Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/t5FVsDB6ytHkNwr6sJ_h5d1VdJU.roa
File: t5FVsDB6ytHkNwr6sJ_h5d1VdJU.roa (raw, json)
Hash identifier: v8MKpnpf9DeigWlaBGlgP8ZuJBdW2qUqQKE6UzxUAso=
Subject key identifier: B7:91:55:B0:30:7A:CA:D1:E4:37:0A:FA:B0:9F:E1:E5:DD:55:74:95
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01915B6CCE828421EBDFA9AD899AA26FDC23
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/t5FVsDB6ytHkNwr6sJ_h5d1VdJU.roa
Signing time: Fri 16 Aug 2024 13:42:22 +0000
ROA not before: Fri 16 Aug 2024 13:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 45.43.66.0/24 maxlen: 24
87.239.249.0/24 maxlen: 24
87.239.252.0/24 maxlen: 24
107.181.134.0/24 maxlen: 24
107.181.147.0/24 maxlen: 24
107.181.151.0/24 maxlen: 24
107.181.155.0/24 maxlen: 24
198.105.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:6c:ce:82:84:21:eb:df:a9:ad:89:9a:a2:6f:dc:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Aug 16 13:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b79155b0307acad1e4370afab09fe1e5dd557495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d7:6f:fd:f3:9f:af:af:5b:8c:59:e6:20:27:
5d:5d:bb:03:97:ea:a1:d3:26:78:b2:c7:14:33:ce:
8d:c3:08:77:a7:b4:74:17:2d:54:cc:a1:e0:e7:be:
50:b6:dd:e8:e7:e7:2d:a6:f3:82:70:1e:51:59:d0:
ed:0b:fb:c7:e6:99:e1:01:06:cf:cc:77:e2:07:2c:
d2:f9:f8:cd:37:f5:57:e9:60:eb:6a:71:bb:99:15:
a6:36:8d:4f:30:5b:9c:63:79:95:d9:f3:33:c3:e5:
30:45:70:d2:2c:2f:c9:13:7c:c7:3b:21:96:2f:c9:
43:a9:73:62:19:ae:71:8e:cb:af:e7:22:21:b6:18:
b4:b5:de:c3:99:c4:37:0c:03:23:64:1a:50:9a:56:
d9:17:09:12:c8:c0:10:fc:f7:0a:8c:61:bc:7b:f1:
32:96:1e:e0:06:cc:bb:6c:a6:c5:ad:b2:4f:12:85:
67:ed:4b:15:b8:60:66:53:0b:9c:c1:e7:0e:d7:d9:
7e:7a:9d:af:7b:43:40:35:df:f3:cb:9a:5b:dc:d9:
83:2f:aa:d5:0a:14:aa:0b:a5:a9:b4:2a:aa:64:96:
ed:93:3b:6a:ab:67:94:e1:24:d1:23:a7:93:4f:c4:
a8:b0:9b:ab:3a:d4:aa:f0:cc:01:21:ac:db:3e:88:
78:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:91:55:B0:30:7A:CA:D1:E4:37:0A:FA:B0:9F:E1:E5:DD:55:74:95
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/t5FVsDB6ytHkNwr6sJ_h5d1VdJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.66.0/24
87.239.249.0/24
87.239.252.0/24
107.181.134.0/24
107.181.147.0/24
107.181.151.0/24
107.181.155.0/24
198.105.118.0/24
Signature Algorithm: sha256WithRSAEncryption
53:1b:30:9b:42:eb:d3:e9:54:d5:13:92:e1:42:27:cf:04:50:
d3:eb:f8:86:a0:40:c6:47:a5:9c:49:ed:5a:22:2c:4c:24:82:
f1:54:9a:af:61:e2:01:db:6f:fe:81:53:30:aa:95:6e:2c:5c:
f6:74:24:6f:aa:1e:78:68:b0:b9:06:66:4d:48:6d:ab:9c:b7:
3f:7d:d8:8e:71:ac:ba:a3:75:fd:b5:a8:3c:12:01:81:37:10:
d6:8f:e8:fc:88:af:1d:29:42:aa:60:74:2a:81:92:76:69:bf:
03:03:36:c7:c6:c1:27:40:68:ea:fe:75:ef:8f:87:2b:16:3c:
21:be:6d:9c:58:a5:91:ef:00:85:3d:01:0a:63:24:f7:45:b7:
67:43:28:a1:9f:15:23:ae:46:b1:7e:93:d4:7b:cd:40:a0:b0:
d8:99:ea:5d:10:9b:5b:86:a5:36:b9:4e:94:7d:0e:30:dd:44:
ae:c8:0d:37:c6:9c:ae:e6:96:a0:e8:82:c8:f3:1a:a1:38:a3:
61:91:67:32:26:cf:70:8c:1b:8f:a2:0b:e2:98:4c:8f:11:a7:
99:ae:51:ef:c5:2b:c2:41:cf:5c:ce:d3:0f:eb:8e:db:d6:31:
5f:3f:dc:1c:a0:7c:6f:50:8d:e5:06:92:36:fa:09:50:77:ed:
d7:91:61:a0
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZFbbM6ChCHr36mtiZqib9wjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwODE2MTM0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzkxNTViMDMwN2FjYWQxZTQzNzBhZmFiMDlmZTFlNWRkNTU3NDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNdv/fOfr69bjFnmICddXbsDl+qh
0yZ4sscUM86Nwwh3p7R0Fy1UzKHg575Qtt3o5+ctpvOCcB5RWdDtC/vH5pnhAQbP
zHfiByzS+fjNN/VX6WDranG7mRWmNo1PMFucY3mV2fMzw+UwRXDSLC/JE3zHOyGW
L8lDqXNiGa5xjsuv5yIhthi0td7DmcQ3DAMjZBpQmlbZFwkSyMAQ/PcKjGG8e/Ey
lh7gBsy7bKbFrbJPEoVn7UsVuGBmUwucwecO19l+ep2ve0NANd/zy5pb3NmDL6rV
ChSqC6WptCqqZJbtkztqq2eU4STRI6eTT8SosJurOtSq8MwBIazbPoh4mwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLeRVbAwesrR5DcK+rCf4eXdVXSVMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvdDVGVnNEQjZ5dEhrTndyNnNKX2g1ZDFWZEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALStCAwQA
V+/5AwQAV+/8AwQAa7WGAwQAa7WTAwQAa7WXAwQAa7WbAwQAxml2MA0GCSqGSIb3
DQEBCwUAA4IBAQBTGzCbQuvT6VTVE5LhQifPBFDT6/iGoEDGR6WcSe1aIixMJILx
VJqvYeIB22/+gVMwqpVuLFz2dCRvqh54aLC5BmZNSG2rnLc/fdiOcay6o3X9tag8
EgGBNxDWj+j8iK8dKUKqYHQqgZJ2ab8DAzbHxsEnQGjq/nXvj4crFjwhvm2cWKWR
7wCFPQEKYyT3RbdnQyihnxUjrkaxfpPUe81AoLDYmepdEJtbhqU2uU6UfQ4w3USu
yA03xpyu5pag6ILI8xqhOKNhkWcyJs9wjBuPogvimEyPEaeZrlHvxSvCQc9cztMP
647b1jFfP9wcoHxvUI3lBpI2+glQd+3XkWGg
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:07:05 2024 by rpki-client on console-fra.rpki-client.org