Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3boeIJ6WTpvK_3ZSH6i4G8PIT1Y.roa
File: 3boeIJ6WTpvK_3ZSH6i4G8PIT1Y.roa (raw, json)
Hash identifier: ijuDpwWs1gV6+Aq0RKgzqt8/10irux4AUAAzt4ePc9o=
Subject key identifier: DD:BA:1E:20:9E:96:4E:9B:CA:FF:76:52:1F:A8:B8:1B:C3:C8:4F:56
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018ED91E04AF7CD00CE726320B28EB24C62C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3boeIJ6WTpvK_3ZSH6i4G8PIT1Y.roa
Signing time: Sat 13 Apr 2024 20:20:06 +0000
ROA not before: Sat 13 Apr 2024 20:20:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210876
IP address blocks: 45.134.84.0/22 maxlen: 24
45.134.84.0/23 maxlen: 23
45.142.228.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
45.159.76.0/22 maxlen: 24
93.189.123.0/24 maxlen: 24
185.216.30.0/24 maxlen: 24
185.216.31.0/24 maxlen: 24
185.226.8.0/24 maxlen: 24
194.35.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d9:1e:04:af:7c:d0:0c:e7:26:32:0b:28:eb:24:c6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 13 20:20:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddba1e209e964e9bcaff76521fa8b81bc3c84f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:84:9b:87:8b:6f:01:e0:15:1f:25:dc:31:26:
a9:22:77:af:7d:06:9a:c5:fa:5c:95:19:07:c5:d2:
9c:bf:a5:af:27:28:20:c5:5b:01:f1:2b:50:fb:01:
c5:0c:a1:db:78:72:45:c3:53:2e:3d:08:3f:77:32:
4f:9c:87:1c:fb:45:08:e9:4e:26:3c:de:8b:4d:37:
4c:b7:73:91:c9:14:cd:fb:c0:1d:a9:29:bc:20:73:
3e:f0:f6:e5:7b:20:48:5d:43:76:a2:b3:c5:04:e2:
65:49:1a:45:c4:fa:3a:f8:4c:22:f8:e6:78:96:36:
0f:38:e0:fe:88:4d:9d:8c:07:ac:bd:92:03:2a:59:
86:e4:3d:18:4a:c0:a8:48:1c:6a:3e:94:8a:46:ba:
3f:29:e5:7e:09:b9:8d:2e:be:9e:99:00:cc:c4:2b:
d7:e2:52:4e:1f:2d:50:3f:63:c2:d7:61:da:e7:c0:
d8:98:14:4f:ea:9e:3c:8a:5c:82:1b:d6:3b:59:f2:
1a:0c:c8:02:5d:d3:51:94:c3:4f:a3:7c:93:98:85:
ae:4c:ca:50:e6:25:3b:d0:45:12:0c:59:62:d5:7b:
44:26:8f:62:1c:8d:9b:93:5b:28:03:be:f4:fa:35:
fa:9b:3b:51:47:68:b6:0c:27:2e:27:c2:b2:f3:66:
f5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BA:1E:20:9E:96:4E:9B:CA:FF:76:52:1F:A8:B8:1B:C3:C8:4F:56
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3boeIJ6WTpvK_3ZSH6i4G8PIT1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
45.142.228.0/22
45.147.116.0/22
45.159.76.0/22
93.189.123.0/24
185.216.30.0/23
185.226.8.0/24
194.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
05:3b:93:bd:da:11:cb:03:b1:c7:c1:0e:45:e2:e3:fe:c2:04:
5d:83:8b:41:28:33:3e:5f:a5:58:ed:3d:cf:dd:50:9b:ca:1d:
82:bc:02:85:37:86:ee:0e:b7:10:a6:d9:7e:a3:97:50:9d:57:
03:43:be:6b:02:24:6d:2a:77:29:47:c3:37:56:26:30:45:6b:
16:9b:e7:58:4a:83:cc:95:be:2c:20:cc:f5:78:a2:a7:ed:db:
bb:f4:23:5e:ed:2d:e4:ea:9e:9f:75:e4:d2:25:7d:02:d4:be:
e8:c2:cd:0b:e7:da:97:28:a2:e2:b3:da:8e:b0:ea:8e:af:01:
5e:f4:04:41:92:ee:81:68:c0:fc:2e:47:92:93:fa:c5:e9:94:
49:4c:1e:5a:fa:07:8f:24:43:49:c2:90:e6:73:7a:ef:73:e2:
dc:49:2b:e4:33:ac:58:b9:23:41:1c:a0:ef:2d:9e:8e:62:9b:
3e:0e:41:aa:9b:8c:84:66:c6:e1:41:e4:bc:85:02:99:6b:4d:
b5:45:6b:42:95:05:1f:f5:45:83:e6:dd:f2:c4:c7:e0:ec:0f:
57:06:47:7f:d1:a3:0c:7a:7d:23:a5:52:84:a3:04:bc:13:da:
68:12:84:07:69:bb:41:35:cf:ad:f4:cf:f0:e5:7a:bd:b7:77:
7a:47:7c:ca
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY7ZHgSvfNAM5yYyCyjrJMYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDEzMjAyMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGJhMWUyMDllOTY0ZTliY2FmZjc2NTIxZmE4YjgxYmMzYzg0ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYSbh4tvAeAVHyXcMSapInevfQaa
xfpclRkHxdKcv6WvJyggxVsB8StQ+wHFDKHbeHJFw1MuPQg/dzJPnIcc+0UI6U4m
PN6LTTdMt3ORyRTN+8AdqSm8IHM+8PbleyBIXUN2orPFBOJlSRpFxPo6+Ewi+OZ4
ljYPOOD+iE2djAesvZIDKlmG5D0YSsCoSBxqPpSKRro/KeV+CbmNLr6emQDMxCvX
4lJOHy1QP2PC12Ha58DYmBRP6p48ilyCG9Y7WfIaDMgCXdNRlMNPo3yTmIWuTMpQ
5iU70EUSDFli1XtEJo9iHI2bk1soA770+jX6mztRR2i2DCcuJ8Ky82b1ZQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFN26HiCelk6byv92Uh+ouBvDyE9WMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM2JvZUlKNldUcHZLXzNaU0g2aTRHOFBJVDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLYZUAwQC
LY7kAwQCLZN0AwQCLZ9MAwQAXb17AwQBudgeAwQAueIIAwQAwiMoMA0GCSqGSIb3
DQEBCwUAA4IBAQAFO5O92hHLA7HHwQ5F4uP+wgRdg4tBKDM+X6VY7T3P3VCbyh2C
vAKFN4buDrcQptl+o5dQnVcDQ75rAiRtKncpR8M3ViYwRWsWm+dYSoPMlb4sIMz1
eKKn7du79CNe7S3k6p6fdeTSJX0C1L7ows0L59qXKKLis9qOsOqOrwFe9ARBku6B
aMD8LkeSk/rF6ZRJTB5a+gePJENJwpDmc3rvc+LcSSvkM6xYuSNBHKDvLZ6OYps+
DkGqm4yEZsbhQeS8hQKZa021RWtClQUf9UWD5t3yxMfg7A9XBkd/0aMMen0jpVKE
owS8E9poEoQHabtBNc+t9M/w5Xq9t3d6R3zK
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:30 2024 by rpki-client on console-ams.rpki-client.org