Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/kUJeKFQHx2MwNXAHBWKA4QsogZk.roa
File: kUJeKFQHx2MwNXAHBWKA4QsogZk.roa (raw, json)
Hash identifier: uKyhYecxH7KWYaf5mCl9NDIn/BtqqzL3L2keukajC0E=
Subject key identifier: 91:42:5E:28:54:07:C7:63:30:35:70:07:05:62:80:E1:0B:28:81:99
Certificate issuer: /CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Certificate serial: 0191FEE1604E9E5ED1A5438DB3A349231DA6
Authority key identifier: 4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/kUJeKFQHx2MwNXAHBWKA4QsogZk.roa
Signing time: Tue 17 Sep 2024 07:27:48 +0000
ROA not before: Tue 17 Sep 2024 07:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57752
IP address blocks: 45.10.45.0/24 maxlen: 24
45.10.46.0/23 maxlen: 23
45.88.68.0/22 maxlen: 24
45.89.152.0/22 maxlen: 22
45.91.144.0/22 maxlen: 22
45.130.236.0/22 maxlen: 22
45.130.236.0/24 maxlen: 24
45.130.237.0/24 maxlen: 24
45.130.238.0/24 maxlen: 24
45.130.239.0/24 maxlen: 24
83.136.148.0/23 maxlen: 23
83.136.150.0/23 maxlen: 23
91.206.10.0/24 maxlen: 24
109.205.64.0/21 maxlen: 21
176.118.172.0/22 maxlen: 22
185.17.56.0/22 maxlen: 22
185.17.56.0/24 maxlen: 24
185.17.57.0/24 maxlen: 24
185.54.36.0/22 maxlen: 22
185.167.220.0/22 maxlen: 22
185.234.48.0/22 maxlen: 22
195.12.37.0/24 maxlen: 24
2a03:dc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fe:e1:60:4e:9e:5e:d1:a5:43:8d:b3:a3:49:23:1d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Validity
Not Before: Sep 17 07:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91425e285407c76330357007056280e10b288199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bd:b5:cd:0d:a3:e3:10:31:c0:ea:f0:a8:c4:
65:29:d1:a9:84:58:b0:06:57:26:cb:64:20:97:55:
85:0e:03:a7:af:0a:39:c3:aa:03:5b:f4:22:6f:a8:
cf:37:1c:59:7e:b8:4c:06:37:b8:79:65:01:9f:7b:
9d:d6:83:86:cf:45:f9:c5:76:ff:db:83:f4:4e:2b:
d7:2f:35:4b:15:12:56:9c:3f:92:ef:ce:fc:60:90:
65:be:0b:17:42:18:45:cf:35:0d:4e:be:a1:53:52:
02:5e:6b:ff:f1:cc:1b:ce:10:94:6a:0d:88:fa:68:
df:c9:2d:b7:96:5e:5a:dc:d9:8f:9c:fe:e7:86:76:
31:29:fd:5b:37:b3:0f:80:62:b4:77:f2:4d:ea:96:
91:43:49:88:05:bf:51:e5:3a:35:ff:79:36:53:cf:
5f:30:f7:df:33:0f:e5:c0:93:96:ff:3d:83:ff:db:
00:ee:eb:fb:71:8e:19:91:b0:7f:46:d9:83:a1:03:
49:b4:0c:42:77:c3:a5:3a:ce:c2:a0:30:a0:70:5d:
78:ab:f0:1e:a8:80:d3:99:55:00:23:95:37:82:fb:
f2:c5:10:8e:42:31:f7:13:a1:b9:30:c6:01:27:fc:
a8:9f:c7:ba:6a:3a:4d:2f:4f:32:e3:92:39:9a:cc:
23:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:42:5E:28:54:07:C7:63:30:35:70:07:05:62:80:E1:0B:28:81:99
X509v3 Authority Key Identifier:
keyid:4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/kUJeKFQHx2MwNXAHBWKA4QsogZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.45.0-45.10.47.255
45.88.68.0/22
45.89.152.0/22
45.91.144.0/22
45.130.236.0/22
83.136.148.0/22
91.206.10.0/24
109.205.64.0/21
176.118.172.0/22
185.17.56.0/22
185.54.36.0/22
185.167.220.0/22
185.234.48.0/22
195.12.37.0/24
IPv6:
2a03:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
b3:67:bf:2b:62:f3:83:1b:1e:78:da:39:2e:81:c2:97:dd:79:
eb:f3:22:6d:e1:a0:dd:55:d1:27:32:05:1f:b5:52:60:7b:41:
b9:46:7a:83:42:af:16:a8:78:97:0e:9d:9c:aa:92:cc:59:81:
a9:c6:27:6a:dd:38:8c:86:1a:a4:e7:d8:98:9e:ed:1a:e4:f1:
58:4a:ec:59:73:e2:88:47:7d:13:b4:4a:7f:57:5e:34:d0:38:
0e:6d:62:6c:bc:de:cb:f3:14:63:27:d1:a5:d4:8a:71:04:5c:
99:96:05:49:2a:c6:8d:12:2b:e6:21:ea:87:7e:8f:fd:70:c9:
8e:8e:f0:d1:ca:2e:0b:32:13:2d:be:53:69:53:e4:7b:ad:fe:
af:37:56:8e:c0:54:b6:20:68:0f:d3:92:98:26:01:7e:b2:40:
0b:d2:fb:23:6c:0d:8f:0e:85:77:38:97:88:5e:05:a1:c5:94:
d2:50:0c:05:9a:e7:e3:d5:23:e8:d9:4c:b1:13:59:1e:c9:31:
80:46:14:8b:5e:57:ec:8a:82:d5:f0:87:1d:7c:92:77:74:d0:
bf:fd:56:61:db:38:69:b1:0b:df:d8:15:93:e9:4f:e8:6b:04:
3c:26:81:e0:68:2c:de:e5:a0:df:aa:26:8d:e4:21:7b:01:5c:
a5:6b:18:17
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZH+4WBOnl7RpUONs6NJIx2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTllNGVhZTQ4YTAxYzc4MWZhYWQxMWY2ZDgxYTkxZWEz
M2JkZmYwHhcNMjQwOTE3MDcyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTQyNWUyODU0MDdjNzYzMzAzNTcwMDcwNTYyODBlMTBiMjg4MTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr21zQ2j4xAxwOrwqMRlKdGphFiw
Blcmy2Qgl1WFDgOnrwo5w6oDW/Qib6jPNxxZfrhMBje4eWUBn3ud1oOGz0X5xXb/
24P0TivXLzVLFRJWnD+S7878YJBlvgsXQhhFzzUNTr6hU1ICXmv/8cwbzhCUag2I
+mjfyS23ll5a3NmPnP7nhnYxKf1bN7MPgGK0d/JN6paRQ0mIBb9R5To1/3k2U89f
MPffMw/lwJOW/z2D/9sA7uv7cY4ZkbB/RtmDoQNJtAxCd8OlOs7CoDCgcF14q/Ae
qIDTmVUAI5U3gvvyxRCOQjH3E6G5MMYBJ/yon8e6ajpNL08y45I5mswjTwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFJFCXihUB8djMDVwBwVigOELKIGZMB8GA1UdIwQY
MBaAFE+Z5OrkigHHgfqtEfbYGpHqM73/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgt
OGI4ZjNmOGQ3MzAzLzEva1VKZUtGUUh4Mk13TlhBSEJXS0E0UXNvZ1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgtOGI4ZjNmOGQ3MzAz
LzEvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXDAMAwQALQot
AwQELQogAwQCLVhEAwQCLVmYAwQCLVuQAwQCLYLsAwQCU4iUAwQAW84KAwQDbc1A
AwQCsHasAwQCuRE4AwQCuTYkAwQCuafcAwQCueowAwQAwwwlMA0EAgACMAcDBQAq
A9wAMA0GCSqGSIb3DQEBCwUAA4IBAQCzZ78rYvODGx542jkugcKX3Xnr8yJt4aDd
VdEnMgUftVJge0G5RnqDQq8WqHiXDp2cqpLMWYGpxidq3TiMhhqk59iYnu0a5PFY
SuxZc+KIR30TtEp/V1400DgObWJsvN7L8xRjJ9Gl1IpxBFyZlgVJKsaNEivmIeqH
fo/9cMmOjvDRyi4LMhMtvlNpU+R7rf6vN1aOwFS2IGgP05KYJgF+skAL0vsjbA2P
DoV3OJeIXgWhxZTSUAwFmufj1SPo2UyxE1keyTGARhSLXlfsioLV8IcdfJJ3dNC/
/VZh2zhpsQvf2BWT6U/oawQ8JoHgaCze5aDfqiaN5CF7AVylaxgX
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:54:13 2024 by rpki-client on console-ams.rpki-client.org