Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/tdlVrRRPv2AjUKwceTIQIsWankk.roa
File: tdlVrRRPv2AjUKwceTIQIsWankk.roa (raw, json)
Hash identifier: yYpl4z7Lnp6Xhdy5zeCf8odc+fHQaQEijQsNMTfnfys=
Subject key identifier: B5:D9:55:AD:14:4F:BF:60:23:50:AC:1C:79:32:10:22:C5:9A:9E:49
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 018D375285A31D2526D4AFCB5FF70DBA814E
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/tdlVrRRPv2AjUKwceTIQIsWankk.roa
Signing time: Tue 23 Jan 2024 17:16:11 +0000
ROA not before: Tue 23 Jan 2024 17:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 45.132.248.0/22 maxlen: 24
46.247.245.0/24 maxlen: 24
46.247.247.0/24 maxlen: 24
79.132.145.0/24 maxlen: 24
79.132.151.0/24 maxlen: 24
79.132.153.0/24 maxlen: 24
79.132.154.0/24 maxlen: 24
85.112.211.0/24 maxlen: 24
86.105.91.0/24 maxlen: 24
86.107.248.0/21 maxlen: 24
86.107.255.0/24 maxlen: 24
89.43.156.0/22 maxlen: 24
185.183.63.0/24 maxlen: 24
185.223.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:37:52:85:a3:1d:25:26:d4:af:cb:5f:f7:0d:ba:81:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jan 23 17:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5d955ad144fbf602350ac1c79321022c59a9e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ce:a0:a4:0f:96:35:6a:1b:68:2e:8c:cb:c2:
9b:2f:17:47:fb:df:a9:5d:ba:47:98:46:ce:f7:8a:
05:be:17:86:b9:da:26:bb:73:9e:4e:a4:03:ef:09:
66:e0:26:eb:a3:95:1d:26:2e:e0:63:9b:be:1e:dc:
2c:07:1d:3d:d1:ff:67:20:44:38:94:73:e3:d1:47:
45:86:fe:cf:9d:69:0c:1b:03:d2:68:09:e5:d8:70:
85:86:74:22:c7:9e:48:4d:5f:94:9f:cb:92:74:1c:
ff:7a:20:ae:66:75:4d:25:35:12:6f:0a:a8:d8:5a:
86:f4:2e:01:23:2f:bc:13:97:f7:f5:cb:a6:cc:af:
39:44:6f:89:f0:94:71:82:ef:02:18:06:b7:5c:c0:
fb:67:77:0d:5c:54:3b:a6:45:88:23:6f:d8:c8:13:
eb:78:6e:50:2e:6c:d6:49:ad:a6:29:ed:98:24:7b:
c0:69:7f:0c:ab:c7:4e:38:2a:fa:10:14:2b:fa:9e:
80:d3:86:49:9c:25:84:b8:f8:bd:cf:d2:a2:69:0d:
a0:9d:1f:e1:28:90:dc:e7:ec:29:b2:5f:72:9a:de:
7e:af:67:5d:45:83:ce:c0:0a:9d:e6:76:8b:a1:4d:
7d:10:1f:c1:c4:d9:47:35:16:a8:22:9e:c3:c9:b5:
05:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D9:55:AD:14:4F:BF:60:23:50:AC:1C:79:32:10:22:C5:9A:9E:49
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/tdlVrRRPv2AjUKwceTIQIsWankk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.248.0/22
46.247.245.0/24
46.247.247.0/24
79.132.145.0/24
79.132.151.0/24
79.132.153.0-79.132.154.255
85.112.211.0/24
86.105.91.0/24
86.107.248.0/21
89.43.156.0/22
185.183.63.0/24
185.223.148.0/24
Signature Algorithm: sha256WithRSAEncryption
72:d1:9a:e8:4c:42:c8:fd:81:8b:99:c6:14:63:51:c7:ac:d2:
ae:fb:a2:19:a4:49:83:28:da:be:da:9e:65:9d:1c:e7:59:83:
80:4f:99:d9:d9:63:88:47:9f:8a:83:9a:c1:34:3e:23:56:19:
9d:37:95:4e:f2:7a:49:c3:37:90:6a:23:53:e7:3a:8c:42:d7:
99:b0:07:3c:37:6a:87:ea:ad:30:c9:14:bf:a8:07:03:cd:45:
47:7b:fc:d7:52:f3:d0:46:5e:c3:08:d5:4f:8e:55:18:d0:26:
ba:88:8a:11:62:4c:64:3d:7c:b0:eb:ef:81:e9:ce:c6:ff:e8:
30:01:a1:a0:1d:b8:a5:d8:39:0c:89:28:5a:36:77:df:51:be:
3c:e2:54:2e:a5:f2:f8:9e:bc:20:1f:0c:8a:6a:eb:5f:e6:1e:
75:1f:ae:bf:d7:d7:2e:80:da:bc:cb:01:70:72:99:6d:38:c5:
74:18:c6:85:fb:91:97:fd:6c:2c:f1:5f:2f:9b:44:4f:9f:b9:
f5:4b:a3:61:9e:eb:cb:70:19:fa:e0:f4:43:17:bd:be:ca:16:
aa:03:de:a7:27:06:b6:79:dd:9b:03:2c:3c:52:c4:d4:26:cc:
69:9b:47:69:e0:78:7c:58:20:06:6b:ab:a3:26:20:8c:ec:7c:
3b:f7:5f:d0
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY03UoWjHSUm1K/LX/cNuoFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjQwMTIzMTcxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWQ5NTVhZDE0NGZiZjYwMjM1MGFjMWM3OTMyMTAyMmM1OWE5ZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis6gpA+WNWobaC6My8KbLxdH+9+p
XbpHmEbO94oFvheGudomu3OeTqQD7wlm4Cbro5UdJi7gY5u+HtwsBx090f9nIEQ4
lHPj0UdFhv7PnWkMGwPSaAnl2HCFhnQix55ITV+Un8uSdBz/eiCuZnVNJTUSbwqo
2FqG9C4BIy+8E5f39cumzK85RG+J8JRxgu8CGAa3XMD7Z3cNXFQ7pkWII2/YyBPr
eG5QLmzWSa2mKe2YJHvAaX8Mq8dOOCr6EBQr+p6A04ZJnCWEuPi9z9KiaQ2gnR/h
KJDc5+wpsl9ymt5+r2ddRYPOwAqd5naLoU19EB/BxNlHNRaoIp7DybUFywIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFLXZVa0UT79gI1CsHHkyECLFmp5JMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvdGRsVnJSUlB2MkFqVUt3Y2VUSVFJc1dhbmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQCLYT4AwQA
Lvf1AwQALvf3AwQAT4SRAwQAT4SXMAwDBABPhJkDBABPhJoDBABVcNMDBABWaVsD
BANWa/gDBAJZK5wDBAC5tz8DBAC535QwDQYJKoZIhvcNAQELBQADggEBAHLRmuhM
Qsj9gYuZxhRjUces0q77ohmkSYMo2r7anmWdHOdZg4BPmdnZY4hHn4qDmsE0PiNW
GZ03lU7yeknDN5BqI1PnOoxC15mwBzw3aofqrTDJFL+oBwPNRUd7/NdS89BGXsMI
1U+OVRjQJrqIihFiTGQ9fLDr74Hpzsb/6DABoaAduKXYOQyJKFo2d99RvjziVC6l
8vievCAfDIpq61/mHnUfrr/X1y6A2rzLAXBymW04xXQYxoX7kZf9bCzxXy+bRE+f
ufVLo2Ge68twGfrg9EMXvb7KFqoD3qcnBrZ53ZsDLDxSxNQmzGmbR2ngeHxYIAZr
q6MmIIzsfDv3X9A=
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:35:51 2024 by rpki-client on console-ams.rpki-client.org