Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/kx2j0gAIqlzu_2JjKqPuDv9QZbU.roa
File: kx2j0gAIqlzu_2JjKqPuDv9QZbU.roa (raw, json)
Hash identifier: opMfMGi1pEau18OjqgxkTyDt4JOPifKFjaMWiWju7Wg=
Subject key identifier: 93:1D:A3:D2:00:08:AA:5C:EE:FF:62:63:2A:A3:EE:0E:FF:50:65:B5
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0192DC4B05978F3E2E5E4F59553F9B54E912
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/kx2j0gAIqlzu_2JjKqPuDv9QZbU.roa
Signing time: Wed 30 Oct 2024 07:19:17 +0000
ROA not before: Wed 30 Oct 2024 07:19:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 45.147.156.0/24 maxlen: 24
45.147.157.0/24 maxlen: 24
45.147.158.0/24 maxlen: 24
77.111.116.0/24 maxlen: 24
77.111.121.0/24 maxlen: 24
91.190.185.0/24 maxlen: 24
92.61.102.0/24 maxlen: 24
194.152.137.0/24 maxlen: 24
194.152.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:4b:05:97:8f:3e:2e:5e:4f:59:55:3f:9b:54:e9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Oct 30 07:19:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=931da3d20008aa5ceeff62632aa3ee0eff5065b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:77:76:71:4f:fc:56:20:ac:4c:f8:5d:a7:84:
df:42:a2:b5:f4:6d:cb:64:20:a1:be:fd:7d:7d:cd:
71:0c:89:25:85:3f:32:0c:a5:6d:9a:b9:84:8f:99:
74:51:bf:9c:d7:97:4e:aa:79:48:1a:cc:7a:13:78:
78:f5:14:d9:2e:1e:ea:76:ba:6a:0c:7c:2c:1a:d4:
a1:19:ea:44:0a:45:b7:a6:bc:4e:94:e7:3c:93:67:
99:59:a2:e3:90:c8:95:77:be:b8:0a:18:1d:58:6d:
a9:22:24:74:ef:8e:d0:82:16:c2:4a:4e:6d:fa:44:
e0:15:0c:e3:04:d6:47:a8:21:8e:90:d4:4f:0d:73:
13:32:fb:91:f7:de:12:cc:57:e1:d8:26:07:bd:7b:
7a:46:4a:af:0c:68:d0:5e:37:09:e3:8e:2f:72:3b:
58:3e:37:bf:3f:3a:03:ca:6c:c6:db:36:05:22:4f:
de:36:db:d4:9e:48:71:fc:c8:9b:5c:89:16:ad:ba:
02:65:6a:30:73:92:0c:57:f5:f7:f0:46:af:00:b9:
0e:c4:14:a0:8d:30:f9:4a:c0:9b:2d:8f:ac:7d:35:
6d:dc:17:f8:5a:29:81:04:b4:d3:1b:2e:38:4f:2b:
cb:0e:16:00:a6:06:e9:5f:a9:69:44:cb:8a:54:79:
ad:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:1D:A3:D2:00:08:AA:5C:EE:FF:62:63:2A:A3:EE:0E:FF:50:65:B5
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/kx2j0gAIqlzu_2JjKqPuDv9QZbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.156.0-45.147.158.255
77.111.116.0/24
77.111.121.0/24
91.190.185.0/24
92.61.102.0/24
194.152.137.0/24
194.152.139.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:8a:69:96:52:ea:b0:26:18:75:06:93:23:25:bb:00:35:26:
a0:23:54:93:0d:cb:5d:c8:4c:f0:82:20:20:e4:b3:e0:e6:b9:
a4:ff:ce:da:41:98:e5:24:2f:fc:ef:cf:51:83:35:9e:ba:cc:
70:01:80:46:20:bc:e5:5b:93:0b:32:50:f9:48:4f:cd:9e:21:
4b:85:2a:0f:ed:ca:6a:ad:db:8a:60:34:64:9c:84:6f:bd:7e:
3c:1f:00:c7:af:70:17:6f:86:f3:b3:32:52:6b:bc:33:cf:8e:
fd:e9:2d:6c:45:41:23:12:9a:3e:93:ad:4c:6f:e5:86:08:b7:
77:19:73:b0:d3:30:eb:4b:20:42:08:25:e5:6c:93:b9:5a:b3:
8d:57:98:89:29:f2:50:ec:f9:a7:be:12:d4:e2:1c:72:15:55:
f6:68:44:d8:3a:fe:9a:f3:02:f8:01:6f:d8:f6:e9:3f:2f:9d:
44:03:61:58:54:64:2d:34:57:1d:1e:64:bd:9b:76:bc:50:b3:
03:0f:d6:19:a2:e4:a4:80:49:74:ce:f1:6a:e5:0e:af:2f:e3:
3f:02:01:51:56:71:f8:9f:bd:0c:af:e1:57:ef:29:62:ec:fe:
11:7c:aa:18:e3:bf:8c:e0:89:dd:7b:b2:93:62:99:ac:be:95:
b4:fd:3a:1f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZLcSwWXjz4uXk9ZVT+bVOkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQxMDMwMDcxOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzFkYTNkMjAwMDhhYTVjZWVmZjYyNjMyYWEzZWUwZWZmNTA2NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnd2cU/8ViCsTPhdp4TfQqK19G3L
ZCChvv19fc1xDIklhT8yDKVtmrmEj5l0Ub+c15dOqnlIGsx6E3h49RTZLh7qdrpq
DHwsGtShGepECkW3prxOlOc8k2eZWaLjkMiVd764ChgdWG2pIiR0747QghbCSk5t
+kTgFQzjBNZHqCGOkNRPDXMTMvuR994SzFfh2CYHvXt6RkqvDGjQXjcJ444vcjtY
Pje/PzoDymzG2zYFIk/eNtvUnkhx/MibXIkWrboCZWowc5IMV/X38EavALkOxBSg
jTD5SsCbLY+sfTVt3Bf4WimBBLTTGy44TyvLDhYApgbpX6lpRMuKVHmtQQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJMdo9IACKpc7v9iYyqj7g7/UGW1MB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEva3gyajBnQUlxbHp1XzJKaktxUHVEdjlRWmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAItk5wD
BAAtk54DBABNb3QDBABNb3kDBABbvrkDBABcPWYDBADCmIkDBADCmIswDQYJKoZI
hvcNAQELBQADggEBAKCKaZZS6rAmGHUGkyMluwA1JqAjVJMNy13ITPCCICDks+Dm
uaT/ztpBmOUkL/zvz1GDNZ66zHABgEYgvOVbkwsyUPlIT82eIUuFKg/tymqt24pg
NGSchG+9fjwfAMevcBdvhvOzMlJrvDPPjv3pLWxFQSMSmj6TrUxv5YYIt3cZc7DT
MOtLIEIIJeVsk7las41XmIkp8lDs+ae+EtTiHHIVVfZoRNg6/przAvgBb9j26T8v
nUQDYVhUZC00Vx0eZL2bdrxQswMP1hmi5KSASXTO8WrlDq8v4z8CAVFWcfifvQyv
4VfvKWLs/hF8qhjjv4zgid17spNimay+lbT9Oh8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:43:34 2024 by rpki-client on console-ams.rpki-client.org