:7d:52:28:69:ac:3f:
03:48:18:6e:5a:2a:4e:3e:66:23:27:f0:05:97:dc:8f:30:21:
a3:43:94:4b:27:02:34:83:75:c0:46:17:60:8e:92:51:a5:4e:
81:7e:02:ed
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1rr8DG3b2qcl5jnpcchutrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMjAyMjExODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTA4ZGJkZWMyNjQxMTU2ODA1NTkzMzBiMTZkYzE4MzFmNzRmOWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK5lvD9EF49XJW5Bf7J/6Ns8cHZ4
dCG4Ow73tu0D52An5Hko8BE4mxXsR0Ql/H8jfOr2MhwvgR+zAtN/ttjw4PIlmGbJ
1xTGILw7y20shWb5lZ2hKt406xADE9/bFUgYU+wzVwisyKc0YY3f27cNqD6IztcC
OFPQnWULVJdc+txZwaXvkeFyWqFl4v19HzASQT6Ao1mjzMZdcfIC34vjfdt3UMml
O+yVwM6NXebNSHInlnM8wQFCObBrPtsbP98QuLkeuh0lQJUI9U+8lmZetKglbot5
aUyVZaAGNwi8cAhsUuebFq+SxKj1+o6y+zZghKiAfaEoxd8XesoQzOCXzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFEI297CZBFWgFWTMLFtwYMfdPnXMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvVVFqYjNzSmtFVmFBVlpNd3NXM0JneDkwLWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVj2AwQA
LV4cAwQALYTAAwQALZQaMA0GCSqGSIb3DQEBCwUAA4IBAQAEiWlU/vaUGS2GPmXp
k933eknCkq7UgBeQQq1bnEKCxtnDtmH1Xn5YZoeuEpnmsPBDPqqTEsu5hsFe+Ar8
Rvbp068TvPX/lVff0dliWPmFm5Fk7/tvun8BPZxaETVJPZgvntjiuyvwK60+q5pZ
wL5rfADnD+NSY41ln9EFxgTO0NxMa7WznpKFsYvVti9QPdx+Yko0RTwYM+JHS8wd
AfFOJeDac7FJH4RZrGjC466OLvcW5PlRlBCaFnd7TKDwKjt/HHHDaaKCULQjDcqC
/EOIvYl9UihprD8DSBhuWipOPmYjJ/AFl9yPMCGjQ5RLJwI0g3XARhdgjpJRpU6B
fgLt
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:26:29 2024 by rpki-client on console-ams.rpki-client.org