Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/_uKyaU-dEwpa2oPzoldo_0WUVWY.roa
File: _uKyaU-dEwpa2oPzoldo_0WUVWY.roa (raw, json)
Hash identifier: rOp7BcLw5Eli0NtxxDE8KxO1hd50UKr+6myVELXPjcY=
Subject key identifier: FE:E2:B2:69:4F:9D:13:0A:5A:DA:83:F3:A2:57:68:FF:45:94:55:66
Certificate issuer: /CN=0c323eec94edd0e748616150e00d06a2d6690ff2
Certificate serial: 0191C7893130380DC0F38A7CE16E2E4AA440
Authority key identifier: 0C:32:3E:EC:94:ED:D0:E7:48:61:61:50:E0:0D:06:A2:D6:69:0F:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DDI-7JTt0OdIYWFQ4A0GotZpD_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/_uKyaU-dEwpa2oPzoldo_0WUVWY.roa
Signing time: Fri 06 Sep 2024 13:32:22 +0000
ROA not before: Fri 06 Sep 2024 13:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58075
IP address blocks: 45.150.244.0/22 maxlen: 24
176.56.44.0/22 maxlen: 24
185.233.216.0/24 maxlen: 24
185.248.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/DDI-7JTt0OdIYWFQ4A0GotZpD_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/DDI-7JTt0OdIYWFQ4A0GotZpD_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/DDI-7JTt0OdIYWFQ4A0GotZpD_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:89:31:30:38:0d:c0:f3:8a:7c:e1:6e:2e:4a:a4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c323eec94edd0e748616150e00d06a2d6690ff2
Validity
Not Before: Sep 6 13:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fee2b2694f9d130a5ada83f3a25768ff45945566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ba:0d:6e:52:e9:31:6d:c9:5a:cc:45:9c:aa:
13:cc:38:2e:87:5a:5c:15:bd:37:30:3d:11:54:0e:
48:6b:fd:48:9f:c7:dd:82:6a:1d:6b:dc:f2:fa:0c:
8b:35:4a:d4:a7:c7:7d:0f:1b:e7:25:b3:82:b1:95:
33:39:50:52:61:c1:e3:43:c2:8a:0f:98:30:b3:34:
ee:82:17:31:ad:02:54:c3:e2:80:44:a6:d0:1b:59:
76:34:2f:8f:86:3d:d9:e1:70:3f:55:a7:4c:3b:09:
ca:e7:27:51:6e:6d:a5:f2:1d:e9:f4:53:89:94:64:
e1:11:cd:4d:5c:9a:75:05:4f:42:99:8e:ca:7e:9c:
a7:9e:39:14:c2:ab:41:23:a6:6d:1d:69:18:b9:1c:
09:a3:1d:5c:3b:d3:35:8f:3f:47:49:5b:98:16:2d:
b0:03:9e:b1:ce:a1:f1:c1:b8:6c:8c:01:c8:e8:31:
32:29:22:bc:94:1d:86:89:3f:7c:4c:53:9e:e7:9e:
1e:9f:51:fe:51:9a:58:2b:6c:40:f3:2d:91:8c:58:
18:69:87:95:46:89:cb:ee:b3:83:f8:b8:6e:9c:0b:
82:0c:74:3e:73:c3:59:ab:0e:9b:8a:5f:83:1a:6a:
02:07:a6:18:45:64:9d:42:2e:9a:57:75:2b:60:ee:
25:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E2:B2:69:4F:9D:13:0A:5A:DA:83:F3:A2:57:68:FF:45:94:55:66
X509v3 Authority Key Identifier:
keyid:0C:32:3E:EC:94:ED:D0:E7:48:61:61:50:E0:0D:06:A2:D6:69:0F:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DDI-7JTt0OdIYWFQ4A0GotZpD_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/_uKyaU-dEwpa2oPzoldo_0WUVWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/DDI-7JTt0OdIYWFQ4A0GotZpD_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.244.0/22
176.56.44.0/22
185.233.216.0/24
185.248.236.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:0e:d4:fe:50:d9:cb:be:4b:84:e2:49:56:ce:0e:18:91:66:
f0:dc:30:0d:77:db:f3:17:61:b8:80:82:52:0d:bb:2d:97:3c:
86:e0:8d:9f:91:28:a3:66:30:12:3c:e1:ea:79:92:91:2b:59:
2e:4f:97:89:b1:18:1d:c7:4c:b1:76:24:aa:cd:ab:fe:46:0c:
53:3b:f9:db:f5:e2:4e:85:cd:e8:e5:0e:11:60:63:b2:bb:23:
b2:6a:48:79:1b:84:6c:4f:da:8d:2c:b4:7c:02:17:a6:b8:c8:
fa:9c:89:42:19:56:c4:7a:79:87:43:35:5b:89:c7:31:2f:8d:
c5:9e:6d:e3:d6:2a:ee:61:4a:0b:12:c4:72:cf:97:c5:e1:32:
3d:b2:b0:c5:af:99:76:0f:e4:18:ab:47:04:4b:44:9f:c6:a2:
45:41:38:bc:d1:00:e1:ce:52:db:08:c9:a1:31:ed:73:db:e7:
52:84:11:32:50:5b:dd:ea:67:d4:52:71:ec:8d:c7:cc:30:97:
03:4e:68:19:2a:b0:b1:e7:d9:6e:2f:66:2f:dc:d2:3a:37:ba:
f4:7c:5e:40:05:cc:af:02:cc:53:fa:e0:de:48:cb:d0:59:f4:
15:9f:cc:e3:3d:93:36:63:d6:36:d4:69:a2:6f:11:b5:73:a9:
c8:c5:1c:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHHiTEwOA3A84p84W4uSqRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMzIzZWVjOTRlZGQwZTc0ODYxNjE1MGUwMGQwNmEyZDY2
OTBmZjIwHhcNMjQwOTA2MTMzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWUyYjI2OTRmOWQxMzBhNWFkYTgzZjNhMjU3NjhmZjQ1OTQ1NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsroNblLpMW3JWsxFnKoTzDguh1pc
Fb03MD0RVA5Ia/1In8fdgmoda9zy+gyLNUrUp8d9DxvnJbOCsZUzOVBSYcHjQ8KK
D5gwszTughcxrQJUw+KARKbQG1l2NC+Phj3Z4XA/VadMOwnK5ydRbm2l8h3p9FOJ
lGThEc1NXJp1BU9CmY7KfpynnjkUwqtBI6ZtHWkYuRwJox1cO9M1jz9HSVuYFi2w
A56xzqHxwbhsjAHI6DEyKSK8lB2GiT98TFOe554en1H+UZpYK2xA8y2RjFgYaYeV
RonL7rOD+LhunAuCDHQ+c8NZqw6bil+DGmoCB6YYRWSdQi6aV3UrYO4lDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP7ismlPnRMKWtqD86JXaP9FlFVmMB8GA1UdIwQY
MBaAFAwyPuyU7dDnSGFhUOANBqLWaQ/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRERJLTdKVHQwT2RJWVdGUTRBMEdvdFpwRF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9mYjdhNDItMTAwMS00ODBkLThhNmIt
MTBkZDk1MmUyNDEyLzEvX3VLeWFVLWRFd3BhMm9Qem9sZG9fMFdVVldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9mYjdhNDItMTAwMS00ODBkLThhNmItMTBkZDk1MmUyNDEy
LzEvRERJLTdKVHQwT2RJWVdGUTRBMEdvdFpwRF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLZb0AwQC
sDgsAwQAuenYAwQCufjsMA0GCSqGSIb3DQEBCwUAA4IBAQB8DtT+UNnLvkuE4klW
zg4YkWbw3DANd9vzF2G4gIJSDbstlzyG4I2fkSijZjASPOHqeZKRK1kuT5eJsRgd
x0yxdiSqzav+RgxTO/nb9eJOhc3o5Q4RYGOyuyOyakh5G4RsT9qNLLR8AhemuMj6
nIlCGVbEenmHQzVbiccxL43Fnm3j1iruYUoLEsRyz5fF4TI9srDFr5l2D+QYq0cE
S0SfxqJFQTi80QDhzlLbCMmhMe1z2+dShBEyUFvd6mfUUnHsjcfMMJcDTmgZKrCx
59luL2Yv3NI6N7r0fF5ABcyvAsxT+uDeSMvQWfQVn8zjPZM2Y9Y21GmibxG1c6nI
xRz1
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:54 2024 by rpki-client on console-fra.rpki-client.org