Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/RL9vzgQXBEul5FoOywz5sXlnU_U.roa
File: RL9vzgQXBEul5FoOywz5sXlnU_U.roa (raw, json)
Hash identifier: W8WJPHsuwt7BOo3HMW5FYdrQuRVN4Z//2Lv7tbY2kCM=
Subject key identifier: 44:BF:6F:CE:04:17:04:4B:A5:E4:5A:0E:CB:0C:F9:B1:79:67:53:F5
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01932FE44905F94CCCA9495E24865ADCC6D9
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/RL9vzgQXBEul5FoOywz5sXlnU_U.roa
Signing time: Fri 15 Nov 2024 12:55:10 +0000
ROA not before: Fri 15 Nov 2024 12:55:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:e4:49:05:f9:4c:cc:a9:49:5e:24:86:5a:dc:c6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 15 12:55:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44bf6fce0417044ba5e45a0ecb0cf9b1796753f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e5:38:af:a7:e4:f7:0d:5c:a1:6e:4d:e7:21:
5f:f8:b1:dc:27:df:c9:d1:07:56:d1:4f:34:96:f6:
31:9c:25:6e:48:5b:a0:41:16:9e:0c:5e:66:03:5c:
d2:b4:5b:f0:4a:ee:98:0f:e3:a7:93:3a:19:66:1d:
f8:17:91:08:a3:58:77:3e:22:01:ae:ad:73:ba:36:
58:fa:2b:ce:a8:d2:bc:b7:84:58:67:a8:0d:40:cd:
17:7c:58:d2:14:c3:33:fa:39:1b:8a:8a:f0:33:f3:
9a:5e:d9:de:dc:59:50:23:24:6c:30:ae:fd:73:2f:
b3:3e:24:ce:7d:a8:be:ef:dc:85:96:29:8d:98:66:
5f:cd:bc:20:ff:07:7b:c9:54:d7:a5:c0:28:34:a1:
13:3a:7c:d0:cc:4f:e9:51:7f:6c:61:bf:d5:ca:4f:
87:61:04:35:66:de:c5:ba:11:ff:e8:e4:b9:bc:6b:
66:fb:b2:19:9f:08:e8:65:07:cf:c1:58:0e:c1:e2:
17:6f:1b:6f:98:f4:d5:79:6d:07:09:15:41:35:06:
ff:79:46:28:e3:ab:2c:d7:c5:2f:6f:d2:88:5b:80:
29:9d:9b:c2:0e:be:a9:e4:07:2d:fb:fb:df:b8:25:
22:c4:f9:a7:57:20:14:eb:d0:34:47:7f:64:d6:2e:
38:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:BF:6F:CE:04:17:04:4B:A5:E4:5A:0E:CB:0C:F9:B1:79:67:53:F5
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/RL9vzgQXBEul5FoOywz5sXlnU_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
32:98:3c:db:26:fd:dc:b5:60:95:fa:19:01:e4:81:8b:0e:62:
42:6c:46:e2:51:34:6d:32:9f:20:af:fd:01:ce:a1:64:5f:bf:
ff:a5:52:49:e8:67:8a:5e:50:e4:6c:02:15:51:03:2d:39:fc:
44:2b:4d:f5:93:07:17:fb:cb:14:14:17:68:dd:45:ff:fb:8c:
d7:fe:d4:61:e7:c9:2e:52:a3:c8:9d:f9:e6:bb:61:9c:9b:c1:
f0:7c:a3:5f:3f:bb:c6:eb:55:e5:e0:cd:70:dd:c2:4f:77:0c:
e8:5d:92:48:2e:27:33:1a:8e:7b:70:20:d1:1a:1a:3d:66:bb:
b7:3c:47:44:11:6b:00:33:10:bd:c3:66:20:eb:f0:36:11:26:
c3:68:4f:2c:a8:ae:86:e1:74:b3:df:0f:42:7a:46:a3:31:65:
6d:5f:01:15:c8:14:1d:23:a8:26:fd:6a:dd:02:93:6a:f2:8f:
c4:29:e0:9c:82:c7:f8:c9:b0:27:92:7a:76:14:9e:4a:f4:96:
37:01:bd:e9:86:45:5c:c5:50:05:cd:66:3e:12:0e:65:e9:44:
5c:b4:24:19:07:18:47:79:12:76:82:35:c0:71:c1:18:e8:7f:
07:2c:34:28:4c:27:6f:58:b9:f8:97:1b:33:f3:85:b6:c0:a3:
24:75:67:18
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZMv5EkF+UzMqUleJIZa3MbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMTE1MTI1NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGJmNmZjZTA0MTcwNDRiYTVlNDVhMGVjYjBjZjliMTc5Njc1M2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OU4r6fk9w1coW5N5yFf+LHcJ9/J
0QdW0U80lvYxnCVuSFugQRaeDF5mA1zStFvwSu6YD+OnkzoZZh34F5EIo1h3PiIB
rq1zujZY+ivOqNK8t4RYZ6gNQM0XfFjSFMMz+jkbiorwM/OaXtne3FlQIyRsMK79
cy+zPiTOfai+79yFlimNmGZfzbwg/wd7yVTXpcAoNKETOnzQzE/pUX9sYb/Vyk+H
YQQ1Zt7FuhH/6OS5vGtm+7IZnwjoZQfPwVgOweIXbxtvmPTVeW0HCRVBNQb/eUYo
46ss18Uvb9KIW4ApnZvCDr6p5Act+/vfuCUixPmnVyAU69A0R39k1i444QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFES/b84EFwRLpeRaDssM+bF5Z1P1MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUkw5dnpnUVhCRXVsNUZvT3l3ejVzWGxuVV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQBueOSAwQBwQhwAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQAymDzbJv3ctWCV+hkB5IGLDmJCbEbiUTRtMp8gr/0BzqFkX7//pVJJ6GeK
XlDkbAIVUQMtOfxEK031kwcX+8sUFBdo3UX/+4zX/tRh58kuUqPInfnmu2Gcm8Hw
fKNfP7vG61Xl4M1w3cJPdwzoXZJILiczGo57cCDRGho9Zru3PEdEEWsAMxC9w2Yg
6/A2ESbDaE8sqK6G4XSz3w9CekajMWVtXwEVyBQdI6gm/WrdApNq8o/EKeCcgsf4
ybAnknp2FJ5K9JY3Ab3phkVcxVAFzWY+Eg5l6URctCQZBxhHeRJ2gjXAccEY6H8H
LDQoTCdvWLn4lxsz84W2wKMkdWcY
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:05:35 2024 by rpki-client on console-fra.rpki-client.org