Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nwGckz1Wp1k7lSP_yDdNTOARIp4.roa
File: nwGckz1Wp1k7lSP_yDdNTOARIp4.roa (raw, json)
Hash identifier: O2jRKOalb+iVv0A/ALFEBElnGPmesorWqYYUSLTNGgI=
Subject key identifier: 9F:01:9C:93:3D:56:A7:59:3B:95:23:FF:C8:37:4D:4C:E0:11:22:9E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192E3F20495CE45C5A71174BBAC7C5390F1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nwGckz1Wp1k7lSP_yDdNTOARIp4.roa
Signing time: Thu 31 Oct 2024 18:59:01 +0000
ROA not before: Thu 31 Oct 2024 18:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395954
IP address blocks: 45.145.58.0/24 maxlen: 24
45.147.100.0/24 maxlen: 24
45.147.101.0/24 maxlen: 24
45.147.102.0/24 maxlen: 24
45.147.103.0/24 maxlen: 24
45.152.201.0/24 maxlen: 24
45.155.200.0/24 maxlen: 24
45.155.201.0/24 maxlen: 24
45.155.202.0/24 maxlen: 24
45.155.203.0/24 maxlen: 24
193.8.8.0/24 maxlen: 24
194.41.56.0/24 maxlen: 24
2a07:f300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e3:f2:04:95:ce:45:c5:a7:11:74:bb:ac:7c:53:90:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 31 18:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f019c933d56a7593b9523ffc8374d4ce011229e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a0:21:a6:6f:d4:18:38:95:7a:fb:db:fd:2b:
07:16:2c:cb:36:69:81:0d:66:63:7e:92:01:4b:f1:
20:6d:fb:f6:77:a6:95:ee:3d:78:bb:9b:83:2b:b1:
97:37:72:17:e9:37:4d:b0:03:76:c7:5d:8b:d3:b6:
31:da:88:f8:40:fa:f5:c8:b2:0f:1f:93:de:30:3a:
46:40:2a:e0:7f:a5:12:6b:b0:24:19:a8:b6:98:27:
92:c2:69:dd:2a:82:f5:f6:8e:69:b1:c3:ea:ff:76:
3f:76:8a:b5:d6:c7:cf:fc:19:b4:8b:54:78:6c:bf:
26:ac:f0:67:ad:5e:9c:6b:78:6f:20:21:0b:30:f8:
08:07:59:34:df:9b:e4:6d:7a:d1:80:2a:cb:35:64:
d4:90:e8:15:a5:3c:4f:5e:96:f4:be:72:5e:fa:49:
c4:d8:0e:a9:d3:b7:e4:17:14:de:4b:2d:2a:55:7b:
ad:52:a8:d6:1e:44:7d:d3:3c:17:03:e3:af:a5:ee:
13:f6:5c:32:f3:55:6f:e1:5d:8f:b3:bf:df:a8:60:
ed:2b:43:05:53:a6:f3:62:4c:f9:35:45:39:36:e6:
6b:0f:ec:e9:06:af:d1:3f:e8:96:69:a2:56:92:2b:
5a:19:99:b8:68:17:70:6e:7c:68:df:fc:85:ef:1f:
8b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:01:9C:93:3D:56:A7:59:3B:95:23:FF:C8:37:4D:4C:E0:11:22:9E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nwGckz1Wp1k7lSP_yDdNTOARIp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.58.0/24
45.147.100.0/22
45.152.201.0/24
45.155.200.0/22
193.8.8.0/24
194.41.56.0/24
IPv6:
2a07:f300::/29
Signature Algorithm: sha256WithRSAEncryption
9c:55:42:9f:61:f3:b5:01:e6:ab:ab:5a:63:fa:d0:b2:da:23:
94:36:5c:21:bb:54:67:c2:d0:77:9a:21:42:ac:30:90:8e:cd:
4e:98:46:41:a0:94:11:14:f2:80:24:16:83:38:8d:18:c9:d3:
ca:56:7d:d3:17:89:51:3f:26:c3:5c:92:04:40:8e:9d:14:77:
ed:bb:ba:d0:02:43:6d:ba:3b:24:7a:65:db:b5:0e:d9:1e:1c:
bb:f5:74:74:14:b3:07:c9:60:9c:6a:6d:8b:34:b6:d0:6b:98:
25:c9:af:99:77:3e:97:05:ba:f8:20:86:80:2e:51:e4:1b:93:
31:16:dd:58:cd:6a:93:cc:b6:fe:f8:82:20:cb:35:8f:ff:27:
62:89:22:2d:fe:62:f2:4a:0f:c9:79:1c:fc:84:fd:e8:b8:bd:
5d:4a:6b:c9:cd:21:e9:12:30:14:9e:f9:bc:6a:2a:8f:9f:df:
db:c9:d5:ab:97:c1:77:dc:28:c6:f0:32:37:59:ba:c5:e7:47:
b2:11:ec:16:71:a0:bb:68:97:cd:69:42:3e:eb:0a:25:38:b5:
ff:01:02:0c:2f:0e:71:87:cd:fa:da:80:ca:62:df:20:ea:3d:
98:df:9e:6b:da:0e:74:98:2f:fb:9e:73:65:b5:f5:d6:7b:57:
15:c9:14:a1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZLj8gSVzkXFpxF0u6x8U5DxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDMxMTg1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjAxOWM5MzNkNTZhNzU5M2I5NTIzZmZjODM3NGQ0Y2UwMTEyMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6Ahpm/UGDiVevvb/SsHFizLNmmB
DWZjfpIBS/Egbfv2d6aV7j14u5uDK7GXN3IX6TdNsAN2x12L07Yx2oj4QPr1yLIP
H5PeMDpGQCrgf6USa7AkGai2mCeSwmndKoL19o5pscPq/3Y/doq11sfP/Bm0i1R4
bL8mrPBnrV6ca3hvICELMPgIB1k035vkbXrRgCrLNWTUkOgVpTxPXpb0vnJe+knE
2A6p07fkFxTeSy0qVXutUqjWHkR90zwXA+Ovpe4T9lwy81Vv4V2Ps7/fqGDtK0MF
U6bzYkz5NUU5NuZrD+zpBq/RP+iWaaJWkitaGZm4aBdwbnxo3/yF7x+LkQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJ8BnJM9VqdZO5Uj/8g3TUzgESKeMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbndHY2t6MVdwMWs3bFNQX3lEZE5UT0FSSXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALZE6AwQC
LZNkAwQALZjJAwQCLZvIAwQAwQgIAwQAwik4MA0EAgACMAcDBQMqB/MAMA0GCSqG
SIb3DQEBCwUAA4IBAQCcVUKfYfO1Aearq1pj+tCy2iOUNlwhu1RnwtB3miFCrDCQ
js1OmEZBoJQRFPKAJBaDOI0YydPKVn3TF4lRPybDXJIEQI6dFHftu7rQAkNtujsk
emXbtQ7ZHhy79XR0FLMHyWCcam2LNLbQa5glya+Zdz6XBbr4IIaALlHkG5MxFt1Y
zWqTzLb++IIgyzWP/ydiiSIt/mLySg/JeRz8hP3ouL1dSmvJzSHpEjAUnvm8aiqP
n9/bydWrl8F33CjG8DI3WbrF50eyEewWcaC7aJfNaUI+6wolOLX/AQIMLw5xh836
2oDKYt8g6j2Y355r2g50mC/7nnNltfXWe1cVyRSh
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:43:24 2024 by rpki-client on console-fra.rpki-client.org