Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iVdTusgDSC0WCu6hfriVIB-45zM.roa
File: iVdTusgDSC0WCu6hfriVIB-45zM.roa (raw, json)
Hash identifier: xW0vrIHJW00rLM+jpMAQgMjKzJijsyNogARBogYnpXA=
Subject key identifier: 89:57:53:BA:C8:03:48:2D:16:0A:EE:A1:7E:B8:95:20:1F:B8:E7:33
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018EEB39A0C0820E3689BF2693B9BFF43249
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iVdTusgDSC0WCu6hfriVIB-45zM.roa
Signing time: Wed 17 Apr 2024 08:43:26 +0000
ROA not before: Wed 17 Apr 2024 08:43:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 37.46.150.0/24 maxlen: 24
45.80.156.0/24 maxlen: 24
45.90.184.0/22 maxlen: 24
91.190.106.0/24 maxlen: 24
185.241.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 16:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:39:a0:c0:82:0e:36:89:bf:26:93:b9:bf:f4:32:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 17 08:43:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=895753bac803482d160aeea17eb895201fb8e733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:85:94:0e:e6:b4:69:b7:7d:fe:15:c5:01:07:
5d:0c:8c:d2:7f:d0:53:d7:f2:01:4a:dc:11:6b:b1:
fe:ac:f5:43:7a:37:0b:08:1c:dd:18:f5:f1:93:33:
fe:63:b7:23:57:be:0e:1f:55:96:eb:2a:fd:d5:5d:
a8:77:8c:5c:ed:51:51:05:39:9a:7c:83:ad:89:18:
89:05:6f:cc:11:02:06:b2:f3:91:5b:07:0a:3c:59:
2b:53:26:ae:ba:ce:27:ef:6f:90:66:2e:99:84:fc:
00:71:18:25:7c:e5:55:1c:d0:e1:02:3b:da:7a:13:
1c:89:c0:1b:09:b1:ea:8f:7d:93:62:46:e4:df:5e:
b8:4f:98:e4:a7:e7:d4:d8:6f:ce:51:8d:37:79:43:
e8:9b:92:8d:f9:61:de:66:bf:96:93:45:8b:6f:7a:
87:c7:1d:b3:36:3a:b8:2d:97:69:27:98:59:41:dc:
83:86:c5:90:57:fd:fb:8e:f1:23:89:b2:4c:c8:04:
81:95:ce:27:16:8b:f2:c4:50:ec:0e:4a:d0:e3:d6:
5b:92:26:6a:f7:f5:b1:97:2d:2c:39:5b:e7:50:6d:
2f:98:3c:1c:14:96:e8:ce:a5:f3:eb:6c:65:99:3c:
4c:81:22:8f:c5:80:10:dc:5f:c9:8a:0a:aa:e3:09:
62:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:57:53:BA:C8:03:48:2D:16:0A:EE:A1:7E:B8:95:20:1F:B8:E7:33
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iVdTusgDSC0WCu6hfriVIB-45zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.150.0/24
45.80.156.0/24
45.90.184.0/22
91.190.106.0/24
185.241.211.0/24
Signature Algorithm: sha256WithRSAEncryption
02:f7:d1:90:06:55:3a:d3:9d:8a:15:96:d4:4b:4d:3f:8c:bb:
cb:f7:be:d6:06:0f:80:c5:68:23:90:e7:6e:56:d1:e1:c2:68:
f6:37:ae:ef:06:3a:71:23:8f:6b:4b:7d:7a:aa:24:b9:4b:ec:
7d:b0:d1:23:50:3b:f8:1e:ba:83:e5:a0:c8:1c:6b:0f:52:14:
f7:1d:e8:83:a0:a5:40:79:45:90:ba:88:75:61:f6:f5:00:2a:
ce:3d:75:c1:c7:3b:d6:e1:10:85:86:a2:67:27:6f:4d:43:db:
8b:26:88:04:af:1b:f9:d7:56:f2:81:70:ef:a9:e9:fc:23:d4:
9c:58:c8:27:74:c5:fb:92:00:87:5e:42:e0:25:74:2f:d9:9e:
fd:8b:8f:c9:f1:1b:e1:2a:17:68:32:62:47:0b:33:19:bf:47:
bf:02:81:fc:cc:eb:0e:ae:07:8f:7a:16:64:e0:9e:f9:ff:08:
a6:46:8a:bf:79:9e:8f:4f:8d:00:2c:f0:0c:d9:1e:91:92:69:
46:9a:4f:3b:3f:57:42:1d:79:7a:b6:d8:b4:7e:19:50:78:aa:
64:ee:bc:4d:e1:b5:a4:c7:23:b6:9d:1f:7e:34:13:48:9f:d9:
f6:9a:35:86:2a:58:6f:33:78:bb:06:9b:53:fb:2b:2e:1d:a4:
12:09:f6:87
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7rOaDAgg42ib8mk7m/9DJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNDE3MDg0MzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTU3NTNiYWM4MDM0ODJkMTYwYWVlYTE3ZWI4OTUyMDFmYjhlNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioWUDua0abd9/hXFAQddDIzSf9BT
1/IBStwRa7H+rPVDejcLCBzdGPXxkzP+Y7cjV74OH1WW6yr91V2od4xc7VFRBTma
fIOtiRiJBW/MEQIGsvORWwcKPFkrUyauus4n72+QZi6ZhPwAcRglfOVVHNDhAjva
ehMcicAbCbHqj32TYkbk3164T5jkp+fU2G/OUY03eUPom5KN+WHeZr+Wk0WLb3qH
xx2zNjq4LZdpJ5hZQdyDhsWQV/37jvEjibJMyASBlc4nFovyxFDsDkrQ49ZbkiZq
9/Wxly0sOVvnUG0vmDwcFJbozqXz62xlmTxMgSKPxYAQ3F/Jigqq4wli7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIlXU7rIA0gtFgruoX64lSAfuOczMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaVZkVHVzZ0RTQzBXQ3U2aGZyaVZJQi00NXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJS6WAwQA
LVCcAwQCLVq4AwQAW75qAwQAufHTMA0GCSqGSIb3DQEBCwUAA4IBAQAC99GQBlU6
052KFZbUS00/jLvL977WBg+AxWgjkOduVtHhwmj2N67vBjpxI49rS316qiS5S+x9
sNEjUDv4HrqD5aDIHGsPUhT3HeiDoKVAeUWQuoh1Yfb1ACrOPXXBxzvW4RCFhqJn
J29NQ9uLJogErxv511bygXDvqen8I9ScWMgndMX7kgCHXkLgJXQv2Z79i4/J8Rvh
KhdoMmJHCzMZv0e/AoH8zOsOrgePehZk4J75/wimRoq/eZ6PT40ALPAM2R6RkmlG
mk87P1dCHXl6tti0fhlQeKpk7rxN4bWkxyO2nR9+NBNIn9n2mjWGKlhvM3i7BptT
+ysuHaQSCfaH
-----END CERTIFICATE-----
Generated at Sun May 5 19:53:50 2024 by rpki-client on console-fra.rpki-client.org