Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/z0vXlAgc2ZTw6IjvtVB5YL_18Nk.roa
File: z0vXlAgc2ZTw6IjvtVB5YL_18Nk.roa (raw, json)
Hash identifier: 3GgXirA3c0AixIi/vhJJBEccVT7E2S3XT0GZ7dCAMJs=
Subject key identifier: CF:4B:D7:94:08:1C:D9:94:F0:E8:88:EF:B5:50:79:60:BF:F5:F0:D9
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018F1FB157AC686846263F56EAD1C3E12660
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/z0vXlAgc2ZTw6IjvtVB5YL_18Nk.roa
Signing time: Sat 27 Apr 2024 13:14:27 +0000
ROA not before: Sat 27 Apr 2024 13:14:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 45.130.119.0/24 maxlen: 24
45.137.198.0/23 maxlen: 24
45.137.204.0/23 maxlen: 24
45.137.206.0/24 maxlen: 24
45.137.207.0/24 maxlen: 24
45.138.19.0/24 maxlen: 24
45.139.50.0/23 maxlen: 24
45.140.140.0/22 maxlen: 24
45.140.188.0/22 maxlen: 24
45.140.212.0/23 maxlen: 23
45.140.212.0/24 maxlen: 24
45.140.213.0/24 maxlen: 24
193.176.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1f:b1:57:ac:68:68:46:26:3f:56:ea:d1:c3:e1:26:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 27 13:14:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf4bd794081cd994f0e888efb5507960bff5f0d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1b:1b:09:2d:82:a9:4a:77:19:57:0e:db:f3:
bc:54:7e:68:97:2f:c6:69:c2:b5:c6:fd:87:c4:a9:
7a:e3:ac:ee:a7:2e:cb:83:1b:47:ca:4e:e9:6c:91:
1c:6a:1b:0d:af:ff:d5:1f:36:d0:69:53:26:92:8a:
ec:df:28:b1:55:8d:57:cd:b8:f2:75:7b:1c:6e:73:
c2:35:b1:c1:ed:46:dd:20:d6:d2:4c:7e:4e:05:7d:
31:f4:a7:c8:ab:7d:7a:57:64:fc:30:4d:8c:6e:2c:
ec:7e:82:e6:7e:b0:b6:71:99:ec:6f:86:2d:16:fb:
fb:8a:1f:aa:41:a6:fa:db:e2:f6:6c:7f:b9:a0:3f:
dd:c7:de:26:f3:5b:ea:cc:f2:97:47:9e:79:33:b3:
de:48:f7:e4:5f:f2:26:1b:54:e6:ba:3b:9c:70:cf:
22:c4:67:aa:08:11:13:26:30:f5:27:3b:cd:66:5a:
06:ad:52:74:8b:9c:8f:c6:07:d2:c9:01:cc:35:0b:
20:f2:3a:28:d2:85:17:e7:ea:59:fa:38:c3:b6:3b:
33:58:09:e1:de:80:e2:b0:06:8d:a1:99:5a:bc:4d:
7d:3b:b7:61:b9:d5:96:76:4e:81:51:3a:2d:2d:94:
79:42:ee:28:4e:d5:70:fa:24:a6:7c:1a:04:b6:ac:
d4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4B:D7:94:08:1C:D9:94:F0:E8:88:EF:B5:50:79:60:BF:F5:F0:D9
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/z0vXlAgc2ZTw6IjvtVB5YL_18Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.119.0/24
45.137.198.0/23
45.137.204.0/22
45.138.19.0/24
45.139.50.0/23
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
193.176.244.0/23
Signature Algorithm: sha256WithRSAEncryption
10:6f:b2:0e:70:03:29:50:1a:48:ad:1c:a0:9a:30:3f:fe:e2:
26:e5:85:a1:83:fe:49:df:9d:fa:38:90:8e:45:36:39:f9:8c:
48:75:61:bc:20:fa:42:14:1e:a0:52:e6:ba:22:92:6a:3d:8e:
98:bf:f3:47:af:54:ec:27:8f:00:7e:8a:e4:f5:49:68:58:76:
79:f6:9a:48:0a:88:f3:7c:4c:af:dc:01:c7:44:ac:f2:ce:be:
33:56:07:d9:c9:38:55:47:49:af:b9:d6:4f:ee:13:58:ab:6d:
7d:c6:24:17:72:79:4c:ee:04:97:ff:db:e2:e9:5e:9f:3e:8c:
6d:68:dd:66:5a:63:3e:50:3d:23:b9:ba:9a:2e:31:9f:c3:25:
ce:a3:0f:64:81:82:88:7c:fd:9f:3d:82:c9:d5:da:94:a9:8b:
fe:6f:aa:6c:3d:f0:af:1e:fd:9f:b4:15:78:1c:9a:01:0c:7f:
31:13:43:ec:9e:d9:70:6c:e8:cf:ad:ef:3f:d0:1e:eb:5d:02:
ba:11:06:d1:0a:df:a4:80:82:c0:a1:2b:11:31:52:0c:bb:40:
af:33:fc:77:e0:7e:48:e6:18:f9:f4:7e:7a:ab:12:9b:fb:6b:
7d:52:18:b2:60:d0:d3:ef:7f:2e:d8:6b:ff:e3:44:52:b3:fe:
5f:35:8a:83
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY8fsVesaGhGJj9W6tHD4SZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNDI3MTMxNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjRiZDc5NDA4MWNkOTk0ZjBlODg4ZWZiNTUwNzk2MGJmZjVmMGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxsbCS2CqUp3GVcO2/O8VH5oly/G
acK1xv2HxKl646zupy7LgxtHyk7pbJEcahsNr//VHzbQaVMmkors3yixVY1Xzbjy
dXscbnPCNbHB7UbdINbSTH5OBX0x9KfIq316V2T8ME2MbizsfoLmfrC2cZnsb4Yt
Fvv7ih+qQab62+L2bH+5oD/dx94m81vqzPKXR555M7PeSPfkX/ImG1TmujuccM8i
xGeqCBETJjD1JzvNZloGrVJ0i5yPxgfSyQHMNQsg8joo0oUX5+pZ+jjDtjszWAnh
3oDisAaNoZlavE19O7dhudWWdk6BUTotLZR5Qu4oTtVw+iSmfBoEtqzUpQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFM9L15QIHNmU8OiI77VQeWC/9fDZMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvejB2WGxBZ2MyWlR3NklqdnRWQjVZTF8xOE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALYJ3AwQB
LYnGAwQCLYnMAwQALYoTAwQBLYsyAwQCLYyMAwQCLYy8AwQBLYzUAwQBwbD0MA0G
CSqGSIb3DQEBCwUAA4IBAQAQb7IOcAMpUBpIrRygmjA//uIm5YWhg/5J3536OJCO
RTY5+YxIdWG8IPpCFB6gUua6IpJqPY6Yv/NHr1TsJ48Afork9UloWHZ59ppICojz
fEyv3AHHRKzyzr4zVgfZyThVR0mvudZP7hNYq219xiQXcnlM7gSX/9vi6V6fPoxt
aN1mWmM+UD0jubqaLjGfwyXOow9kgYKIfP2fPYLJ1dqUqYv+b6psPfCvHv2ftBV4
HJoBDH8xE0PsntlwbOjPre8/0B7rXQK6EQbRCt+kgILAoSsRMVIMu0CvM/x34H5I
5hj59H56qxKb+2t9UhiyYNDT738u2Gv/40RSs/5fNYqD
-----END CERTIFICATE-----
Generated at Sat Apr 27 20:03:48 2024 by rpki-client on console.sobornost.net