Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/sGMysdCe-pZPdXcbJzM8V1RQi-g.roa
File: sGMysdCe-pZPdXcbJzM8V1RQi-g.roa (raw, json)
Hash identifier: 5aNze1guaywDPejF9LWpTOmRkIz2Lqp1/wcXfH2qqtI=
Subject key identifier: B0:63:32:B1:D0:9E:FA:96:4F:75:77:1B:27:33:3C:57:54:50:8B:E8
Certificate issuer: /CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Certificate serial: 018CC64AA5860DC0AAA53521C2168738449E
Authority key identifier: D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/sGMysdCe-pZPdXcbJzM8V1RQi-g.roa
Signing time: Mon 01 Jan 2024 18:30:29 +0000
ROA not before: Mon 01 Jan 2024 18:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134589
IP address blocks: 145.34.4.0/24 maxlen: 24
145.34.0.0/21 maxlen: 24
145.34.8.0/21 maxlen: 24
145.34.128.0/21 maxlen: 24
145.34.136.0/21 maxlen: 24
145.34.32.0/24 maxlen: 24
145.34.32.0/21 maxlen: 24
145.34.144.0/24 maxlen: 24
145.34.145.0/24 maxlen: 24
145.34.149.0/24 maxlen: 24
145.34.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 13:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:a5:86:0d:c0:aa:a5:35:21:c2:16:87:38:44:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Validity
Not Before: Jan 1 18:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b06332b1d09efa964f75771b27333c5754508be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d7:8e:0f:1b:fe:13:db:d4:ad:2f:6b:f2:53:
c4:60:cb:a9:6e:50:42:49:9c:4f:b0:df:f1:30:88:
f9:2c:01:77:13:24:7c:f8:f9:84:97:fa:5d:cc:b6:
69:44:d0:52:93:f6:d5:1a:79:1b:19:91:9a:58:fc:
f3:2e:b7:98:56:20:55:7d:3c:a8:df:49:eb:ea:8a:
dc:c4:5a:10:94:ed:d4:f8:85:b9:64:86:6b:97:2e:
6f:65:9b:91:55:8e:bd:80:b0:bb:f4:b9:29:2d:cc:
85:b1:03:a0:7b:5b:ae:ce:5f:b5:62:6f:6f:a8:0a:
54:26:24:d0:1a:65:f9:b9:79:fb:fc:cd:0a:7e:95:
42:f1:1d:29:e4:4d:85:0c:70:f1:71:d6:fb:ae:08:
29:cd:bf:a0:5a:8c:20:ef:93:97:12:5e:54:e2:fd:
ba:6f:f9:10:d7:38:55:0b:ea:78:b9:f7:4b:25:6e:
0a:31:a4:54:49:b2:81:9c:86:6c:a1:dd:cd:18:32:
d6:6c:48:a6:38:7c:06:6b:9d:97:e6:34:28:bb:50:
bc:83:c9:38:83:29:14:34:4f:5f:c3:d8:85:c3:76:
e1:a8:f1:1a:c0:4b:bd:03:46:00:7c:a8:18:a6:bc:
3e:cb:72:b9:50:16:bb:40:6f:76:55:0f:6d:7a:26:
5e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:63:32:B1:D0:9E:FA:96:4F:75:77:1B:27:33:3C:57:54:50:8B:E8
X509v3 Authority Key Identifier:
keyid:D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/sGMysdCe-pZPdXcbJzM8V1RQi-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.34.0.0/20
145.34.32.0/21
145.34.128.0-145.34.145.255
145.34.148.0/23
Signature Algorithm: sha256WithRSAEncryption
91:00:88:b2:5d:b8:be:99:1e:ce:96:ec:9b:e1:1b:fc:fe:4b:
6a:11:58:82:1c:6b:43:52:40:d8:21:c5:c8:f6:10:1c:52:25:
44:88:2b:e8:73:07:f3:3d:55:bb:5d:10:11:fa:d6:74:9f:e7:
77:44:cb:ea:91:1e:1a:0a:f3:a8:00:45:27:0a:3a:4d:04:2a:
82:2c:c8:74:65:6d:55:31:f3:c9:42:b7:87:16:ee:ad:fa:05:
d2:a1:f6:cc:57:d5:30:03:d6:ec:68:c7:e4:58:4a:db:6e:e7:
0f:6c:17:b0:bd:55:3c:17:f3:f8:fa:ab:06:8b:9c:51:1a:41:
66:71:02:1b:db:8d:e4:25:d2:92:7d:a8:e7:49:03:b5:6f:8a:
ad:5f:45:28:80:b4:dd:a0:30:f6:33:73:f9:1c:1b:f7:59:31:
a2:a3:e9:61:ca:13:8a:cd:29:1b:a4:b6:31:e9:78:52:62:eb:
4a:59:0b:66:fc:de:68:a7:d9:30:60:aa:8e:aa:de:b2:41:7b:
e5:8a:12:f4:fc:36:06:ea:72:2b:b0:5c:fa:c4:aa:57:f8:0c:
92:cc:b9:6d:c7:58:ee:77:26:c7:a9:df:54:4d:0e:99:b1:de:
16:98:57:14:e0:f6:ee:83:03:47:e2:1a:8f:7c:7b:b1:4a:a4:
0f:5b:b4:94
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzGSqWGDcCqpTUhwhaHOESeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTM4NTQyY2ZkYjFlZTZlMDc1ZWFlNmIxMDFlN2JiNWIx
NGM0MzYwHhcNMjQwMTAxMTgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDYzMzJiMWQwOWVmYTk2NGY3NTc3MWIyNzMzM2M1NzU0NTA4YmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNeODxv+E9vUrS9r8lPEYMupblBC
SZxPsN/xMIj5LAF3EyR8+PmEl/pdzLZpRNBSk/bVGnkbGZGaWPzzLreYViBVfTyo
30nr6orcxFoQlO3U+IW5ZIZrly5vZZuRVY69gLC79LkpLcyFsQOge1uuzl+1Ym9v
qApUJiTQGmX5uXn7/M0KfpVC8R0p5E2FDHDxcdb7rggpzb+gWowg75OXEl5U4v26
b/kQ1zhVC+p4ufdLJW4KMaRUSbKBnIZsod3NGDLWbEimOHwGa52X5jQou1C8g8k4
gykUNE9fw9iFw3bhqPEawEu9A0YAfKgYprw+y3K5UBa7QG92VQ9teiZeaQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLBjMrHQnvqWT3V3GyczPFdUUIvoMB8GA1UdIwQY
MBaAFNCjhULP2x7m4HXq5rEB57tbFMQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEt
NDBkMTkxMWZhN2YzLzEvc0dNeXNkQ2UtcFpQZFhjYkp6TThWMVJRaS1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEtNDBkMTkxMWZhN2Yz
LzEvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEkSIAAwQD
kSIgMAwDBAeRIoADBAGRIpADBAGRIpQwDQYJKoZIhvcNAQELBQADggEBAJEAiLJd
uL6ZHs6W7JvhG/z+S2oRWIIca0NSQNghxcj2EBxSJUSIK+hzB/M9VbtdEBH61nSf
53dEy+qRHhoK86gARScKOk0EKoIsyHRlbVUx88lCt4cW7q36BdKh9sxX1TAD1uxo
x+RYSttu5w9sF7C9VTwX8/j6qwaLnFEaQWZxAhvbjeQl0pJ9qOdJA7Vviq1fRSiA
tN2gMPYzc/kcG/dZMaKj6WHKE4rNKRuktjHpeFJi60pZC2b83min2TBgqo6q3rJB
e+WKEvT8NgbqciuwXPrEqlf4DJLMuW3HWO53Jsep31RNDpmx3haYVxTg9u6DA0fi
Go98e7FKpA9btJQ=
-----END CERTIFICATE-----
Generated at Tue May 28 21:23:09 2024 by rpki-client on console-ams.rpki-client.org