Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/748120-b4f5-44b0-ac9e-6060c48da837/1/3Ttxgpmf6hIRbA0VimcZ_OJYIfA.roa
File: 3Ttxgpmf6hIRbA0VimcZ_OJYIfA.roa (raw, json)
Hash identifier: +zH1GPthwkhsobewlBeYY7Dc/mFaYbK5Q5Ulu1khlSM=
Subject key identifier: DD:3B:71:82:99:9F:EA:12:11:6C:0D:15:8A:67:19:FC:E2:58:21:F0
Certificate issuer: /CN=bb19a33981e34b2ae50586e3048c663a2c6b8586
Certificate serial: 018FC411F6B634A5BF6FEFBD72D17E03ADD8
Authority key identifier: BB:19:A3:39:81:E3:4B:2A:E5:05:86:E3:04:8C:66:3A:2C:6B:85:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uxmjOYHjSyrlBYbjBIxmOixrhYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/748120-b4f5-44b0-ac9e-6060c48da837/1/3Ttxgpmf6hIRbA0VimcZ_OJYIfA.roa
Signing time: Wed 29 May 2024 11:17:42 +0000
ROA not before: Wed 29 May 2024 11:17:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201847
IP address blocks: 45.157.228.0/22 maxlen: 24
185.62.48.0/22 maxlen: 24
2a04:efc0::/29 maxlen: 32
2a0f:4d80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/748120-b4f5-44b0-ac9e-6060c48da837/1/uxmjOYHjSyrlBYbjBIxmOixrhYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/748120-b4f5-44b0-ac9e-6060c48da837/1/uxmjOYHjSyrlBYbjBIxmOixrhYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/uxmjOYHjSyrlBYbjBIxmOixrhYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c4:11:f6:b6:34:a5:bf:6f:ef:bd:72:d1:7e:03:ad:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb19a33981e34b2ae50586e3048c663a2c6b8586
Validity
Not Before: May 29 11:17:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd3b7182999fea12116c0d158a6719fce25821f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:02:aa:75:6b:49:ad:d3:df:85:06:72:c7:10:
88:3c:51:0e:0f:42:d2:a9:1a:df:55:3c:4e:93:5e:
e2:61:f0:5b:8e:3e:43:d8:ef:41:f5:1d:dd:01:3a:
27:ae:6a:23:1b:c1:a9:b2:ff:6f:92:0b:89:57:13:
c1:84:d1:ba:4a:94:ab:cf:1f:85:4b:0c:97:a3:c7:
4b:d7:e0:75:86:95:69:26:19:2f:00:d3:8f:0a:7a:
37:01:8c:f1:2a:83:d1:b4:5d:3c:d2:c0:d2:6a:c5:
72:29:cd:41:c5:47:44:e9:aa:5d:2f:76:c0:e5:36:
72:84:ca:65:7b:50:ac:89:39:a4:78:79:22:4f:56:
dd:85:e2:88:7c:af:c6:dc:ae:4d:75:17:c6:4e:09:
c0:1e:33:83:8e:0b:e7:49:a7:84:e1:48:57:3e:d4:
54:5a:f4:e9:3c:e0:30:fd:58:ec:7c:d5:82:59:45:
76:f1:48:9f:d3:21:41:91:aa:3b:7b:8b:dc:d8:a9:
fd:2b:f0:85:b9:01:4e:e6:c9:d8:fa:2e:c9:36:41:
b1:77:5c:af:b0:69:a2:a5:d4:ff:da:5b:7d:f9:fa:
ce:08:59:ce:00:f3:48:4c:32:56:b8:5c:de:9a:ac:
64:c7:69:8e:f6:ac:87:ab:a5:fe:35:af:ea:43:c7:
05:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3B:71:82:99:9F:EA:12:11:6C:0D:15:8A:67:19:FC:E2:58:21:F0
X509v3 Authority Key Identifier:
keyid:BB:19:A3:39:81:E3:4B:2A:E5:05:86:E3:04:8C:66:3A:2C:6B:85:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uxmjOYHjSyrlBYbjBIxmOixrhYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/748120-b4f5-44b0-ac9e-6060c48da837/1/3Ttxgpmf6hIRbA0VimcZ_OJYIfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/748120-b4f5-44b0-ac9e-6060c48da837/1/uxmjOYHjSyrlBYbjBIxmOixrhYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.228.0/22
185.62.48.0/22
IPv6:
2a04:efc0::/29
2a0f:4d80::/29
Signature Algorithm: sha256WithRSAEncryption
19:84:84:17:c2:69:31:fc:4b:48:89:a1:ff:36:b9:5b:b7:ae:
90:cf:67:39:6c:9e:e0:6a:8b:af:be:9c:e4:a0:6f:b3:69:67:
73:ce:29:bb:ed:bc:ce:f4:04:1e:e9:43:b2:15:8e:d4:fd:30:
0a:c3:1d:07:7f:e0:f8:28:9a:7e:8d:14:bd:e7:e1:3d:99:26:
f6:8c:e7:c1:f4:5b:74:cd:7b:ac:1d:28:4f:0d:40:17:b7:8e:
1b:4e:97:6a:54:19:e5:a7:ee:eb:11:4d:c3:aa:09:ff:8d:e1:
53:ef:81:e5:31:fd:f0:94:20:df:c1:37:e0:38:49:b5:a4:51:
33:77:22:4b:76:7b:c1:f1:4a:6d:42:5e:73:0f:0a:21:51:c4:
c6:66:8b:6e:c3:93:01:23:80:9b:d4:24:bf:35:93:57:a9:0d:
d4:73:fa:af:c7:97:63:14:96:cc:de:1f:ef:b8:3e:a2:08:a7:
3b:e5:47:11:bd:92:91:83:fb:a7:37:7f:20:32:d4:d7:6e:dc:
a6:f9:22:ae:0f:e7:a1:c4:9c:5c:14:0b:e9:40:a5:44:47:2b:
2f:a4:84:8d:83:e3:3a:0a:40:9d:45:04:a1:3c:bd:76:4f:7e:
17:35:b2:a2:ef:31:d5:91:b2:3f:d0:d3:e7:f8:e1:15:13:ae:
dc:7e:97:8a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY/EEfa2NKW/b++9ctF+A63YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMTlhMzM5ODFlMzRiMmFlNTA1ODZlMzA0OGM2NjNhMmM2
Yjg1ODYwHhcNMjQwNTI5MTExNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNiNzE4Mjk5OWZlYTEyMTE2YzBkMTU4YTY3MTlmY2UyNTgyMWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgKqdWtJrdPfhQZyxxCIPFEOD0LS
qRrfVTxOk17iYfBbjj5D2O9B9R3dATonrmojG8Gpsv9vkguJVxPBhNG6SpSrzx+F
SwyXo8dL1+B1hpVpJhkvANOPCno3AYzxKoPRtF080sDSasVyKc1BxUdE6apdL3bA
5TZyhMple1CsiTmkeHkiT1bdheKIfK/G3K5NdRfGTgnAHjODjgvnSaeE4UhXPtRU
WvTpPOAw/VjsfNWCWUV28Uif0yFBkao7e4vc2Kn9K/CFuQFO5snY+i7JNkGxd1yv
sGmipdT/2lt9+frOCFnOAPNITDJWuFzemqxkx2mO9qyHq6X+Na/qQ8cFPwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFN07cYKZn+oSEWwNFYpnGfziWCHwMB8GA1UdIwQY
MBaAFLsZozmB40sq5QWG4wSMZjosa4WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXhtak9ZSGpTeXJsQlliakJJeG1PaXhyaFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS83NDgxMjAtYjRmNS00NGIwLWFjOWUt
NjA2MGM0OGRhODM3LzEvM1R0eGdwbWY2aElSYkEwVmltY1pfT0pZSWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS83NDgxMjAtYjRmNS00NGIwLWFjOWUtNjA2MGM0OGRhODM3
LzEvdXhtak9ZSGpTeXJsQlliakJJeG1PaXhyaFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLZ3kAwQC
uT4wMBQEAgACMA4DBQMqBO/AAwUDKg9NgDANBgkqhkiG9w0BAQsFAAOCAQEAGYSE
F8JpMfxLSImh/za5W7eukM9nOWye4GqLr76c5KBvs2lnc84pu+28zvQEHulDshWO
1P0wCsMdB3/g+Ciafo0UvefhPZkm9oznwfRbdM17rB0oTw1AF7eOG06XalQZ5afu
6xFNw6oJ/43hU++B5TH98JQg38E34DhJtaRRM3ciS3Z7wfFKbUJecw8KIVHExmaL
bsOTASOAm9QkvzWTV6kN1HP6r8eXYxSWzN4f77g+oginO+VHEb2SkYP7pzd/IDLU
127cpvkirg/nocScXBQL6UClREcrL6SEjYPjOgpAnUUEoTy9dk9+FzWyou8x1ZGy
P9DT5/jhFROu3H6Xig==
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:24:43 2024 by rpki-client on console-ams.rpki-client.org