Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4UbQgweRfDKq_oXAhTBW99b_lhw.roa
File: 4UbQgweRfDKq_oXAhTBW99b_lhw.roa (raw, json)
Hash identifier: yj1jv0QGSHFjYXIJhY3y1t7LJsAXMinLgA47giCsu6o=
Subject key identifier: E1:46:D0:83:07:91:7C:32:AA:FE:85:C0:85:30:56:F7:D6:FF:96:1C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F453699177608AAE9EDD5E3BC42205348
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4UbQgweRfDKq_oXAhTBW99b_lhw.roa
Signing time: Sat 04 May 2024 20:05:57 +0000
ROA not before: Sat 04 May 2024 20:05:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4760
IP address blocks: 45.141.158.0/24 maxlen: 24
87.121.124.0/24 maxlen: 24
87.121.125.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:45:36:99:17:76:08:aa:e9:ed:d5:e3:bc:42:20:53:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 4 20:05:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e146d08307917c32aafe85c0853056f7d6ff961c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:80:c0:3c:0f:f3:f2:1f:1f:5e:60:84:bc:f3:
72:b9:9a:d0:13:54:35:32:f3:f3:ae:c0:d8:33:c7:
cb:b6:95:a3:37:2b:dd:9a:fd:b6:8c:0e:ee:d9:37:
11:dc:a7:72:bd:78:0b:db:26:56:55:f1:af:ad:ac:
3b:cd:3f:35:16:31:ed:80:99:87:0b:6c:52:81:e7:
06:54:4a:ef:5d:a3:47:5f:6f:d1:da:12:ee:d2:0c:
b6:95:39:00:5a:b7:0b:55:28:87:f1:75:bf:7f:77:
24:37:08:2e:5b:db:0c:cf:29:86:66:5a:3a:36:dd:
60:32:8f:dd:be:45:49:fc:d6:c6:cc:6f:e2:9b:57:
b6:2c:7c:f2:73:b8:6f:b7:27:e1:86:97:f0:2a:24:
66:a3:79:e5:1f:16:1b:6a:1d:25:9a:a8:e3:6f:d3:
85:78:ca:6a:06:7f:f9:04:c2:2e:3c:7f:b1:52:38:
1f:ce:05:76:f0:7c:a5:68:9f:f4:17:87:0d:08:85:
98:04:dd:08:de:76:d1:69:db:79:02:d8:6f:bd:60:
73:f9:ac:35:1d:88:1d:63:ff:ac:76:ea:a1:28:cd:
6d:6a:bd:b3:d8:c2:ba:9f:89:02:8e:e5:ba:bd:9b:
82:73:c6:10:cb:3e:5b:6d:25:2e:41:1e:4a:2e:42:
be:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:46:D0:83:07:91:7C:32:AA:FE:85:C0:85:30:56:F7:D6:FF:96:1C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4UbQgweRfDKq_oXAhTBW99b_lhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.158.0/24
87.121.124.0/23
87.121.162.0/24
147.78.100.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:d7:c6:2c:ce:35:8e:af:d3:f5:e2:79:cf:3f:bc:ad:d0:51:
7d:75:e3:f1:b6:47:38:88:e5:b8:b6:1a:cb:55:87:c4:b3:59:
fe:f9:ee:5a:05:e4:a6:46:fd:a7:ad:a1:5f:48:39:c8:96:48:
fa:58:33:62:e6:8b:aa:1d:50:c3:f0:eb:12:b0:36:e6:a4:eb:
0a:aa:b0:bd:c6:9b:8e:45:e0:db:82:c9:37:1d:e3:29:ce:6d:
2d:c5:89:92:46:8e:6e:c9:60:55:c7:56:ab:e9:f2:1b:7c:59:
25:81:2d:06:2d:4a:0b:0e:9d:ef:9e:22:3c:61:da:af:62:33:
23:44:f7:df:1d:b1:5e:8e:14:da:f0:6c:eb:3f:bd:fc:f9:5f:
ff:1b:57:42:77:4b:d2:0a:21:0d:94:62:d3:77:68:1e:54:70:
63:fb:2d:ce:33:c6:2d:2e:e0:ed:cb:63:d4:2d:38:a6:86:72:
96:b2:2c:2b:a8:2c:f5:53:b7:53:ce:71:f5:db:07:0b:31:47:
6d:12:fb:75:53:26:43:e8:89:f0:db:97:04:51:81:56:a6:e3:
9c:96:73:fe:2a:a2:3f:b4:1c:9c:db:66:f8:71:da:2f:74:ad:
fb:8f:df:c8:4a:94:c1:dd:f7:47:1c:84:9d:a6:ef:0e:e5:96:
2b:e2:a2:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9FNpkXdgiq6e3V47xCIFNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTA0MjAwNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ2ZDA4MzA3OTE3YzMyYWFmZTg1YzA4NTMwNTZmN2Q2ZmY5NjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4DAPA/z8h8fXmCEvPNyuZrQE1Q1
MvPzrsDYM8fLtpWjNyvdmv22jA7u2TcR3KdyvXgL2yZWVfGvraw7zT81FjHtgJmH
C2xSgecGVErvXaNHX2/R2hLu0gy2lTkAWrcLVSiH8XW/f3ckNwguW9sMzymGZlo6
Nt1gMo/dvkVJ/NbGzG/im1e2LHzyc7hvtyfhhpfwKiRmo3nlHxYbah0lmqjjb9OF
eMpqBn/5BMIuPH+xUjgfzgV28HylaJ/0F4cNCIWYBN0I3nbRadt5AthvvWBz+aw1
HYgdY/+sduqhKM1tar2z2MK6n4kCjuW6vZuCc8YQyz5bbSUuQR5KLkK+FQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOFG0IMHkXwyqv6FwIUwVvfW/5YcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNFViUWd3ZVJmREtxX29YQWhUQlc5OWJfbGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY2eAwQB
V3l8AwQAV3miAwQAk05kMA0GCSqGSIb3DQEBCwUAA4IBAQAK18YszjWOr9P14nnP
P7yt0FF9dePxtkc4iOW4thrLVYfEs1n++e5aBeSmRv2nraFfSDnIlkj6WDNi5ouq
HVDD8OsSsDbmpOsKqrC9xpuOReDbgsk3HeMpzm0txYmSRo5uyWBVx1ar6fIbfFkl
gS0GLUoLDp3vniI8YdqvYjMjRPffHbFejhTa8GzrP738+V//G1dCd0vSCiENlGLT
d2geVHBj+y3OM8YtLuDty2PULTimhnKWsiwrqCz1U7dTznH12wcLMUdtEvt1UyZD
6Inw25cEUYFWpuOclnP+KqI/tByc22b4cdovdK37j9/ISpTB3fdHHISdpu8O5ZYr
4qLC
-----END CERTIFICATE-----
Generated at Mon May 20 04:30:46 2024 by rpki-client on console-fra.rpki-client.org