Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/RFsDNypGzzesmnfvvCRcU9jhtJA.roa
File: RFsDNypGzzesmnfvvCRcU9jhtJA.roa (raw, json)
Hash identifier: bIXHQGyw2IBXinZ45nJkv4qBsHKXmDRHpLMT9+G0Vrw=
Subject key identifier: 44:5B:03:37:2A:46:CF:37:AC:9A:77:EF:BC:24:5C:53:D8:E1:B4:90
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 0192C8205D453ABE484CD383CD51B257B990
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/RFsDNypGzzesmnfvvCRcU9jhtJA.roa
Signing time: Sat 26 Oct 2024 09:20:17 +0000
ROA not before: Sat 26 Oct 2024 09:20:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25124
IP address blocks: 81.91.128.0/20 maxlen: 20
81.91.128.0/21 maxlen: 21
81.91.128.0/22 maxlen: 22
81.91.128.0/23 maxlen: 23
81.91.130.0/23 maxlen: 23
81.91.130.0/24 maxlen: 24
81.91.132.0/22 maxlen: 22
81.91.132.0/23 maxlen: 23
81.91.134.0/23 maxlen: 23
81.91.136.0/22 maxlen: 22
81.91.136.0/23 maxlen: 23
81.91.138.0/23 maxlen: 23
81.91.138.0/24 maxlen: 24
81.91.138.40/29 maxlen: 29
81.91.138.48/28 maxlen: 28
81.91.138.80/28 maxlen: 28
81.91.138.112/28 maxlen: 28
81.91.139.0/24 maxlen: 24
81.91.140.0/22 maxlen: 22
81.91.140.0/23 maxlen: 23
81.91.142.0/23 maxlen: 23
91.184.80.0/20 maxlen: 20
109.162.128.0/20 maxlen: 20
109.162.144.0/20 maxlen: 20
109.162.144.0/21 maxlen: 21
109.162.160.0/20 maxlen: 20
109.162.176.0/20 maxlen: 20
109.162.176.0/24 maxlen: 24
109.162.192.0/20 maxlen: 20
109.162.208.0/20 maxlen: 20
109.162.224.0/20 maxlen: 20
213.207.208.0/20 maxlen: 20
213.207.224.0/20 maxlen: 20
213.207.232.0/21 maxlen: 21
213.207.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.mft
rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c8:20:5d:45:3a:be:48:4c:d3:83:cd:51:b2:57:b9:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Oct 26 09:20:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=445b03372a46cf37ac9a77efbc245c53d8e1b490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c7:1c:b6:16:8d:06:55:5a:47:a9:aa:0a:9c:
28:b3:a4:e3:f3:36:f9:b6:b1:98:0f:08:e0:aa:98:
f7:c9:8c:cc:8a:5e:c3:4e:46:50:af:34:64:9c:cd:
f3:b7:ca:e2:66:a7:31:ba:65:0c:05:f4:33:6c:93:
3e:82:ed:23:f3:a2:d2:1d:49:5b:df:ba:bc:aa:33:
ba:40:6b:69:97:e4:36:1f:f7:b9:96:66:3f:66:2f:
3e:76:e7:01:7e:5e:40:0f:b4:6c:91:ad:b6:f9:c2:
52:e2:fe:d8:48:7f:69:55:a9:12:1d:1b:bb:f8:dc:
71:ca:db:18:76:43:d0:dd:a0:38:4d:43:10:7d:05:
d9:f8:6a:8e:17:40:e6:48:94:76:90:68:de:44:43:
ba:a8:21:df:f2:07:4e:8c:1a:c5:f2:7f:8d:34:73:
e7:b5:b6:22:25:54:02:d0:a7:a5:dd:cb:f2:62:31:
c1:32:df:63:50:36:c8:93:e6:3c:02:6b:85:e9:ae:
71:f9:2a:d0:05:f4:bd:56:84:ad:5a:90:d3:89:4b:
27:71:3e:03:a6:0b:bf:44:3d:e1:f2:32:73:85:e2:
51:25:2a:7d:3c:1c:f1:3c:1f:df:f8:77:15:b0:71:
79:49:74:d2:34:f6:52:73:30:28:25:a4:ad:48:61:
51:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:5B:03:37:2A:46:CF:37:AC:9A:77:EF:BC:24:5C:53:D8:E1:B4:90
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/RFsDNypGzzesmnfvvCRcU9jhtJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.128.0/20
91.184.80.0/20
109.162.128.0-109.162.239.255
213.207.208.0-213.207.255.255
Signature Algorithm: sha256WithRSAEncryption
82:ae:40:e2:a3:b4:30:eb:70:0b:9f:91:db:18:9e:dc:ed:58:
cb:1a:ae:4d:70:6c:66:63:cb:e5:9f:c7:6d:3f:df:6f:ba:6d:
03:b4:b1:20:01:6f:69:43:d1:bb:c9:f9:98:cb:63:26:0a:a9:
b7:13:30:4c:f5:a7:1f:c5:6f:3c:cd:41:70:6a:fa:eb:c3:a5:
21:53:f5:6c:29:87:61:12:2f:01:b9:5e:95:4a:f9:6b:0c:b5:
6d:3a:63:46:28:71:de:73:94:2d:ff:7b:d9:2c:c0:72:28:33:
55:0c:62:94:4f:1c:95:74:b9:00:fd:16:22:bf:f6:df:17:c9:
f7:20:6b:de:0d:56:35:ce:ae:9f:2e:b6:1b:a7:32:aa:14:8e:
3c:e7:a8:30:fc:6f:f2:83:fc:8b:db:49:fb:cd:5a:3a:1d:a1:
1c:45:5d:56:87:63:81:19:38:e2:3c:94:8d:29:aa:74:e2:4d:
00:58:a1:ec:ed:2d:8d:82:44:c2:cd:57:93:95:e3:93:e3:16:
7b:fd:20:f0:76:97:b2:ac:d5:ab:54:a2:ac:07:6b:a8:a4:4a:
4b:01:19:c2:ad:49:ba:d3:98:6d:7f:1f:14:b0:c8:ea:47:8f:
69:6a:3b:03:82:16:db:7f:f3:f6:3f:49:d7:5d:02:6c:48:9e:
14:00:cf:01
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZLIIF1FOr5ITNODzVGyV7mQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjQxMDI2MDkyMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDViMDMzNzJhNDZjZjM3YWM5YTc3ZWZiYzI0NWM1M2Q4ZTFiNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58ccthaNBlVaR6mqCpwos6Tj8zb5
trGYDwjgqpj3yYzMil7DTkZQrzRknM3zt8riZqcxumUMBfQzbJM+gu0j86LSHUlb
37q8qjO6QGtpl+Q2H/e5lmY/Zi8+ducBfl5AD7Rska22+cJS4v7YSH9pVakSHRu7
+NxxytsYdkPQ3aA4TUMQfQXZ+GqOF0DmSJR2kGjeREO6qCHf8gdOjBrF8n+NNHPn
tbYiJVQC0Kel3cvyYjHBMt9jUDbIk+Y8AmuF6a5x+SrQBfS9VoStWpDTiUsncT4D
pgu/RD3h8jJzheJRJSp9PBzxPB/f+HcVsHF5SXTSNPZSczAoJaStSGFR3wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFERbAzcqRs83rJp377wkXFPY4bSQMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvUkZzRE55cEd6emVzbW5mdnZDUmNVOWpodEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwQEUVuAAwQE
W7hQMAwDBAdtooADBARtouAwCwMEBNXP0AMDBNXAMA0GCSqGSIb3DQEBCwUAA4IB
AQCCrkDio7Qw63ALn5HbGJ7c7VjLGq5NcGxmY8vln8dtP99vum0DtLEgAW9pQ9G7
yfmYy2MmCqm3EzBM9acfxW88zUFwavrrw6UhU/VsKYdhEi8BuV6VSvlrDLVtOmNG
KHHec5Qt/3vZLMByKDNVDGKUTxyVdLkA/RYiv/bfF8n3IGveDVY1zq6fLrYbpzKq
FI4856gw/G/yg/yL20n7zVo6HaEcRV1Wh2OBGTjiPJSNKap04k0AWKHs7S2NgkTC
zVeTleOT4xZ7/SDwdpeyrNWrVKKsB2uopEpLARnCrUm605htfx8UsMjqR49pajsD
ghbbf/P2P0nXXQJsSJ4UAM8B
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:19:28 2024 by rpki-client on console-ams.rpki-client.org