Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/sK5rqrJ9M1a3a9QtXQUGNtK-u-Y.roa
File: sK5rqrJ9M1a3a9QtXQUGNtK-u-Y.roa (raw, json)
Hash identifier: 2l+KqzYMHpEd4tGatsrguSDsGWJo4o4WS9IQmlbM4WU=
Subject key identifier: B0:AE:6B:AA:B2:7D:33:56:B7:6B:D4:2D:5D:05:06:36:D2:BE:BB:E6
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0193630768814FFC5FB5B3810B857FD8DB66
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/sK5rqrJ9M1a3a9QtXQUGNtK-u-Y.roa
Signing time: Mon 25 Nov 2024 11:14:10 +0000
ROA not before: Mon 25 Nov 2024 11:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.11.232.0/24 maxlen: 24
45.11.234.0/23 maxlen: 23
45.91.188.0/22 maxlen: 22
45.147.61.0/24 maxlen: 24
45.147.62.0/24 maxlen: 24
45.153.236.0/24 maxlen: 24
45.153.238.0/24 maxlen: 24
77.83.46.0/23 maxlen: 23
77.83.68.0/24 maxlen: 24
77.83.69.0/24 maxlen: 24
77.83.70.0/24 maxlen: 24
77.83.71.0/24 maxlen: 24
84.252.84.0/23 maxlen: 23
84.252.86.0/24 maxlen: 24
84.252.87.0/24 maxlen: 24
95.214.100.0/22 maxlen: 22
171.22.188.0/24 maxlen: 24
171.22.189.0/24 maxlen: 24
171.22.190.0/24 maxlen: 24
185.15.176.0/22 maxlen: 22
185.164.66.0/23 maxlen: 23
193.36.124.0/22 maxlen: 22
194.110.88.0/22 maxlen: 22
212.81.41.0/24 maxlen: 24
212.81.42.0/24 maxlen: 24
212.81.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:15:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:07:68:81:4f:fc:5f:b5:b3:81:0b:85:7f:d8:db:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Nov 25 11:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0ae6baab27d3356b76bd42d5d050636d2bebbe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6a:ea:e0:46:94:99:44:e3:9f:51:89:0b:df:
bb:b1:42:8d:ef:2a:f1:53:66:ae:38:a4:56:c5:80:
eb:0b:d5:21:c8:e3:50:98:18:14:56:4f:f4:3d:47:
c7:ee:66:2b:31:01:8a:0a:a2:29:34:58:42:9c:dd:
dd:b8:bf:5c:92:cf:d1:0f:fa:87:c6:26:c2:0f:44:
c2:36:36:db:07:00:5e:4f:ea:75:ee:43:4b:03:c3:
db:fc:1e:c9:2a:2e:fd:c3:e4:3a:fb:d7:b1:8e:a5:
77:9c:4e:7e:a9:7b:a1:f8:89:33:ff:6c:fb:a3:26:
92:d5:cc:34:33:f2:c4:4c:d7:87:84:aa:bc:0a:86:
1e:84:48:4e:c8:ec:20:a3:55:d7:36:56:ce:3b:66:
07:12:bf:7a:ad:18:95:d7:c2:40:f9:9b:dd:d5:ad:
e1:12:24:e3:49:5a:d0:9d:91:e2:aa:33:40:63:29:
d2:bc:e8:31:fd:56:e2:f0:8b:a7:b6:01:8c:a9:33:
35:75:15:a7:98:04:87:99:9b:42:24:13:8a:4b:a5:
11:b2:a8:02:4c:a3:e2:95:35:38:e1:ea:b9:01:92:
67:21:4f:b8:d5:e1:50:c8:b0:09:06:9a:ef:45:f6:
90:21:a6:55:92:0d:55:44:d5:7e:a4:91:d3:bd:4c:
33:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AE:6B:AA:B2:7D:33:56:B7:6B:D4:2D:5D:05:06:36:D2:BE:BB:E6
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/sK5rqrJ9M1a3a9QtXQUGNtK-u-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.232.0/24
45.11.234.0/23
45.91.188.0/22
45.147.61.0-45.147.62.255
45.153.236.0/24
45.153.238.0/24
77.83.46.0/23
77.83.68.0/22
84.252.84.0/22
95.214.100.0/22
171.22.188.0-171.22.190.255
185.15.176.0/22
185.164.66.0/23
193.36.124.0/22
194.110.88.0/22
212.81.41.0-212.81.43.255
Signature Algorithm: sha256WithRSAEncryption
c4:17:8c:7b:3e:2f:b0:4d:c4:e8:65:7e:c6:11:44:a1:9c:43:
92:a4:fb:ae:3a:08:33:b9:24:b4:51:12:d8:18:99:b3:96:3d:
dc:35:91:a3:6e:87:02:c8:c2:71:2c:fc:cc:e9:20:69:df:67:
39:6d:8b:36:bd:8f:83:21:67:4c:a7:dc:2e:c1:1d:e6:ab:f6:
c0:d2:c3:f1:51:cd:e7:c3:26:30:3b:e2:d6:d2:ce:63:1c:9b:
83:d2:9f:fc:f7:2c:38:5e:d3:49:81:f5:5b:05:15:c9:f5:b6:
39:12:9b:b6:9e:f3:0e:79:71:c6:03:61:37:11:d5:2c:80:db:
eb:9a:54:d4:6a:6f:e3:07:ce:0b:a7:9d:b9:01:aa:e0:bd:57:
62:9c:49:e8:73:61:b8:e6:89:7d:7e:19:5b:79:bc:22:9d:65:
b5:fa:fd:f6:87:34:55:68:b9:5a:a0:d0:ef:f8:e7:49:dd:5c:
ec:a7:86:83:be:ab:5b:7c:a3:ce:bf:49:5e:80:25:b2:f9:3c:
31:01:f1:dc:94:bc:60:dd:59:6f:37:62:1c:1f:1c:17:1a:a9:
4f:57:b0:8a:27:ed:a9:61:83:8a:a2:11:62:86:7f:ff:cf:c5:
d6:e4:69:08:f5:4e:cd:d1:16:3f:23:23:30:52:94:bd:6e:ca:
7e:6a:c5:93
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZNjB2iBT/xftbOBC4V/2NtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQxMTI1MTExNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGFlNmJhYWIyN2QzMzU2Yjc2YmQ0MmQ1ZDA1MDYzNmQyYmViYmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWrq4EaUmUTjn1GJC9+7sUKN7yrx
U2auOKRWxYDrC9UhyONQmBgUVk/0PUfH7mYrMQGKCqIpNFhCnN3duL9cks/RD/qH
xibCD0TCNjbbBwBeT+p17kNLA8Pb/B7JKi79w+Q6+9exjqV3nE5+qXuh+Ikz/2z7
oyaS1cw0M/LETNeHhKq8CoYehEhOyOwgo1XXNlbOO2YHEr96rRiV18JA+Zvd1a3h
EiTjSVrQnZHiqjNAYynSvOgx/Vbi8IuntgGMqTM1dRWnmASHmZtCJBOKS6URsqgC
TKPilTU44eq5AZJnIU+41eFQyLAJBprvRfaQIaZVkg1VRNV+pJHTvUwzfwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFLCua6qyfTNWt2vULV0FBjbSvrvmMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvc0s1cnFySjlNMWEzYTlRdFhRVUdOdEstdS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQALQvo
AwQBLQvqAwQCLVu8MAwDBAAtkz0DBAAtkz4DBAAtmewDBAAtme4DBAFNUy4DBAJN
U0QDBAJU/FQDBAJf1mQwDAMEAqsWvAMEAKsWvgMEArkPsAMEAbmkQgMEAsEkfAME
AsJuWDAMAwQA1FEpAwQC1FEoMA0GCSqGSIb3DQEBCwUAA4IBAQDEF4x7Pi+wTcTo
ZX7GEUShnEOSpPuuOggzuSS0URLYGJmzlj3cNZGjbocCyMJxLPzM6SBp32c5bYs2
vY+DIWdMp9wuwR3mq/bA0sPxUc3nwyYwO+LW0s5jHJuD0p/89yw4XtNJgfVbBRXJ
9bY5Epu2nvMOeXHGA2E3EdUsgNvrmlTUam/jB84Lp525AargvVdinEnoc2G45ol9
fhlbebwinWW1+v32hzRVaLlaoNDv+OdJ3Vzsp4aDvqtbfKPOv0legCWy+TwxAfHc
lLxg3VlvN2IcHxwXGqlPV7CKJ+2pYYOKohFihn//z8XW5GkI9U7N0RY/IyMwUpS9
bsp+asWT
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:46:26 2024 by rpki-client on console-ams.rpki-client.org