Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/f8DS73mNewry1ZZPxbhvgs8WU94.roa
File: f8DS73mNewry1ZZPxbhvgs8WU94.roa (raw, json)
Hash identifier: malNkHbcPr/kbe2Ki4yueZtENCLA1ldJjX7yT5mGfX0=
Subject key identifier: 7F:C0:D2:EF:79:8D:7B:0A:F2:D5:96:4F:C5:B8:6F:82:CF:16:53:DE
Certificate issuer: /CN=cc110bef9c5b96a831c7abf95592744bbaf1ee67
Certificate serial: 018CC8014366FF76390AEBF4F88E9D4A9FAC
Authority key identifier: CC:11:0B:EF:9C:5B:96:A8:31:C7:AB:F9:55:92:74:4B:BA:F1:EE:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zBEL75xblqgxx6v5VZJ0S7rx7mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/f8DS73mNewry1ZZPxbhvgs8WU94.roa
Signing time: Tue 02 Jan 2024 02:29:35 +0000
ROA not before: Tue 02 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205500
IP address blocks: 45.152.171.0/24 maxlen: 24
45.152.168.0/22 maxlen: 22
185.216.16.0/22 maxlen: 22
2a0f:5000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/zBEL75xblqgxx6v5VZJ0S7rx7mc.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/zBEL75xblqgxx6v5VZJ0S7rx7mc.mft
rsync://rpki.ripe.net/repository/DEFAULT/zBEL75xblqgxx6v5VZJ0S7rx7mc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:43:66:ff:76:39:0a:eb:f4:f8:8e:9d:4a:9f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc110bef9c5b96a831c7abf95592744bbaf1ee67
Validity
Not Before: Jan 2 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fc0d2ef798d7b0af2d5964fc5b86f82cf1653de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6c:09:96:a4:79:11:02:f2:d5:ef:15:fd:93:
f7:4e:e2:2b:7d:c7:6a:45:d3:fa:40:fb:a8:87:61:
85:51:16:79:3f:e2:e1:73:b5:9f:a2:3d:4c:71:07:
9c:f7:dd:46:54:67:46:1d:fa:fe:10:35:e3:dd:02:
75:bb:0d:2e:d6:d2:05:35:d9:bf:26:9f:62:70:c1:
e2:84:4c:66:74:a8:f2:62:52:de:1d:2e:19:e0:59:
80:46:91:81:ba:f7:cc:d8:a8:7b:f5:be:0a:72:2b:
c8:40:f0:60:09:20:4d:f9:c6:0c:66:d4:90:22:27:
e8:7c:0d:d4:da:c6:72:01:bf:2c:bc:68:bd:ed:2e:
10:69:7a:db:bb:69:58:6c:fe:a8:81:60:54:d2:c6:
44:bb:f2:89:b9:f6:3a:d9:93:e0:54:38:47:f6:d1:
06:be:07:e9:e1:7b:52:95:5d:43:90:2c:e5:57:2b:
05:be:a7:dd:41:da:9f:6e:dd:e2:4e:2a:e0:ab:8e:
16:a9:7e:dc:cb:f7:84:b0:0c:db:39:dd:40:b9:b8:
ed:9f:24:59:6c:b4:73:66:db:84:0c:02:78:32:22:
19:4f:c2:c6:99:f5:34:b6:d8:9c:4e:2c:bd:23:91:
58:b2:7e:2a:9b:fa:0c:ad:e2:51:03:11:85:1f:7c:
0a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C0:D2:EF:79:8D:7B:0A:F2:D5:96:4F:C5:B8:6F:82:CF:16:53:DE
X509v3 Authority Key Identifier:
keyid:CC:11:0B:EF:9C:5B:96:A8:31:C7:AB:F9:55:92:74:4B:BA:F1:EE:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zBEL75xblqgxx6v5VZJ0S7rx7mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/f8DS73mNewry1ZZPxbhvgs8WU94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/zBEL75xblqgxx6v5VZJ0S7rx7mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.168.0/22
185.216.16.0/22
IPv6:
2a0f:5000::/29
Signature Algorithm: sha256WithRSAEncryption
94:c5:5a:32:51:83:4d:68:37:d3:f0:b0:5b:89:e9:27:d8:29:
25:b0:9c:d0:2f:8c:a4:c7:74:3e:99:a6:29:31:fa:21:21:62:
be:20:e0:98:c9:71:37:8e:1d:90:8e:09:d7:55:59:70:da:05:
22:ef:f4:35:01:3f:4f:58:f8:f5:52:02:4a:65:a6:c9:d5:8e:
24:ed:b0:fc:9d:aa:d4:5b:df:5d:3b:92:62:c0:b9:0c:0b:53:
b2:60:29:43:81:63:ad:d7:5f:cc:e7:21:ff:38:db:cc:4b:71:
8c:46:21:92:14:16:02:2d:c2:44:db:fe:87:33:bd:f3:d7:26:
27:18:17:8a:38:b4:20:d3:6b:23:ac:55:17:a8:4a:89:46:92:
cb:0d:92:d3:31:c7:29:0a:a7:b0:b3:a1:00:4d:29:e0:7a:b0:
25:f9:3f:ec:f7:fc:60:9c:ee:a4:bb:b4:86:7c:5c:16:9d:f3:
b4:18:54:b4:06:ad:df:e2:77:a8:e2:5b:30:ce:44:ba:9e:44:
1e:76:a2:a6:0e:4e:88:8c:be:ee:03:ea:c2:73:e1:1e:eb:d6:
6a:d5:52:73:08:f8:a4:db:f0:9c:7e:d3:73:90:17:75:93:79:
d9:4b:e0:3c:03:59:f2:a2:0b:b6:8d:ca:72:9c:26:29:f1:8c:
ad:7d:e2:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAUNm/3Y5Cuv0+I6dSp+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMTEwYmVmOWM1Yjk2YTgzMWM3YWJmOTU1OTI3NDRiYmFm
MWVlNjcwHhcNMjQwMTAyMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmMwZDJlZjc5OGQ3YjBhZjJkNTk2NGZjNWI4NmY4MmNmMTY1M2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGwJlqR5EQLy1e8V/ZP3TuIrfcdq
RdP6QPuoh2GFURZ5P+Lhc7Wfoj1McQec991GVGdGHfr+EDXj3QJ1uw0u1tIFNdm/
Jp9icMHihExmdKjyYlLeHS4Z4FmARpGBuvfM2Kh79b4KcivIQPBgCSBN+cYMZtSQ
IifofA3U2sZyAb8svGi97S4QaXrbu2lYbP6ogWBU0sZEu/KJufY62ZPgVDhH9tEG
vgfp4XtSlV1DkCzlVysFvqfdQdqfbt3iTirgq44WqX7cy/eEsAzbOd1AubjtnyRZ
bLRzZtuEDAJ4MiIZT8LGmfU0tticTiy9I5FYsn4qm/oMreJRAxGFH3wK0QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH/A0u95jXsK8tWWT8W4b4LPFlPeMB8GA1UdIwQY
MBaAFMwRC++cW5aoMcer+VWSdEu68e5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekJFTDc1eGJscWd4eDZ2NVZaSjBTN3J4N21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81MjliZTktMWZjZi00NmEzLWIxM2Qt
YzhhY2I3MTczYjYyLzEvZjhEUzczbU5ld3J5MVpaUHhiaHZnczhXVTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81MjliZTktMWZjZi00NmEzLWIxM2QtYzhhY2I3MTczYjYy
LzEvekJFTDc1eGJscWd4eDZ2NVZaSjBTN3J4N21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZioAwQC
udgQMA0EAgACMAcDBQMqD1AAMA0GCSqGSIb3DQEBCwUAA4IBAQCUxVoyUYNNaDfT
8LBbiekn2CklsJzQL4ykx3Q+maYpMfohIWK+IOCYyXE3jh2QjgnXVVlw2gUi7/Q1
AT9PWPj1UgJKZabJ1Y4k7bD8narUW99dO5JiwLkMC1OyYClDgWOt11/M5yH/ONvM
S3GMRiGSFBYCLcJE2/6HM73z1yYnGBeKOLQg02sjrFUXqEqJRpLLDZLTMccpCqew
s6EATSngerAl+T/s9/xgnO6ku7SGfFwWnfO0GFS0Bq3f4neo4lswzkS6nkQedqKm
Dk6IjL7uA+rCc+Ee69Zq1VJzCPik2/CcftNzkBd1k3nZS+A8A1nyogu2jcpynCYp
8YytfeKA
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:56:18 2024 by rpki-client on console-ams.rpki-client.org