Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/kZWULioDzBDX_A8HxwFD8UvdZ14.roa
File: kZWULioDzBDX_A8HxwFD8UvdZ14.roa (raw, json)
Hash identifier: MHCuKYY2LFIc/CDcqS4SLVFDtT1UAkUNNpbOQxTpG0Q=
Subject key identifier: 91:95:94:2E:2A:03:CC:10:D7:FC:0F:07:C7:01:43:F1:4B:DD:67:5E
Certificate issuer: /CN=b2853aa1eb32bfee0feb1483c14936d101f16edf
Certificate serial: 019071A860A3B1915E98F9BB4B03B666D455
Authority key identifier: B2:85:3A:A1:EB:32:BF:EE:0F:EB:14:83:C1:49:36:D1:01:F1:6E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/kZWULioDzBDX_A8HxwFD8UvdZ14.roa
Signing time: Tue 02 Jul 2024 04:16:18 +0000
ROA not before: Tue 02 Jul 2024 04:16:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57724
IP address blocks: 45.10.240.0/22 maxlen: 32
45.10.240.0/24 maxlen: 24
45.10.241.0/24 maxlen: 24
45.10.242.0/24 maxlen: 24
45.10.243.0/24 maxlen: 24
91.215.40.0/24 maxlen: 32
91.215.41.0/24 maxlen: 24
91.215.42.0/24 maxlen: 24
91.215.43.0/24 maxlen: 24
95.129.232.0/24 maxlen: 32
95.129.233.0/24 maxlen: 32
95.129.234.0/24 maxlen: 32
185.129.100.0/24 maxlen: 24
185.129.101.0/24 maxlen: 24
185.129.102.0/24 maxlen: 24
185.129.103.0/24 maxlen: 24
185.178.208.0/24 maxlen: 24
185.178.209.0/24 maxlen: 24
185.178.210.0/24 maxlen: 24
2a0a:4180::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/soU6oesyv-4P6xSDwUk20QHxbt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/soU6oesyv-4P6xSDwUk20QHxbt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:71:a8:60:a3:b1:91:5e:98:f9:bb:4b:03:b6:66:d4:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2853aa1eb32bfee0feb1483c14936d101f16edf
Validity
Not Before: Jul 2 04:16:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9195942e2a03cc10d7fc0f07c70143f14bdd675e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2f:7b:45:5d:8c:77:45:29:ba:22:a7:33:2e:
4a:0b:46:dc:df:25:b5:c4:fb:52:ea:ae:34:40:bd:
0f:cf:a3:d5:e4:67:1a:5c:74:f5:7e:c7:f8:32:e1:
87:9b:ad:35:b0:74:da:33:bd:e2:9e:84:74:61:58:
32:96:d5:0e:56:39:d5:6b:37:5d:7e:0f:b1:5c:fe:
64:d2:42:4d:0d:65:e7:5a:2c:94:c0:a0:8c:a8:a1:
be:18:e2:9f:c6:0a:55:35:af:83:20:e6:67:7a:90:
62:5b:f1:16:3a:aa:eb:85:d6:0c:ab:05:c0:75:80:
d0:c4:1e:99:ff:ec:43:3f:18:65:a1:20:88:f1:c1:
50:21:ea:bf:9d:a7:d8:4e:6f:6c:c6:b6:ab:b4:5a:
b6:d2:81:d9:3f:45:0c:d9:7e:a5:bf:c7:b5:df:4f:
44:39:89:61:50:59:f4:7c:e7:ef:d5:15:f0:c1:36:
ac:ac:46:7d:93:b1:b7:9f:37:7a:47:27:f8:c0:2f:
78:95:ea:2a:c7:ac:38:ab:0a:5a:97:9b:34:d2:4e:
c0:40:c8:13:fd:03:d0:77:36:ee:cd:0c:f2:4d:68:
30:a7:10:ab:96:9e:28:ff:0d:fc:88:36:9e:1f:33:
66:2e:49:1c:ee:5a:0c:8b:a4:ba:c2:40:48:b0:23:
af:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:95:94:2E:2A:03:CC:10:D7:FC:0F:07:C7:01:43:F1:4B:DD:67:5E
X509v3 Authority Key Identifier:
keyid:B2:85:3A:A1:EB:32:BF:EE:0F:EB:14:83:C1:49:36:D1:01:F1:6E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soU6oesyv-4P6xSDwUk20QHxbt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/kZWULioDzBDX_A8HxwFD8UvdZ14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/31c815-d96a-4bb6-8ccf-f2b81079b746/1/soU6oesyv-4P6xSDwUk20QHxbt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.240.0/22
91.215.40.0/22
95.129.232.0-95.129.234.255
185.129.100.0/22
185.178.208.0-185.178.210.255
IPv6:
2a0a:4180::/48
Signature Algorithm: sha256WithRSAEncryption
b4:01:6f:87:6d:2f:ca:23:70:47:32:3c:46:ff:a5:7f:0c:40:
58:2e:f3:b9:b7:91:c5:43:31:45:ae:c3:27:74:18:5f:ed:9b:
f3:ea:32:4c:60:70:b2:26:be:89:48:78:6b:07:de:52:37:fe:
bd:e0:5d:f2:05:ac:a2:e6:65:eb:c8:b6:46:c7:5d:37:77:31:
8a:c6:08:1b:04:f6:f4:b3:77:81:68:0b:01:fa:69:ca:9a:03:
00:56:9d:37:37:44:07:1f:7a:b5:60:0f:9f:fd:b4:4a:da:f3:
d8:26:42:9c:e3:cf:ff:17:fd:47:2a:d5:a6:63:86:72:55:fc:
e1:b4:17:f1:9a:59:ee:6a:ba:56:8b:55:c5:27:ac:02:e8:0c:
2b:00:63:b4:34:32:81:d6:86:93:6d:f6:54:d0:e2:26:31:62:
d5:d3:8c:40:1d:e3:74:ef:53:a7:f9:cb:3c:af:e6:ad:68:c2:
c8:97:83:b9:65:73:83:8e:80:5d:47:3c:9d:2f:06:73:03:bb:
c1:d6:92:ca:94:5f:a7:38:28:38:e9:0e:df:fa:9c:4e:5a:02:
c3:43:88:2e:97:f7:10:57:ac:5c:95:ac:4f:4d:6e:7c:fc:0e:
a9:26:79:56:34:65:a2:bb:cd:35:fb:49:e6:2f:d2:97:e8:f7:
75:20:5d:24
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZBxqGCjsZFemPm7SwO2ZtRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODUzYWExZWIzMmJmZWUwZmViMTQ4M2MxNDkzNmQxMDFm
MTZlZGYwHhcNMjQwNzAyMDQxNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTk1OTQyZTJhMDNjYzEwZDdmYzBmMDdjNzAxNDNmMTRiZGQ2NzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1y97RV2Md0UpuiKnMy5KC0bc3yW1
xPtS6q40QL0Pz6PV5GcaXHT1fsf4MuGHm601sHTaM73inoR0YVgyltUOVjnVazdd
fg+xXP5k0kJNDWXnWiyUwKCMqKG+GOKfxgpVNa+DIOZnepBiW/EWOqrrhdYMqwXA
dYDQxB6Z/+xDPxhloSCI8cFQIeq/nafYTm9sxrartFq20oHZP0UM2X6lv8e1309E
OYlhUFn0fOfv1RXwwTasrEZ9k7G3nzd6Ryf4wC94leoqx6w4qwpal5s00k7AQMgT
/QPQdzbuzQzyTWgwpxCrlp4o/w38iDaeHzNmLkkc7loMi6S6wkBIsCOvtwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJGVlC4qA8wQ1/wPB8cBQ/FL3WdeMB8GA1UdIwQY
MBaAFLKFOqHrMr/uD+sUg8FJNtEB8W7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29VNm9lc3l2LTRQNnhTRHdVazIwUUh4YnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMWM4MTUtZDk2YS00YmI2LThjY2Yt
ZjJiODEwNzliNzQ2LzEva1pXVUxpb0R6QkRYX0E4SHh3RkQ4VXZkWjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMWM4MTUtZDk2YS00YmI2LThjY2YtZjJiODEwNzliNzQ2
LzEvc29VNm9lc3l2LTRQNnhTRHdVazIwUUh4YnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuAwQCLQrwAwQC
W9coMAwDBANfgegDBABfgeoDBAK5gWQwDAMEBLmy0AMEALmy0jAPBAIAAjAJAwcA
KgpBgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQC0AW+HbS/KI3BHMjxG/6V/DEBYLvO5
t5HFQzFFrsMndBhf7Zvz6jJMYHCyJr6JSHhrB95SN/694F3yBayi5mXryLZGx103
dzGKxggbBPb0s3eBaAsB+mnKmgMAVp03N0QHH3q1YA+f/bRK2vPYJkKc48//F/1H
KtWmY4ZyVfzhtBfxmlnuarpWi1XFJ6wC6AwrAGO0NDKB1oaTbfZU0OImMWLV04xA
HeN071On+cs8r+ataMLIl4O5ZXODjoBdRzydLwZzA7vB1pLKlF+nOCg46Q7f+pxO
WgLDQ4gul/cQV6xclaxPTW58/A6pJnlWNGWiu801+0nmL9KX6Pd1IF0k
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:33:28 2024 by rpki-client on console-ams.rpki-client.org