Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/_c27ezCEana2QXuNkocMF3hTuZs.roa
File: _c27ezCEana2QXuNkocMF3hTuZs.roa (raw, json)
Hash identifier: TuRblDXX+RHr9BOJoalHD9wHHXXBVP6091X7lSMyybE=
Subject key identifier: FD:CD:BB:7B:30:84:6A:76:B6:41:7B:8D:92:87:0C:17:78:53:B9:9B
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 01936910D6357A79D8AC04E642B5D5A02C39
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/_c27ezCEana2QXuNkocMF3hTuZs.roa
Signing time: Tue 26 Nov 2024 15:22:11 +0000
ROA not before: Tue 26 Nov 2024 15:22:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139659
IP address blocks: 45.136.12.0/22 maxlen: 22
45.136.13.0/24 maxlen: 24
45.136.14.0/24 maxlen: 24
45.136.15.0/24 maxlen: 24
45.144.136.0/24 maxlen: 24
45.144.137.0/24 maxlen: 24
45.144.138.0/24 maxlen: 24
45.145.228.0/24 maxlen: 24
45.145.229.0/24 maxlen: 24
45.152.64.0/24 maxlen: 24
45.152.65.0/24 maxlen: 24
45.152.66.0/24 maxlen: 24
45.152.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 09:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:69:10:d6:35:7a:79:d8:ac:04:e6:42:b5:d5:a0:2c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Nov 26 15:22:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdcdbb7b30846a76b6417b8d92870c177853b99b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:2a:b4:87:c6:73:d6:f6:9d:60:df:76:8c:25:
7f:b7:af:10:01:53:49:35:53:8c:be:70:8b:4f:7c:
e1:69:1f:ac:dd:e8:d9:d1:be:47:08:5e:f6:ff:f8:
25:b4:58:9d:47:bd:d3:44:b6:0f:f7:fa:29:e7:54:
87:52:7c:79:96:78:56:2c:dd:a4:00:98:3b:d2:0e:
22:1f:44:3a:ee:53:1f:84:63:46:de:ae:97:56:4f:
25:78:58:fb:ab:1b:46:68:8b:2b:c2:12:e8:75:e4:
2d:99:6a:b7:9c:4c:5d:00:44:d3:ae:a4:41:7a:3c:
87:92:35:23:9d:3d:b3:19:49:38:4b:fa:f1:55:38:
04:04:f7:a5:89:06:f1:99:8c:a0:ba:8a:ce:37:c5:
c5:79:90:01:82:21:8d:a1:53:9a:78:74:05:6c:95:
77:64:55:dc:72:1e:52:83:d2:5b:da:fa:c2:d6:b1:
e5:22:bd:da:f6:47:4d:03:1b:f1:91:52:cb:d2:45:
c8:91:7a:22:b0:93:66:0c:34:ea:20:fd:f4:de:9a:
a6:e6:0a:92:41:bf:0d:c0:e3:97:89:82:0e:40:50:
0d:e9:d0:bd:0e:94:4c:37:ea:6d:02:99:34:a9:c8:
e6:36:30:81:10:04:89:19:06:b9:ab:4d:89:86:d1:
d0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:CD:BB:7B:30:84:6A:76:B6:41:7B:8D:92:87:0C:17:78:53:B9:9B
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/_c27ezCEana2QXuNkocMF3hTuZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.12.0/22
45.144.136.0-45.144.138.255
45.145.228.0/23
45.152.64.0/22
Signature Algorithm: sha256WithRSAEncryption
43:09:99:1a:cb:ec:42:2d:93:63:ec:40:23:48:fd:a7:aa:f1:
c3:bc:78:39:4f:65:69:90:60:a1:76:ef:c6:49:42:a7:7a:65:
98:1c:8c:1a:e6:93:68:44:d0:b9:e5:2e:ae:3b:d2:8e:cd:5a:
7a:51:7c:93:e6:b2:19:98:01:c0:2c:46:df:18:35:f5:f1:7e:
42:88:4f:30:98:f8:87:bd:56:5c:69:e9:fc:17:ba:3f:67:c6:
26:8a:cc:aa:4c:7c:67:1b:af:56:02:9c:81:68:a0:d1:fb:51:
81:ca:77:dc:5f:d0:46:d8:4b:8e:a7:f0:0e:d1:64:ec:83:aa:
87:94:35:75:40:e7:a7:01:39:fd:c8:60:a3:fa:95:3d:7d:51:
bb:7f:6e:ea:c5:44:1f:32:cb:bc:04:6f:13:24:a1:47:21:34:
6b:af:3d:15:cd:20:43:94:09:d1:2b:b2:4b:c7:14:7a:fc:78:
94:e4:40:ba:8f:f0:58:87:a7:c5:7a:1a:f8:96:61:5d:08:b1:
01:b7:6e:3a:5d:96:9f:71:d1:03:7d:79:ec:75:12:f2:57:a4:
a8:00:7a:76:86:f7:76:b7:89:4f:eb:fa:00:c3:7d:52:2d:44:
9d:48:bc:eb:87:05:fb:80:3a:17:d1:60:6c:9b:d4:8e:d3:45:
f2:37:6c:71
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZNpENY1ennYrATmQrXVoCw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjQxMTI2MTUyMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGNkYmI3YjMwODQ2YTc2YjY0MTdiOGQ5Mjg3MGMxNzc4NTNiOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iq0h8Zz1vadYN92jCV/t68QAVNJ
NVOMvnCLT3zhaR+s3ejZ0b5HCF72//gltFidR73TRLYP9/op51SHUnx5lnhWLN2k
AJg70g4iH0Q67lMfhGNG3q6XVk8leFj7qxtGaIsrwhLodeQtmWq3nExdAETTrqRB
ejyHkjUjnT2zGUk4S/rxVTgEBPeliQbxmYyguorON8XFeZABgiGNoVOaeHQFbJV3
ZFXcch5Sg9Jb2vrC1rHlIr3a9kdNAxvxkVLL0kXIkXoisJNmDDTqIP303pqm5gqS
Qb8NwOOXiYIOQFAN6dC9DpRMN+ptApk0qcjmNjCBEASJGQa5q02JhtHQEQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFP3Nu3swhGp2tkF7jZKHDBd4U7mbMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvX2MyN2V6Q0VhbmEyUVh1TmtvY01GM2hUdVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLYgMMAwD
BAMtkIgDBAAtkIoDBAEtkeQDBAItmEAwDQYJKoZIhvcNAQELBQADggEBAEMJmRrL
7EItk2PsQCNI/aeq8cO8eDlPZWmQYKF278ZJQqd6ZZgcjBrmk2hE0LnlLq470o7N
WnpRfJPmshmYAcAsRt8YNfXxfkKITzCY+Ie9Vlxp6fwXuj9nxiaKzKpMfGcbr1YC
nIFooNH7UYHKd9xf0EbYS46n8A7RZOyDqoeUNXVA56cBOf3IYKP6lT19Ubt/burF
RB8yy7wEbxMkoUchNGuvPRXNIEOUCdErskvHFHr8eJTkQLqP8FiHp8V6GviWYV0I
sQG3bjpdlp9x0QN9eex1EvJXpKgAenaG93a3iU/r+gDDfVItRJ1IvOuHBfuAOhfR
YGyb1I7TRfI3bHE=
-----END CERTIFICATE-----
Generated at Fri Dec 27 18:45:20 2024 by rpki-client on console-fra.rpki-client.org