Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/jJ0PJB3Lv_63Cxc3I90oJ7YRfKQ.roa
File: jJ0PJB3Lv_63Cxc3I90oJ7YRfKQ.roa (raw, json)
Hash identifier: /Cpty6VmC0t5XamEzjuqHoe+VGiHBixDFhu/4UH4PME=
Subject key identifier: 8C:9D:0F:24:1D:CB:BF:FE:B7:0B:17:37:23:DD:28:27:B6:11:7C:A4
Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Certificate serial: 0192103024E046A162A78EB830FF9A0DB2F8
Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/jJ0PJB3Lv_63Cxc3I90oJ7YRfKQ.roa
Signing time: Fri 20 Sep 2024 16:07:23 +0000
ROA not before: Fri 20 Sep 2024 16:07:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35793
IP address blocks: 45.11.128.0/24 maxlen: 24
45.11.129.0/24 maxlen: 24
45.11.130.0/24 maxlen: 24
45.11.131.0/24 maxlen: 24
45.95.100.0/24 maxlen: 24
45.95.101.0/24 maxlen: 24
45.95.102.0/24 maxlen: 24
45.95.103.0/24 maxlen: 24
185.151.160.0/24 maxlen: 24
185.151.161.0/24 maxlen: 24
185.151.162.0/24 maxlen: 24
185.151.163.0/24 maxlen: 24
2a07:7940:12::/48 maxlen: 48
2a07:7940:14::/48 maxlen: 48
2a07:7940:16::/48 maxlen: 48
2a07:7940:41::/48 maxlen: 48
2a07:7940:45::/48 maxlen: 48
2a07:7940:46::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:10:30:24:e0:46:a1:62:a7:8e:b8:30:ff:9a:0d:b2:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Validity
Not Before: Sep 20 16:07:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c9d0f241dcbbffeb70b173723dd2827b6117ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5c:ae:96:be:af:9c:be:d4:0d:7e:6b:ca:6e:
d7:e8:7b:a3:fd:12:f2:45:05:84:df:5b:43:40:f9:
40:38:52:1c:da:c1:7d:e0:e7:bc:16:3e:97:b2:80:
4e:4d:39:75:60:3f:34:6b:44:f8:c3:cd:5d:dd:fd:
c5:9b:73:06:5e:6c:1a:cf:ed:f3:52:e9:2f:9a:5e:
42:6a:cc:87:3c:a9:f8:52:70:e7:ac:af:be:df:c9:
20:c4:fd:ae:28:13:ed:ae:6e:a0:ca:34:15:8f:67:
07:af:48:75:37:38:16:55:1d:61:8f:c0:a6:5d:67:
3e:5c:ee:d9:f8:d8:74:67:fa:c2:c9:1e:0f:a5:41:
88:1e:a7:34:99:51:af:f2:1d:35:2c:a9:4a:85:3d:
16:32:1b:16:b2:7c:a5:2e:50:5d:84:62:8b:c2:05:
8a:ca:27:ba:ba:24:9f:86:a1:d5:e2:0d:04:e0:67:
95:6e:bd:32:66:52:9d:9a:c3:71:ea:66:46:17:a4:
de:88:00:62:51:01:21:a4:b7:64:30:50:e7:66:11:
bc:54:ec:6f:c1:04:9e:73:cc:a3:7a:67:77:51:95:
2b:8e:54:31:60:14:b0:dc:98:76:c8:cf:1a:ae:a7:
a3:df:16:53:7b:36:38:6c:19:f3:db:b6:34:51:5a:
a9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9D:0F:24:1D:CB:BF:FE:B7:0B:17:37:23:DD:28:27:B6:11:7C:A4
X509v3 Authority Key Identifier:
keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/jJ0PJB3Lv_63Cxc3I90oJ7YRfKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.128.0/22
45.95.100.0/22
185.151.160.0/22
IPv6:
2a07:7940:12::/48
2a07:7940:14::/48
2a07:7940:16::/48
2a07:7940:41::/48
2a07:7940:45::-2a07:7940:46:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
73:87:e8:d2:1d:f8:db:ba:03:e2:37:ca:eb:b0:27:37:a8:c3:
55:4a:a4:64:3f:bd:f8:4f:b0:f5:5c:7b:f2:8f:c5:4e:6d:dc:
5c:a0:d9:5d:54:9e:06:30:db:c7:51:2b:9f:81:37:c8:7b:93:
a7:fb:91:ae:b1:7c:3a:b7:b2:1b:56:07:83:c7:74:5b:4a:f9:
f5:42:c5:19:eb:03:39:b8:4a:20:98:a0:e9:5b:f7:c1:67:03:
3e:69:be:ed:62:42:08:a7:d7:dd:b3:a7:49:16:5a:63:05:da:
94:f7:ff:4b:8b:c8:88:82:41:80:bb:83:8a:6b:f8:26:fc:12:
97:9c:9e:55:05:3c:10:2d:06:20:98:16:29:53:97:79:8b:42:
0d:ec:c4:63:7f:2e:4b:b4:25:81:9b:2f:7f:46:c4:cb:eb:56:
a8:07:9f:cc:61:7f:74:1c:79:15:48:63:71:07:13:0f:53:2e:
c2:11:57:40:d1:32:61:e4:dc:42:b6:3c:08:a4:f3:60:9f:d7:
b2:e9:f3:0e:28:86:45:c4:06:4e:11:a1:78:32:60:44:71:4b:
ea:e3:23:75:45:d4:d6:da:09:57:ae:63:43:c1:4e:18:58:05:
cb:ab:05:1d:13:10:62:54:95:25:4c:bc:0f:e7:a5:6e:da:1e:
6e:a3:8e:26
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZIQMCTgRqFip464MP+aDbL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4
ZTQ1MGEwHhcNMjQwOTIwMTYwNzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzlkMGYyNDFkY2JiZmZlYjcwYjE3MzcyM2RkMjgyN2I2MTE3Y2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFyulr6vnL7UDX5rym7X6Huj/RLy
RQWE31tDQPlAOFIc2sF94Oe8Fj6XsoBOTTl1YD80a0T4w81d3f3Fm3MGXmwaz+3z
Uukvml5CasyHPKn4UnDnrK++38kgxP2uKBPtrm6gyjQVj2cHr0h1NzgWVR1hj8Cm
XWc+XO7Z+Nh0Z/rCyR4PpUGIHqc0mVGv8h01LKlKhT0WMhsWsnylLlBdhGKLwgWK
yie6uiSfhqHV4g0E4GeVbr0yZlKdmsNx6mZGF6TeiABiUQEhpLdkMFDnZhG8VOxv
wQSec8yjemd3UZUrjlQxYBSw3Jh2yM8arqej3xZTezY4bBnz27Y0UVqplwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFIydDyQdy7/+twsXNyPdKCe2EXykMB8GA1UdIwQY
MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt
NTM3YjFiNDlkZmU3LzEvakowUEpCM0x2XzYzQ3hjM0k5MG9KN1lSZktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3
LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjAYBAIAATASAwQCLQuAAwQC
LV9kAwQCuZegMD4EAgACMDgDBwAqB3lAABIDBwAqB3lAABQDBwAqB3lAABYDBwAq
B3lAAEEwEgMHACoHeUAARQMHACoHeUAARjANBgkqhkiG9w0BAQsFAAOCAQEAc4fo
0h3427oD4jfK67AnN6jDVUqkZD+9+E+w9Vx78o/FTm3cXKDZXVSeBjDbx1Ern4E3
yHuTp/uRrrF8OreyG1YHg8d0W0r59ULFGesDObhKIJig6Vv3wWcDPmm+7WJCCKfX
3bOnSRZaYwXalPf/S4vIiIJBgLuDimv4JvwSl5yeVQU8EC0GIJgWKVOXeYtCDezE
Y38uS7QlgZsvf0bEy+tWqAefzGF/dBx5FUhjcQcTD1MuwhFXQNEyYeTcQrY8CKTz
YJ/XsunzDiiGRcQGThGheDJgRHFL6uMjdUXU1toJV65jQ8FOGFgFy6sFHRMQYlSV
JUy8D+elbtoebqOOJg==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:52:17 2024 by rpki-client on console-fra.rpki-client.org