Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/t4axs62pGrkg66DbtUww-ycKSV0.roa
File: t4axs62pGrkg66DbtUww-ycKSV0.roa (raw, json)
Hash identifier: Y1NdiCuwA5jmiVfy3ZbKEf4srcD2N1f3Hog/6MBDHxI=
Subject key identifier: B7:86:B1:B3:AD:A9:1A:B9:20:EB:A0:DB:B5:4C:30:FB:27:0A:49:5D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5012A4E3FA3029848855F85E49A090C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/t4axs62pGrkg66DbtUww-ycKSV0.roa
Signing time: Mon 01 Jan 2024 12:30:36 +0000
ROA not before: Mon 01 Jan 2024 12:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 185.244.139.0/24 maxlen: 24
212.119.32.0/23 maxlen: 24
212.119.34.0/24 maxlen: 24
194.169.168.0/22 maxlen: 24
193.218.35.0/24 maxlen: 24
45.144.227.0/24 maxlen: 24
91.190.101.0/24 maxlen: 24
62.197.144.0/20 maxlen: 24
213.109.151.0/24 maxlen: 24
45.135.184.0/24 maxlen: 24
92.62.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2a:4e:3f:a3:02:98:48:85:5f:85:e4:9a:09:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b786b1b3ada91ab920eba0dbb54c30fb270a495d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7f:54:8c:7b:71:c8:8e:f5:18:40:57:29:38:
d9:7c:04:37:0a:69:d9:8c:c1:be:13:3a:91:07:d6:
bd:89:51:64:45:2d:14:8d:2c:b6:7e:25:86:89:11:
26:28:8c:43:6e:2f:75:dc:fe:ec:2b:94:f4:bd:56:
ff:bb:0b:d0:05:8a:99:6f:62:7b:be:fa:a0:b0:b7:
27:6e:fa:c6:a1:98:f9:45:5f:62:c3:6c:23:9a:bc:
88:1e:5f:e8:04:00:76:c4:cd:4b:52:0a:fd:59:d9:
bd:35:8b:50:fa:17:72:25:d7:32:fa:0f:84:41:a9:
a3:3a:cb:f6:50:0f:45:1e:91:29:c1:25:6a:ba:9a:
59:8c:f0:28:54:40:26:e9:7d:b8:e7:45:b2:1c:d8:
12:90:c9:b2:8a:dd:7d:18:24:42:2a:53:13:39:f4:
27:9a:c3:24:e3:2f:77:bd:a6:08:fc:58:df:2d:c2:
6d:93:ad:17:cf:c5:76:19:1b:be:5b:19:03:1d:1a:
f0:7f:cd:14:b4:d1:da:49:f2:16:1d:34:d3:62:5f:
75:22:99:48:06:8a:81:0e:f0:2d:4f:d1:62:53:2c:
c2:76:8a:58:2f:1c:4b:5d:9e:93:d8:9f:87:69:90:
3b:06:c0:a4:ba:4e:30:a5:5b:8f:18:45:cf:2b:5a:
07:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:86:B1:B3:AD:A9:1A:B9:20:EB:A0:DB:B5:4C:30:FB:27:0A:49:5D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/t4axs62pGrkg66DbtUww-ycKSV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.184.0/24
45.144.227.0/24
62.197.144.0/20
91.190.101.0/24
92.62.120.0/22
185.244.139.0/24
193.218.35.0/24
194.169.168.0/22
212.119.32.0-212.119.34.255
213.109.151.0/24
Signature Algorithm: sha256WithRSAEncryption
59:4d:5d:46:b1:c6:54:e6:2d:5d:82:e4:93:ea:cf:fa:10:7c:
6c:7a:54:20:2f:1d:33:a2:65:4e:70:a3:a3:cd:ef:86:3a:0c:
3a:ff:68:fe:86:b6:48:7e:ce:12:36:16:11:76:4f:6a:f2:fa:
de:c9:6d:25:27:0f:30:56:82:d2:bf:8b:2c:e9:44:9c:92:d8:
b3:cf:e3:2b:19:4a:0e:15:99:20:07:da:5a:4a:3e:6a:bd:d7:
fa:e9:d5:89:40:36:5e:b4:fb:cc:c0:0e:37:aa:c6:33:00:57:
aa:e0:d4:c2:98:78:24:11:39:42:bc:b2:ee:22:76:c3:29:f6:
71:b8:b8:2d:30:b6:9f:c0:17:44:22:7b:9f:eb:d3:7c:9a:4c:
de:2f:10:7a:64:fd:31:31:58:19:e8:04:30:82:1e:2b:ca:87:
58:bb:bb:4f:98:51:c3:99:c2:42:80:af:e9:20:5d:aa:90:76:
74:54:f6:61:93:d2:9e:df:ec:c1:41:8e:b9:5e:d8:59:10:9f:
3d:8c:db:9c:22:33:f1:b2:c5:b1:e8:0e:3b:0b:12:30:a8:46:
d4:a4:ee:2b:7b:ad:64:9c:6c:ff:ca:c1:7b:e6:a4:a7:ed:77:
f2:41:cd:fd:f6:f6:52:b3:6d:80:c6:ed:4d:9b:21:3e:ea:24:
10:aa:26:e7
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzFASpOP6MCmEiFX4XkmgkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzg2YjFiM2FkYTkxYWI5MjBlYmEwZGJiNTRjMzBmYjI3MGE0OTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH9UjHtxyI71GEBXKTjZfAQ3CmnZ
jMG+EzqRB9a9iVFkRS0UjSy2fiWGiREmKIxDbi913P7sK5T0vVb/uwvQBYqZb2J7
vvqgsLcnbvrGoZj5RV9iw2wjmryIHl/oBAB2xM1LUgr9Wdm9NYtQ+hdyJdcy+g+E
QamjOsv2UA9FHpEpwSVquppZjPAoVEAm6X2450WyHNgSkMmyit19GCRCKlMTOfQn
msMk4y93vaYI/FjfLcJtk60Xz8V2GRu+WxkDHRrwf80UtNHaSfIWHTTTYl91IplI
BoqBDvAtT9FiUyzCdopYLxxLXZ6T2J+HaZA7BsCkuk4wpVuPGEXPK1oHswIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLeGsbOtqRq5IOug27VMMPsnCkldMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdDRheHM2MnBHcmtnNjZEYnRVd3cteWNLU1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQALYe4AwQA
LZDjAwQEPsWQAwQAW75lAwQCXD54AwQAufSLAwQAwdojAwQCwqmoMAwDBAXUdyAD
BADUdyIDBADVbZcwDQYJKoZIhvcNAQELBQADggEBAFlNXUaxxlTmLV2C5JPqz/oQ
fGx6VCAvHTOiZU5wo6PN74Y6DDr/aP6Gtkh+zhI2FhF2T2ry+t7JbSUnDzBWgtK/
iyzpRJyS2LPP4ysZSg4VmSAH2lpKPmq91/rp1YlANl60+8zADjeqxjMAV6rg1MKY
eCQROUK8su4idsMp9nG4uC0wtp/AF0Qie5/r03yaTN4vEHpk/TExWBnoBDCCHivK
h1i7u0+YUcOZwkKAr+kgXaqQdnRU9mGT0p7f7MFBjrle2FkQnz2M25wiM/GyxbHo
DjsLEjCoRtSk7it7rWScbP/KwXvmpKftd/JBzf329lKzbYDG7U2bIT7qJBCqJuc=
-----END CERTIFICATE-----
Generated at Mon May 6 07:49:05 2024 by rpki-client on console-fra.rpki-client.org