Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vRbWLkk5NB0h9pXp85DVOZMb6h0.roa
File: vRbWLkk5NB0h9pXp85DVOZMb6h0.roa (raw, json)
Hash identifier: Xrs57NBBTQDOOudZc65bPorVFjpOGHy/ooqXiT6j1ug=
Subject key identifier: BD:16:D6:2E:49:39:34:1D:21:F6:95:E9:F3:90:D5:39:93:1B:EA:1D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01934E0107B316B066AE0F679EC9B38E24D6
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vRbWLkk5NB0h9pXp85DVOZMb6h0.roa
Signing time: Thu 21 Nov 2024 09:15:10 +0000
ROA not before: Thu 21 Nov 2024 09:15:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 37.46.150.0/24 maxlen: 24
45.80.156.0/24 maxlen: 24
45.90.184.0/24 maxlen: 24
45.90.185.0/24 maxlen: 24
45.90.186.0/23 maxlen: 24
91.190.106.0/24 maxlen: 24
185.241.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4e:01:07:b3:16:b0:66:ae:0f:67:9e:c9:b3:8e:24:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 21 09:15:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd16d62e4939341d21f695e9f390d539931bea1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9a:11:05:14:87:ae:3c:d0:32:72:97:1f:2f:
dd:49:06:8b:7e:c3:4f:fe:64:6e:c2:a1:57:37:10:
1d:dc:b5:10:4f:fb:43:fc:0d:b0:cc:c8:49:d2:06:
66:9f:bb:a5:29:86:d3:55:b4:00:64:c8:03:f5:dc:
f7:54:b9:9d:51:8e:12:4a:e3:75:e9:03:4c:cc:b3:
d7:68:75:3a:6a:6f:44:3b:90:73:ef:a7:e7:5c:ea:
68:37:43:77:06:1d:75:f8:92:80:6c:ff:24:7d:e4:
f8:f4:a3:25:1e:9e:92:b7:64:20:d9:a0:9b:0f:48:
e7:b4:32:5a:6c:53:f5:16:0f:05:a1:7a:68:4d:18:
7c:b2:8b:5c:16:4f:8e:9a:6f:83:78:09:10:bd:be:
fd:74:4f:4b:5e:0c:b5:c8:0b:e9:d2:46:4f:42:89:
ba:99:56:68:70:30:f4:c5:ce:ec:12:e0:e1:69:82:
67:69:f2:4a:de:d1:52:b7:53:87:21:a7:c5:cc:c4:
85:0a:85:a5:7e:7d:f5:47:4d:f6:c0:d0:10:4e:38:
22:64:39:62:7e:3f:d0:22:50:84:99:28:40:20:67:
6a:d3:f5:09:42:64:5e:59:50:34:75:70:8c:c4:30:
24:82:28:5e:5e:57:e2:45:5d:5f:e5:51:24:53:c8:
5b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:16:D6:2E:49:39:34:1D:21:F6:95:E9:F3:90:D5:39:93:1B:EA:1D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/vRbWLkk5NB0h9pXp85DVOZMb6h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.150.0/24
45.80.156.0/24
45.90.184.0/22
91.190.106.0/24
185.241.211.0/24
Signature Algorithm: sha256WithRSAEncryption
57:70:e2:b2:1b:53:9c:25:ab:47:9f:05:6d:59:69:47:bc:a7:
d3:dd:bf:02:6b:12:ed:fc:ac:ca:8e:8d:e9:42:bd:e0:98:54:
ad:84:de:6d:b2:b7:90:89:6e:e5:fc:c5:87:26:fb:a6:e8:80:
52:c5:fb:0f:7a:88:c5:fa:aa:5f:26:b9:21:ec:b2:ea:a4:59:
c0:9c:31:13:55:b2:6c:c3:cc:33:7a:98:b6:a0:bf:6a:63:11:
65:7a:04:01:5a:44:cc:47:6e:63:4a:87:f8:d4:55:b3:88:e3:
04:a4:99:22:68:80:32:9f:df:be:6d:e9:b2:82:2c:36:61:6b:
fc:b1:53:b4:f2:52:b6:78:66:a0:dd:16:96:d0:2f:f7:41:3e:
a3:aa:a2:74:b0:a1:40:f9:70:53:cd:d9:b2:bd:68:5a:bb:6c:
6c:c0:1b:e8:f5:ef:f0:e8:77:d8:bb:19:6c:4d:02:52:f8:65:
fd:2f:15:4b:e4:48:54:36:80:25:eb:6c:70:a0:04:b6:98:81:
ac:7e:35:50:ce:c0:bd:8b:16:c3:70:3c:59:47:d5:5d:be:12:
c2:92:4c:d4:92:24:c5:00:8a:ba:77:00:2b:7c:fa:2e:e1:50:
59:b5:79:53:b9:54:10:f9:c5:3f:9f:88:78:2d:a7:94:37:c2:
a2:af:b2:e9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNOAQezFrBmrg9nnsmzjiTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMTIxMDkxNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDE2ZDYyZTQ5MzkzNDFkMjFmNjk1ZTlmMzkwZDUzOTkzMWJlYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopoRBRSHrjzQMnKXHy/dSQaLfsNP
/mRuwqFXNxAd3LUQT/tD/A2wzMhJ0gZmn7ulKYbTVbQAZMgD9dz3VLmdUY4SSuN1
6QNMzLPXaHU6am9EO5Bz76fnXOpoN0N3Bh11+JKAbP8kfeT49KMlHp6St2Qg2aCb
D0jntDJabFP1Fg8FoXpoTRh8sotcFk+Omm+DeAkQvb79dE9LXgy1yAvp0kZPQom6
mVZocDD0xc7sEuDhaYJnafJK3tFSt1OHIafFzMSFCoWlfn31R032wNAQTjgiZDli
fj/QIlCEmShAIGdq0/UJQmReWVA0dXCMxDAkgiheXlfiRV1f5VEkU8hbDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL0W1i5JOTQdIfaV6fOQ1TmTG+odMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdlJiV0xrazVOQjBoOXBYcDg1RFZPWk1iNmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJS6WAwQA
LVCcAwQCLVq4AwQAW75qAwQAufHTMA0GCSqGSIb3DQEBCwUAA4IBAQBXcOKyG1Oc
JatHnwVtWWlHvKfT3b8CaxLt/KzKjo3pQr3gmFSthN5tsreQiW7l/MWHJvum6IBS
xfsPeojF+qpfJrkh7LLqpFnAnDETVbJsw8wzepi2oL9qYxFlegQBWkTMR25jSof4
1FWziOMEpJkiaIAyn9++bemygiw2YWv8sVO08lK2eGag3RaW0C/3QT6jqqJ0sKFA
+XBTzdmyvWhau2xswBvo9e/w6HfYuxlsTQJS+GX9LxVL5EhUNoAl62xwoAS2mIGs
fjVQzsC9ixbDcDxZR9VdvhLCkkzUkiTFAIq6dwArfPou4VBZtXlTuVQQ+cU/n4h4
LaeUN8Kir7Lp
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:05:54 2024 by rpki-client on console-ams.rpki-client.org