Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/Q9ih0WskFGMz4yotb7q3zv_2M0g.roa
File: Q9ih0WskFGMz4yotb7q3zv_2M0g.roa (raw, json)
Hash identifier: ih6RhXZl42TnrfV7Dug8pXt0UYLfpD11gKqbkh8qwaA=
Subject key identifier: 43:D8:A1:D1:6B:24:14:63:33:E3:2A:2D:6F:BA:B7:CE:FF:F6:33:48
Certificate issuer: /CN=d45df98bec8276b82ba82d93760447ba44d1a19b
Certificate serial: 018CC56E09D9320161212438858C2927D050
Authority key identifier: D4:5D:F9:8B:EC:82:76:B8:2B:A8:2D:93:76:04:47:BA:44:D1:A1:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1F35i-yCdrgrqC2TdgRHukTRoZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/Q9ih0WskFGMz4yotb7q3zv_2M0g.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44061
IP address blocks: 79.175.208.0/20 maxlen: 20
109.74.96.0/20 maxlen: 20
79.175.224.0/20 maxlen: 20
79.175.240.0/21 maxlen: 21
79.175.248.0/21 maxlen: 21
79.175.252.0/22 maxlen: 22
79.175.248.0/22 maxlen: 22
45.139.93.0/24 maxlen: 24
45.139.95.0/24 maxlen: 24
45.139.92.0/24 maxlen: 24
45.139.94.0/24 maxlen: 24
79.175.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/1F35i-yCdrgrqC2TdgRHukTRoZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/1F35i-yCdrgrqC2TdgRHukTRoZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1F35i-yCdrgrqC2TdgRHukTRoZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:09:d9:32:01:61:21:24:38:85:8c:29:27:d0:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45df98bec8276b82ba82d93760447ba44d1a19b
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43d8a1d16b24146333e32a2d6fbab7cefff63348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4f:8c:1b:79:92:fd:c1:36:18:ba:49:9c:8f:
2f:7c:04:85:2f:33:65:ee:27:49:ea:a4:6b:b1:cf:
c7:c3:af:0c:c5:12:6a:2c:18:19:07:b5:62:3e:3d:
bc:f7:3d:82:80:dd:95:ab:85:9e:9b:39:51:a6:72:
82:d7:0c:d1:da:5e:ff:f8:fb:9e:ad:f7:c0:37:65:
7f:14:7a:03:ae:bb:9e:2f:44:98:aa:7f:e4:36:a1:
69:6f:4c:6f:40:90:85:3d:b2:d9:1f:1d:27:26:d6:
bb:92:4c:df:e3:c9:e1:dd:be:92:e5:a3:b0:45:b4:
0a:70:3e:b0:18:ee:a1:29:96:3b:4b:6f:e9:39:22:
59:e6:fc:ec:df:87:a7:cf:f4:7d:88:8b:d8:95:9c:
fe:56:c6:51:63:96:8a:94:c7:c3:1b:78:59:8d:0e:
e9:36:61:81:94:4a:fa:1b:32:dd:bf:1a:32:f2:33:
1e:25:09:f2:87:50:57:0e:53:f0:1e:bd:28:9c:71:
2a:17:40:55:cd:36:cd:db:31:64:c2:ca:b0:21:ac:
09:03:60:2c:da:7b:39:9a:cb:aa:58:61:19:80:c4:
ef:3f:32:52:9f:9f:9f:3b:b0:f0:79:5d:b4:03:69:
38:62:3c:69:e7:c9:99:2c:9d:ef:6a:69:22:da:fa:
1b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D8:A1:D1:6B:24:14:63:33:E3:2A:2D:6F:BA:B7:CE:FF:F6:33:48
X509v3 Authority Key Identifier:
keyid:D4:5D:F9:8B:EC:82:76:B8:2B:A8:2D:93:76:04:47:BA:44:D1:A1:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1F35i-yCdrgrqC2TdgRHukTRoZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/Q9ih0WskFGMz4yotb7q3zv_2M0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/de065d-30e2-43d5-b357-c0956a80132d/1/1F35i-yCdrgrqC2TdgRHukTRoZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.92.0/22
79.175.192.0/18
109.74.96.0/20
Signature Algorithm: sha256WithRSAEncryption
7e:3e:d0:ba:fb:a7:ca:2d:2f:98:53:41:42:2a:ef:33:15:48:
d0:9e:1f:d7:7a:3d:24:5c:07:b3:7f:38:98:1a:e1:a4:64:be:
b9:9a:da:44:a1:41:03:95:6b:f9:2a:1b:1a:d3:47:59:b2:0e:
4a:13:ce:41:41:12:54:63:3e:e6:cc:d3:7d:3c:d2:a8:cb:dc:
c9:13:2f:f7:e0:30:11:00:58:67:c8:23:a1:02:01:8e:7b:d6:
49:f8:4b:bb:e3:de:17:19:ac:4f:b0:45:8a:34:ae:0d:a0:0e:
5d:a9:8f:07:95:b3:0a:b1:b9:58:05:27:24:3e:c1:8b:dc:07:
3f:d3:ec:0a:72:5e:0c:b3:1b:f8:58:27:95:85:ab:1b:72:c6:
d5:77:53:6b:4b:ab:3e:d7:23:8e:1d:db:76:5b:ac:29:36:85:
3c:a7:4d:d0:ff:10:69:34:87:50:d5:18:78:45:8c:d2:fe:7a:
4d:b5:8d:8d:57:af:68:04:23:de:00:a0:c6:3e:62:e3:88:e7:
86:e7:30:a0:c2:db:a8:99:98:5c:1c:86:9c:9c:6b:4f:19:f9:
dd:fd:92:a2:e1:42:c7:55:98:63:2b:a2:da:da:57:d0:a1:43:
ff:dc:d9:de:c7:b3:a3:f2:41:f6:d9:e3:79:d3:90:12:f9:dc:
02:17:31:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbgnZMgFhISQ4hYwpJ9BQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWRmOThiZWM4Mjc2YjgyYmE4MmQ5Mzc2MDQ0N2JhNDRk
MWExOWIwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q4YTFkMTZiMjQxNDYzMzNlMzJhMmQ2ZmJhYjdjZWZmZjYzMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU+MG3mS/cE2GLpJnI8vfASFLzNl
7idJ6qRrsc/Hw68MxRJqLBgZB7ViPj289z2CgN2Vq4WemzlRpnKC1wzR2l7/+Pue
rffAN2V/FHoDrrueL0SYqn/kNqFpb0xvQJCFPbLZHx0nJta7kkzf48nh3b6S5aOw
RbQKcD6wGO6hKZY7S2/pOSJZ5vzs34enz/R9iIvYlZz+VsZRY5aKlMfDG3hZjQ7p
NmGBlEr6GzLdvxoy8jMeJQnyh1BXDlPwHr0onHEqF0BVzTbN2zFkwsqwIawJA2As
2ns5msuqWGEZgMTvPzJSn5+fO7DweV20A2k4Yjxp58mZLJ3vamki2vobzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEPYodFrJBRjM+MqLW+6t87/9jNIMB8GA1UdIwQY
MBaAFNRd+Yvsgna4K6gtk3YER7pE0aGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUYzNWkteUNkcmdycUMyVGRnUkh1a1RSb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9kZTA2NWQtMzBlMi00M2Q1LWIzNTct
YzA5NTZhODAxMzJkLzEvUTlpaDBXc2tGR016NHlvdGI3cTN6dl8yTTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9kZTA2NWQtMzBlMi00M2Q1LWIzNTctYzA5NTZhODAxMzJk
LzEvMUYzNWkteUNkcmdycUMyVGRnUkh1a1RSb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYtcAwQG
T6/AAwQEbUpgMA0GCSqGSIb3DQEBCwUAA4IBAQB+PtC6+6fKLS+YU0FCKu8zFUjQ
nh/Xej0kXAezfziYGuGkZL65mtpEoUEDlWv5Khsa00dZsg5KE85BQRJUYz7mzNN9
PNKoy9zJEy/34DARAFhnyCOhAgGOe9ZJ+Eu7494XGaxPsEWKNK4NoA5dqY8HlbMK
sblYBSckPsGL3Ac/0+wKcl4Msxv4WCeVhasbcsbVd1NrS6s+1yOOHdt2W6wpNoU8
p03Q/xBpNIdQ1Rh4RYzS/npNtY2NV69oBCPeAKDGPmLjiOeG5zCgwtuomZhcHIac
nGtPGfnd/ZKi4ULHVZhjK6La2lfQoUP/3Nnex7Oj8kH22eN505AS+dwCFzH3
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:18 2024 by rpki-client on console-ams.rpki-client.org