Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/aYp75pnYs8GSvqvM3CZHh1nGddM.roa
File: aYp75pnYs8GSvqvM3CZHh1nGddM.roa (raw, json)
Hash identifier: uOlsQay3tEzmki5yU4i5hLL3iIw/bMtz3EL9DjNQ5Gk=
Subject key identifier: 69:8A:7B:E6:99:D8:B3:C1:92:BE:AB:CC:DC:26:47:87:59:C6:75:D3
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018D949D0797EAC9B46317608326D568B5B1
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/aYp75pnYs8GSvqvM3CZHh1nGddM.roa
Signing time: Sat 10 Feb 2024 20:02:15 +0000
ROA not before: Sat 10 Feb 2024 20:02:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50131
IP address blocks: 45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
45.145.74.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.150.226.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.154.212.0/22 maxlen: 32
91.246.39.0/24 maxlen: 24
94.154.114.0/24 maxlen: 32
176.116.1.0/24 maxlen: 32
178.22.30.0/24 maxlen: 32
188.93.139.0/24 maxlen: 32
193.218.200.0/23 maxlen: 32
193.221.94.0/23 maxlen: 32
194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
212.18.111.0/24 maxlen: 32
217.114.47.0/24 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 02:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:94:9d:07:97:ea:c9:b4:63:17:60:83:26:d5:68:b5:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Feb 10 20:02:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=698a7be699d8b3c192beabccdc26478759c675d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b0:55:e9:a1:ce:9d:71:b0:30:da:b9:e7:d4:
d9:83:72:a8:5a:72:43:cd:6f:11:e7:6d:7e:4a:f8:
ca:4f:76:19:3b:f2:28:65:5e:d1:ff:db:d9:e5:e1:
fd:c2:46:61:4b:7c:d6:28:40:31:5e:6e:ca:de:49:
e9:a4:b4:fb:4a:4b:3f:87:c2:1b:1f:e9:f8:43:b9:
d8:e1:06:e3:8e:46:32:e1:11:85:02:28:5f:a1:2f:
eb:3e:1a:5b:7d:e3:f6:24:c9:47:61:d5:8a:38:14:
e7:95:59:aa:b9:f4:22:14:00:af:37:e5:63:f9:d5:
12:93:06:21:3c:27:6b:bb:77:de:e9:ae:c0:53:41:
04:fe:30:55:f8:60:92:8a:f2:d1:cc:6f:5c:b5:f7:
d8:83:8b:0b:cf:32:f3:08:79:f1:00:f7:5e:9f:2c:
fc:45:bf:52:e7:07:1f:19:ec:d4:df:e7:3c:62:68:
85:52:f2:bd:2f:24:fd:d4:74:fc:ed:d9:c6:5a:f7:
16:df:8e:4e:d6:4f:35:70:85:2a:88:52:ef:ba:f9:
0f:58:ff:09:e7:75:25:fb:38:b4:a7:32:ab:5c:85:
83:35:0e:36:c8:1e:1a:c0:39:35:d5:86:3c:4c:a0:
42:6a:5e:35:aa:88:16:58:1f:f0:d9:e8:1a:5d:be:
88:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:8A:7B:E6:99:D8:B3:C1:92:BE:AB:CC:DC:26:47:87:59:C6:75:D3
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/aYp75pnYs8GSvqvM3CZHh1nGddM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
91.246.39.0/24
94.154.114.0/24
176.116.1.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
212.18.111.0/24
217.114.47.0/24
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
bb:11:67:67:46:c0:9d:87:fa:b0:64:55:3f:67:50:d4:a5:9f:
2f:48:f4:d9:eb:c2:c7:74:85:f3:c3:d2:41:c1:5d:00:91:66:
02:fe:49:2c:34:c9:87:77:bc:05:a1:53:12:99:a5:69:0e:27:
53:1d:67:c1:07:e7:1b:40:ba:06:27:30:f6:52:81:56:30:6f:
e1:47:88:e7:41:91:d6:af:d2:e0:b1:d4:3a:77:c5:95:03:61:
3b:f1:86:86:66:5e:35:59:e7:30:30:07:ac:10:6d:bd:52:9a:
64:e0:af:f4:bc:0e:58:b3:b5:5d:cd:2b:86:e6:4f:02:0c:a7:
4f:e1:33:69:b0:b1:86:ff:35:01:df:8f:57:9c:0f:a6:64:61:
6e:21:8e:08:a1:db:9a:2f:0b:20:69:a3:2e:af:fc:fa:40:f5:
3a:d4:b9:a3:32:f0:b1:80:8b:aa:a8:af:58:67:85:6f:ae:3d:
f4:51:b6:8f:d2:de:1b:bc:7d:de:94:ee:03:6c:ae:6b:4c:1f:
4a:19:40:e3:57:75:f8:89:98:78:ea:12:2a:f2:ff:d2:25:3c:
0b:9e:4e:9d:5c:64:19:71:24:13:20:0d:ec:48:17:43:be:83:
f9:8e:2c:35:95:b6:75:9f:42:fa:19:2e:2a:f7:37:bc:7d:f0:
b2:69:8e:1b
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAY2UnQeX6sm0YxdggybVaLWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMjEwMjAwMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThhN2JlNjk5ZDhiM2MxOTJiZWFiY2NkYzI2NDc4NzU5YzY3NWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbBV6aHOnXGwMNq559TZg3KoWnJD
zW8R521+SvjKT3YZO/IoZV7R/9vZ5eH9wkZhS3zWKEAxXm7K3knppLT7Sks/h8Ib
H+n4Q7nY4QbjjkYy4RGFAihfoS/rPhpbfeP2JMlHYdWKOBTnlVmqufQiFACvN+Vj
+dUSkwYhPCdru3fe6a7AU0EE/jBV+GCSivLRzG9ctffYg4sLzzLzCHnxAPdenyz8
Rb9S5wcfGezU3+c8YmiFUvK9LyT91HT87dnGWvcW345O1k81cIUqiFLvuvkPWP8J
53Ul+zi0pzKrXIWDNQ42yB4awDk11YY8TKBCal41qogWWB/w2egaXb6IGQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFGmKe+aZ2LPBkr6rzNwmR4dZxnXTMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvYVlwNzVwbllzOEdTdnF2TTNDWkhoMW5HZGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB6BAIAATB0AwQCLY6c
AwQCLZFIAwQCLZakAwQBLZbiAwQCLZeEAwQCLZrUAwQAW/YnAwQAXppyAwQAsHQB
AwQAshYeAwQAvF2LAwQBwdrIAwQBwd1eAwQBwnzaAwQBwnzgMAwDBAHCk2IDBAHC
k2QDBADUEm8DBADZci8wDgQCAAIwCAMGBioO2kBAMA0GCSqGSIb3DQEBCwUAA4IB
AQC7EWdnRsCdh/qwZFU/Z1DUpZ8vSPTZ68LHdIXzw9JBwV0AkWYC/kksNMmHd7wF
oVMSmaVpDidTHWfBB+cbQLoGJzD2UoFWMG/hR4jnQZHWr9LgsdQ6d8WVA2E78YaG
Zl41WecwMAesEG29Uppk4K/0vA5Ys7VdzSuG5k8CDKdP4TNpsLGG/zUB349XnA+m
ZGFuIY4IoduaLwsgaaMur/z6QPU61LmjMvCxgIuqqK9YZ4Vvrj30UbaP0t4bvH3e
lO4DbK5rTB9KGUDjV3X4iZh46hIq8v/SJTwLnk6dXGQZcSQTIA3sSBdDvoP5jiw1
lbZ1n0L6GS4q9ze8ffCyaY4b
-----END CERTIFICATE-----
Generated at Sun May 19 07:04:11 2024 by rpki-client on console-ams.rpki-client.org