Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/IqddwKVGNM3dMwcNyNWktXSDNoU.roa
File: IqddwKVGNM3dMwcNyNWktXSDNoU.roa (raw, json)
Hash identifier: wImUcCKqHbyU9lbyjHzF+Ohtk4YlgcaQP7nHOjYLSJQ=
Subject key identifier: 22:A7:5D:C0:A5:46:34:CD:DD:33:07:0D:C8:D5:A4:B5:74:83:36:85
Certificate issuer: /CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Certificate serial: 018CC6B7D73BE1F12629B6707472FEF00B21
Authority key identifier: 9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/IqddwKVGNM3dMwcNyNWktXSDNoU.roa
Signing time: Mon 01 Jan 2024 20:29:46 +0000
ROA not before: Mon 01 Jan 2024 20:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205199
IP address blocks: 194.35.182.0/24 maxlen: 24
194.35.95.0/24 maxlen: 24
194.35.92.0/24 maxlen: 24
193.43.14.0/24 maxlen: 24
193.43.28.0/24 maxlen: 24
193.43.37.0/24 maxlen: 24
45.136.156.0/22 maxlen: 22
185.157.168.0/22 maxlen: 22
45.150.160.0/22 maxlen: 22
193.42.219.0/24 maxlen: 24
194.35.78.0/24 maxlen: 24
185.241.172.0/22 maxlen: 22
45.138.140.0/22 maxlen: 22
45.144.116.0/22 maxlen: 22
194.147.242.0/23 maxlen: 23
45.134.120.0/22 maxlen: 22
194.147.250.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.mft
rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:d7:3b:e1:f1:26:29:b6:70:74:72:fe:f0:0b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Validity
Not Before: Jan 1 20:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22a75dc0a54634cddd33070dc8d5a4b574833685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2e:8e:b4:75:0c:31:00:3a:b9:d3:05:91:24:
6a:41:6b:5b:9d:b2:5f:a8:77:a1:fc:89:d2:57:27:
94:ed:98:ac:70:1e:d8:28:95:56:51:38:b5:aa:ab:
37:c9:dc:ab:79:bf:f9:61:4c:ff:59:bf:3b:a2:a5:
9e:f3:46:0b:fe:67:a5:6d:1e:b4:9b:6d:0a:00:c4:
01:4f:23:e9:ed:f2:07:6e:a5:19:41:ac:1f:62:5b:
f9:51:53:ea:cb:c9:fe:f7:92:c5:d1:f5:78:b6:8b:
5a:9c:11:6a:fd:5e:f3:cb:14:5e:7f:df:60:9d:1a:
71:eb:bc:1b:2e:59:df:47:46:62:e7:43:fa:2e:a8:
5f:d1:06:6a:a9:2b:90:ea:fd:92:51:94:cd:cf:44:
75:77:67:b7:01:d7:91:6a:42:ca:f1:52:0c:75:83:
7b:dd:43:8b:45:19:cb:01:ee:58:4c:5e:7e:f7:11:
23:3c:89:ba:1c:97:d8:80:45:f7:c7:b2:c3:5c:6f:
b6:28:f8:42:28:4a:ed:7c:37:88:39:87:3f:b2:7a:
43:38:46:f3:dd:b2:6a:80:da:33:a1:83:06:80:79:
02:0e:23:8f:51:e1:ca:52:a5:08:a8:f6:87:f6:f9:
bc:f1:bf:df:87:41:a4:a6:f1:54:49:b0:3d:8e:b7:
59:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A7:5D:C0:A5:46:34:CD:DD:33:07:0D:C8:D5:A4:B5:74:83:36:85
X509v3 Authority Key Identifier:
keyid:9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/IqddwKVGNM3dMwcNyNWktXSDNoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.120.0/22
45.136.156.0/22
45.138.140.0/22
45.144.116.0/22
45.150.160.0/22
185.157.168.0/22
185.241.172.0/22
193.42.219.0/24
193.43.14.0/24
193.43.28.0/24
193.43.37.0/24
194.35.78.0/24
194.35.92.0/24
194.35.95.0/24
194.35.182.0/24
194.147.242.0/23
194.147.250.0/23
Signature Algorithm: sha256WithRSAEncryption
56:86:dc:1e:c6:09:29:44:fa:1e:b2:77:6c:15:39:6e:2f:06:
1b:03:ed:f4:f3:11:03:1e:29:8e:b1:c5:7f:de:0a:79:6e:50:
1e:23:a9:4c:54:5d:bb:5b:a7:01:bd:d3:bd:78:bd:4d:68:67:
14:5e:6e:ef:ad:47:30:67:10:2f:da:27:ed:73:72:7c:01:3c:
d3:03:b9:f9:9a:92:c8:5c:85:e0:b8:af:12:de:e2:d7:04:9c:
32:28:ff:fa:1f:c1:98:63:f6:15:b0:7d:aa:14:e6:6e:0e:11:
86:b6:ce:ba:a7:49:36:fa:56:cc:23:5f:71:ca:3f:f9:c1:07:
a1:89:6f:e0:36:88:b2:66:6a:62:8d:17:be:5e:10:8f:83:82:
ef:e7:9d:79:49:a6:9f:24:c2:fa:12:db:91:c9:2e:58:42:0d:
bc:59:54:36:0f:d4:81:79:dc:bd:13:87:bc:d0:75:49:95:6b:
aa:2f:12:f3:6a:91:56:d5:1b:df:87:34:88:cf:5a:fa:43:88:
6c:53:1a:b8:93:63:d6:e7:a5:9c:ad:4c:b2:ce:4e:50:1d:57:
93:df:6d:02:fd:80:31:21:c4:36:9b:2f:2c:d0:61:7b:68:4f:
8e:80:48:34:c4:e7:34:63:a0:23:1c:da:ef:4a:d6:66:e3:1b:
9b:8c:f3:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzGt9c74fEmKbZwdHL+8AshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzcyMGU5NzBmYWEwZTA3ZjUwYTYzODllN2FlNTNhZmE0
MzlkYWIwHhcNMjQwMTAxMjAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmE3NWRjMGE1NDYzNGNkZGQzMzA3MGRjOGQ1YTRiNTc0ODMzNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi6OtHUMMQA6udMFkSRqQWtbnbJf
qHeh/InSVyeU7ZiscB7YKJVWUTi1qqs3ydyreb/5YUz/Wb87oqWe80YL/melbR60
m20KAMQBTyPp7fIHbqUZQawfYlv5UVPqy8n+95LF0fV4totanBFq/V7zyxRef99g
nRpx67wbLlnfR0Zi50P6Lqhf0QZqqSuQ6v2SUZTNz0R1d2e3AdeRakLK8VIMdYN7
3UOLRRnLAe5YTF5+9xEjPIm6HJfYgEX3x7LDXG+2KPhCKErtfDeIOYc/snpDOEbz
3bJqgNozoYMGgHkCDiOPUeHKUqUIqPaH9vm88b/fh0GkpvFUSbA9jrdZbQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCKnXcClRjTN3TMHDcjVpLV0gzaFMB8GA1UdIwQY
MBaAFJ83IOlw+qDgf1CmOJ565Tr6Q52rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQt
MTJlNmEwZDQzMThhLzEvSXFkZHdLVkdOTTNkTXdjTnlOV2t0WFNETm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQtMTJlNmEwZDQzMThh
LzEvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQCLYZ4AwQC
LYicAwQCLYqMAwQCLZB0AwQCLZagAwQCuZ2oAwQCufGsAwQAwSrbAwQAwSsOAwQA
wSscAwQAwSslAwQAwiNOAwQAwiNcAwQAwiNfAwQAwiO2AwQBwpPyAwQBwpP6MA0G
CSqGSIb3DQEBCwUAA4IBAQBWhtwexgkpRPoesndsFTluLwYbA+308xEDHimOscV/
3gp5blAeI6lMVF27W6cBvdO9eL1NaGcUXm7vrUcwZxAv2iftc3J8ATzTA7n5mpLI
XIXguK8S3uLXBJwyKP/6H8GYY/YVsH2qFOZuDhGGts66p0k2+lbMI19xyj/5wQeh
iW/gNoiyZmpijRe+XhCPg4Lv5515SaafJML6EtuRyS5YQg28WVQ2D9SBedy9E4e8
0HVJlWuqLxLzapFW1RvfhzSIz1r6Q4hsUxq4k2PW56WcrUyyzk5QHVeT320C/YAx
IcQ2my8s0GF7aE+OgEg0xOc0Y6AjHNrvStZm4xubjPMj
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:27:02 2024 by rpki-client on console-ams.rpki-client.org