Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/dMAhBbP22sckTtx_VXtDnlqNCFk.roa
File: dMAhBbP22sckTtx_VXtDnlqNCFk.roa (raw, json)
Hash identifier: Tz7bf9AeggEio4FP09hzn+ubh5tBbq5Rsm9otGTG8d4=
Subject key identifier: 74:C0:21:05:B3:F6:DA:C7:24:4E:DC:7F:55:7B:43:9E:5A:8D:08:59
Certificate issuer: /CN=4419e02f046e1bfb5927fe731ff725e469599171
Certificate serial: 018CC6B9141E30F75380DD49ADDC6FD49279
Authority key identifier: 44:19:E0:2F:04:6E:1B:FB:59:27:FE:73:1F:F7:25:E4:69:59:91:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RBngLwRuG_tZJ_5zH_cl5GlZkXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/dMAhBbP22sckTtx_VXtDnlqNCFk.roa
Signing time: Mon 01 Jan 2024 20:31:07 +0000
ROA not before: Mon 01 Jan 2024 20:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51013
IP address blocks: 185.87.12.0/22 maxlen: 24
37.9.168.0/21 maxlen: 24
195.210.28.0/23 maxlen: 24
45.13.137.0/24 maxlen: 24
45.138.185.0/24 maxlen: 24
45.138.184.0/24 maxlen: 24
2a00:4b40::/32 maxlen: 64
2a0e:bb40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/RBngLwRuG_tZJ_5zH_cl5GlZkXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/RBngLwRuG_tZJ_5zH_cl5GlZkXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/RBngLwRuG_tZJ_5zH_cl5GlZkXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:14:1e:30:f7:53:80:dd:49:ad:dc:6f:d4:92:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4419e02f046e1bfb5927fe731ff725e469599171
Validity
Not Before: Jan 1 20:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74c02105b3f6dac7244edc7f557b439e5a8d0859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4c:05:22:a8:02:09:e9:d8:45:7f:7c:8f:7b:
28:eb:91:80:0a:8c:fd:1f:8f:75:12:b3:55:ef:79:
44:84:3e:d9:40:51:02:c2:6e:25:99:82:5e:61:81:
a5:3a:cc:43:b9:14:50:54:c9:80:e8:ac:6a:ff:cf:
a1:45:d3:dd:0a:49:0b:0f:60:e1:c4:8c:38:83:21:
4a:e7:fb:c1:2f:4f:3c:08:01:79:69:98:89:71:b4:
09:39:4a:3e:44:a7:77:24:df:86:8d:87:8e:71:36:
86:d1:6d:d5:1b:2e:a3:ac:3b:ba:00:fb:1e:4c:33:
f0:09:b9:07:5b:11:16:eb:09:78:b4:5e:3a:e4:76:
78:48:51:6c:94:2c:c1:31:ac:4f:ee:6e:db:b6:47:
53:5f:0e:43:94:fd:4d:5e:9d:69:db:77:cf:75:8d:
4e:1f:8b:1d:a8:22:67:99:b3:53:c8:05:f4:a6:ae:
cf:ac:4d:67:84:43:79:5e:7f:69:32:bc:2b:f9:10:
82:74:12:cd:00:19:d2:54:3b:18:69:d7:45:39:11:
ab:e8:19:9d:ee:32:ed:2a:bb:82:ae:c9:c1:bd:59:
76:a0:8b:86:99:d2:ff:50:f1:9d:2a:7a:e4:7f:fa:
19:0c:8d:0f:c5:21:4f:0b:b6:5f:e8:02:19:e3:c9:
48:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C0:21:05:B3:F6:DA:C7:24:4E:DC:7F:55:7B:43:9E:5A:8D:08:59
X509v3 Authority Key Identifier:
keyid:44:19:E0:2F:04:6E:1B:FB:59:27:FE:73:1F:F7:25:E4:69:59:91:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RBngLwRuG_tZJ_5zH_cl5GlZkXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/dMAhBbP22sckTtx_VXtDnlqNCFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/RBngLwRuG_tZJ_5zH_cl5GlZkXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.168.0/21
45.13.137.0/24
45.138.184.0/23
185.87.12.0/22
195.210.28.0/23
IPv6:
2a00:4b40::/32
2a0e:bb40::/48
Signature Algorithm: sha256WithRSAEncryption
3f:9a:fb:10:58:92:5d:fc:b2:de:48:4a:31:dd:22:9c:ed:8d:
bf:7d:4a:ba:e9:b7:7d:d8:69:b2:20:44:89:0a:51:92:05:a5:
48:60:16:55:f9:00:8c:19:9f:0a:35:4a:f7:e8:c6:d5:b7:81:
78:8c:c7:6e:6f:e1:c0:db:70:7b:ab:d4:26:fd:5e:27:55:8e:
d7:0f:4f:cd:db:eb:8a:9a:80:19:31:68:b6:eb:53:0d:66:9c:
54:4e:82:d9:d7:81:9f:36:c2:0e:65:43:11:f0:d4:66:b1:12:
82:8b:c6:fb:0e:95:5e:bc:05:1f:c5:39:82:ce:30:a8:c1:d1:
27:18:55:f5:bc:67:c2:1a:60:be:bd:37:64:a1:40:09:42:29:
36:08:d7:ff:ae:6d:0d:89:ab:b0:f8:2e:6f:4c:80:cc:2e:7d:
7a:79:dc:45:ca:ed:d9:18:70:57:19:9b:1c:46:b1:a3:b2:54:
ae:37:5c:8b:77:48:6f:d4:a5:4f:2e:fd:5d:ad:c8:a6:46:d8:
bc:42:31:84:13:4c:53:72:6f:3a:ba:43:a7:a6:19:a2:3f:9c:
08:56:df:26:6f:62:23:b9:17:8e:04:86:92:91:68:69:07:58:
bc:9c:6a:d8:b1:a9:55:70:df:70:b0:2e:49:67:96:85:48:01:
73:39:e9:1b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzGuRQeMPdTgN1Jrdxv1JJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MTllMDJmMDQ2ZTFiZmI1OTI3ZmU3MzFmZjcyNWU0Njk1
OTkxNzEwHhcNMjQwMTAxMjAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGMwMjEwNWIzZjZkYWM3MjQ0ZWRjN2Y1NTdiNDM5ZTVhOGQwODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0wFIqgCCenYRX98j3so65GACoz9
H491ErNV73lEhD7ZQFECwm4lmYJeYYGlOsxDuRRQVMmA6Kxq/8+hRdPdCkkLD2Dh
xIw4gyFK5/vBL088CAF5aZiJcbQJOUo+RKd3JN+GjYeOcTaG0W3VGy6jrDu6APse
TDPwCbkHWxEW6wl4tF465HZ4SFFslCzBMaxP7m7btkdTXw5DlP1NXp1p23fPdY1O
H4sdqCJnmbNTyAX0pq7PrE1nhEN5Xn9pMrwr+RCCdBLNABnSVDsYaddFORGr6Bmd
7jLtKruCrsnBvVl2oIuGmdL/UPGdKnrkf/oZDI0PxSFPC7Zf6AIZ48lICQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHTAIQWz9trHJE7cf1V7Q55ajQhZMB8GA1UdIwQY
MBaAFEQZ4C8Ebhv7WSf+cx/3JeRpWZFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkJuZ0x3UnVHX3RaSl81ekhfY2w1R2xaa1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80ZGU2NjUtYTdlMy00NDBiLTkzYTct
ZjliNzgzNmYyMzkxLzEvZE1BaEJiUDIyc2NrVHR4X1ZYdERubHFOQ0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80ZGU2NjUtYTdlMy00NDBiLTkzYTctZjliNzgzNmYyMzkx
LzEvUkJuZ0x3UnVHX3RaSl81ekhfY2w1R2xaa1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQDJQmoAwQA
LQ2JAwQBLYq4AwQCuVcMAwQBw9IcMBYEAgACMBADBQAqAEtAAwcAKg67QAAAMA0G
CSqGSIb3DQEBCwUAA4IBAQA/mvsQWJJd/LLeSEox3SKc7Y2/fUq66bd92GmyIESJ
ClGSBaVIYBZV+QCMGZ8KNUr36MbVt4F4jMdub+HA23B7q9Qm/V4nVY7XD0/N2+uK
moAZMWi261MNZpxUToLZ14GfNsIOZUMR8NRmsRKCi8b7DpVevAUfxTmCzjCowdEn
GFX1vGfCGmC+vTdkoUAJQik2CNf/rm0Niauw+C5vTIDMLn16edxFyu3ZGHBXGZsc
RrGjslSuN1yLd0hv1KVPLv1drcimRti8QjGEE0xTcm86ukOnphmiP5wIVt8mb2Ij
uReOBIaSkWhpB1i8nGrYsalVcN9wsC5JZ5aFSAFzOekb
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:33:10 2024 by rpki-client on console-fra.rpki-client.org