Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/Rdwcqw5K8Q9WqtlCgP__QWxiWPU.roa
File: Rdwcqw5K8Q9WqtlCgP__QWxiWPU.roa (raw, json)
Hash identifier: 2gwUYH0YLcPes0ahJeia7K7gWxCAp5Olx1EsyUxJ3yA=
Subject key identifier: 45:DC:1C:AB:0E:4A:F1:0F:56:AA:D9:42:80:FF:FF:41:6C:62:58:F5
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 018F059FC87B8CDD0B12BB7A23569C39982A
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/Rdwcqw5K8Q9WqtlCgP__QWxiWPU.roa
Signing time: Mon 22 Apr 2024 11:45:08 +0000
ROA not before: Mon 22 Apr 2024 11:45:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.11.232.0/24 maxlen: 24
45.11.234.0/23 maxlen: 23
45.91.188.0/22 maxlen: 22
45.142.52.0/22 maxlen: 22
45.147.62.0/24 maxlen: 24
45.153.236.0/24 maxlen: 24
45.153.237.0/24 maxlen: 24
45.153.238.0/24 maxlen: 24
77.83.46.0/23 maxlen: 23
77.83.68.0/24 maxlen: 24
77.83.69.0/24 maxlen: 24
77.83.70.0/24 maxlen: 24
77.83.71.0/24 maxlen: 24
80.76.36.0/22 maxlen: 22
84.252.84.0/23 maxlen: 23
84.252.86.0/24 maxlen: 24
84.252.87.0/24 maxlen: 24
95.214.100.0/22 maxlen: 22
171.22.188.0/24 maxlen: 24
171.22.189.0/24 maxlen: 24
171.22.190.0/24 maxlen: 24
185.15.176.0/22 maxlen: 22
185.164.66.0/23 maxlen: 23
193.36.124.0/22 maxlen: 22
194.110.88.0/22 maxlen: 22
212.81.42.0/24 maxlen: 24
212.81.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:9f:c8:7b:8c:dd:0b:12:bb:7a:23:56:9c:39:98:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Apr 22 11:45:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45dc1cab0e4af10f56aad94280ffff416c6258f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:95:2a:26:d3:f9:4b:81:18:ac:9a:18:5d:25:
91:d0:15:9c:4c:a6:aa:1b:94:36:c7:12:86:f8:4c:
22:4a:a1:c8:27:4e:fa:5f:8a:f5:1f:a9:a0:46:55:
7e:44:3e:ce:ae:48:46:7a:de:f0:da:b7:3e:c0:dc:
73:1c:c6:f7:f2:8b:8b:ce:28:c7:47:14:e5:04:3b:
ee:80:2d:70:6c:92:7d:39:8f:e5:5d:ed:cb:bc:f3:
8e:ee:27:ab:52:42:ab:ef:6b:29:b4:8a:d4:31:e4:
98:a8:7d:77:82:d2:0e:be:a2:56:93:7d:33:63:fe:
e6:9a:f5:6b:fe:e5:55:d5:83:5d:4d:fe:1a:fa:b2:
24:89:b0:8e:74:8d:14:d8:ab:75:70:77:12:cd:0d:
2b:7f:70:cb:63:02:f4:51:45:7e:ae:39:21:d4:6d:
c6:bb:e8:41:53:c6:4c:65:2c:50:98:8c:43:2a:61:
67:6e:9b:88:eb:3e:a2:7a:98:1f:3f:78:84:8b:97:
dc:6f:46:eb:b2:a5:2d:5f:d7:fa:a8:44:bb:26:cc:
f3:a3:4d:52:86:98:36:eb:ec:a9:68:3b:6b:cc:24:
c6:a7:52:a9:72:c2:34:1c:a4:49:0a:1e:57:00:9f:
d6:44:9e:a4:f9:d0:2c:17:61:05:d2:50:7c:9b:6d:
01:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:DC:1C:AB:0E:4A:F1:0F:56:AA:D9:42:80:FF:FF:41:6C:62:58:F5
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/Rdwcqw5K8Q9WqtlCgP__QWxiWPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.232.0/24
45.11.234.0/23
45.91.188.0/22
45.142.52.0/22
45.147.62.0/24
45.153.236.0-45.153.238.255
77.83.46.0/23
77.83.68.0/22
80.76.36.0/22
84.252.84.0/22
95.214.100.0/22
171.22.188.0-171.22.190.255
185.15.176.0/22
185.164.66.0/23
193.36.124.0/22
194.110.88.0/22
212.81.42.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:f7:a4:11:fa:bd:9d:3a:f8:e0:6d:91:52:c6:b4:fa:29:30:
0e:1c:54:7a:57:fe:23:cc:70:7b:85:14:25:e4:3e:25:7c:83:
4a:f7:19:6c:f0:03:b0:59:3e:08:ba:d6:40:4d:f3:b3:12:b5:
26:36:94:73:e6:89:a0:b8:8a:e4:7d:aa:f7:14:77:fc:63:93:
01:ec:82:da:43:98:59:54:ca:38:1b:62:62:94:e9:a2:f0:d6:
1e:0d:c8:9a:86:38:8f:c3:b3:22:98:c3:c5:59:0b:e6:9c:87:
8c:f9:70:27:fb:f6:e7:a2:26:00:f0:b1:06:15:67:e1:e2:91:
37:c3:ea:23:79:72:c9:ea:6b:1d:37:1d:5c:a2:4c:52:df:68:
33:ea:47:54:30:c9:4f:3f:d3:5e:7f:1f:78:93:bb:1c:d6:8e:
6c:62:22:94:46:43:11:ce:14:96:61:9a:4b:da:84:7b:17:39:
df:b3:2e:cc:3b:74:34:de:8f:31:ff:c5:67:f1:7f:b5:73:6b:
8a:36:5e:2c:84:9e:c8:8c:4f:ee:f8:5d:50:b8:b0:91:40:3f:
03:54:da:81:2e:58:b6:ba:42:57:0a:e1:cd:0b:07:e0:8f:b5:
b2:f1:f5:2a:13:c3:05:33:bc:b1:cc:7e:f9:dd:58:be:1b:32:
70:7a:96:c2
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAY8Fn8h7jN0LErt6I1acOZgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQwNDIyMTE0NTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWRjMWNhYjBlNGFmMTBmNTZhYWQ5NDI4MGZmZmY0MTZjNjI1OGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJUqJtP5S4EYrJoYXSWR0BWcTKaq
G5Q2xxKG+EwiSqHIJ076X4r1H6mgRlV+RD7OrkhGet7w2rc+wNxzHMb38ouLzijH
RxTlBDvugC1wbJJ9OY/lXe3LvPOO7ierUkKr72sptIrUMeSYqH13gtIOvqJWk30z
Y/7mmvVr/uVV1YNdTf4a+rIkibCOdI0U2Kt1cHcSzQ0rf3DLYwL0UUV+rjkh1G3G
u+hBU8ZMZSxQmIxDKmFnbpuI6z6iepgfP3iEi5fcb0brsqUtX9f6qES7Jszzo01S
hpg26+ypaDtrzCTGp1KpcsI0HKRJCh5XAJ/WRJ6k+dAsF2EF0lB8m20BIwIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFEXcHKsOSvEPVqrZQoD//0FsYlj1MB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvUmR3Y3F3NUs4UTlXcXRsQ2dQX19RV3hpV1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAtC+gD
BAEtC+oDBAItW7wDBAItjjQDBAAtkz4wDAMEAi2Z7AMEAC2Z7gMEAU1TLgMEAk1T
RAMEAlBMJAMEAlT8VAMEAl/WZDAMAwQCqxa8AwQAqxa+AwQCuQ+wAwQBuaRCAwQC
wSR8AwQCwm5YAwQB1FEqMA0GCSqGSIb3DQEBCwUAA4IBAQAf96QR+r2dOvjgbZFS
xrT6KTAOHFR6V/4jzHB7hRQl5D4lfINK9xls8AOwWT4IutZATfOzErUmNpRz5omg
uIrkfar3FHf8Y5MB7ILaQ5hZVMo4G2JilOmi8NYeDciahjiPw7MimMPFWQvmnIeM
+XAn+/bnoiYA8LEGFWfh4pE3w+ojeXLJ6msdNx1cokxS32gz6kdUMMlPP9Nefx94
k7sc1o5sYiKURkMRzhSWYZpL2oR7Fznfsy7MO3Q03o8x/8Vn8X+1c2uKNl4shJ7I
jE/u+F1QuLCRQD8DVNqBLli2ukJXCuHNCwfgj7Wy8fUqE8MFM7yxzH753Vi+GzJw
epbC
-----END CERTIFICATE-----
Generated at Mon May 6 10:29:36 2024 by rpki-client on console-fra.rpki-client.org