Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0caWlp5DtyPuAnSCvBV54lSluuw.roa
File: 0caWlp5DtyPuAnSCvBV54lSluuw.roa (raw, json)
Hash identifier: mjfrUsXl3BHqPcFfnNUpKDm/Z7PWMSAAxqhPnmp7AwI=
Subject key identifier: D1:C6:96:96:9E:43:B7:23:EE:02:74:82:BC:15:79:E2:54:A5:BA:EC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01928AE37398D369EFBDBF5302F039B6D031
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0caWlp5DtyPuAnSCvBV54lSluuw.roa
Signing time: Mon 14 Oct 2024 11:56:55 +0000
ROA not before: Mon 14 Oct 2024 11:56:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212017
IP address blocks: 45.90.236.0/24 maxlen: 24
45.90.237.0/24 maxlen: 24
185.106.124.0/22 maxlen: 24
185.128.52.0/22 maxlen: 22
185.227.172.0/22 maxlen: 22
185.232.8.0/22 maxlen: 24
193.17.180.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
194.48.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:e3:73:98:d3:69:ef:bd:bf:53:02:f0:39:b6:d0:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 14 11:56:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1c696969e43b723ee027482bc1579e254a5baec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:a1:a3:27:9b:dd:eb:33:19:2f:c0:c4:32:
05:7c:85:8f:b5:3e:27:ae:d3:92:ec:58:7d:7e:fc:
cb:44:e3:38:2a:49:55:63:e3:20:f2:c7:01:3c:40:
42:4d:74:a5:54:10:f2:3b:5a:fc:4e:dc:05:54:83:
be:e0:39:93:62:a3:90:a8:4f:e3:75:d5:fc:13:e5:
a6:e3:db:3e:ce:27:9d:15:ff:92:9a:aa:c0:47:ad:
53:df:05:59:59:cd:cf:06:76:e2:00:20:65:67:fb:
ec:43:2a:7b:74:15:7c:97:73:cb:01:9b:e8:c8:80:
a9:57:e2:1f:43:b1:6f:e2:9d:c2:5e:e4:6d:12:8c:
f2:dd:58:6d:ce:14:87:e0:de:b1:29:0e:c1:0e:af:
9d:eb:4c:28:e0:8d:13:a6:f7:84:48:b2:fe:6e:a3:
56:85:3f:b8:7a:c8:b7:87:f2:ad:c7:49:af:9d:1f:
d3:08:89:c0:91:2d:96:5d:80:9e:9a:ef:f5:eb:f4:
1b:a4:8a:39:01:17:f4:bd:05:06:64:c0:8b:b6:21:
cd:a7:f1:d7:0c:d2:bc:6c:94:b6:84:3f:3b:0d:e4:
73:d7:9f:a5:8d:ee:89:46:8d:fb:79:f6:e9:29:f5:
a5:0a:12:5b:c5:14:63:87:95:2f:1a:3a:d8:0b:c7:
32:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C6:96:96:9E:43:B7:23:EE:02:74:82:BC:15:79:E2:54:A5:BA:EC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0caWlp5DtyPuAnSCvBV54lSluuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/23
185.106.124.0/22
185.128.52.0/22
185.227.172.0/22
185.232.8.0/22
193.17.180.0/24
193.17.182.0/24
194.48.140.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:73:9f:2f:df:03:db:83:ca:c8:6c:9c:9e:ec:25:ca:17:57:
2b:49:02:2c:a1:f9:de:e1:3f:d1:bf:d2:5f:44:1e:8f:d1:2a:
ce:d0:b0:1e:bd:d5:21:a7:f2:9c:4e:78:26:67:49:f6:3c:f2:
86:bd:c8:27:a6:65:44:2e:07:8c:d2:47:d1:2e:bd:d9:15:89:
22:c6:51:3c:55:4b:c1:6a:50:d1:27:1d:95:33:43:ad:23:2c:
c4:26:0e:9c:52:4f:82:5c:0a:af:10:4d:25:e4:61:6c:2f:93:
96:cd:7c:fb:ab:7d:d3:33:19:d0:36:e0:9c:ff:65:c5:1c:85:
88:9a:f2:29:e9:57:ab:d5:0a:65:fb:bd:55:4f:0f:7f:38:f2:
09:90:df:e6:07:c0:33:7e:7f:0b:07:1a:80:2f:6b:3d:86:1e:
bd:a9:88:dd:94:a0:ac:fb:35:d8:f2:a9:9d:f3:24:59:9c:0e:
1a:11:13:fc:7e:81:c2:f5:68:32:ab:a6:8e:f0:7c:c2:1e:46:
48:b3:4c:8e:a5:86:6c:66:e8:f9:74:c9:af:e1:72:1e:4d:08:
35:0c:f9:bd:53:5d:cb:49:09:89:00:a2:2d:ef:8b:37:55:8b:
1b:9d:9b:5b:1a:10:c5:be:46:9d:90:b8:66:6b:68:f7:6f:da:
78:a8:eb:d6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZKK43OY02nvvb9TAvA5ttAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMDE0MTE1NjU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWM2OTY5NjllNDNiNzIzZWUwMjc0ODJiYzE1NzllMjU0YTViYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl52hoyeb3eszGS/AxDIFfIWPtT4n
rtOS7Fh9fvzLROM4KklVY+Mg8scBPEBCTXSlVBDyO1r8TtwFVIO+4DmTYqOQqE/j
ddX8E+Wm49s+ziedFf+SmqrAR61T3wVZWc3PBnbiACBlZ/vsQyp7dBV8l3PLAZvo
yICpV+IfQ7Fv4p3CXuRtEozy3VhtzhSH4N6xKQ7BDq+d60wo4I0TpveESLL+bqNW
hT+4esi3h/Ktx0mvnR/TCInAkS2WXYCemu/16/QbpIo5ARf0vQUGZMCLtiHNp/HX
DNK8bJS2hD87DeRz15+lje6JRo37efbpKfWlChJbxRRjh5UvGjrYC8cy1wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNHGlpaeQ7cj7gJ0grwVeeJUpbrsMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMGNhV2xwNUR0eVB1QW5TQ3ZCVjU0bFNsdXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLVrsAwQC
uWp8AwQCuYA0AwQCueOsAwQCuegIAwQAwRG0AwQAwRG2AwQCwjCMMA0GCSqGSIb3
DQEBCwUAA4IBAQC7c58v3wPbg8rIbJye7CXKF1crSQIsofne4T/Rv9JfRB6P0SrO
0LAevdUhp/KcTngmZ0n2PPKGvcgnpmVELgeM0kfRLr3ZFYkixlE8VUvBalDRJx2V
M0OtIyzEJg6cUk+CXAqvEE0l5GFsL5OWzXz7q33TMxnQNuCc/2XFHIWImvIp6Ver
1Qpl+71VTw9/OPIJkN/mB8Azfn8LBxqAL2s9hh69qYjdlKCs+zXY8qmd8yRZnA4a
ERP8foHC9Wgyq6aO8HzCHkZIs0yOpYZsZuj5dMmv4XIeTQg1DPm9U13LSQmJAKIt
74s3VYsbnZtbGhDFvkadkLhma2j3b9p4qOvW
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:41:48 2024 by rpki-client on console-fra.rpki-client.org