Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ndVfyZHBxXkQK4Jm6WsVdF3mhTE.roa
File: ndVfyZHBxXkQK4Jm6WsVdF3mhTE.roa (raw, json)
Hash identifier: yudKwVTnVxtxZJoh+k9PXsE+/JIpc81XQgGoD6sk3Qk=
Subject key identifier: 9D:D5:5F:C9:91:C1:C5:79:10:2B:82:66:E9:6B:15:74:5D:E6:85:31
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 018CC8016B9BFEBCD4831E8B33C9CC949A28
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ndVfyZHBxXkQK4Jm6WsVdF3mhTE.roa
Signing time: Tue 02 Jan 2024 02:29:45 +0000
ROA not before: Tue 02 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28685
IP address blocks: 145.128.160.0/19 maxlen: 19
145.131.160.0/19 maxlen: 19
145.131.64.0/18 maxlen: 18
145.128.192.0/19 maxlen: 19
145.131.192.0/18 maxlen: 18
145.128.224.0/19 maxlen: 19
145.128.128.0/19 maxlen: 19
145.131.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.mft
rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6b:9b:fe:bc:d4:83:1e:8b:33:c9:cc:94:9a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dd55fc991c1c579102b8266e96b15745de68531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6a:a2:d1:a6:c0:9b:88:65:14:d4:02:bb:6a:
5f:2f:14:8e:08:eb:33:c3:25:ba:5d:3d:81:06:31:
83:be:d9:af:55:e4:b8:cd:68:5d:17:ae:aa:f5:7b:
2f:d9:4d:1c:a6:e6:c4:ec:ac:da:35:b1:6a:c5:41:
76:d0:fd:f0:8d:75:0e:b4:f1:a9:f4:36:19:56:ae:
f6:92:a2:0e:04:fe:05:aa:aa:85:e7:df:7c:49:7a:
58:58:47:a6:b4:39:9e:43:a4:7e:f1:9c:ea:ed:f6:
d3:f9:0a:8d:f5:dd:c8:b5:ab:13:f6:77:55:50:c9:
74:8e:06:3c:85:4f:a8:f4:3f:ba:39:0d:9d:8d:a5:
8c:94:c1:fb:7d:be:9d:9f:3b:70:04:09:ad:8a:75:
5a:97:23:d5:74:c5:6e:db:59:cb:e4:05:9b:e6:3a:
b0:84:78:c4:62:c4:79:13:1b:eb:cf:cc:bf:ee:82:
58:4f:0c:7c:25:04:ba:39:ac:d2:be:9a:af:35:92:
0b:2e:64:60:fb:4b:37:64:07:a4:de:18:05:a6:35:
f3:fc:88:86:c9:a0:c3:a7:fd:25:3c:ff:47:6e:19:
a1:d7:3c:00:86:0a:55:cf:ce:cd:51:c2:a5:5d:30:
f3:6b:f8:40:0c:af:d1:37:19:8b:81:4e:d5:eb:e7:
e1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D5:5F:C9:91:C1:C5:79:10:2B:82:66:E9:6B:15:74:5D:E6:85:31
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/ndVfyZHBxXkQK4Jm6WsVdF3mhTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.128.128.0/17
145.131.64.0-145.131.255.255
Signature Algorithm: sha256WithRSAEncryption
57:bf:ba:32:7c:48:ac:9e:c5:a6:ee:a8:72:4a:02:43:19:bd:
fe:c9:64:cc:f9:18:ca:16:92:be:a8:ed:f1:c5:2a:56:44:cb:
81:c2:b1:8c:32:30:06:db:01:90:13:ca:29:e0:b5:4f:06:6a:
ea:e1:4d:d2:ad:5f:a8:c9:27:af:68:6c:d4:92:a7:b6:ec:3c:
ad:6a:83:8c:28:25:81:2f:e6:db:d6:75:e9:be:5e:22:af:27:
be:56:bd:06:a8:80:d9:38:e9:02:ea:85:71:0e:ba:3a:11:f8:
6f:8b:b6:82:df:26:54:aa:09:b9:ae:64:3d:14:03:0e:3b:5c:
17:16:0a:fb:44:a8:c8:49:36:b3:5d:e0:29:34:4b:9f:d0:e4:
4b:89:84:6f:b9:60:0e:73:5f:2e:0e:5d:c8:58:fa:b1:34:74:
4d:dd:a1:3a:cc:c6:ca:dd:86:d5:08:7a:dd:5b:c9:64:fc:11:
be:35:be:b8:4c:49:c0:a4:94:7e:bb:d2:96:5f:3e:f3:7d:8e:
df:eb:23:c3:06:f1:44:b5:a7:11:53:11:10:ce:cc:ac:0c:3a:
4a:b3:b4:3e:0b:8a:25:b7:4d:04:65:a5:5c:af:d4:97:39:f3:
c8:e3:45:f3:72:31:2d:77:3e:c0:c2:42:3c:87:27:0e:e8:fb:
6b:01:95:ce
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzIAWub/rzUgx6LM8nMlJooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjQwMTAyMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ1NWZjOTkxYzFjNTc5MTAyYjgyNjZlOTZiMTU3NDVkZTY4NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomqi0abAm4hlFNQCu2pfLxSOCOsz
wyW6XT2BBjGDvtmvVeS4zWhdF66q9Xsv2U0cpubE7KzaNbFqxUF20P3wjXUOtPGp
9DYZVq72kqIOBP4FqqqF5998SXpYWEemtDmeQ6R+8Zzq7fbT+QqN9d3ItasT9ndV
UMl0jgY8hU+o9D+6OQ2djaWMlMH7fb6dnztwBAmtinValyPVdMVu21nL5AWb5jqw
hHjEYsR5Exvrz8y/7oJYTwx8JQS6OazSvpqvNZILLmRg+0s3ZAek3hgFpjXz/IiG
yaDDp/0lPP9Hbhmh1zwAhgpVz87NUcKlXTDza/hADK/RNxmLgU7V6+fhjwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJ3VX8mRwcV5ECuCZulrFXRd5oUxMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvbmRWZnlaSEJ4WGtRSzRKbTZXc1ZkRjNtaFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQHkYCAMAsD
BAaRg0ADAwKRgDANBgkqhkiG9w0BAQsFAAOCAQEAV7+6MnxIrJ7Fpu6ockoCQxm9
/slkzPkYyhaSvqjt8cUqVkTLgcKxjDIwBtsBkBPKKeC1TwZq6uFN0q1fqMknr2hs
1JKntuw8rWqDjCglgS/m29Z16b5eIq8nvla9BqiA2TjpAuqFcQ66OhH4b4u2gt8m
VKoJua5kPRQDDjtcFxYK+0SoyEk2s13gKTRLn9DkS4mEb7lgDnNfLg5dyFj6sTR0
Td2hOszGyt2G1Qh63VvJZPwRvjW+uExJwKSUfrvSll8+832O3+sjwwbxRLWnEVMR
EM7MrAw6SrO0PguKJbdNBGWlXK/UlznzyONF83IxLXc+wMJCPIcnDuj7awGVzg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:27:49 2024 by rpki-client on console-fra.rpki-client.org