Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/u9iaDA0fDpCE9DMMpsuC-iH2cUw.roa
File: u9iaDA0fDpCE9DMMpsuC-iH2cUw.roa (raw, json)
Hash identifier: qIEFKKj+M9X3slA8bmPPO6aOw9fDtX/idz/geyVyrJg=
Subject key identifier: BB:D8:9A:0C:0D:1F:0E:90:84:F4:33:0C:A6:CB:82:FA:21:F6:71:4C
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 018CC8015738285712143D2D2F9E5A22BA74
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/u9iaDA0fDpCE9DMMpsuC-iH2cUw.roa
Signing time: Tue 02 Jan 2024 02:29:40 +0000
ROA not before: Tue 02 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6134
IP address blocks: 45.133.238.0/24 maxlen: 24
45.133.239.0/24 maxlen: 24
45.135.118.0/24 maxlen: 24
45.135.119.0/24 maxlen: 24
45.140.90.0/24 maxlen: 24
45.140.91.0/24 maxlen: 24
185.106.178.0/24 maxlen: 24
185.106.177.0/24 maxlen: 24
185.106.179.0/24 maxlen: 24
2a06:5040:3::/48 maxlen: 48
2a06:5040:20::/45 maxlen: 45
2a06:5040:30::/45 maxlen: 48
2a06:5040::/29 maxlen: 48
2a06:5040:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:57:38:28:57:12:14:3d:2d:2f:9e:5a:22:ba:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 2 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbd89a0c0d1f0e9084f4330ca6cb82fa21f6714c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fc:14:51:2e:ea:da:0d:2c:b3:2c:85:cc:20:
de:ac:e5:c5:ae:8b:c9:3d:c1:f9:30:4d:c7:57:46:
a0:21:7e:71:30:3b:a1:c5:c2:6c:33:f0:ed:3d:b9:
af:f9:93:04:41:43:56:b5:d4:66:75:c2:80:3b:97:
6c:6d:aa:7d:e8:d0:05:89:d4:06:a1:5a:0f:b2:3c:
58:d7:f4:ec:2d:2a:b8:d7:04:90:93:68:d9:64:db:
30:28:26:39:17:ef:6c:f6:2c:a3:3a:74:1c:ca:90:
54:82:c9:d1:de:ac:fc:c2:34:b0:03:0d:22:c8:31:
e9:c2:fb:b0:a4:a3:c1:1e:53:03:b5:d8:bd:3e:9d:
0c:96:7d:06:bb:24:69:3b:b0:d9:6b:26:6e:66:c4:
25:a8:f0:f1:01:8a:f1:cd:a8:58:3c:5e:23:d5:0f:
58:ec:a9:d6:7c:e5:83:e3:15:19:1a:be:68:4a:d9:
9c:0f:6b:15:ae:77:ce:0c:fb:d9:7c:83:61:da:a6:
3c:97:a3:8f:e9:16:6f:69:ad:6f:bf:3c:b1:3f:9c:
a0:c1:55:f1:97:a8:fd:0d:2b:78:a6:0b:a8:5c:24:
d0:84:37:87:21:97:2f:d8:f8:20:00:19:9b:d1:91:
8e:e5:bd:41:fd:b7:a1:7c:29:eb:9e:6f:6b:05:e9:
b8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D8:9A:0C:0D:1F:0E:90:84:F4:33:0C:A6:CB:82:FA:21:F6:71:4C
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/u9iaDA0fDpCE9DMMpsuC-iH2cUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.238.0/23
45.135.118.0/23
45.140.90.0/23
185.106.177.0-185.106.179.255
IPv6:
2a06:5040::/29
Signature Algorithm: sha256WithRSAEncryption
75:f8:a1:de:9b:49:a2:0b:f2:90:83:39:b4:ea:40:f1:f4:29:
27:f8:e7:b5:03:5c:24:0b:58:3f:ab:7f:02:c8:7d:84:93:2d:
e1:6e:b3:9c:73:2a:fe:a1:d6:db:8b:86:d9:14:82:46:0c:2f:
ac:65:f3:b6:b0:fc:75:a3:42:90:54:e9:8e:6a:d9:d7:89:c7:
6c:e9:57:da:5c:97:8c:ac:48:4d:10:2c:09:cc:47:af:fe:cf:
af:6d:7f:78:78:3b:bd:e0:a4:8b:b2:87:9c:1b:26:0f:25:bd:
2c:bd:b2:b3:83:62:a9:af:d3:ed:a7:95:80:4c:6f:90:d0:a0:
88:b8:4f:17:68:55:50:82:7e:3b:0b:ba:dd:36:d3:12:0d:87:
f6:15:3d:d9:b5:eb:fb:5b:67:21:3f:28:2d:30:61:22:f8:3f:
25:eb:33:14:21:d1:5d:2e:f1:91:7b:fe:c1:06:fe:10:65:8e:
66:dc:06:27:ac:09:e4:20:22:be:78:30:68:12:5e:25:58:b3:
35:02:de:74:17:0a:7d:3e:60:18:ab:7d:09:7f:47:84:86:f4:
54:32:ac:57:c7:11:ff:9f:78:7a:7a:59:61:6b:5a:50:20:83:
ba:e8:ca:eb:76:45:29:7a:14:c7:6a:61:a0:84:d9:33:80:24:
f0:6f:34:5d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzIAVc4KFcSFD0tL55aIrp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ4OWEwYzBkMWYwZTkwODRmNDMzMGNhNmNiODJmYTIxZjY3MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vwUUS7q2g0ssyyFzCDerOXFrovJ
PcH5ME3HV0agIX5xMDuhxcJsM/DtPbmv+ZMEQUNWtdRmdcKAO5dsbap96NAFidQG
oVoPsjxY1/TsLSq41wSQk2jZZNswKCY5F+9s9iyjOnQcypBUgsnR3qz8wjSwAw0i
yDHpwvuwpKPBHlMDtdi9Pp0Mln0GuyRpO7DZayZuZsQlqPDxAYrxzahYPF4j1Q9Y
7KnWfOWD4xUZGr5oStmcD2sVrnfODPvZfINh2qY8l6OP6RZvaa1vvzyxP5ygwVXx
l6j9DSt4pguoXCTQhDeHIZcv2PggABmb0ZGO5b1B/behfCnrnm9rBem4qQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLvYmgwNHw6QhPQzDKbLgvoh9nFMMB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvdTlpYURBMGZEcENFOURNTXBzdUMtaUgyY1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEtMGQ3YjU1MWY4Mjhj
LzEvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQBLYXuAwQB
LYd2AwQBLYxaMAwDBAC5arEDBAK5arAwDQQCAAIwBwMFAyoGUEAwDQYJKoZIhvcN
AQELBQADggEBAHX4od6bSaIL8pCDObTqQPH0KSf457UDXCQLWD+rfwLIfYSTLeFu
s5xzKv6h1tuLhtkUgkYML6xl87aw/HWjQpBU6Y5q2deJx2zpV9pcl4ysSE0QLAnM
R6/+z69tf3h4O73gpIuyh5wbJg8lvSy9srODYqmv0+2nlYBMb5DQoIi4TxdoVVCC
fjsLut020xINh/YVPdm16/tbZyE/KC0wYSL4PyXrMxQh0V0u8ZF7/sEG/hBljmbc
BiesCeQgIr54MGgSXiVYszUC3nQXCn0+YBirfQl/R4SG9FQyrFfHEf+feHp6WWFr
WlAgg7royut2RSl6FMdqYaCE2TOAJPBvNF0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:04:47 2024 by rpki-client on console-fra.rpki-client.org