Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/sUVWXmZRG1P9X-Nwzk4NT4fzocM.roa
File: sUVWXmZRG1P9X-Nwzk4NT4fzocM.roa (raw, json)
Hash identifier: E5HOF6BQTJX2Fi/Hpg5/nEj+Av5bwmmyd7iyTtAMtdY=
Subject key identifier: B1:45:56:5E:66:51:1B:53:FD:5F:E3:70:CE:4E:0D:4F:87:F3:A1:C3
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 01923CE00BB33AD0A4CD4C6D47AA322FCFDC
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/sUVWXmZRG1P9X-Nwzk4NT4fzocM.roa
Signing time: Sun 29 Sep 2024 08:22:48 +0000
ROA not before: Sun 29 Sep 2024 08:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208161
IP address blocks: 81.12.52.0/23 maxlen: 24
87.107.10.0/23 maxlen: 24
87.107.54.0/23 maxlen: 24
87.107.104.0/23 maxlen: 24
87.107.146.0/23 maxlen: 24
87.107.154.0/24 maxlen: 24
87.107.155.0/24 maxlen: 24
87.107.164.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:3c:e0:0b:b3:3a:d0:a4:cd:4c:6d:47:aa:32:2f:cf:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Sep 29 08:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b145565e66511b53fd5fe370ce4e0d4f87f3a1c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:51:8b:a8:20:c5:49:c4:85:7b:16:ea:d6:92:
73:51:d0:39:35:b6:a0:00:d3:b7:4b:a4:28:f5:38:
9a:2a:d3:a3:61:46:5d:bd:c4:26:6e:e9:4b:ca:06:
4a:3a:00:c4:98:d4:2e:49:d6:ed:ff:70:2b:c6:34:
fa:b6:cc:68:3b:48:fa:35:66:c8:8d:1b:44:36:d3:
a9:9b:af:a6:9d:05:ee:18:64:b2:dd:79:7e:88:33:
2f:08:e1:36:f3:6d:59:f6:a8:ea:35:bb:c2:55:83:
b9:1a:c0:32:e1:43:32:62:dc:ce:06:3a:b7:a6:65:
47:40:92:1f:73:59:33:d9:fa:0e:33:17:f3:2e:74:
fb:e3:db:16:a5:a1:bb:aa:6d:2d:77:9b:c6:44:5e:
fa:c8:5e:a7:ff:b0:36:51:83:dd:7b:1e:5f:b9:58:
09:fa:47:36:3c:dc:ec:6f:4f:22:55:dc:10:47:b4:
74:cf:44:12:a1:2f:d0:cd:3f:a3:54:19:f1:8b:64:
e2:6f:57:47:c8:33:00:15:9e:01:8e:f6:2f:34:1c:
67:0b:94:1a:ed:eb:a1:c8:4c:8f:45:30:3c:94:8d:
6a:85:dd:ca:69:5e:0b:fa:27:5f:67:64:4f:98:97:
1a:9a:26:2a:a3:bb:93:b8:b1:18:75:d1:be:76:f4:
57:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:45:56:5E:66:51:1B:53:FD:5F:E3:70:CE:4E:0D:4F:87:F3:A1:C3
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/sUVWXmZRG1P9X-Nwzk4NT4fzocM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.52.0/23
87.107.10.0/23
87.107.54.0/23
87.107.104.0/23
87.107.146.0/23
87.107.154.0/23
87.107.164.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:6f:b5:42:d8:12:2c:b1:93:34:4c:9d:a6:bf:b2:1c:28:c4:
0b:4b:3e:47:09:7c:ba:25:91:6a:7c:5a:46:08:99:e1:fc:60:
23:c0:c9:7d:b2:8b:2b:43:72:14:ed:f2:37:f7:cb:d1:9a:5c:
3a:dc:b6:96:91:54:67:56:f7:3f:2e:22:8b:e0:7e:41:00:49:
2d:6b:81:5d:04:79:e3:a1:02:37:c4:27:f6:04:84:05:06:65:
99:c8:89:23:45:6a:32:0e:61:69:83:dd:a8:a4:c3:4d:28:ee:
65:71:3e:38:32:6b:0f:2b:7c:57:e8:8b:f4:e3:e2:13:94:9f:
1b:35:07:23:39:ac:14:c7:9b:5c:28:f5:c3:bf:fc:e4:28:ea:
04:36:c9:63:d1:32:ba:04:d3:4b:db:19:01:21:9c:ba:48:b4:
ce:54:85:fc:05:76:6c:e5:18:d0:c7:d5:cc:88:77:b1:d6:c6:
d2:25:94:28:70:50:2d:5e:52:a0:48:6d:b2:54:26:eb:c6:90:
34:57:01:d9:05:34:9c:97:fe:d7:6e:99:b7:99:f7:43:cd:5b:
84:54:f9:15:fb:04:46:ea:7f:e9:a8:5e:52:ab:8e:79:8a:0b:
7a:19:62:44:55:8d:db:08:9c:db:44:a3:f7:93:39:a1:97:6b:
da:b3:41:dc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZI84AuzOtCkzUxtR6oyL8/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwOTI5MDgyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ1NTY1ZTY2NTExYjUzZmQ1ZmUzNzBjZTRlMGQ0Zjg3ZjNhMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylGLqCDFScSFexbq1pJzUdA5Nbag
ANO3S6Qo9TiaKtOjYUZdvcQmbulLygZKOgDEmNQuSdbt/3ArxjT6tsxoO0j6NWbI
jRtENtOpm6+mnQXuGGSy3Xl+iDMvCOE2821Z9qjqNbvCVYO5GsAy4UMyYtzOBjq3
pmVHQJIfc1kz2foOMxfzLnT749sWpaG7qm0td5vGRF76yF6n/7A2UYPdex5fuVgJ
+kc2PNzsb08iVdwQR7R0z0QSoS/QzT+jVBnxi2Tib1dHyDMAFZ4BjvYvNBxnC5Qa
7euhyEyPRTA8lI1qhd3KaV4L+idfZ2RPmJcamiYqo7uTuLEYddG+dvRXHQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLFFVl5mURtT/V/jcM5ODU+H86HDMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvc1VWV1htWlJHMVA5WC1Od3prNE5UNGZ6b2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBUQw0AwQB
V2sKAwQBV2s2AwQBV2toAwQBV2uSAwQBV2uaAwQBV2ukMA0GCSqGSIb3DQEBCwUA
A4IBAQA+b7VC2BIssZM0TJ2mv7IcKMQLSz5HCXy6JZFqfFpGCJnh/GAjwMl9sosr
Q3IU7fI398vRmlw63LaWkVRnVvc/LiKL4H5BAEkta4FdBHnjoQI3xCf2BIQFBmWZ
yIkjRWoyDmFpg92opMNNKO5lcT44MmsPK3xX6Iv04+ITlJ8bNQcjOawUx5tcKPXD
v/zkKOoENslj0TK6BNNL2xkBIZy6SLTOVIX8BXZs5RjQx9XMiHex1sbSJZQocFAt
XlKgSG2yVCbrxpA0VwHZBTScl/7Xbpm3mfdDzVuEVPkV+wRG6n/pqF5Sq455igt6
GWJEVY3bCJzbRKP3kzmhl2vas0Hc
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:26 2024 by rpki-client on console-ams.rpki-client.org