Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3De6nI4j2a8LTeXVacztvoz164Q.roa
File: 3De6nI4j2a8LTeXVacztvoz164Q.roa (raw, json)
Hash identifier: CddBF8+iJJBeB91tcCX9oFK5WI5ZkOkO1D/QDfzWK4s=
Subject key identifier: DC:37:BA:9C:8E:23:D9:AF:0B:4D:E5:D5:69:CC:ED:BE:8C:F5:EB:84
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0191B338FF789221637C7C48388F9EFB6C58
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3De6nI4j2a8LTeXVacztvoz164Q.roa
Signing time: Mon 02 Sep 2024 14:52:22 +0000
ROA not before: Mon 02 Sep 2024 14:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
37.220.80.0/24 maxlen: 24
37.220.81.0/24 maxlen: 24
37.220.82.0/24 maxlen: 24
37.220.83.0/24 maxlen: 24
37.220.84.0/24 maxlen: 24
37.220.85.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
45.8.96.0/24 maxlen: 24
45.8.97.0/24 maxlen: 24
45.8.98.0/24 maxlen: 24
45.8.99.0/24 maxlen: 24
45.89.190.0/24 maxlen: 24
45.95.234.0/24 maxlen: 24
45.95.235.0/24 maxlen: 24
46.19.64.0/24 maxlen: 24
46.19.65.0/24 maxlen: 24
46.19.66.0/24 maxlen: 24
46.19.67.0/24 maxlen: 24
46.19.68.0/24 maxlen: 24
46.19.69.0/24 maxlen: 24
81.200.144.0/24 maxlen: 24
81.200.145.0/24 maxlen: 24
81.200.146.0/24 maxlen: 24
81.200.147.0/24 maxlen: 24
81.200.148.0/24 maxlen: 24
81.200.149.0/24 maxlen: 24
81.200.150.0/24 maxlen: 24
81.200.151.0/24 maxlen: 24
81.200.152.0/24 maxlen: 24
81.200.153.0/24 maxlen: 24
81.200.154.0/24 maxlen: 24
81.200.155.0/24 maxlen: 24
81.200.156.0/24 maxlen: 24
81.200.157.0/24 maxlen: 24
81.200.158.0/24 maxlen: 24
85.92.108.0/24 maxlen: 24
85.92.110.0/24 maxlen: 24
85.92.111.0/24 maxlen: 24
89.191.226.0/24 maxlen: 24
92.118.113.0/24 maxlen: 24
92.118.114.0/24 maxlen: 24
92.118.115.0/24 maxlen: 24
94.198.216.0/24 maxlen: 24
94.198.217.0/24 maxlen: 24
94.198.218.0/24 maxlen: 24
94.198.219.0/24 maxlen: 24
94.198.220.0/24 maxlen: 24
94.198.221.0/24 maxlen: 24
94.198.223.0/24 maxlen: 24
141.98.235.0/24 maxlen: 24
185.166.196.0/24 maxlen: 24
185.166.197.0/24 maxlen: 24
185.247.185.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
194.31.174.0/24 maxlen: 24
194.31.175.0/24 maxlen: 24
195.80.50.0/24 maxlen: 24
195.80.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:38:ff:78:92:21:63:7c:7c:48:38:8f:9e:fb:6c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Sep 2 14:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc37ba9c8e23d9af0b4de5d569ccedbe8cf5eb84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8c:70:08:ab:9c:ec:5e:88:ac:58:1b:68:97:
b1:f0:a7:32:37:e0:a5:37:1b:8d:9b:96:60:47:e7:
06:bf:d2:ea:24:c9:9e:fe:16:31:64:77:a4:53:75:
dc:6a:a7:e8:5f:86:0d:59:7a:dc:6c:07:af:b2:b3:
60:53:ec:12:66:5d:fa:87:85:7e:e7:29:e2:27:3a:
a9:af:01:1b:51:b0:ef:96:96:ef:90:06:48:cc:14:
7f:3e:95:ba:cb:48:9b:37:4b:82:d9:cf:c4:0b:f7:
57:94:d4:00:45:4c:bc:d8:78:f7:43:43:81:e5:35:
12:20:b8:bd:8e:e8:48:b8:01:29:d3:b9:16:5c:6c:
e7:9d:5c:3c:13:92:58:ff:8d:a0:3f:1f:63:50:d4:
86:62:72:de:71:98:e4:70:d6:91:2f:de:7a:29:16:
13:1d:48:06:86:ea:cb:04:21:20:45:1c:34:8c:c6:
c1:28:36:54:89:a0:0c:4e:67:a6:0e:ed:19:83:79:
83:d7:7c:6a:5b:2e:5a:8f:e9:57:e9:d2:69:82:62:
fb:31:ce:1f:90:fd:e1:28:8a:cc:01:d5:74:5d:c4:
96:1f:b7:6a:2e:ed:c6:19:8e:06:ec:50:8c:8e:c1:
c6:dc:2d:70:87:d8:43:c8:f6:ca:33:1f:08:91:8b:
0d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:37:BA:9C:8E:23:D9:AF:0B:4D:E5:D5:69:CC:ED:BE:8C:F5:EB:84
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3De6nI4j2a8LTeXVacztvoz164Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.46.0/23
37.220.80.0-37.220.85.255
37.220.87.0/24
45.8.96.0/22
45.89.190.0/24
45.95.234.0/23
46.19.64.0-46.19.69.255
81.200.144.0-81.200.158.255
85.92.108.0/24
85.92.110.0/23
89.191.226.0/24
92.118.113.0-92.118.115.255
94.198.216.0-94.198.221.255
94.198.223.0/24
141.98.235.0/24
185.166.196.0/23
185.247.185.0/24
194.31.173.0-194.31.175.255
195.80.50.0/23
Signature Algorithm: sha256WithRSAEncryption
67:2e:b1:0b:ae:ec:69:c9:86:e3:31:6d:07:91:85:47:af:b4:
56:fc:a2:77:5b:f9:ed:bc:9d:26:bc:e4:2c:ec:88:2c:97:22:
25:c1:1f:6d:f7:ee:27:85:dd:b1:08:19:31:32:18:27:0c:1c:
74:a6:e5:f8:89:fe:65:0c:60:49:73:72:c7:3a:1e:6b:48:87:
d8:ae:ab:e9:47:96:67:40:d0:ee:c9:a9:6b:dc:9a:09:fe:d9:
f9:ec:d1:dc:cc:5c:2d:60:c7:0d:fd:64:8a:d5:e0:4c:be:2b:
4a:2c:ac:68:30:49:78:99:64:34:2d:ea:39:77:1c:fa:ac:5a:
5a:66:57:bc:0c:4a:86:57:bf:df:00:0b:a5:3b:78:c4:36:dc:
b1:dd:66:98:f1:78:76:01:47:4e:f0:e4:cb:d6:1f:b0:3f:92:
b8:c7:40:85:ac:f3:c5:9c:42:76:9e:9f:e2:e7:c4:d2:1d:d2:
55:ba:1f:0b:2f:4b:75:79:01:f8:2b:31:60:9a:36:85:f5:b1:
1f:29:99:f1:a1:94:c6:a5:3b:bd:ba:0b:32:1b:a9:2d:d9:8a:
ed:97:fd:83:97:cb:a8:cd:f3:4b:35:bd:9a:f6:46:61:d1:8c:
c8:a5:7b:21:f8:e5:dc:d5:b6:74:94:1f:c8:ac:8c:a9:30:78:
05:70:06:c2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZGzOP94kiFjfHxIOI+e+2xYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwOTAyMTQ1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM3YmE5YzhlMjNkOWFmMGI0ZGU1ZDU2OWNjZWRiZThjZjVlYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoxwCKuc7F6IrFgbaJex8KcyN+Cl
NxuNm5ZgR+cGv9LqJMme/hYxZHekU3XcaqfoX4YNWXrcbAevsrNgU+wSZl36h4V+
5yniJzqprwEbUbDvlpbvkAZIzBR/PpW6y0ibN0uC2c/EC/dXlNQARUy82Hj3Q0OB
5TUSILi9juhIuAEp07kWXGznnVw8E5JY/42gPx9jUNSGYnLecZjkcNaRL956KRYT
HUgGhurLBCEgRRw0jMbBKDZUiaAMTmemDu0Zg3mD13xqWy5aj+lX6dJpgmL7Mc4f
kP3hKIrMAdV0XcSWH7dqLu3GGY4G7FCMjsHG3C1wh9hDyPbKMx8IkYsNuQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFNw3upyOI9mvC03l1WnM7b6M9euEMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvM0RlNm5JNGoyYThMVGVYVmFjenR2b3oxNjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAEF
LC4wDAMEBCXcUAMEASXcVAMEACXcVwMEAi0IYAMEAC1ZvgMEAS1f6jAMAwQGLhNA
AwQBLhNEMAwDBARRyJADBABRyJ4DBABVXGwDBAFVXG4DBABZv+IwDAMEAFx2cQME
Alx2cDAMAwQDXsbYAwQBXsbcAwQAXsbfAwQAjWLrAwQBuabEAwQAufe5MAwDBADC
H60DBATCH6ADBAHDUDIwDQYJKoZIhvcNAQELBQADggEBAGcusQuu7GnJhuMxbQeR
hUevtFb8ondb+e28nSa85CzsiCyXIiXBH2337ieF3bEIGTEyGCcMHHSm5fiJ/mUM
YElzcsc6HmtIh9iuq+lHlmdA0O7JqWvcmgn+2fns0dzMXC1gxw39ZIrV4Ey+K0os
rGgwSXiZZDQt6jl3HPqsWlpmV7wMSoZXv98AC6U7eMQ23LHdZpjxeHYBR07w5MvW
H7A/krjHQIWs88WcQnaen+LnxNId0lW6HwsvS3V5AfgrMWCaNoX1sR8pmfGhlMal
O726CzIbqS3Ziu2X/YOXy6jN80s1vZr2RmHRjMileyH45dzVtnSUH8isjKkweAVw
BsI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:10 2024 by rpki-client on console-ams.rpki-client.org