Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/7ISwx6JY9uimhBpxdWxlZsjJ4fM.roa
File: 7ISwx6JY9uimhBpxdWxlZsjJ4fM.roa (raw, json)
Hash identifier: GlFDEQeUFNzuDK7a/YbtF+6AxQ6s9x6pzvYxTn0jzZI=
Subject key identifier: EC:84:B0:C7:A2:58:F6:E8:A6:84:1A:71:75:6C:65:66:C8:C9:E1:F3
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 01926634CADCDA4D39705943AA7FBC5531C8
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/7ISwx6JY9uimhBpxdWxlZsjJ4fM.roa
Signing time: Mon 07 Oct 2024 08:59:48 +0000
ROA not before: Mon 07 Oct 2024 08:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203396
IP address blocks: 145.12.0.0/16 maxlen: 24
145.12.216.0/24 maxlen: 24
145.12.217.0/24 maxlen: 24
145.69.0.0/16 maxlen: 24
145.69.0.0/19 maxlen: 19
145.69.25.0/24 maxlen: 24
145.69.96.0/19 maxlen: 19
145.69.100.0/24 maxlen: 24
145.69.101.0/24 maxlen: 24
145.69.102.0/24 maxlen: 24
145.69.103.0/24 maxlen: 24
145.69.104.0/24 maxlen: 24
145.69.105.0/24 maxlen: 24
145.69.106.0/24 maxlen: 24
145.69.107.0/24 maxlen: 24
145.69.108.0/24 maxlen: 24
145.69.109.0/24 maxlen: 24
145.69.110.0/24 maxlen: 24
145.69.128.0/17 maxlen: 17
145.69.210.0/24 maxlen: 24
145.69.216.0/24 maxlen: 24
145.69.221.0/24 maxlen: 24
145.69.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:34:ca:dc:da:4d:39:70:59:43:aa:7f:bc:55:31:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Oct 7 08:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec84b0c7a258f6e8a6841a71756c6566c8c9e1f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:12:4e:1d:8f:ed:7c:2b:79:ae:cc:97:09:d1:
04:4f:16:5a:c5:9a:01:28:07:6a:5c:e1:ef:3c:49:
e4:b0:e1:70:5d:2e:e1:be:38:f0:79:df:78:be:91:
59:4e:1f:e4:fa:d3:2b:3e:a4:69:ea:e1:77:05:51:
a4:8d:58:83:ec:9e:0e:e3:d3:02:32:13:1e:fe:df:
02:76:27:f6:ac:98:a5:95:ff:dc:9b:88:87:e9:a4:
0e:ee:d5:aa:66:f0:e2:c8:f9:8d:26:fa:1d:ff:d4:
e7:e5:f1:a9:71:55:b8:de:ad:ff:9f:a8:29:e5:f8:
10:20:a7:e0:04:a7:20:91:9f:90:31:84:24:10:7a:
2b:c8:25:74:eb:10:8e:1a:e2:75:fa:4e:21:6f:19:
b6:1c:4d:f4:2d:79:eb:ea:f8:23:5e:ed:e0:21:86:
65:aa:e2:9c:79:95:9d:47:c4:46:d0:fc:93:39:4f:
c6:b9:f6:ad:8d:aa:11:16:d0:39:4a:49:21:34:cd:
70:a9:a6:c7:1f:4f:61:b6:c3:1a:b6:a9:b7:59:10:
db:05:3d:54:4d:e2:55:2f:aa:fd:1f:a2:01:4b:df:
b3:dd:03:49:49:6b:c5:dc:9b:91:fc:70:b8:99:ff:
15:33:5c:d2:21:a1:b9:9a:ce:2d:82:57:86:ad:05:
e3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:84:B0:C7:A2:58:F6:E8:A6:84:1A:71:75:6C:65:66:C8:C9:E1:F3
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/7ISwx6JY9uimhBpxdWxlZsjJ4fM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.12.0.0/16
145.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:0c:2b:d7:e7:a7:73:85:05:2c:b1:11:cb:d7:a9:c3:94:2d:
39:b0:3f:2b:cc:43:f6:60:36:8c:83:9a:04:40:12:52:23:07:
7a:fd:b5:59:b6:9b:f7:5f:22:1e:15:42:5d:cf:86:97:c0:86:
2f:d9:37:0e:80:7d:a7:d3:7e:e7:2c:08:af:6a:45:db:70:04:
53:10:6a:fd:a5:6d:18:b9:93:72:46:7d:76:c3:8f:44:66:8c:
d3:48:fc:35:2d:df:51:3d:79:59:cc:5f:2f:66:76:c8:52:c3:
38:0e:b4:9b:b3:8d:8e:8d:06:7a:bd:6b:c8:56:a0:d9:51:17:
eb:ca:1a:fb:b1:ea:4a:40:10:3f:c7:4a:f2:c0:b5:9b:b5:5b:
33:e3:0c:a0:ba:3b:d5:e1:8b:ad:91:6c:fe:52:c0:0b:6a:7c:
3d:3e:c7:3c:f4:03:a8:5b:9e:bf:b4:58:53:5e:ee:a1:80:ad:
ca:96:b7:1f:af:18:6e:c2:91:9f:bb:b8:ae:9d:3c:b2:bd:9d:
ab:26:d0:29:e6:9f:bd:dd:22:54:55:5d:3c:42:92:41:f2:d3:
46:64:71:99:51:52:88:0a:67:c4:2a:1c:23:41:f4:4a:da:69:
bd:61:dd:5f:fd:14:19:90:92:7f:0c:be:5e:32:2e:ab:35:8d:
f5:89:2b:21
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZJmNMrc2k05cFlDqn+8VTHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjQxMDA3MDg1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg0YjBjN2EyNThmNmU4YTY4NDFhNzE3NTZjNjU2NmM4YzllMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhJOHY/tfCt5rsyXCdEETxZaxZoB
KAdqXOHvPEnksOFwXS7hvjjwed94vpFZTh/k+tMrPqRp6uF3BVGkjViD7J4O49MC
MhMe/t8Cdif2rJillf/cm4iH6aQO7tWqZvDiyPmNJvod/9Tn5fGpcVW43q3/n6gp
5fgQIKfgBKcgkZ+QMYQkEHoryCV06xCOGuJ1+k4hbxm2HE30LXnr6vgjXu3gIYZl
quKceZWdR8RG0PyTOU/GufatjaoRFtA5SkkhNM1wqabHH09htsMatqm3WRDbBT1U
TeJVL6r9H6IBS9+z3QNJSWvF3JuR/HC4mf8VM1zSIaG5ms4tgleGrQXjIQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFOyEsMeiWPbopoQacXVsZWbIyeHzMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvN0lTd3g2Slk5dWltaEJweGRXeGxac2pKNGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAkQwDAwCR
RTANBgkqhkiG9w0BAQsFAAOCAQEAHQwr1+enc4UFLLERy9epw5QtObA/K8xD9mA2
jIOaBEASUiMHev21Wbab918iHhVCXc+Gl8CGL9k3DoB9p9N+5ywIr2pF23AEUxBq
/aVtGLmTckZ9dsOPRGaM00j8NS3fUT15WcxfL2Z2yFLDOA60m7ONjo0Ger1ryFag
2VEX68oa+7HqSkAQP8dK8sC1m7VbM+MMoLo71eGLrZFs/lLAC2p8PT7HPPQDqFue
v7RYU17uoYCtypa3H68YbsKRn7u4rp08sr2dqybQKeafvd0iVFVdPEKSQfLTRmRx
mVFSiApnxCocI0H0StppvWHdX/0UGZCSfwy+XjIuqzWN9YkrIQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:16:14 2024 by rpki-client on console-fra.rpki-client.org