Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/RvJWmaU305TeL5TYZxubp0dyCN8.roa
File: RvJWmaU305TeL5TYZxubp0dyCN8.roa (raw, json)
Hash identifier: GA2vEA35htCf5tcaqfUGmC9+pW+O+YQeU7vZzxgpdQQ=
Subject key identifier: 46:F2:56:99:A5:37:D3:94:DE:2F:94:D8:67:1B:9B:A7:47:72:08:DF
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01929FB5122E74CA4A93D7DA19753CE46033
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/RvJWmaU305TeL5TYZxubp0dyCN8.roa
Signing time: Fri 18 Oct 2024 12:58:16 +0000
ROA not before: Fri 18 Oct 2024 12:58:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211619
IP address blocks: 45.9.168.0/24 maxlen: 24
77.242.152.0/24 maxlen: 24
77.242.153.0/24 maxlen: 24
77.242.155.0/24 maxlen: 24
88.209.205.0/24 maxlen: 24
88.209.228.0/24 maxlen: 24
92.52.217.0/24 maxlen: 24
194.41.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:b5:12:2e:74:ca:4a:93:d7:da:19:75:3c:e4:60:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 18 12:58:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46f25699a537d394de2f94d8671b9ba7477208df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9c:36:b3:ea:4e:a0:da:45:34:a6:f6:e2:df:
78:67:af:e7:20:d7:32:26:8d:d6:fa:ac:8b:60:10:
4c:59:cd:c4:00:3d:93:41:e7:74:9f:d5:b5:74:05:
2c:95:3b:38:4f:39:60:95:63:71:60:d6:92:9e:9c:
a5:f6:16:c9:95:8d:53:e9:60:6e:fb:b2:e3:2e:ba:
3d:4a:2d:74:0f:2c:8f:04:c6:b2:fb:7d:70:f8:4d:
dc:47:9e:1b:28:cf:91:ae:90:7c:ea:d3:28:9b:80:
62:8d:80:1a:83:e8:95:c2:6f:08:af:45:3e:da:54:
73:ba:a4:0b:ce:b3:fe:b1:da:29:f8:2b:3f:c1:49:
cc:a2:e9:65:a0:0a:51:6a:d5:3f:55:20:de:11:5e:
76:61:51:c5:01:82:5f:92:3e:2f:33:f9:03:18:19:
52:25:b5:2b:b4:7b:de:6c:98:08:7e:20:69:c3:a5:
e3:00:1a:07:95:fe:51:83:85:1d:fa:b2:ae:d8:f7:
cb:3d:df:98:ac:f1:79:c6:55:65:d1:02:09:e8:d1:
e0:f8:3f:de:f0:6d:ad:86:2d:ac:1e:9f:77:ed:b7:
b7:1f:3b:bc:60:f6:a9:69:ce:6c:42:11:b7:f3:c3:
f8:b6:a0:3d:78:3c:ad:a4:43:3d:ec:5f:d2:43:0b:
3f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F2:56:99:A5:37:D3:94:DE:2F:94:D8:67:1B:9B:A7:47:72:08:DF
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/RvJWmaU305TeL5TYZxubp0dyCN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.168.0/24
77.242.152.0/23
77.242.155.0/24
88.209.205.0/24
88.209.228.0/24
92.52.217.0/24
194.41.47.0/24
Signature Algorithm: sha256WithRSAEncryption
07:69:a9:2d:2e:de:00:2b:a3:f7:36:78:84:89:f5:39:c1:ae:
0a:3b:ae:d1:64:ea:46:eb:a2:02:bb:a2:23:22:bd:fc:57:aa:
a6:8d:20:ce:ba:35:1b:27:ad:da:70:a8:93:59:56:d4:e4:35:
85:ce:c2:e8:33:d5:a1:85:b5:53:ea:77:43:a0:7c:7b:63:d3:
41:45:01:bd:07:9d:83:a1:de:10:5f:7a:b7:24:4f:01:48:e8:
d8:c7:82:05:f5:f4:e6:70:0c:1b:bc:4b:ae:e3:67:8d:41:56:
d2:b5:ee:48:e5:fe:2d:d8:46:a9:9e:ad:bd:19:5f:90:de:9f:
e1:11:cf:36:c3:1d:4d:c3:32:f9:79:51:14:11:84:d3:27:65:
ed:c0:83:86:a0:b9:80:a9:49:6f:c8:98:63:be:44:4e:4b:88:
db:39:4d:fb:b6:dc:e1:fe:f5:7c:27:0e:fc:8a:fb:4f:31:78:
d3:55:71:9a:d3:99:f1:ab:da:7d:f2:81:b6:c1:d7:00:4e:b7:
a8:af:0c:1a:25:39:be:f8:ba:b4:0b:a3:1f:cf:0b:6c:4e:4c:
96:f8:3b:c8:77:8c:14:cd:33:f1:44:9c:aa:4c:70:ac:8c:8f:
87:41:31:56:2a:54:87:d7:10:52:2b:e2:44:46:1e:b0:03:98:
95:c3:63:6c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZKftRIudMpKk9faGXU85GAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMDE4MTI1ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmYyNTY5OWE1MzdkMzk0ZGUyZjk0ZDg2NzFiOWJhNzQ3NzIwOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZw2s+pOoNpFNKb24t94Z6/nINcy
Jo3W+qyLYBBMWc3EAD2TQed0n9W1dAUslTs4TzlglWNxYNaSnpyl9hbJlY1T6WBu
+7LjLro9Si10DyyPBMay+31w+E3cR54bKM+RrpB86tMom4BijYAag+iVwm8Ir0U+
2lRzuqQLzrP+sdop+Cs/wUnMoulloApRatU/VSDeEV52YVHFAYJfkj4vM/kDGBlS
JbUrtHvebJgIfiBpw6XjABoHlf5Rg4Ud+rKu2PfLPd+YrPF5xlVl0QIJ6NHg+D/e
8G2thi2sHp937be3Hzu8YPapac5sQhG388P4tqA9eDytpEM97F/SQws/zQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEbyVpmlN9OU3i+U2Gcbm6dHcgjfMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUnZKV21hVTMwNVRlTDVUWVp4dWJwMGR5Q044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQmoAwQB
TfKYAwQATfKbAwQAWNHNAwQAWNHkAwQAXDTZAwQAwikvMA0GCSqGSIb3DQEBCwUA
A4IBAQAHaaktLt4AK6P3NniEifU5wa4KO67RZOpG66ICu6IjIr38V6qmjSDOujUb
J63acKiTWVbU5DWFzsLoM9WhhbVT6ndDoHx7Y9NBRQG9B52Dod4QX3q3JE8BSOjY
x4IF9fTmcAwbvEuu42eNQVbSte5I5f4t2Eapnq29GV+Q3p/hEc82wx1NwzL5eVEU
EYTTJ2XtwIOGoLmAqUlvyJhjvkROS4jbOU37ttzh/vV8Jw78ivtPMXjTVXGa05nx
q9p98oG2wdcATreorwwaJTm++Lq0C6MfzwtsTkyW+DvId4wUzTPxRJyqTHCsjI+H
QTFWKlSH1xBSK+JERh6wA5iVw2Ns
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:04:39 2024 by rpki-client on console-fra.rpki-client.org