Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pmHLHEfufpuR7R3a3cO9-7JjT1s.roa
File: pmHLHEfufpuR7R3a3cO9-7JjT1s.roa (raw, json)
Hash identifier: cRykNMT7bn4809CSAhdgL+JJRLBVoVkH0eH5Ibw5du8=
Subject key identifier: A6:61:CB:1C:47:EE:7E:9B:91:ED:1D:DA:DD:C3:BD:FB:B2:63:4F:5B
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA476CD59FA5014C9ABE7E935B23C
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pmHLHEfufpuR7R3a3cO9-7JjT1s.roa
Signing time: Tue 02 Jan 2024 04:30:08 +0000
ROA not before: Tue 02 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20712
IP address blocks: 45.140.215.0/24 maxlen: 24
45.142.205.0/24 maxlen: 24
45.142.207.0/24 maxlen: 24
45.144.159.0/24 maxlen: 24
45.144.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a4:76:cd:59:fa:50:14:c9:ab:e7:e9:35:b2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a661cb1c47ee7e9b91ed1ddaddc3bdfbb2634f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:49:9b:a1:82:6b:87:ee:ff:96:d4:22:90:cc:
b4:96:5c:3d:d5:3e:72:72:d1:fb:34:95:c7:c9:7b:
24:26:bc:cc:f0:a5:86:0e:c0:1d:d3:7a:a2:f3:fe:
68:08:b3:48:7b:2d:10:23:9f:c0:29:76:5c:6f:56:
26:9e:72:1d:c6:f0:01:c1:5a:31:9c:4e:60:25:b9:
81:ef:87:61:3d:6f:0d:b7:8e:fc:80:c2:c5:85:8b:
01:5e:d8:ce:00:fe:8c:1e:9d:0a:7b:55:b8:d9:da:
97:2f:0a:42:f3:4a:e1:21:91:ae:47:cd:91:f4:b8:
d7:4f:c4:d3:91:6e:d9:05:ab:db:57:a5:b0:f9:19:
39:23:b9:04:ea:ce:80:48:4a:56:0c:c8:8e:2e:95:
48:d2:23:ab:50:18:42:35:c8:02:cf:e6:6f:db:ac:
2b:83:b1:dd:c1:99:d2:11:48:ea:04:44:58:ab:04:
a3:b6:33:e7:fa:d3:5d:09:08:15:77:60:20:d3:ea:
10:ab:68:e3:33:be:4b:fb:43:81:c7:5c:10:1f:e5:
87:27:da:28:fe:ad:f4:74:b7:7d:ef:03:45:4a:27:
04:b2:fa:72:94:89:71:38:cf:03:24:b5:90:5e:c5:
c5:8b:b8:e7:20:89:bd:14:ba:0a:0a:00:f2:86:c2:
a8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:61:CB:1C:47:EE:7E:9B:91:ED:1D:DA:DD:C3:BD:FB:B2:63:4F:5B
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pmHLHEfufpuR7R3a3cO9-7JjT1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.215.0/24
45.142.205.0/24
45.142.207.0/24
45.144.157.0/24
45.144.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:75:7c:55:7e:cd:ab:7a:40:d1:72:21:d0:76:32:8b:04:70:
8d:08:91:aa:e5:c5:3d:07:63:98:0f:5d:f3:95:35:48:67:73:
95:a9:7c:68:36:11:f7:4d:38:61:6d:69:da:6a:56:6b:b0:ad:
c0:4f:63:e3:27:7d:71:1a:e8:e8:b6:4c:bc:8f:15:0e:46:a9:
7f:34:2c:bf:87:14:11:5e:00:4d:a0:f7:30:fd:ef:8b:e1:74:
59:f5:53:97:89:d1:3e:08:a0:99:40:bd:1f:bd:1b:a4:08:19:
c6:2e:48:34:2b:08:48:fe:d6:31:44:8c:0c:b2:2d:18:95:b1:
d4:1d:cd:78:13:02:5e:91:56:45:f9:81:bc:cd:a1:1b:08:8a:
aa:fd:00:a5:b3:24:35:3c:3b:43:7f:12:74:de:f5:a8:1e:1a:
e3:43:87:be:b8:82:e0:7a:ce:a5:fd:16:9e:ed:b1:95:5d:09:
61:9b:49:c3:0e:4f:41:e7:ec:85:b8:22:e5:66:8f:f3:54:2a:
fe:56:29:39:97:8e:29:0d:2b:d7:95:cb:2d:3c:ed:4f:f8:45:
db:f8:02:f3:42:68:99:db:69:cf:b9:f0:2e:49:9e:0d:af:7d:
7e:11:b3:90:30:51:23:c7:ac:86:df:05:31:7c:81:66:c5:50:
93:1b:b2:01
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIb6R2zVn6UBTJq+fpNbI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjYxY2IxYzQ3ZWU3ZTliOTFlZDFkZGFkZGMzYmRmYmIyNjM0ZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkmboYJrh+7/ltQikMy0llw91T5y
ctH7NJXHyXskJrzM8KWGDsAd03qi8/5oCLNIey0QI5/AKXZcb1YmnnIdxvABwVox
nE5gJbmB74dhPW8Nt478gMLFhYsBXtjOAP6MHp0Ke1W42dqXLwpC80rhIZGuR82R
9LjXT8TTkW7ZBavbV6Ww+Rk5I7kE6s6ASEpWDMiOLpVI0iOrUBhCNcgCz+Zv26wr
g7HdwZnSEUjqBERYqwSjtjPn+tNdCQgVd2Ag0+oQq2jjM75L+0OBx1wQH+WHJ9oo
/q30dLd97wNFSicEsvpylIlxOM8DJLWQXsXFi7jnIIm9FLoKCgDyhsKoOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKZhyxxH7n6bke0d2t3DvfuyY09bMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcG1ITEhFZnVmcHVSN1IzYTNjTzktN0pqVDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYzXAwQA
LY7NAwQALY7PAwQALZCdAwQALZCfMA0GCSqGSIb3DQEBCwUAA4IBAQCmdXxVfs2r
ekDRciHQdjKLBHCNCJGq5cU9B2OYD13zlTVIZ3OVqXxoNhH3TThhbWnaalZrsK3A
T2PjJ31xGujotky8jxUORql/NCy/hxQRXgBNoPcw/e+L4XRZ9VOXidE+CKCZQL0f
vRukCBnGLkg0KwhI/tYxRIwMsi0YlbHUHc14EwJekVZF+YG8zaEbCIqq/QClsyQ1
PDtDfxJ03vWoHhrjQ4e+uILges6l/Rae7bGVXQlhm0nDDk9B5+yFuCLlZo/zVCr+
Vik5l44pDSvXlcstPO1P+EXb+ALzQmiZ22nPufAuSZ4Nr31+EbOQMFEjx6yG3wUx
fIFmxVCTG7IB
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:26:31 2024 by rpki-client on console-fra.rpki-client.org