Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/4NktSHyO_xExMNS2gfpodv5Zfro.roa
File: 4NktSHyO_xExMNS2gfpodv5Zfro.roa (raw, json)
Hash identifier: S0LrD38b6RUnWlh53r75JrNfZfKBKQdndv7rKi2yjLk=
Subject key identifier: E0:D9:2D:48:7C:8E:FF:11:31:30:D4:B6:81:FA:68:76:FE:59:7E:BA
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 01930B77816B7AF9F50C5A1B8802E69FE597
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/4NktSHyO_xExMNS2gfpodv5Zfro.roa
Signing time: Fri 08 Nov 2024 11:10:01 +0000
ROA not before: Fri 08 Nov 2024 11:10:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44534
IP address blocks: 5.45.209.0/24 maxlen: 24
5.255.232.0/24 maxlen: 24
5.255.234.0/23 maxlen: 23
37.140.168.0/24 maxlen: 24
77.88.42.0/23 maxlen: 23
77.88.61.0/24 maxlen: 24
87.250.232.0/24 maxlen: 24
87.250.238.0/24 maxlen: 24
90.156.176.0/20 maxlen: 24
90.156.176.0/24 maxlen: 24
93.158.155.0/24 maxlen: 24
93.158.184.0/24 maxlen: 24
93.158.185.0/24 maxlen: 24
93.158.186.0/24 maxlen: 24
93.158.187.0/24 maxlen: 24
95.108.168.0/22 maxlen: 22
95.108.170.0/24 maxlen: 24
141.8.130.0/23 maxlen: 23
178.154.152.0/24 maxlen: 24
2a02:6bf:8004::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:77:81:6b:7a:f9:f5:0c:5a:1b:88:02:e6:9f:e5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Nov 8 11:10:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0d92d487c8eff113130d4b681fa6876fe597eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6c:26:4d:13:31:65:2e:ca:8e:02:2a:ff:9a:
4d:31:cb:b2:d9:f8:e6:13:62:df:5a:a4:e0:55:34:
9a:33:47:a9:d0:d9:0e:a8:f3:38:3a:0b:bc:d4:ec:
9f:3f:10:e9:a8:22:fb:6a:e0:2a:a0:af:07:d5:9c:
68:0a:77:f6:9b:0e:ea:35:c9:3b:8a:5e:ab:5a:2e:
d9:73:b2:c8:1f:ea:2d:0c:2b:ea:c9:78:a4:a6:73:
99:69:5d:aa:71:17:46:97:40:65:4b:c4:83:fa:f8:
4f:fb:8a:c2:4d:4c:17:1c:ed:31:17:31:fa:ee:e2:
38:bb:68:ea:55:65:6b:44:b6:b4:b4:e0:3b:13:e6:
da:7e:5a:54:4c:1e:38:b5:d0:20:e2:72:80:ac:6a:
7b:0c:09:aa:97:e8:0e:46:5a:4d:df:61:b9:9f:96:
95:f9:8b:f0:d0:71:4f:71:7b:c9:ac:ae:f7:ec:fb:
34:a6:c8:80:17:c6:7b:2b:0f:5d:24:5c:60:c8:17:
8d:c7:54:5a:c7:ad:a0:f1:c0:e0:29:bc:d1:42:a8:
9d:23:2f:a8:5a:89:1e:59:db:59:e9:b4:a3:7f:79:
c9:45:41:ac:7a:70:c9:2b:54:b3:c3:b6:3f:6b:72:
e6:f8:6c:a4:fa:7b:37:da:93:72:b4:fc:70:cc:13:
88:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D9:2D:48:7C:8E:FF:11:31:30:D4:B6:81:FA:68:76:FE:59:7E:BA
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/4NktSHyO_xExMNS2gfpodv5Zfro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.209.0/24
5.255.232.0/24
5.255.234.0/23
37.140.168.0/24
77.88.42.0/23
77.88.61.0/24
87.250.232.0/24
87.250.238.0/24
90.156.176.0/20
93.158.155.0/24
93.158.184.0/22
95.108.168.0/22
141.8.130.0/23
178.154.152.0/24
IPv6:
2a02:6bf:8004::/48
Signature Algorithm: sha256WithRSAEncryption
67:ca:1f:7e:e6:ec:21:84:4f:a4:f7:f3:ea:74:e1:66:7a:f7:
86:76:eb:61:57:03:66:aa:16:08:ed:94:4e:d4:81:fc:34:26:
ab:10:b3:1e:f4:c4:08:e4:12:5a:91:2b:b4:0e:c0:82:7d:b8:
0e:c8:da:20:2d:d5:7c:a6:db:f4:ca:8d:5e:df:22:a1:2a:fd:
92:39:1b:d8:cb:36:a6:71:12:0c:10:b9:ec:a3:1b:c7:be:17:
0e:fb:a0:0d:24:d2:6d:10:c2:aa:cc:c5:3f:75:64:bc:4f:79:
fa:8d:cc:f3:43:84:d4:b5:d4:c4:04:7f:e6:ad:95:db:4c:65:
89:e6:24:94:9c:00:f3:64:34:08:ea:36:65:fa:64:5e:be:40:
42:9a:a4:a0:6a:a6:94:9b:25:85:98:05:08:32:ec:97:a9:23:
fd:41:60:b4:4e:f1:74:6f:c3:f8:54:f9:e5:dc:b6:08:fb:03:
1a:89:7d:06:2b:bf:a2:dc:ca:72:c2:a2:d1:49:b3:1c:9c:76:
1d:b1:1a:d3:0e:54:9a:d9:fa:38:30:27:09:45:3b:6e:73:5e:
11:43:96:e1:26:2c:4f:b9:e3:8d:c6:7e:e4:96:c9:72:61:1a:
0a:51:a3:c4:60:07:d2:c4:97:a5:ff:dc:7a:fa:55:ed:00:e6:
60:76:c4:a1
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZMLd4Frevn1DFobiALmn+WXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjQxMTA4MTExMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQ5MmQ0ODdjOGVmZjExMzEzMGQ0YjY4MWZhNjg3NmZlNTk3ZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWwmTRMxZS7KjgIq/5pNMcuy2fjm
E2LfWqTgVTSaM0ep0NkOqPM4Ogu81OyfPxDpqCL7auAqoK8H1ZxoCnf2mw7qNck7
il6rWi7Zc7LIH+otDCvqyXikpnOZaV2qcRdGl0BlS8SD+vhP+4rCTUwXHO0xFzH6
7uI4u2jqVWVrRLa0tOA7E+baflpUTB44tdAg4nKArGp7DAmql+gORlpN32G5n5aV
+Yvw0HFPcXvJrK737Ps0psiAF8Z7Kw9dJFxgyBeNx1Rax62g8cDgKbzRQqidIy+o
WokeWdtZ6bSjf3nJRUGsenDJK1Szw7Y/a3Lm+Gyk+ns32pNytPxwzBOI3QIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFODZLUh8jv8RMTDUtoH6aHb+WX66MB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvNE5rdFNIeU9feEV4TU5TMmdmcG9kdjVaZnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBaBAIAATBUAwQABS3RAwQA
Bf/oAwQBBf/qAwQAJYyoAwQBTVgqAwQATVg9AwQAV/roAwQAV/ruAwQEWpywAwQA
XZ6bAwQCXZ64AwQCX2yoAwQBjQiCAwQAspqYMA8EAgACMAkDBwAqAga/gAQwDQYJ
KoZIhvcNAQELBQADggEBAGfKH37m7CGET6T38+p04WZ694Z262FXA2aqFgjtlE7U
gfw0JqsQsx70xAjkElqRK7QOwIJ9uA7I2iAt1Xym2/TKjV7fIqEq/ZI5G9jLNqZx
EgwQueyjG8e+Fw77oA0k0m0QwqrMxT91ZLxPefqNzPNDhNS11MQEf+atldtMZYnm
JJScAPNkNAjqNmX6ZF6+QEKapKBqppSbJYWYBQgy7JepI/1BYLRO8XRvw/hU+eXc
tgj7AxqJfQYrv6LcynLCotFJsxycdh2xGtMOVJrZ+jgwJwlFO25zXhFDluEmLE+5
443GfuSWyXJhGgpRo8RgB9LEl6X/3Hr6Ve0A5mB2xKE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:16:45 2024 by rpki-client on console-fra.rpki-client.org