Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/pVot0eUJdkojRmaHA7QTrs0K-bo.roa
File: pVot0eUJdkojRmaHA7QTrs0K-bo.roa (raw, json)
Hash identifier: fEGFfZWWDiOoIruUNkx1HrK8QTFBzvWZOAp+ZsJkGmg=
Subject key identifier: A5:5A:2D:D1:E5:09:76:4A:23:46:66:87:03:B4:13:AE:CD:0A:F9:BA
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0193252F312EC7A7548F95B930AEEC45B920
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/pVot0eUJdkojRmaHA7QTrs0K-bo.roa
Signing time: Wed 13 Nov 2024 11:01:09 +0000
ROA not before: Wed 13 Nov 2024 11:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.11.232.0/24 maxlen: 24
45.11.234.0/23 maxlen: 23
45.91.188.0/22 maxlen: 22
45.147.61.0/24 maxlen: 24
45.147.62.0/24 maxlen: 24
45.153.236.0/24 maxlen: 24
45.153.237.0/24 maxlen: 24
45.153.238.0/24 maxlen: 24
77.83.46.0/23 maxlen: 23
77.83.68.0/24 maxlen: 24
77.83.69.0/24 maxlen: 24
77.83.70.0/24 maxlen: 24
77.83.71.0/24 maxlen: 24
84.252.84.0/23 maxlen: 23
84.252.86.0/24 maxlen: 24
84.252.87.0/24 maxlen: 24
95.214.100.0/22 maxlen: 22
171.22.188.0/24 maxlen: 24
171.22.189.0/24 maxlen: 24
171.22.190.0/24 maxlen: 24
185.15.176.0/22 maxlen: 22
185.164.66.0/23 maxlen: 23
193.36.124.0/22 maxlen: 22
194.110.88.0/22 maxlen: 22
212.81.41.0/24 maxlen: 24
212.81.42.0/24 maxlen: 24
212.81.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:2f:31:2e:c7:a7:54:8f:95:b9:30:ae:ec:45:b9:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Nov 13 11:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a55a2dd1e509764a2346668703b413aecd0af9ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ab:b8:5a:7f:37:96:0e:f6:8b:db:1f:2c:40:
fc:cf:ec:7d:07:9a:25:3f:7b:c1:07:de:be:bb:ed:
95:56:fd:bf:72:5a:6d:37:f2:68:d2:1a:66:7a:ea:
41:5b:9d:8e:29:ad:9f:18:f1:56:5e:46:46:3d:b4:
73:2c:af:93:b5:91:68:1e:8f:bb:53:96:75:40:aa:
e5:9b:4f:0f:a3:58:b6:71:c9:a5:35:07:82:48:92:
fc:57:08:02:67:42:0e:e8:93:cc:76:0c:b6:0d:c7:
14:b1:84:54:38:e7:d6:6a:cf:49:4a:c8:eb:37:33:
3f:dd:ad:9b:53:b1:26:57:a4:6b:85:f3:56:22:29:
f1:ef:d3:e1:6e:0c:4c:ba:1e:02:f8:d2:74:ad:84:
80:50:44:53:ff:cc:41:11:dc:f8:8e:07:9c:26:85:
e3:fe:20:ff:e6:57:17:48:29:6c:58:35:cc:2b:b3:
8f:2e:bf:ed:ef:7a:f6:e7:79:3c:dc:20:2f:0e:b7:
6a:57:fb:1d:b3:bd:b1:52:75:2d:58:44:d2:d5:a5:
89:d8:53:7a:13:c8:a9:06:c9:b1:db:2c:f0:e8:ee:
33:6a:ef:3e:7d:41:88:47:d4:f9:e5:ff:ab:27:12:
a5:90:c5:68:4b:7b:f1:8c:82:60:ac:d5:4d:1f:8f:
ca:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:5A:2D:D1:E5:09:76:4A:23:46:66:87:03:B4:13:AE:CD:0A:F9:BA
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/pVot0eUJdkojRmaHA7QTrs0K-bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.232.0/24
45.11.234.0/23
45.91.188.0/22
45.147.61.0-45.147.62.255
45.153.236.0-45.153.238.255
77.83.46.0/23
77.83.68.0/22
84.252.84.0/22
95.214.100.0/22
171.22.188.0-171.22.190.255
185.15.176.0/22
185.164.66.0/23
193.36.124.0/22
194.110.88.0/22
212.81.41.0-212.81.43.255
Signature Algorithm: sha256WithRSAEncryption
64:7a:20:5d:b2:0a:f9:40:eb:ff:e1:cf:22:29:8b:16:db:34:
39:1e:59:f7:bc:04:3b:0e:0d:f3:ea:9e:c6:20:bf:eb:10:7e:
f0:b7:d2:e4:41:89:94:61:31:93:e5:1b:4a:82:b8:d3:ef:a9:
d2:3c:d9:46:df:47:ad:cf:c5:5f:90:c0:61:6e:5c:49:dd:d9:
8a:d8:b5:96:d9:0f:2d:72:46:dc:85:af:7d:6c:4f:2a:a5:54:
a8:51:2e:41:e9:f2:27:b6:db:24:37:e5:17:7d:e0:22:15:f4:
4b:dc:77:09:5e:ac:82:ca:cc:69:99:c3:3b:90:fc:3c:3e:b1:
28:44:f6:8f:9a:b8:c5:68:bd:06:b8:9f:bd:98:6c:3e:76:69:
7f:45:9d:cf:3b:49:e5:46:b8:4b:51:7f:d1:fe:5b:43:6f:bb:
4e:8d:e7:34:56:cf:28:5d:c3:82:38:6c:09:68:c5:b8:19:1d:
af:1b:22:d8:8a:f6:3d:4e:31:aa:7c:b5:72:03:de:12:80:12:
8d:cd:e3:2e:28:cf:5f:06:1f:9e:2e:ed:4f:15:56:40:f5:63:
c7:68:42:df:8b:d1:e0:3e:da:65:22:75:e1:7b:07:8c:4b:9e:
2c:fd:92:4e:ae:86:35:43:9c:1e:c8:a7:54:57:93:f2:24:b0:
3e:74:4a:9d
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZMlLzEux6dUj5W5MK7sRbkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQxMTEzMTEwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTVhMmRkMWU1MDk3NjRhMjM0NjY2ODcwM2I0MTNhZWNkMGFmOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6u4Wn83lg72i9sfLED8z+x9B5ol
P3vBB96+u+2VVv2/clptN/Jo0hpmeupBW52OKa2fGPFWXkZGPbRzLK+TtZFoHo+7
U5Z1QKrlm08Po1i2ccmlNQeCSJL8VwgCZ0IO6JPMdgy2DccUsYRUOOfWas9JSsjr
NzM/3a2bU7EmV6RrhfNWIinx79PhbgxMuh4C+NJ0rYSAUERT/8xBEdz4jgecJoXj
/iD/5lcXSClsWDXMK7OPLr/t73r253k83CAvDrdqV/sds72xUnUtWETS1aWJ2FN6
E8ipBsmx2yzw6O4zau8+fUGIR9T55f+rJxKlkMVoS3vxjIJgrNVNH4/KBQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFKVaLdHlCXZKI0ZmhwO0E67NCvm6MB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvcFZvdDBlVUpka29qUm1hSEE3UVRyczBLLWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAC0L
6AMEAS0L6gMEAi1bvDAMAwQALZM9AwQALZM+MAwDBAItmewDBAAtme4DBAFNUy4D
BAJNU0QDBAJU/FQDBAJf1mQwDAMEAqsWvAMEAKsWvgMEArkPsAMEAbmkQgMEAsEk
fAMEAsJuWDAMAwQA1FEpAwQC1FEoMA0GCSqGSIb3DQEBCwUAA4IBAQBkeiBdsgr5
QOv/4c8iKYsW2zQ5Hln3vAQ7Dg3z6p7GIL/rEH7wt9LkQYmUYTGT5RtKgrjT76nS
PNlG30etz8VfkMBhblxJ3dmK2LWW2Q8tckbcha99bE8qpVSoUS5B6fInttskN+UX
feAiFfRL3HcJXqyCysxpmcM7kPw8PrEoRPaPmrjFaL0GuJ+9mGw+dml/RZ3PO0nl
RrhLUX/R/ltDb7tOjec0Vs8oXcOCOGwJaMW4GR2vGyLYivY9TjGqfLVyA94SgBKN
zeMuKM9fBh+eLu1PFVZA9WPHaELfi9HgPtplInXheweMS54s/ZJOroY1Q5weyKdU
V5PyJLA+dEqd
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:05:40 2024 by rpki-client on console-ams.rpki-client.org