Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/1kzbcgCnBar5pUMf8qAohvoF2H4.roa
File: 1kzbcgCnBar5pUMf8qAohvoF2H4.roa (raw, json)
Hash identifier: 7EjHpBM+rTFT0lK2nmGSwjwSYThS7qTFjOc7+Ci9G9M=
Subject key identifier: D6:4C:DB:72:00:A7:05:AA:F9:A5:43:1F:F2:A0:28:86:FA:05:D8:7E
Certificate issuer: /CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Certificate serial: 018CC72608E9005FF284AB7DEF1D1849A2FA
Authority key identifier: 9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/1kzbcgCnBar5pUMf8qAohvoF2H4.roa
Signing time: Mon 01 Jan 2024 22:30:07 +0000
ROA not before: Mon 01 Jan 2024 22:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.145.20.0/24 maxlen: 24
193.53.87.0/24 maxlen: 24
37.156.246.0/24 maxlen: 24
193.53.98.0/24 maxlen: 24
193.53.103.0/24 maxlen: 24
109.230.196.0/24 maxlen: 24
193.53.245.0/24 maxlen: 24
45.139.222.0/24 maxlen: 24
31.214.152.0/24 maxlen: 24
89.45.94.0/24 maxlen: 24
31.14.52.0/24 maxlen: 24
185.111.244.0/24 maxlen: 24
185.111.245.0/24 maxlen: 24
185.111.246.0/24 maxlen: 24
185.111.247.0/24 maxlen: 24
93.113.96.0/24 maxlen: 24
31.214.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:08:e9:00:5f:f2:84:ab:7d:ef:1d:18:49:a2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Validity
Not Before: Jan 1 22:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d64cdb7200a705aaf9a5431ff2a02886fa05d87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:22:bf:fc:6b:fb:8e:c7:f3:a4:db:d7:0a:8a:
a4:97:80:1a:06:f9:5c:72:db:79:25:94:3a:7d:4d:
17:1e:ae:58:49:17:ef:70:88:50:c7:ea:24:30:da:
12:41:64:96:08:ea:e5:5e:18:1c:e4:bc:ea:fa:57:
45:04:6f:8a:6a:23:03:83:af:32:2e:72:69:1e:da:
e6:01:18:35:b2:78:85:ed:9b:74:b4:e7:aa:a8:e4:
94:ce:c9:cd:ca:6d:a7:49:37:60:94:c5:4f:72:0d:
72:92:4b:26:46:b5:53:9b:aa:cb:64:95:48:e3:6c:
c2:e4:2a:82:54:c4:2f:40:ab:85:2a:93:a5:ae:fe:
6c:09:d0:a3:c0:df:11:ab:85:a5:94:7c:08:bd:8f:
14:5e:b0:1a:9c:f6:64:38:3f:f0:3c:43:a9:b1:fb:
44:56:88:27:79:5c:9d:52:d8:c9:5b:04:05:6e:3a:
c0:ff:1b:f8:5d:6d:4f:f2:88:bd:3f:3b:bb:d6:8e:
9e:a5:aa:36:9a:b0:cb:02:1b:89:53:2f:81:82:3f:
2a:ef:ef:24:f8:0f:b0:42:20:f9:cb:b6:4e:47:e1:
47:da:e5:6c:e9:84:2b:50:d6:c7:31:2e:b4:99:46:
15:08:52:38:09:01:10:b6:96:8a:66:a5:f6:f8:08:
44:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4C:DB:72:00:A7:05:AA:F9:A5:43:1F:F2:A0:28:86:FA:05:D8:7E
X509v3 Authority Key Identifier:
keyid:9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/1kzbcgCnBar5pUMf8qAohvoF2H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.52.0/24
31.214.129.0/24
31.214.152.0/24
37.156.246.0/24
45.139.222.0/24
45.145.20.0/24
89.45.94.0/24
93.113.96.0/24
109.230.196.0/24
185.111.244.0/22
193.53.87.0/24
193.53.98.0/24
193.53.103.0/24
193.53.245.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:87:57:10:f8:17:fd:91:c2:b5:a4:63:6c:07:89:db:1c:8a:
f1:c9:2d:f4:c4:fe:c8:2a:6f:9c:cc:dc:c1:8c:fe:dd:58:c1:
ee:ac:eb:17:f6:1e:bd:ee:00:65:fe:79:bd:23:a9:f4:74:f3:
f2:1e:30:0c:92:3e:fc:c1:09:83:83:1e:17:66:d5:17:e1:3e:
f9:08:34:1f:26:33:3a:87:54:92:9c:62:fc:b3:b8:a2:8d:11:
ea:10:6a:11:2f:a5:39:d5:02:77:a9:4e:32:86:27:c6:c2:17:
0f:6b:e1:48:6a:87:e8:5a:05:bc:44:45:ad:d5:27:b4:28:00:
69:f2:bc:54:40:77:ac:b3:8f:4d:ba:78:87:dd:39:51:bf:65:
38:ac:c1:5b:8a:83:9a:4d:d0:92:e2:5b:51:90:31:04:1a:3e:
86:a6:b5:b6:ff:c0:95:e1:3f:60:07:af:7e:95:23:da:93:f0:
2b:2a:1b:6a:60:a7:eb:73:bd:b8:10:23:43:1f:dd:bf:e1:c7:
0a:bc:0d:70:83:d3:b0:a2:32:aa:e6:51:7c:a0:86:78:91:6a:
da:e0:5a:39:1c:6d:eb:e4:1b:97:a1:8b:70:e7:f8:fb:b0:e9:
80:7a:5c:5f:c2:35:86:09:ee:f4:63:12:0e:89:4b:e7:9f:0c:
23:74:cd:3b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzHJgjpAF/yhKt97x0YSaL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZDA3NTg4MjVkZDg5Y2ZlZTVmZGVjYzdkY2I2NTFmMGE1
ZDEwMTgwHhcNMjQwMTAxMjIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRjZGI3MjAwYTcwNWFhZjlhNTQzMWZmMmEwMjg4NmZhMDVkODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCK//Gv7jsfzpNvXCoqkl4AaBvlc
ctt5JZQ6fU0XHq5YSRfvcIhQx+okMNoSQWSWCOrlXhgc5Lzq+ldFBG+KaiMDg68y
LnJpHtrmARg1sniF7Zt0tOeqqOSUzsnNym2nSTdglMVPcg1ykksmRrVTm6rLZJVI
42zC5CqCVMQvQKuFKpOlrv5sCdCjwN8Rq4WllHwIvY8UXrAanPZkOD/wPEOpsftE
VogneVydUtjJWwQFbjrA/xv4XW1P8oi9Pzu71o6epao2mrDLAhuJUy+Bgj8q7+8k
+A+wQiD5y7ZOR+FH2uVs6YQrUNbHMS60mUYVCFI4CQEQtpaKZqX2+AhEswIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNZM23IApwWq+aVDH/KgKIb6Bdh+MB8GA1UdIwQY
MBaAFJzQdYgl3YnP7l/ezH3LZR8KXRAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3Yjkt
YTU0ZjhlNDgxM2U3LzEvMWt6YmNnQ25CYXI1cFVNZjhxQW9odm9GMkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3YjktYTU0ZjhlNDgxM2U3
LzEvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAHw40AwQA
H9aBAwQAH9aYAwQAJZz2AwQALYveAwQALZEUAwQAWS1eAwQAXXFgAwQAbebEAwQC
uW/0AwQAwTVXAwQAwTViAwQAwTVnAwQAwTX1MA0GCSqGSIb3DQEBCwUAA4IBAQBu
h1cQ+Bf9kcK1pGNsB4nbHIrxyS30xP7IKm+czNzBjP7dWMHurOsX9h697gBl/nm9
I6n0dPPyHjAMkj78wQmDgx4XZtUX4T75CDQfJjM6h1SSnGL8s7iijRHqEGoRL6U5
1QJ3qU4yhifGwhcPa+FIaofoWgW8REWt1Se0KABp8rxUQHess49NuniH3TlRv2U4
rMFbioOaTdCS4ltRkDEEGj6GprW2/8CV4T9gB69+lSPak/ArKhtqYKfrc724ECND
H92/4ccKvA1wg9OwojKq5lF8oIZ4kWra4Fo5HG3r5BuXoYtw5/j7sOmAelxfwjWG
Ce70YxIOiUvnnwwjdM07
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:27:22 2024 by rpki-client on console-ams.rpki-client.org