Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dW3T6rwZNYyEPa8CN3tZC3j0p-Q.roa
File: dW3T6rwZNYyEPa8CN3tZC3j0p-Q.roa (raw, json)
Hash identifier: tjv/wtAxyUzTnxRpC71MdWCPHGtAOlVL+Uo6Oca8Mms=
Subject key identifier: 75:6D:D3:EA:BC:19:35:8C:84:3D:AF:02:37:7B:59:0B:78:F4:A7:E4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01920527367B6EACAABF6A643955C86400DC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dW3T6rwZNYyEPa8CN3tZC3j0p-Q.roa
Signing time: Wed 18 Sep 2024 12:41:48 +0000
ROA not before: Wed 18 Sep 2024 12:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20712
IP address blocks: 45.88.21.0/24 maxlen: 24
45.88.23.0/24 maxlen: 24
45.89.37.0/24 maxlen: 24
45.89.39.0/24 maxlen: 24
45.92.3.0/24 maxlen: 24
45.140.134.0/24 maxlen: 24
91.190.97.0/24 maxlen: 24
91.190.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:27:36:7b:6e:ac:aa:bf:6a:64:39:55:c8:64:00:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 18 12:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=756dd3eabc19358c843daf02377b590b78f4a7e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1f:5d:c5:6f:35:79:8a:9f:1a:33:9a:6e:b0:
8c:62:15:1e:0d:ef:ce:0e:bd:4e:9a:17:09:72:1f:
3d:bc:b1:69:47:0e:c3:b8:fa:01:90:86:29:a8:3f:
40:dd:f5:5f:27:51:b0:1b:c5:0c:4c:4f:4f:ec:28:
24:54:86:63:b9:a0:d9:6a:a8:aa:34:0f:7e:79:b7:
ea:80:49:1c:d8:c1:92:0d:65:42:f1:9a:e5:92:91:
f1:a1:16:e1:b1:1a:6f:5c:fc:57:21:c9:a9:48:01:
f4:29:37:e2:20:4b:3f:d6:4e:26:58:fc:f8:7c:de:
56:b4:29:1b:9e:b7:8f:3a:e7:22:62:7a:65:98:62:
92:bc:c1:b5:a3:99:7f:53:02:98:44:aa:69:f4:68:
84:a0:25:78:d2:14:21:89:0e:f1:8c:80:b6:88:92:
47:9a:b4:31:09:35:5c:bf:94:24:a7:30:8b:5a:37:
7a:a0:5d:fb:aa:07:c5:ff:ac:4f:20:32:bb:84:d7:
3f:17:59:d6:ec:4b:5b:31:e8:f8:b5:b9:47:d6:7a:
20:06:fe:bf:ee:80:8b:25:de:3a:98:ca:86:f0:36:
28:a8:97:9b:f3:47:a3:1e:69:2d:84:07:77:4a:f7:
ad:2a:f2:c0:8f:74:27:4f:3c:d1:5e:84:44:6f:9d:
51:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6D:D3:EA:BC:19:35:8C:84:3D:AF:02:37:7B:59:0B:78:F4:A7:E4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dW3T6rwZNYyEPa8CN3tZC3j0p-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.21.0/24
45.88.23.0/24
45.89.37.0/24
45.89.39.0/24
45.92.3.0/24
45.140.134.0/24
91.190.97.0/24
91.190.105.0/24
Signature Algorithm: sha256WithRSAEncryption
74:c2:5e:30:da:5d:15:a4:eb:91:db:45:59:72:c5:17:c8:a6:
bb:e8:7b:8c:0c:26:ab:9c:6c:2c:c3:19:43:46:e8:5d:6e:6c:
13:a7:ff:e1:e6:43:81:82:3a:01:ae:71:eb:09:1b:91:41:fb:
4e:ed:4e:b5:48:ce:a5:a2:d9:0c:d8:ae:0b:db:01:1f:43:39:
d1:7e:23:9b:b6:44:76:43:19:4c:0e:e8:98:03:29:9e:da:84:
31:01:8e:64:92:c1:19:7e:e5:79:1e:03:5c:2f:7a:bb:16:38:
92:a9:18:aa:45:8a:fe:90:7d:37:a9:3b:a6:02:82:88:90:89:
ce:f1:f4:6c:f4:f3:fe:1b:c2:5a:db:82:54:04:7f:a7:11:4d:
eb:93:ce:40:9a:55:f4:cd:6c:82:50:82:7f:4d:80:c5:6b:7e:
09:b9:98:55:f8:da:25:ff:e4:8f:ea:f9:5a:95:ad:9c:05:90:
7c:cd:d4:ec:58:4b:a7:01:3d:2e:c5:f6:cd:0c:c0:7f:16:2c:
ac:c0:47:6b:cf:1a:99:0d:28:6d:1a:70:fc:bc:cc:89:8e:10:
26:76:92:3e:a5:18:37:e2:24:c0:93:9d:2e:ad:ff:74:72:45:
fb:20:32:e7:c8:d9:39:1c:e0:b0:31:07:70:24:ad:54:fb:ef:
f8:6f:bc:c6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZIFJzZ7bqyqv2pkOVXIZADcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwOTE4MTI0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZkZDNlYWJjMTkzNThjODQzZGFmMDIzNzdiNTkwYjc4ZjRhN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh9dxW81eYqfGjOabrCMYhUeDe/O
Dr1OmhcJch89vLFpRw7DuPoBkIYpqD9A3fVfJ1GwG8UMTE9P7CgkVIZjuaDZaqiq
NA9+ebfqgEkc2MGSDWVC8ZrlkpHxoRbhsRpvXPxXIcmpSAH0KTfiIEs/1k4mWPz4
fN5WtCkbnrePOuciYnplmGKSvMG1o5l/UwKYRKpp9GiEoCV40hQhiQ7xjIC2iJJH
mrQxCTVcv5QkpzCLWjd6oF37qgfF/6xPIDK7hNc/F1nW7EtbMej4tblH1nogBv6/
7oCLJd46mMqG8DYoqJeb80ejHmkthAd3SvetKvLAj3QnTzzRXoREb51RxwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHVt0+q8GTWMhD2vAjd7WQt49KfkMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZFczVDZyd1pOWXlFUGE4Q04zdFpDM2owcC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVgVAwQA
LVgXAwQALVklAwQALVknAwQALVwDAwQALYyGAwQAW75hAwQAW75pMA0GCSqGSIb3
DQEBCwUAA4IBAQB0wl4w2l0VpOuR20VZcsUXyKa76HuMDCarnGwswxlDRuhdbmwT
p//h5kOBgjoBrnHrCRuRQftO7U61SM6lotkM2K4L2wEfQznRfiObtkR2QxlMDuiY
Ayme2oQxAY5kksEZfuV5HgNcL3q7FjiSqRiqRYr+kH03qTumAoKIkInO8fRs9PP+
G8Ja24JUBH+nEU3rk85AmlX0zWyCUIJ/TYDFa34JuZhV+Nol/+SP6vlala2cBZB8
zdTsWEunAT0uxfbNDMB/FiyswEdrzxqZDShtGnD8vMyJjhAmdpI+pRg34iTAk50u
rf90ckX7IDLnyNk5HOCwMQdwJK1U++/4b7zG
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:28:50 2024 by rpki-client on console-fra.rpki-client.org