Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/8mlepIu3Ci1DCtqGloMOqmBH9kw.roa
File: 8mlepIu3Ci1DCtqGloMOqmBH9kw.roa (raw, json)
Hash identifier: YTIb3J6+E6/QVf2D5HOHtF8aJ0ObAE+ZX24lXY1bmmk=
Subject key identifier: F2:69:5E:A4:8B:B7:0A:2D:43:0A:DA:86:96:83:0E:AA:60:47:F6:4C
Certificate issuer: /CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Certificate serial: 0192731D48E3F3A6795755BF533069E56280
Authority key identifier: 34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/8mlepIu3Ci1DCtqGloMOqmBH9kw.roa
Signing time: Wed 09 Oct 2024 21:09:11 +0000
ROA not before: Wed 09 Oct 2024 21:09:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 45.81.212.0/22 maxlen: 22
77.81.49.0/24 maxlen: 24
83.172.137.0/24 maxlen: 24
83.172.142.0/23 maxlen: 23
83.172.149.0/24 maxlen: 24
83.172.152.0/24 maxlen: 24
83.172.154.0/23 maxlen: 23
83.172.156.0/23 maxlen: 23
83.172.158.0/24 maxlen: 24
83.172.166.0/23 maxlen: 23
83.172.168.0/24 maxlen: 24
83.172.170.0/23 maxlen: 23
83.172.184.0/23 maxlen: 23
83.172.187.0/24 maxlen: 24
83.172.190.0/24 maxlen: 24
83.172.191.0/24 maxlen: 24
89.37.107.0/24 maxlen: 24
93.114.176.0/22 maxlen: 22
94.177.28.0/24 maxlen: 24
94.177.144.0/24 maxlen: 24
130.93.0.0/17 maxlen: 24
130.93.128.0/18 maxlen: 22
185.9.248.0/22 maxlen: 22
185.12.0.0/22 maxlen: 22
185.120.176.0/22 maxlen: 22
185.122.160.0/22 maxlen: 22
185.133.128.0/22 maxlen: 22
185.137.72.0/22 maxlen: 22
185.153.172.0/22 maxlen: 22
193.84.89.0/24 maxlen: 24
195.68.224.0/22 maxlen: 22
2a02:ec00::/29 maxlen: 29
2a0e:4180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.mft
rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:73:1d:48:e3:f3:a6:79:57:55:bf:53:30:69:e5:62:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Validity
Not Before: Oct 9 21:09:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2695ea48bb70a2d430ada8696830eaa6047f64c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:22:5b:be:54:d6:6a:cb:f5:c0:c8:7f:e0:9b:
ef:38:fc:4e:5e:ab:75:fd:24:4b:c2:5b:76:4b:59:
0f:14:a3:2c:ec:85:3c:9c:a1:8f:c8:a6:6e:b6:fe:
32:11:7f:f3:1d:0e:a1:2c:3e:64:c0:c2:49:c0:81:
e4:70:0b:e4:5a:72:fd:3e:9f:e9:c0:d1:01:bb:13:
ff:cc:83:e4:39:00:f8:10:1a:63:01:82:13:38:78:
73:e3:16:26:e6:e6:80:13:69:71:8b:ff:de:19:36:
72:43:df:a4:42:d7:c2:24:f2:47:35:a6:07:7b:d4:
44:d1:40:c7:d1:6b:d3:02:10:2d:0e:3a:23:bc:2c:
94:79:75:a4:05:8b:02:b3:8f:e3:27:40:d3:2d:a1:
04:f0:01:64:cd:a5:10:5a:5e:90:e5:8c:99:73:4c:
16:7f:fc:c0:4f:2f:fc:5b:56:ac:b3:45:4b:db:b3:
7b:a3:c0:d3:ed:5b:db:87:5d:4c:59:76:f2:03:ac:
64:33:5d:ec:fd:50:34:eb:75:44:f7:c1:c7:62:d2:
c6:2f:30:23:0f:d4:4c:be:ee:31:0a:db:f1:0f:65:
79:c3:37:47:cf:e6:c0:7b:4a:36:a0:80:0b:06:7e:
2a:7b:44:47:68:ca:7e:5b:21:6e:00:21:d2:03:06:
c1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:69:5E:A4:8B:B7:0A:2D:43:0A:DA:86:96:83:0E:AA:60:47:F6:4C
X509v3 Authority Key Identifier:
keyid:34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/8mlepIu3Ci1DCtqGloMOqmBH9kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.212.0/22
77.81.49.0/24
83.172.137.0/24
83.172.142.0/23
83.172.149.0/24
83.172.152.0/24
83.172.154.0-83.172.158.255
83.172.166.0-83.172.168.255
83.172.170.0/23
83.172.184.0/23
83.172.187.0/24
83.172.190.0/23
89.37.107.0/24
93.114.176.0/22
94.177.28.0/24
94.177.144.0/24
130.93.0.0-130.93.191.255
185.9.248.0/22
185.12.0.0/22
185.120.176.0/22
185.122.160.0/22
185.133.128.0/22
185.137.72.0/22
185.153.172.0/22
193.84.89.0/24
195.68.224.0/22
IPv6:
2a02:ec00::/29
2a0e:4180::/29
Signature Algorithm: sha256WithRSAEncryption
8d:16:37:17:a2:01:f5:11:81:65:c2:15:11:21:2e:0c:cf:ba:
49:ac:ad:29:bb:8c:50:d4:d7:a4:ad:38:28:07:12:a0:52:eb:
f8:e6:2e:fd:5c:8a:8b:7e:dd:4d:6b:bc:a4:bf:89:bd:06:48:
46:21:c8:45:6c:e8:a0:31:83:83:b1:c4:09:9e:13:42:23:ca:
2b:10:40:d0:85:02:79:51:c1:a6:f6:1c:bc:e2:58:9c:e5:96:
27:5a:a6:11:d7:22:75:7a:10:cb:6e:e7:3c:73:f6:93:03:2f:
89:bc:e4:07:56:7d:64:28:b8:ef:0f:8a:17:e8:51:03:a5:d5:
d9:6a:36:45:93:2d:d9:4d:95:f1:97:0c:1c:0b:eb:c6:94:7a:
d9:2f:9a:58:e6:d6:5c:bc:1a:85:07:5c:57:d1:7b:b5:48:4d:
54:e7:16:0f:c5:87:68:28:1e:20:da:46:18:a2:2e:25:6f:de:
7c:1d:a1:99:b6:ec:1e:89:75:25:1b:ae:0d:c5:0f:24:b9:38:
92:5c:e3:6f:a3:e6:aa:61:82:ff:56:ef:a5:65:68:5a:d5:14:
76:53:36:45:9c:75:60:9c:e1:57:6f:c2:73:3a:e3:54:4e:b1:
2c:52:53:d1:f0:89:8c:93:ff:12:88:cc:39:90:3f:04:52:0a:
63:57:86:19
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAZJzHUjj86Z5V1W/UzBp5WKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWZiM2ZlYjE1YzAzYzRkMzRkOWZmNDQ0ZDlhZDdlMzAw
NjcyMDgwHhcNMjQxMDA5MjEwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjY5NWVhNDhiYjcwYTJkNDMwYWRhODY5NjgzMGVhYTYwNDdmNjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiJbvlTWasv1wMh/4JvvOPxOXqt1
/SRLwlt2S1kPFKMs7IU8nKGPyKZutv4yEX/zHQ6hLD5kwMJJwIHkcAvkWnL9Pp/p
wNEBuxP/zIPkOQD4EBpjAYITOHhz4xYm5uaAE2lxi//eGTZyQ9+kQtfCJPJHNaYH
e9RE0UDH0WvTAhAtDjojvCyUeXWkBYsCs4/jJ0DTLaEE8AFkzaUQWl6Q5YyZc0wW
f/zATy/8W1ass0VL27N7o8DT7Vvbh11MWXbyA6xkM13s/VA063VE98HHYtLGLzAj
D9RMvu4xCtvxD2V5wzdHz+bAe0o2oIALBn4qe0RHaMp+WyFuACHSAwbB6QIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFPJpXqSLtwotQwrahpaDDqpgR/ZMMB8GA1UdIwQY
MBaAFDRfs/6xXAPE002f9ETZrX4wBnIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUt
YmM1NGIxMjExYjYwLzEvOG1sZXBJdTNDaTFEQ3RxR2xvTU9xbUJIOWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUtYmM1NGIxMjExYjYw
LzEvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBugQCAAEwgbMDBAIt
UdQDBABNUTEDBABTrIkDBAFTrI4DBABTrJUDBABTrJgwDAMEAVOsmgMEAFOsnjAM
AwQBU6ymAwQAU6yoAwQBU6yqAwQBU6y4AwQAU6y7AwQBU6y+AwQAWSVrAwQCXXKw
AwQAXrEcAwQAXrGQMAsDAwCCXQMEBoJdgAMEArkJ+AMEArkMAAMEArl4sAMEArl6
oAMEArmFgAMEArmJSAMEArmZrAMEAMFUWQMEAsNE4DAUBAIAAjAOAwUDKgLsAAMF
AyoOQYAwDQYJKoZIhvcNAQELBQADggEBAI0WNxeiAfURgWXCFREhLgzPukmsrSm7
jFDU16StOCgHEqBS6/jmLv1ciot+3U1rvKS/ib0GSEYhyEVs6KAxg4OxxAmeE0Ij
yisQQNCFAnlRwab2HLziWJzllidaphHXInV6EMtu5zxz9pMDL4m85AdWfWQouO8P
ihfoUQOl1dlqNkWTLdlNlfGXDBwL68aUetkvmljm1ly8GoUHXFfRe7VITVTnFg/F
h2goHiDaRhiiLiVv3nwdoZm27B6JdSUbrg3FDyS5OJJc42+j5qphgv9W76VlaFrV
FHZTNkWcdWCc4VdvwnM641ROsSxSU9HwiYyT/xKIzDmQPwRSCmNXhhk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:54 2024 by rpki-client on console-ams.rpki-client.org