Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/_HzR7J85HUByAiXzhmDlHB9D5gk.roa
File: _HzR7J85HUByAiXzhmDlHB9D5gk.roa (raw, json)
Hash identifier: +AyOQMgud2HmhdEXbddy7FEqDK6U3qHf+L+FHHwtKJY=
Subject key identifier: FC:7C:D1:EC:9F:39:1D:40:72:02:25:F3:86:60:E5:1C:1F:43:E6:09
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018F7218E774CF24A255CA2D6AABC5B5F9CA
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/_HzR7J85HUByAiXzhmDlHB9D5gk.roa
Signing time: Mon 13 May 2024 13:16:25 +0000
ROA not before: Mon 13 May 2024 13:16:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200250
IP address blocks: 45.152.10.0/24 maxlen: 24
2a0c:fe01::/32 maxlen: 48
2a0e:a942::/32 maxlen: 48
2a0e:cbc3::/33 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:18:e7:74:cf:24:a2:55:ca:2d:6a:ab:c5:b5:f9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 13 13:16:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc7cd1ec9f391d40720225f38660e51c1f43e609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a2:01:42:a1:e8:24:fc:40:4e:ee:ca:f1:28:
9d:eb:92:60:ba:bc:3d:97:b2:3b:d2:1a:7d:96:bc:
c9:20:7d:1c:ec:0d:d0:0d:cf:1d:05:7f:0a:3a:93:
6b:33:38:1d:b6:e5:e9:92:5a:d2:c7:ca:09:05:d7:
d7:d4:a4:79:d1:ba:16:3f:09:fc:ef:28:6d:d3:38:
12:cd:94:95:f9:db:48:16:c6:7c:e0:05:77:c8:27:
66:f1:a4:28:54:85:e6:e5:77:52:80:2c:51:78:75:
90:3c:99:9a:23:3d:0c:8a:22:71:12:78:b5:fe:a0:
ad:a4:5c:89:ad:0d:75:d5:dd:14:a8:79:98:5e:4c:
8e:d6:74:19:0c:7b:31:3d:8f:05:e8:65:84:5b:57:
5d:f9:f2:ae:80:9d:c9:05:db:44:a4:6b:45:bd:5b:
0e:e2:ce:ed:80:dc:cb:21:3d:71:d9:03:a7:64:c3:
c9:b1:32:b3:13:87:2c:4a:2a:ad:1f:f4:5d:d1:79:
ad:2d:28:5c:79:ce:1c:e8:0b:33:ae:2b:a1:bb:c5:
87:fe:f6:ff:8b:91:5a:3e:37:57:b8:2a:55:dd:fc:
de:64:65:e0:5a:dc:fd:17:6f:68:bf:57:19:e2:30:
de:86:b1:9a:8a:ce:73:60:1e:90:7d:28:54:03:3e:
31:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:7C:D1:EC:9F:39:1D:40:72:02:25:F3:86:60:E5:1C:1F:43:E6:09
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/_HzR7J85HUByAiXzhmDlHB9D5gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.10.0/24
IPv6:
2a0c:fe01::/32
2a0e:a942::/32
2a0e:cbc3::/33
Signature Algorithm: sha256WithRSAEncryption
2a:71:99:36:6b:ec:1d:9f:e3:24:6a:5c:63:18:e7:48:6d:20:
2f:58:39:9f:f7:85:e1:3f:fb:d1:80:a0:9c:ff:39:57:0a:50:
fd:22:bb:64:c6:86:db:18:c8:bb:1a:ad:90:fe:8c:ff:63:d1:
a7:95:64:52:42:3c:27:be:71:1f:ab:d6:6d:69:6f:77:67:89:
2b:e8:31:47:b2:fb:a7:c9:f5:88:a2:53:6e:7a:23:0e:0d:7e:
bb:cc:74:81:a8:90:2f:08:72:41:84:de:ec:06:94:e4:43:98:
34:8d:34:9f:af:c1:af:6e:e0:dc:29:36:42:66:09:14:17:e0:
4e:18:02:ce:a3:1e:16:a1:10:16:21:87:09:c9:1f:ae:9c:cc:
80:19:46:e6:09:f2:04:ee:eb:26:c5:a2:53:0e:55:b0:94:d0:
17:c8:be:8f:bb:84:9e:a7:6f:b0:f9:49:59:76:6e:ec:a1:0b:
42:ed:5f:52:2a:1c:78:53:f6:eb:b3:65:6e:53:35:e6:ff:85:
66:fa:d0:70:f4:52:94:27:57:ef:25:f1:cd:88:3f:87:44:7f:
5c:6f:9e:3c:db:3d:79:aa:2f:d1:7c:b6:23:23:91:e9:62:d1:
75:3c:01:01:3b:ba:57:cf:be:13:6e:07:c5:f7:bb:97:5e:f4:
61:78:44:e7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY9yGOd0zySiVcotaqvFtfnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNTEzMTMxNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzdjZDFlYzlmMzkxZDQwNzIwMjI1ZjM4NjYwZTUxYzFmNDNlNjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKIBQqHoJPxATu7K8Sid65Jgurw9
l7I70hp9lrzJIH0c7A3QDc8dBX8KOpNrMzgdtuXpklrSx8oJBdfX1KR50boWPwn8
7yht0zgSzZSV+dtIFsZ84AV3yCdm8aQoVIXm5XdSgCxReHWQPJmaIz0MiiJxEni1
/qCtpFyJrQ111d0UqHmYXkyO1nQZDHsxPY8F6GWEW1dd+fKugJ3JBdtEpGtFvVsO
4s7tgNzLIT1x2QOnZMPJsTKzE4csSiqtH/Rd0XmtLShcec4c6Aszriuhu8WH/vb/
i5FaPjdXuCpV3fzeZGXgWtz9F29ov1cZ4jDehrGais5zYB6QfShUAz4xNwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPx80eyfOR1AcgIl84Zg5RwfQ+YJMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvX0h6UjdKODVIVUJ5QWlYemhtRGxIQjlENWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAMBAIAATAGAwQALZgKMBwE
AgACMBYDBQAqDP4BAwUAKg6pQgMGByoOy8MAMA0GCSqGSIb3DQEBCwUAA4IBAQAq
cZk2a+wdn+MkalxjGOdIbSAvWDmf94XhP/vRgKCc/zlXClD9IrtkxobbGMi7Gq2Q
/oz/Y9GnlWRSQjwnvnEfq9ZtaW93Z4kr6DFHsvunyfWIolNueiMODX67zHSBqJAv
CHJBhN7sBpTkQ5g0jTSfr8GvbuDcKTZCZgkUF+BOGALOox4WoRAWIYcJyR+unMyA
GUbmCfIE7usmxaJTDlWwlNAXyL6Pu4Sep2+w+UlZdm7soQtC7V9SKhx4U/brs2Vu
UzXm/4Vm+tBw9FKUJ1fvJfHNiD+HRH9cb5482z15qi/RfLYjI5HpYtF1PAEBO7pX
z74TbgfF97uXXvRheETn
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:22:47 2024 by rpki-client on console-ams.rpki-client.org