Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/dtt3UTEgCjTMpJNzKEXBdyEr2hY.roa
File: dtt3UTEgCjTMpJNzKEXBdyEr2hY.roa (raw, json)
Hash identifier: uiH/+FfFihv2nTSqXa4ox3Vbk+gKBnW3KpRtCM1FFcM=
Subject key identifier: 76:DB:77:51:31:20:0A:34:CC:A4:93:73:28:45:C1:77:21:2B:DA:16
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0191FA5D10A31952578613920C96BA73D8B6
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/dtt3UTEgCjTMpJNzKEXBdyEr2hY.roa
Signing time: Mon 16 Sep 2024 10:24:48 +0000
ROA not before: Mon 16 Sep 2024 10:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.85.124.0/24 maxlen: 24
45.85.125.0/24 maxlen: 24
45.85.126.0/24 maxlen: 24
45.85.127.0/24 maxlen: 24
45.91.20.0/24 maxlen: 24
45.91.22.0/24 maxlen: 24
45.130.136.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
45.149.104.0/24 maxlen: 24
193.176.210.0/24 maxlen: 24
2a07:e340::/32 maxlen: 32
2a07:e341::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fa:5d:10:a3:19:52:57:86:13:92:0c:96:ba:73:d8:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Sep 16 10:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76db775131200a34cca493732845c177212bda16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ec:42:f6:62:0a:43:60:ed:9e:1f:35:89:ba:
fd:d4:b8:11:32:39:b2:1e:84:20:1f:d1:d2:ff:b7:
2d:bc:0b:09:6e:de:bf:d8:45:8c:5c:18:87:8d:01:
e6:b7:8e:26:0a:1f:f5:44:0e:ce:93:47:e8:0f:8d:
36:d0:e9:98:20:8b:c8:d4:8d:c4:ec:59:30:90:c3:
9a:60:f5:fc:be:bb:ff:11:4e:e6:26:30:5b:65:e0:
31:47:ca:53:17:15:ca:6f:f5:26:b7:ff:99:2c:36:
df:72:cb:0d:eb:1a:c8:7f:78:10:fd:07:3a:a8:fa:
9e:d9:2d:6e:17:0e:c2:80:71:3d:15:b0:7f:a5:fe:
4b:54:08:fb:9c:84:c2:bd:d6:62:f5:7e:51:8a:d2:
10:eb:09:b6:35:80:6b:1d:4e:65:f0:77:d5:4d:06:
20:45:12:f7:12:b1:2e:e0:d6:f5:8a:5b:1f:b7:6e:
85:03:f8:64:6c:8d:8d:e1:fe:be:0d:3c:46:87:ac:
e1:68:df:f5:86:ff:4d:9b:18:b4:ce:dc:ac:2b:97:
c4:73:e0:f7:b9:a3:37:a5:d7:86:79:9d:11:fc:b6:
99:4d:63:f5:87:ed:a2:40:50:65:05:7c:f0:55:63:
f5:22:10:bc:0a:d0:f2:18:21:c2:16:10:9c:60:72:
e7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DB:77:51:31:20:0A:34:CC:A4:93:73:28:45:C1:77:21:2B:DA:16
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/dtt3UTEgCjTMpJNzKEXBdyEr2hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.124.0/22
45.91.20.0/24
45.91.22.0/24
45.130.136.0/24
45.132.193.0/24
45.149.104.0/24
193.176.210.0/24
IPv6:
2a07:e340::/31
Signature Algorithm: sha256WithRSAEncryption
be:e0:c5:15:b4:0c:74:8a:e7:a9:3c:e7:90:34:60:7a:d5:76:
a1:eb:50:1f:51:0a:06:00:52:7d:e5:38:b2:e7:ae:6c:65:56:
4b:b4:1d:b7:26:6a:f3:45:10:71:f6:9f:09:90:bc:7a:e7:24:
4c:b9:ef:b4:0e:e9:0c:eb:59:08:f2:53:6c:57:02:d4:0a:2a:
29:3a:69:9d:16:e0:f2:c5:e9:69:d7:86:18:97:27:cd:db:55:
dc:6a:e1:9c:c0:7b:8d:b5:e8:0e:b1:ec:12:5a:7e:98:c7:c9:
c9:d6:06:46:eb:5a:42:02:a1:08:51:da:a6:21:12:d2:13:8c:
d6:66:a5:9c:ff:78:92:f8:89:ba:7a:fc:6a:cd:88:4e:b4:60:
11:eb:6f:0d:20:ff:e2:c9:9c:63:43:22:c6:82:61:de:d1:24:
c3:93:5f:3f:71:ae:dc:12:66:50:f6:c3:69:d0:c6:7c:df:6c:
c3:4f:31:4b:dd:21:f8:e3:e7:5b:8d:90:82:b5:86:ab:5f:2d:
9d:5e:6e:ec:18:56:2b:8a:8d:93:8f:eb:e1:78:7f:81:cc:c2:
79:d9:81:89:36:0d:7d:e8:e3:ea:65:4f:da:66:6b:de:5a:4e:
40:46:0a:e8:d0:9d:f4:eb:ca:d7:ec:cd:57:ae:3a:a7:24:75:
2c:2f:06:88
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZH6XRCjGVJXhhOSDJa6c9i2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwOTE2MTAyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmRiNzc1MTMxMjAwYTM0Y2NhNDkzNzMyODQ1YzE3NzIxMmJkYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuxC9mIKQ2Dtnh81ibr91LgRMjmy
HoQgH9HS/7ctvAsJbt6/2EWMXBiHjQHmt44mCh/1RA7Ok0foD4020OmYIIvI1I3E
7FkwkMOaYPX8vrv/EU7mJjBbZeAxR8pTFxXKb/Umt/+ZLDbfcssN6xrIf3gQ/Qc6
qPqe2S1uFw7CgHE9FbB/pf5LVAj7nITCvdZi9X5RitIQ6wm2NYBrHU5l8HfVTQYg
RRL3ErEu4Nb1ilsft26FA/hkbI2N4f6+DTxGh6zhaN/1hv9Nmxi0ztysK5fEc+D3
uaM3pdeGeZ0R/LaZTWP1h+2iQFBlBXzwVWP1IhC8CtDyGCHCFhCcYHLnjwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHbbd1ExIAo0zKSTcyhFwXchK9oWMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvZHR0M1VURWdDalRNcEpOektFWEJkeUVyMmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLVV8AwQA
LVsUAwQALVsWAwQALYKIAwQALYTBAwQALZVoAwQAwbDSMA0EAgACMAcDBQEqB+NA
MA0GCSqGSIb3DQEBCwUAA4IBAQC+4MUVtAx0iuepPOeQNGB61Xah61AfUQoGAFJ9
5Tiy565sZVZLtB23JmrzRRBx9p8JkLx65yRMue+0DukM61kI8lNsVwLUCiopOmmd
FuDyxelp14YYlyfN21XcauGcwHuNtegOsewSWn6Yx8nJ1gZG61pCAqEIUdqmIRLS
E4zWZqWc/3iS+Im6evxqzYhOtGAR628NIP/iyZxjQyLGgmHe0STDk18/ca7cEmZQ
9sNp0MZ832zDTzFL3SH44+dbjZCCtYarXy2dXm7sGFYrio2Tj+vheH+BzMJ52YGJ
Ng196OPqZU/aZmveWk5ARgro0J3068rX7M1XrjqnJHUsLwaI
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:04:48 2024 by rpki-client on console-ams.rpki-client.org