Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/k0_lz9V5MCMHmZ7Io2u3kvcIh9E.roa
File: k0_lz9V5MCMHmZ7Io2u3kvcIh9E.roa (raw, json)
Hash identifier: JEdoKLqWWrz/lZaoQFkOsVEg1Q9zH+15/2wyXVNSrMc=
Subject key identifier: 93:4F:E5:CF:D5:79:30:23:07:99:9E:C8:A3:6B:B7:92:F7:08:87:D1
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0190990A67BB29F5BA28E20BFEAE05E0A71E
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/k0_lz9V5MCMHmZ7Io2u3kvcIh9E.roa
Signing time: Tue 09 Jul 2024 19:48:34 +0000
ROA not before: Tue 09 Jul 2024 19:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64200
IP address blocks: 45.67.147.0/24 maxlen: 24
63.246.136.0/24 maxlen: 24
63.246.139.0/24 maxlen: 24
63.246.142.0/24 maxlen: 24
63.246.145.0/24 maxlen: 24
63.246.146.0/23 maxlen: 23
63.246.149.0/24 maxlen: 24
185.171.124.0/24 maxlen: 24
185.171.125.0/24 maxlen: 24
185.171.127.0/24 maxlen: 24
185.198.88.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
192.145.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:99:0a:67:bb:29:f5:ba:28:e2:0b:fe:ae:05:e0:a7:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 9 19:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=934fe5cfd579302307999ec8a36bb792f70887d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:82:99:c9:92:fa:70:3b:9f:01:f6:ab:42:5f:
29:de:a3:60:12:d3:33:ee:f4:c5:a5:80:90:41:70:
2b:6a:40:f0:52:61:b0:48:1a:00:fe:78:5a:22:04:
4f:8b:49:bc:b5:0d:af:ae:71:70:97:78:9f:e1:c9:
a4:1c:93:05:23:4f:1e:86:c3:88:be:f5:0b:f1:22:
ee:a2:e2:92:30:78:ec:c8:d3:54:31:8a:88:1e:3f:
d1:b6:94:68:7c:75:9b:4d:a7:ac:97:c3:01:bb:07:
e0:e5:90:89:1d:d3:c4:f0:a4:13:49:34:c5:c3:cf:
e2:37:7f:bd:3d:86:6c:31:14:1f:13:2e:50:2d:5a:
75:c4:76:c0:7a:9a:e9:29:80:84:31:31:41:e0:c5:
a6:86:dc:1d:68:1e:5d:4f:7d:39:e9:f0:41:5c:f8:
2e:d9:3c:16:56:87:e3:3d:12:59:79:98:8f:9f:53:
57:6f:a6:f9:90:83:7a:7a:e7:b8:3a:c4:5c:6d:98:
1e:5f:48:6d:23:1a:b6:5b:30:63:ef:a5:9e:00:be:
82:c5:b5:d2:7d:b2:61:9e:1e:0e:fe:85:4c:3c:bf:
d2:f4:e4:04:22:dd:a6:12:f7:09:26:c0:92:c2:4c:
e3:d3:54:b4:7c:b9:c7:f0:dd:d8:10:2b:86:02:db:
a0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4F:E5:CF:D5:79:30:23:07:99:9E:C8:A3:6B:B7:92:F7:08:87:D1
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/k0_lz9V5MCMHmZ7Io2u3kvcIh9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.147.0/24
63.246.136.0/24
63.246.139.0/24
63.246.142.0/24
63.246.145.0-63.246.147.255
63.246.149.0/24
185.171.124.0/23
185.171.127.0/24
185.198.88.0/24
185.205.206.0/24
192.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
88:8b:bb:a8:1c:15:11:a9:e9:cc:4a:fa:44:e3:01:16:6e:4d:
73:e8:ee:dc:29:5f:4c:5f:6b:f5:3d:0a:9f:a7:b2:2e:91:30:
71:3f:ac:fe:ae:f1:bb:e8:e9:a1:8f:c6:09:9d:b5:0e:ad:33:
39:65:d1:18:39:bd:5d:86:83:cc:31:8d:e9:45:7a:ee:e9:87:
6c:44:dd:9b:d8:cc:db:68:20:f2:84:83:b6:6f:3a:a3:78:fa:
a4:ba:a8:d7:39:98:4d:26:be:bb:e6:1c:9e:99:9f:21:55:c7:
3b:9f:e0:02:74:5c:c9:3f:87:08:88:7d:40:02:d4:5d:dc:87:
64:13:8e:85:7c:72:d8:61:6f:4c:83:90:d8:7c:a7:b2:36:af:
ed:55:f4:d9:e1:b5:2c:4f:8d:d0:7f:78:5a:20:f0:9f:0b:61:
c1:43:fa:20:98:f1:8d:06:39:4c:b9:f4:55:1a:47:f9:b2:46:
0e:64:b2:ca:28:0a:92:16:39:d1:fe:21:17:6c:35:41:cc:71:
e1:83:96:aa:eb:9b:af:f9:5f:0e:62:54:5c:02:37:44:cc:ec:
66:4a:de:a5:fc:dc:5f:b8:c3:ad:a1:d9:08:47:ad:f9:27:a4:
94:35:e8:24:20:86:28:ba:4c:67:d9:ac:45:a5:db:74:21:81:
86:cd:f2:dc
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZCZCme7KfW6KOIL/q4F4KceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNzA5MTk0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRmZTVjZmQ1NzkzMDIzMDc5OTllYzhhMzZiYjc5MmY3MDg4N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIKZyZL6cDufAfarQl8p3qNgEtMz
7vTFpYCQQXArakDwUmGwSBoA/nhaIgRPi0m8tQ2vrnFwl3if4cmkHJMFI08ehsOI
vvUL8SLuouKSMHjsyNNUMYqIHj/RtpRofHWbTaesl8MBuwfg5ZCJHdPE8KQTSTTF
w8/iN3+9PYZsMRQfEy5QLVp1xHbAeprpKYCEMTFB4MWmhtwdaB5dT3056fBBXPgu
2TwWVofjPRJZeZiPn1NXb6b5kIN6eue4OsRcbZgeX0htIxq2WzBj76WeAL6CxbXS
fbJhnh4O/oVMPL/S9OQEIt2mEvcJJsCSwkzj01S0fLnH8N3YECuGAtugJwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJNP5c/VeTAjB5meyKNrt5L3CIfRMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvazBfbHo5VjVNQ01IbVo3SW8ydTNrdmNJaDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQALUOTAwQA
P/aIAwQAP/aLAwQAP/aOMAwDBAA/9pEDBAI/9pADBAA/9pUDBAG5q3wDBAC5q38D
BAC5xlgDBAC5zc4DBADAkUQwDQYJKoZIhvcNAQELBQADggEBAIiLu6gcFRGp6cxK
+kTjARZuTXPo7twpX0xfa/U9Cp+nsi6RMHE/rP6u8bvo6aGPxgmdtQ6tMzll0Rg5
vV2Gg8wxjelFeu7ph2xE3ZvYzNtoIPKEg7ZvOqN4+qS6qNc5mE0mvrvmHJ6ZnyFV
xzuf4AJ0XMk/hwiIfUAC1F3ch2QTjoV8cthhb0yDkNh8p7I2r+1V9NnhtSxPjdB/
eFog8J8LYcFD+iCY8Y0GOUy59FUaR/myRg5kssooCpIWOdH+IRdsNUHMceGDlqrr
m6/5Xw5iVFwCN0TM7GZK3qX83F+4w62h2QhHrfknpJQ16CQghii6TGfZrEWl23Qh
gYbN8tw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:30:46 2024 by rpki-client on console-ams.rpki-client.org