Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/scqPlUYGIw5kM3epFdFwjzLh5r8.roa
File: scqPlUYGIw5kM3epFdFwjzLh5r8.roa (raw, json)
Hash identifier: lOX5Ah3LgAefXA7FssoxmoYmKuS6GwWWtlSWVL6AOjI=
Subject key identifier: B1:CA:8F:95:46:06:23:0E:64:33:77:A9:15:D1:70:8F:32:E1:E6:BF
Certificate issuer: /CN=d9e1019bbe11b55114874c961716eb238a11cd4e
Certificate serial: 018F3ABFC29EDF4795CB9C7D255FC64BB509
Authority key identifier: D9:E1:01:9B:BE:11:B5:51:14:87:4C:96:17:16:EB:23:8A:11:CD:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2eEBm74RtVEUh0yWFxbrI4oRzU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/scqPlUYGIw5kM3epFdFwjzLh5r8.roa
Signing time: Thu 02 May 2024 19:19:56 +0000
ROA not before: Thu 02 May 2024 19:19:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44901
IP address blocks: 45.137.220.0/24 maxlen: 24
45.137.221.0/24 maxlen: 24
45.137.222.0/24 maxlen: 24
94.156.128.0/24 maxlen: 24
109.94.110.0/24 maxlen: 24
185.141.60.0/24 maxlen: 24
185.148.144.0/24 maxlen: 24
185.148.145.0/24 maxlen: 24
185.148.146.0/24 maxlen: 24
185.148.147.0/24 maxlen: 24
185.205.208.0/24 maxlen: 24
185.205.211.0/24 maxlen: 24
2a07:5740::/32 maxlen: 32
2a07:5741::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/2eEBm74RtVEUh0yWFxbrI4oRzU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/2eEBm74RtVEUh0yWFxbrI4oRzU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2eEBm74RtVEUh0yWFxbrI4oRzU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3a:bf:c2:9e:df:47:95:cb:9c:7d:25:5f:c6:4b:b5:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9e1019bbe11b55114874c961716eb238a11cd4e
Validity
Not Before: May 2 19:19:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1ca8f954606230e643377a915d1708f32e1e6bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8e:ee:12:64:e1:4a:c4:bd:82:08:df:14:11:
94:6f:7b:de:bd:70:37:29:3f:c3:eb:fa:55:8e:a8:
32:50:32:e2:3d:f8:b0:e5:54:58:05:95:37:ca:41:
d0:64:01:23:53:a9:19:b3:4f:54:7c:b9:f9:ec:4d:
e3:ab:74:ef:64:33:49:a6:10:97:a7:b6:aa:af:85:
4e:32:95:0b:06:d5:50:36:b6:21:14:cf:44:5c:05:
c7:34:69:8e:ca:8e:8e:63:38:cd:11:b5:83:25:f3:
06:3d:99:60:6e:d4:21:90:11:76:91:b3:68:f5:68:
f4:51:f3:b9:21:d8:61:1d:5d:6f:99:83:70:51:46:
99:ba:3e:77:d4:01:e2:0b:52:b9:b0:05:13:fd:6d:
e6:09:3e:52:2c:0b:18:2a:3c:9b:38:b2:80:45:8b:
1d:5f:17:92:ae:cb:f0:39:b0:25:76:88:f8:61:e5:
e5:8c:34:dd:b6:a8:1b:35:65:a8:85:32:5a:16:1a:
79:07:9b:9b:9f:7c:e4:26:1b:c8:9a:78:a4:65:b0:
ce:e0:ff:79:71:ef:1c:bd:33:c0:c2:df:7d:ea:7a:
84:6e:c6:9c:be:30:99:aa:9f:88:78:0a:b6:96:d6:
14:6d:26:a5:bf:e4:3f:17:a0:13:4a:82:26:85:3f:
0f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:CA:8F:95:46:06:23:0E:64:33:77:A9:15:D1:70:8F:32:E1:E6:BF
X509v3 Authority Key Identifier:
keyid:D9:E1:01:9B:BE:11:B5:51:14:87:4C:96:17:16:EB:23:8A:11:CD:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2eEBm74RtVEUh0yWFxbrI4oRzU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/scqPlUYGIw5kM3epFdFwjzLh5r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/0e19fe-0ad9-48e0-9b7b-452561935031/1/2eEBm74RtVEUh0yWFxbrI4oRzU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.220.0-45.137.222.255
94.156.128.0/24
109.94.110.0/24
185.141.60.0/24
185.148.144.0/22
185.205.208.0/24
185.205.211.0/24
IPv6:
2a07:5740::/31
Signature Algorithm: sha256WithRSAEncryption
33:87:97:58:62:16:91:68:8c:24:86:4c:56:f2:8b:e2:d9:e3:
38:42:7e:fd:51:b9:71:7b:a1:1f:80:8b:61:3d:a8:48:94:97:
87:31:2e:5c:92:58:b3:b2:81:02:78:f2:2a:8d:af:ba:56:f2:
67:81:76:ed:a8:27:91:f5:d4:29:42:87:52:9b:b5:94:4d:5b:
75:f6:01:40:23:7f:d6:bf:0c:98:31:ab:5c:a9:2d:74:8a:55:
78:af:e1:82:d0:6b:e1:41:32:42:78:95:af:a4:4b:c7:0f:71:
70:c4:a4:22:1c:18:96:1c:33:f7:09:3f:25:ff:54:3c:3a:59:
b4:84:08:4c:9f:b9:60:53:97:94:ee:20:98:30:c1:a1:a5:38:
a1:2c:fb:66:a8:b5:7c:bd:c9:85:ee:e7:91:5b:11:90:4d:04:
47:c5:9b:79:8e:fc:5e:44:76:f1:a5:92:32:3b:93:de:fd:3f:
76:0b:0d:28:d2:54:d2:cb:10:df:46:06:80:ee:11:85:cc:00:
37:ea:bb:5b:12:c8:04:83:53:86:da:4c:3b:71:a3:4c:d8:12:
cb:29:c0:70:6d:aa:11:bd:f8:27:f7:3f:b6:a7:6e:89:a1:da:
43:bb:91:3b:a8:eb:8c:f4:87:48:70:01:23:09:c3:b9:c6:0d:
e5:d6:fb:0e
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY86v8Ke30eVy5x9JV/GS7UJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZTEwMTliYmUxMWI1NTExNDg3NGM5NjE3MTZlYjIzOGEx
MWNkNGUwHhcNMjQwNTAyMTkxOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWNhOGY5NTQ2MDYyMzBlNjQzMzc3YTkxNWQxNzA4ZjMyZTFlNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY7uEmThSsS9ggjfFBGUb3vevXA3
KT/D6/pVjqgyUDLiPfiw5VRYBZU3ykHQZAEjU6kZs09UfLn57E3jq3TvZDNJphCX
p7aqr4VOMpULBtVQNrYhFM9EXAXHNGmOyo6OYzjNEbWDJfMGPZlgbtQhkBF2kbNo
9Wj0UfO5IdhhHV1vmYNwUUaZuj531AHiC1K5sAUT/W3mCT5SLAsYKjybOLKARYsd
XxeSrsvwObAldoj4YeXljDTdtqgbNWWohTJaFhp5B5ubn3zkJhvImnikZbDO4P95
ce8cvTPAwt996nqEbsacvjCZqp+IeAq2ltYUbSalv+Q/F6ATSoImhT8PUwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFLHKj5VGBiMOZDN3qRXRcI8y4ea/MB8GA1UdIwQY
MBaAFNnhAZu+EbVRFIdMlhcW6yOKEc1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVFQm03NFJ0VkVVaDB5V0Z4YnJJNG9SelU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8wZTE5ZmUtMGFkOS00OGUwLTliN2It
NDUyNTYxOTM1MDMxLzEvc2NxUGxVWUdJdzVrTTNlcEZkRndqekxoNXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8wZTE5ZmUtMGFkOS00OGUwLTliN2ItNDUyNTYxOTM1MDMx
LzEvMmVFQm03NFJ0VkVVaDB5V0Z4YnJJNG9SelU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyMAwDBAItidwD
BAAtid4DBABenIADBABtXm4DBAC5jTwDBAK5lJADBAC5zdADBAC5zdMwDQQCAAIw
BwMFASoHV0AwDQYJKoZIhvcNAQELBQADggEBADOHl1hiFpFojCSGTFbyi+LZ4zhC
fv1RuXF7oR+Ai2E9qEiUl4cxLlySWLOygQJ48iqNr7pW8meBdu2oJ5H11ClCh1Kb
tZRNW3X2AUAjf9a/DJgxq1ypLXSKVXiv4YLQa+FBMkJ4la+kS8cPcXDEpCIcGJYc
M/cJPyX/VDw6WbSECEyfuWBTl5TuIJgwwaGlOKEs+2aotXy9yYXu55FbEZBNBEfF
m3mO/F5EdvGlkjI7k979P3YLDSjSVNLLEN9GBoDuEYXMADfqu1sSyASDU4baTDtx
o0zYEsspwHBtqhG9+Cf3P7anbomh2kO7kTuo64z0h0hwASMJw7nGDeXW+w4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:34:33 2024 by rpki-client on console-ams.rpki-client.org