Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/S7lDiKRDO7mEOsNbvMeG9_DaFXs.roa
File: S7lDiKRDO7mEOsNbvMeG9_DaFXs.roa (raw, json)
Hash identifier: AGs/JITjd+YenZ8VSSu6nwYtXP3pqQyzIVhGXRfI5J0=
Subject key identifier: 4B:B9:43:88:A4:43:3B:B9:84:3A:C3:5B:BC:C7:86:F7:F0:DA:15:7B
Certificate issuer: /CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Certificate serial: 018CC72609234280391D307120952E81BBA2
Authority key identifier: 9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/S7lDiKRDO7mEOsNbvMeG9_DaFXs.roa
Signing time: Mon 01 Jan 2024 22:30:07 +0000
ROA not before: Mon 01 Jan 2024 22:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209711
IP address blocks: 45.145.20.0/24 maxlen: 24
193.53.87.0/24 maxlen: 24
193.53.98.0/24 maxlen: 24
37.156.246.0/24 maxlen: 24
193.53.103.0/24 maxlen: 24
109.230.196.0/24 maxlen: 24
193.53.245.0/24 maxlen: 24
45.139.222.0/24 maxlen: 24
31.214.152.0/24 maxlen: 24
31.14.52.0/24 maxlen: 24
89.45.94.0/24 maxlen: 24
185.111.245.0/24 maxlen: 24
185.111.244.0/24 maxlen: 24
185.111.246.0/24 maxlen: 24
185.111.247.0/24 maxlen: 24
93.113.96.0/24 maxlen: 24
31.214.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 20:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:09:23:42:80:39:1d:30:71:20:95:2e:81:bb:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Validity
Not Before: Jan 1 22:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bb94388a4433bb9843ac35bbcc786f7f0da157b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5d:56:0f:d1:26:03:97:bd:ae:1d:3d:96:3d:
2d:8c:3f:c0:5c:96:85:8b:16:c4:93:92:a0:30:5e:
96:52:a8:06:6b:95:7a:a8:0b:11:99:21:0e:69:6a:
9a:c5:df:70:de:35:fb:b9:e0:dc:52:6d:3c:7b:b8:
81:55:53:f5:a8:be:32:59:cc:aa:6d:46:d0:74:6a:
06:4d:12:b2:c7:a7:c4:d9:6b:bc:bf:8e:66:19:8e:
99:d5:af:06:09:a5:53:c0:e8:51:89:04:88:31:7f:
6f:4b:81:4f:83:f2:a3:37:28:f3:66:f1:04:98:20:
9e:5b:09:26:ea:eb:dc:dd:2b:3f:d4:9b:c1:00:70:
90:f6:69:de:89:6b:65:c4:2a:b5:62:04:87:fc:bc:
42:96:c8:89:9b:1c:ff:3e:30:bb:a9:af:9b:5d:0d:
e9:b8:79:52:38:04:83:8b:d9:a6:12:88:12:30:94:
19:86:fc:6e:4e:3b:62:7f:f9:6c:ca:69:d3:d2:fa:
bf:d0:20:a3:7a:24:19:d6:2c:c0:69:77:47:e1:7e:
d6:3f:60:a9:55:86:03:10:ed:48:34:14:76:f7:18:
b4:f2:0e:ad:03:76:1b:42:7e:25:bc:4b:ad:46:90:
65:75:09:d8:30:99:45:60:28:9e:a8:8d:3a:f1:df:
ef:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B9:43:88:A4:43:3B:B9:84:3A:C3:5B:BC:C7:86:F7:F0:DA:15:7B
X509v3 Authority Key Identifier:
keyid:9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/S7lDiKRDO7mEOsNbvMeG9_DaFXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.52.0/24
31.214.129.0/24
31.214.152.0/24
37.156.246.0/24
45.139.222.0/24
45.145.20.0/24
89.45.94.0/24
93.113.96.0/24
109.230.196.0/24
185.111.244.0/22
193.53.87.0/24
193.53.98.0/24
193.53.103.0/24
193.53.245.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:e0:46:1f:47:16:65:75:0d:55:de:2d:f3:b1:16:9d:c8:f9:
23:be:ad:53:99:3f:7f:46:c6:31:6e:fa:19:42:29:a1:c8:c7:
9d:ba:83:a6:9b:88:0a:17:da:89:7d:8d:70:ef:eb:16:f1:dd:
db:45:9b:27:96:05:3c:5d:92:1c:56:71:f2:ef:71:cb:24:eb:
43:87:5e:1f:86:06:98:9a:c6:c3:fb:ec:f4:fd:35:67:a4:a8:
d0:f5:ec:66:ad:62:0b:6e:1b:5f:9e:98:43:87:81:7d:97:5a:
54:ad:bb:f8:04:64:2e:6c:4e:6c:4a:c6:8b:54:68:87:f4:90:
b3:93:ba:d4:2c:ed:cf:52:4e:e9:08:19:0b:0b:e9:7e:a5:15:
01:58:9e:92:65:50:1d:39:79:75:20:29:49:57:4b:be:06:1c:
f8:ef:af:13:4d:0f:0e:33:21:e5:dc:da:83:06:1c:0c:cc:f9:
5b:25:4a:98:8e:df:65:85:00:e8:7c:b1:99:7b:c1:aa:7f:7d:
5e:1d:e6:2f:9f:4a:46:67:3a:79:8a:d5:34:45:2e:bc:2b:9b:
99:9f:f4:5c:5a:ac:4f:11:26:91:74:39:62:e3:20:66:34:dd:
db:f0:7f:bc:55:da:0a:89:4d:82:90:85:f4:a9:32:c0:04:78:
d3:1f:ad:2d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzHJgkjQoA5HTBxIJUugbuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZDA3NTg4MjVkZDg5Y2ZlZTVmZGVjYzdkY2I2NTFmMGE1
ZDEwMTgwHhcNMjQwMTAxMjIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmI5NDM4OGE0NDMzYmI5ODQzYWMzNWJiY2M3ODZmN2YwZGExNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn11WD9EmA5e9rh09lj0tjD/AXJaF
ixbEk5KgMF6WUqgGa5V6qAsRmSEOaWqaxd9w3jX7ueDcUm08e7iBVVP1qL4yWcyq
bUbQdGoGTRKyx6fE2Wu8v45mGY6Z1a8GCaVTwOhRiQSIMX9vS4FPg/KjNyjzZvEE
mCCeWwkm6uvc3Ss/1JvBAHCQ9mneiWtlxCq1YgSH/LxClsiJmxz/PjC7qa+bXQ3p
uHlSOASDi9mmEogSMJQZhvxuTjtif/lsymnT0vq/0CCjeiQZ1izAaXdH4X7WP2Cp
VYYDEO1INBR29xi08g6tA3YbQn4lvEutRpBldQnYMJlFYCieqI068d/vbQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEu5Q4ikQzu5hDrDW7zHhvfw2hV7MB8GA1UdIwQY
MBaAFJzQdYgl3YnP7l/ezH3LZR8KXRAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3Yjkt
YTU0ZjhlNDgxM2U3LzEvUzdsRGlLUkRPN21FT3NOYnZNZUc5X0RhRlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3YjktYTU0ZjhlNDgxM2U3
LzEvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAHw40AwQA
H9aBAwQAH9aYAwQAJZz2AwQALYveAwQALZEUAwQAWS1eAwQAXXFgAwQAbebEAwQC
uW/0AwQAwTVXAwQAwTViAwQAwTVnAwQAwTX1MA0GCSqGSIb3DQEBCwUAA4IBAQCg
4EYfRxZldQ1V3i3zsRadyPkjvq1TmT9/RsYxbvoZQimhyMeduoOmm4gKF9qJfY1w
7+sW8d3bRZsnlgU8XZIcVnHy73HLJOtDh14fhgaYmsbD++z0/TVnpKjQ9exmrWIL
bhtfnphDh4F9l1pUrbv4BGQubE5sSsaLVGiH9JCzk7rULO3PUk7pCBkLC+l+pRUB
WJ6SZVAdOXl1IClJV0u+Bhz4768TTQ8OMyHl3NqDBhwMzPlbJUqYjt9lhQDofLGZ
e8Gqf31eHeYvn0pGZzp5itU0RS68K5uZn/RcWqxPESaRdDli4yBmNN3b8H+8VdoK
iU2CkIX0qTLABHjTH60t
-----END CERTIFICATE-----
Generated at Mon Jun 17 04:57:31 2024 by rpki-client on console-fra.rpki-client.org