Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/exOLvM2jEs8RqBL7l0MqiFrGSPc.roa
File: exOLvM2jEs8RqBL7l0MqiFrGSPc.roa (raw, json)
Hash identifier: TnGGfK3KqDxuNwATuVkBmXjokCMtFSV2+J9DHAK+L4Q=
Subject key identifier: 7B:13:8B:BC:CD:A3:12:CF:11:A8:12:FB:97:43:2A:88:5A:C6:48:F7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0191926F73146D85D7F45D0F4F6294DF82A7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/exOLvM2jEs8RqBL7l0MqiFrGSPc.roa
Signing time: Tue 27 Aug 2024 06:04:23 +0000
ROA not before: Tue 27 Aug 2024 06:04:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.70.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
89.34.126.0/23 maxlen: 24
185.165.45.0/24 maxlen: 24
185.245.7.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
194.5.83.0/24 maxlen: 24
194.61.40.0/24 maxlen: 24
194.61.41.0/24 maxlen: 24
203.25.124.0/24 maxlen: 24
204.75.229.0/24 maxlen: 24
220.158.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:92:6f:73:14:6d:85:d7:f4:5d:0f:4f:62:94:df:82:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 27 06:04:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b138bbccda312cf11a812fb97432a885ac648f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:37:9a:03:bb:77:47:f1:26:85:ad:8a:77:6d:
b2:59:87:37:fc:a0:fc:e5:10:a6:0c:80:cd:cb:87:
e0:aa:f7:e9:e3:5d:71:4d:9d:30:32:5e:37:d1:72:
58:4a:09:41:bd:dd:d7:c6:6f:58:6d:a1:0b:8a:84:
0d:f4:31:8a:15:fa:5a:1b:2f:98:55:12:9e:7f:f5:
ac:68:f5:57:88:fa:fd:f1:c1:e2:96:b8:50:87:8d:
3b:f7:56:81:8b:4f:d4:db:f4:21:8d:e0:b3:27:20:
a2:8a:5e:29:c6:36:5a:bc:ee:50:9f:ef:d1:36:a5:
b7:2b:a8:f9:fe:6d:1b:c2:bd:ff:b8:f1:8c:da:8a:
1e:11:28:b1:5d:10:2f:c1:b0:87:b8:f6:a2:fc:9d:
cd:41:8a:32:95:c1:48:4d:3b:3d:71:00:30:f7:63:
c5:b1:62:e5:4d:23:17:2a:d9:09:e6:cc:24:b1:14:
65:17:c4:80:bb:2f:fc:c1:5d:81:95:d5:87:3c:46:
85:4e:17:eb:05:ac:5f:b1:49:67:46:3f:b7:d8:10:
be:be:ad:8b:ad:8e:22:4e:d7:bd:99:29:2b:86:f3:
79:24:72:30:8b:4c:80:6d:4c:b1:18:c0:bc:28:48:
5e:8b:9f:a9:0f:1f:f6:41:b3:45:8e:39:10:e9:b7:
d5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:13:8B:BC:CD:A3:12:CF:11:A8:12:FB:97:43:2A:88:5A:C6:48:F7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/exOLvM2jEs8RqBL7l0MqiFrGSPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.130.202.0/23
45.133.4.0/22
89.34.126.0/23
185.165.45.0/24
185.245.7.0/24
188.213.202.0/24
194.5.82.0/23
194.61.40.0/23
203.25.124.0/24
204.75.229.0/24
220.158.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:53:df:f4:da:32:39:ea:eb:96:6a:8b:90:4f:22:ac:54:40:
20:c1:78:f5:97:29:e6:8f:c9:e6:4f:b8:5d:22:1d:54:0a:f2:
dd:02:32:25:8b:b9:7a:8d:c0:ea:5b:1f:22:5d:ed:7c:b8:02:
62:e3:ca:ca:d4:0f:b0:72:2c:a7:10:44:c6:6a:c1:94:da:1e:
c2:99:f0:99:92:be:59:71:a0:6b:f6:1e:8e:9d:bf:01:f7:03:
b7:c8:5a:06:a8:6a:92:02:b4:39:a8:a7:1a:04:22:ec:ee:fb:
32:37:7d:88:c1:9d:fa:a8:4a:d1:f5:df:1d:b7:c6:a5:82:b4:
78:f3:7e:15:9b:34:f8:0b:d0:fb:3f:88:db:8d:23:cd:27:58:
23:54:90:a5:32:f5:31:80:29:b4:30:82:25:08:46:0c:bc:bc:
99:c0:b1:83:b3:ad:3c:f1:68:24:85:b3:c6:e8:b9:09:1b:11:
4f:e9:fb:c8:c6:17:df:e7:c6:e4:99:f1:41:85:c1:28:19:ba:
a8:50:9a:17:7f:c6:d2:0e:5f:7f:be:74:66:b1:98:85:32:ea:
74:15:25:24:bb:f3:88:bb:e1:2b:76:76:98:a4:b6:7d:d6:ef:
c2:6d:1a:39:7d:8e:68:15:c3:32:d2:e0:40:9f:05:b4:a9:18:
63:58:f8:21
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZGSb3MUbYXX9F0PT2KU34KnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwODI3MDYwNDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjEzOGJiY2NkYTMxMmNmMTFhODEyZmI5NzQzMmE4ODVhYzY0OGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzeaA7t3R/Emha2Kd22yWYc3/KD8
5RCmDIDNy4fgqvfp411xTZ0wMl430XJYSglBvd3Xxm9YbaELioQN9DGKFfpaGy+Y
VRKef/WsaPVXiPr98cHilrhQh40791aBi0/U2/QhjeCzJyCiil4pxjZavO5Qn+/R
NqW3K6j5/m0bwr3/uPGM2ooeESixXRAvwbCHuPai/J3NQYoylcFITTs9cQAw92PF
sWLlTSMXKtkJ5swksRRlF8SAuy/8wV2BldWHPEaFThfrBaxfsUlnRj+32BC+vq2L
rY4iTte9mSkrhvN5JHIwi0yAbUyxGMC8KEhei5+pDx/2QbNFjjkQ6bfVIwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHsTi7zNoxLPEagS+5dDKohaxkj3MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZXhPTHZNMmpFczhScUJMN2wwTXFpRnJHU1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQhGAwQB
LYLKAwQCLYUEAwQBWSJ+AwQAuaUtAwQAufUHAwQAvNXKAwQBwgVSAwQBwj0oAwQA
yxl8AwQAzEvlAwQA3J7HMA0GCSqGSIb3DQEBCwUAA4IBAQB/U9/02jI56uuWaouQ
TyKsVEAgwXj1lynmj8nmT7hdIh1UCvLdAjIli7l6jcDqWx8iXe18uAJi48rK1A+w
ciynEETGasGU2h7CmfCZkr5ZcaBr9h6Onb8B9wO3yFoGqGqSArQ5qKcaBCLs7vsy
N32IwZ36qErR9d8dt8algrR4834VmzT4C9D7P4jbjSPNJ1gjVJClMvUxgCm0MIIl
CEYMvLyZwLGDs6088WgkhbPG6LkJGxFP6fvIxhff58bkmfFBhcEoGbqoUJoXf8bS
Dl9/vnRmsZiFMup0FSUku/OIu+ErdnaYpLZ91u/CbRo5fY5oFcMy0uBAnwW0qRhj
WPgh
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:52 2024 by rpki-client on console-fra.rpki-client.org