Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/7riAHtovVAffvMR1iZR4DRQgMrE.roa
File: 7riAHtovVAffvMR1iZR4DRQgMrE.roa (raw, json)
Hash identifier: 8zixz3e6wC3Ac3a4FV/IMz4Dxfj3968eSSNueso8K4o=
Subject key identifier: EE:B8:80:1E:DA:2F:54:07:DF:BC:C4:75:89:94:78:0D:14:20:32:B1
Certificate issuer: /CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Certificate serial: 018F84A9FF96D6FB5B2E0A2C73ED33EF3AB3
Authority key identifier: 7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/7riAHtovVAffvMR1iZR4DRQgMrE.roa
Signing time: Fri 17 May 2024 03:48:04 +0000
ROA not before: Fri 17 May 2024 03:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.151.140.0/24 maxlen: 24
45.151.141.0/24 maxlen: 24
91.209.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/f6P5nbqUowe2zS4dkPZ42sBWgfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/f6P5nbqUowe2zS4dkPZ42sBWgfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:84:a9:ff:96:d6:fb:5b:2e:0a:2c:73:ed:33:ef:3a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Validity
Not Before: May 17 03:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eeb8801eda2f5407dfbcc4758994780d142032b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:43:60:08:12:40:43:ee:92:85:17:ad:80:2f:
9b:e2:06:dc:da:67:49:4e:1c:18:9e:30:b7:21:83:
32:29:0b:75:fb:9a:05:4c:73:18:7e:c6:cc:33:c1:
95:c9:6e:02:e0:d9:4d:05:c6:a2:dd:38:b2:93:73:
a9:eb:0a:bc:f6:3c:4d:e2:ac:88:92:3b:13:ad:ae:
89:ab:52:3a:64:5d:ca:15:cf:6c:43:26:ba:bd:e9:
99:1a:4c:74:96:45:ee:c2:1e:a0:62:76:d2:74:d7:
23:c8:fc:8a:33:ea:65:ae:5b:df:93:73:fd:63:97:
23:3c:c2:40:4c:49:0c:82:2f:c3:49:71:b1:86:65:
1b:43:11:13:68:ad:13:b8:17:de:2a:c8:ee:80:56:
2b:7e:ff:fa:d8:b7:d9:db:73:e6:25:31:37:59:49:
c6:37:62:50:af:e2:15:a6:ae:c3:8c:b8:5f:f6:c5:
30:37:98:4d:4c:4d:d2:87:c8:37:95:8f:bb:30:fb:
4a:ed:28:3b:bf:c1:e2:9b:2c:0c:21:04:17:57:16:
97:c0:5c:6a:8c:ca:47:90:ca:e7:f2:1b:9c:38:b4:
a1:11:37:b4:da:55:57:18:3a:0d:93:c8:40:da:3a:
4b:ff:f0:ba:c0:b2:26:ac:86:41:56:ea:5e:c7:c1:
61:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:B8:80:1E:DA:2F:54:07:DF:BC:C4:75:89:94:78:0D:14:20:32:B1
X509v3 Authority Key Identifier:
keyid:7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/7riAHtovVAffvMR1iZR4DRQgMrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/f6P5nbqUowe2zS4dkPZ42sBWgfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.140.0/23
91.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:80:3c:28:3f:80:2c:02:b5:1e:6e:c3:6a:0b:12:7f:fb:c4:
6d:c7:07:0e:f6:73:f7:c3:a1:1e:5f:60:87:47:7b:23:51:3a:
53:35:1e:54:a0:1a:61:9a:a9:01:bf:a9:ab:49:29:c8:8d:2b:
b7:8d:ac:5e:bd:65:e9:e7:a8:4f:37:ee:82:9a:52:69:79:d3:
4b:b5:6e:a5:8b:48:58:af:5f:29:2b:bf:31:2a:5c:da:92:e6:
ea:18:f2:87:45:21:fe:f5:ac:d8:ee:d2:c8:5b:cd:f5:f0:fb:
75:25:40:ec:b8:cc:c5:66:3e:02:06:26:0f:8a:1f:e5:42:ce:
8e:75:9c:94:57:0b:e5:62:68:b9:d7:f9:81:20:3c:29:99:c3:
9b:33:30:2b:f8:60:ae:95:8c:39:f1:28:b9:86:3a:8a:ff:a6:
75:c7:af:33:18:0d:ae:17:e3:64:bc:7e:03:11:8a:47:d7:0a:
c8:40:8d:68:84:e4:f2:14:14:bf:50:26:6c:68:3a:fb:35:5b:
b2:12:84:9e:06:61:8d:af:b4:fc:50:50:60:97:0f:0f:ea:a8:
df:29:ab:aa:7f:84:ab:09:4d:69:f0:01:30:6b:d3:07:9d:29:
c0:db:53:fe:e5:5b:dc:45:31:27:f6:bd:0e:99:c6:f0:ba:61:
ce:c7:e3:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+Eqf+W1vtbLgosc+0z7zqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYTNmOTlkYmE5NGEzMDdiNmNkMmUxZDkwZjY3OGRhYzA1
NjgxZjgwHhcNMjQwNTE3MDM0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWI4ODAxZWRhMmY1NDA3ZGZiY2M0NzU4OTk0NzgwZDE0MjAzMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiENgCBJAQ+6ShRetgC+b4gbc2mdJ
ThwYnjC3IYMyKQt1+5oFTHMYfsbMM8GVyW4C4NlNBcai3Tiyk3Op6wq89jxN4qyI
kjsTra6Jq1I6ZF3KFc9sQya6vemZGkx0lkXuwh6gYnbSdNcjyPyKM+plrlvfk3P9
Y5cjPMJATEkMgi/DSXGxhmUbQxETaK0TuBfeKsjugFYrfv/62LfZ23PmJTE3WUnG
N2JQr+IVpq7DjLhf9sUwN5hNTE3Sh8g3lY+7MPtK7Sg7v8HimywMIQQXVxaXwFxq
jMpHkMrn8hucOLShETe02lVXGDoNk8hA2jpL//C6wLImrIZBVupex8FhJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO64gB7aL1QH37zEdYmUeA0UIDKxMB8GA1UdIwQY
MBaAFH+j+Z26lKMHts0uHZD2eNrAVoH4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUt
NGVhNDdjY2UwYzYzLzEvN3JpQUh0b3ZWQWZmdk1SMWlaUjREUlFnTXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUtNGVhNDdjY2UwYzYz
LzEvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZeMAwQA
W9HkMA0GCSqGSIb3DQEBCwUAA4IBAQCbgDwoP4AsArUebsNqCxJ/+8RtxwcO9nP3
w6EeX2CHR3sjUTpTNR5UoBphmqkBv6mrSSnIjSu3jaxevWXp56hPN+6CmlJpedNL
tW6li0hYr18pK78xKlzakubqGPKHRSH+9azY7tLIW8318Pt1JUDsuMzFZj4CBiYP
ih/lQs6OdZyUVwvlYmi51/mBIDwpmcObMzAr+GCulYw58Si5hjqK/6Z1x68zGA2u
F+NkvH4DEYpH1wrIQI1ohOTyFBS/UCZsaDr7NVuyEoSeBmGNr7T8UFBglw8P6qjf
Kauqf4SrCU1p8AEwa9MHnSnA21P+5VvcRTEn9r0OmcbwumHOx+Oc
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:29:59 2024 by rpki-client on console-ams.rpki-client.org