Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/pk2ixnzKwSm4ig0JZYkAP7QMkjw.roa
File: pk2ixnzKwSm4ig0JZYkAP7QMkjw.roa (raw, json)
Hash identifier: UCqJ11xExSMfi1MeWb9dR6txpzYhnwD0VI8PCSKcu20=
Subject key identifier: A6:4D:A2:C6:7C:CA:C1:29:B8:8A:0D:09:65:89:00:3F:B4:0C:92:3C
Certificate issuer: /CN=f27a23607f6d1e6e6ced1dd94c9bd10b306f609d
Certificate serial: 018CC7272F2C60EA3DC19346EF11A344FC4B
Authority key identifier: F2:7A:23:60:7F:6D:1E:6E:6C:ED:1D:D9:4C:9B:D1:0B:30:6F:60:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nojYH9tHm5s7R3ZTJvRCzBvYJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/pk2ixnzKwSm4ig0JZYkAP7QMkjw.roa
Signing time: Mon 01 Jan 2024 22:31:23 +0000
ROA not before: Mon 01 Jan 2024 22:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136133
IP address blocks: 45.154.183.0/24 maxlen: 24
45.154.182.0/24 maxlen: 24
45.154.181.0/24 maxlen: 24
45.154.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/8nojYH9tHm5s7R3ZTJvRCzBvYJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/8nojYH9tHm5s7R3ZTJvRCzBvYJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8nojYH9tHm5s7R3ZTJvRCzBvYJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:2f:2c:60:ea:3d:c1:93:46:ef:11:a3:44:fc:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27a23607f6d1e6e6ced1dd94c9bd10b306f609d
Validity
Not Before: Jan 1 22:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a64da2c67ccac129b88a0d096589003fb40c923c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f3:b4:df:77:28:d8:44:dd:ef:b6:59:9f:47:
f8:fc:51:ff:a2:de:35:70:09:03:a6:fc:ef:a0:68:
0f:69:e5:d0:74:b1:cb:a7:df:4f:02:03:eb:c5:e6:
4c:95:2d:82:cc:fb:1d:c2:d8:3b:99:b4:e4:35:3d:
fd:29:63:d4:e5:1d:ba:57:ca:8b:d4:6f:51:30:cf:
ce:a9:e8:68:f6:c6:fd:85:18:5f:1b:0c:24:78:93:
4f:6b:93:13:69:06:1b:af:3b:c4:d2:de:90:5e:46:
ee:11:34:68:c4:08:b2:ce:f1:c0:ee:a9:9b:d9:1b:
ff:cb:93:16:f0:ed:3b:29:97:05:7e:82:05:88:33:
17:2a:be:32:73:a2:6c:b0:a7:6e:97:4d:67:79:39:
ac:d3:5b:5e:bb:fe:f6:0c:f4:a4:da:7c:c4:95:64:
19:62:73:91:cb:2e:cc:eb:cd:8e:ac:a6:b3:aa:17:
27:5f:38:4b:55:01:3e:f9:cc:91:07:78:9f:36:b7:
3c:59:c6:71:fc:e6:5c:ae:dc:08:05:03:79:8c:1c:
89:f3:85:27:cc:f5:90:7c:b3:8a:62:ad:42:d1:cd:
2c:9b:16:db:98:40:f2:0d:fd:a7:7e:91:53:50:78:
65:4f:35:4c:d9:34:4c:7b:1c:c7:09:a8:83:4e:db:
11:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4D:A2:C6:7C:CA:C1:29:B8:8A:0D:09:65:89:00:3F:B4:0C:92:3C
X509v3 Authority Key Identifier:
keyid:F2:7A:23:60:7F:6D:1E:6E:6C:ED:1D:D9:4C:9B:D1:0B:30:6F:60:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nojYH9tHm5s7R3ZTJvRCzBvYJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/pk2ixnzKwSm4ig0JZYkAP7QMkjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8ea3f1-6b82-47ca-88a1-87913c35492a/1/8nojYH9tHm5s7R3ZTJvRCzBvYJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.180.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:23:84:47:b7:9f:84:01:1c:81:e4:3b:92:7a:17:35:af:6d:
8a:2c:34:1c:9d:ec:53:88:b3:6a:bf:a0:3b:83:d4:e9:c3:47:
99:ea:be:dd:8a:02:dd:28:7e:50:37:a0:55:9f:b2:cf:f0:8b:
f3:24:8b:24:12:d4:fc:42:ad:3d:de:26:5b:bc:30:f5:12:d8:
91:20:8c:ad:d3:20:41:e0:c6:5f:d9:c1:36:14:0b:82:94:e0:
d8:40:9e:d4:8b:fe:da:ae:1a:ee:d6:39:ce:c6:a1:95:81:92:
e9:6b:ad:b5:4e:18:15:b1:25:f9:74:19:a2:03:11:02:01:b0:
ae:ac:82:d5:8f:83:46:5c:b5:aa:d7:64:ab:a0:01:2c:57:06:
b2:a9:a9:db:1e:65:fa:c3:4c:50:bd:c2:9a:1d:b8:d6:26:4e:
e4:5b:bb:f3:87:98:d8:07:bc:c6:80:63:54:84:c7:56:e0:a4:
67:6b:57:92:64:77:4d:c4:bb:80:65:eb:eb:9c:d8:ed:67:9e:
b7:6c:80:f8:ab:ce:8d:ce:49:00:d0:08:9d:48:0c:b5:4c:2b:
ce:2a:3e:1e:46:78:97:9a:31:bb:17:0a:9d:5f:ea:17:1f:5f:
20:b1:d2:ff:31:1d:ef:4b:35:7a:07:04:79:7a:0b:a7:39:b2:
a4:73:c1:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJy8sYOo9wZNG7xGjRPxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyN2EyMzYwN2Y2ZDFlNmU2Y2VkMWRkOTRjOWJkMTBiMzA2
ZjYwOWQwHhcNMjQwMTAxMjIzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjRkYTJjNjdjY2FjMTI5Yjg4YTBkMDk2NTg5MDAzZmI0MGM5MjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvO033co2ETd77ZZn0f4/FH/ot41
cAkDpvzvoGgPaeXQdLHLp99PAgPrxeZMlS2CzPsdwtg7mbTkNT39KWPU5R26V8qL
1G9RMM/Oqeho9sb9hRhfGwwkeJNPa5MTaQYbrzvE0t6QXkbuETRoxAiyzvHA7qmb
2Rv/y5MW8O07KZcFfoIFiDMXKr4yc6JssKdul01neTms01teu/72DPSk2nzElWQZ
YnORyy7M682OrKazqhcnXzhLVQE++cyRB3ifNrc8WcZx/OZcrtwIBQN5jByJ84Un
zPWQfLOKYq1C0c0smxbbmEDyDf2nfpFTUHhlTzVM2TRMexzHCaiDTtsRiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZNosZ8ysEpuIoNCWWJAD+0DJI8MB8GA1UdIwQY
MBaAFPJ6I2B/bR5ubO0d2Uyb0Qswb2CdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5vallIOXRIbTVzN1IzWlRKdlJDekJ2WUowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZWEzZjEtNmI4Mi00N2NhLTg4YTEt
ODc5MTNjMzU0OTJhLzEvcGsyaXhuekt3U200aWcwSlpZa0FQN1FNa2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZWEzZjEtNmI4Mi00N2NhLTg4YTEtODc5MTNjMzU0OTJh
LzEvOG5vallIOXRIbTVzN1IzWlRKdlJDekJ2WUowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZq0MA0G
CSqGSIb3DQEBCwUAA4IBAQAKI4RHt5+EARyB5DuSehc1r22KLDQcnexTiLNqv6A7
g9Tpw0eZ6r7digLdKH5QN6BVn7LP8IvzJIskEtT8Qq093iZbvDD1EtiRIIyt0yBB
4MZf2cE2FAuClODYQJ7Ui/7arhru1jnOxqGVgZLpa621ThgVsSX5dBmiAxECAbCu
rILVj4NGXLWq12SroAEsVwayqanbHmX6w0xQvcKaHbjWJk7kW7vzh5jYB7zGgGNU
hMdW4KRna1eSZHdNxLuAZevrnNjtZ563bID4q86NzkkA0AidSAy1TCvOKj4eRniX
mjG7FwqdX+oXH18gsdL/MR3vSzV6BwR5egunObKkc8Ft
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:22:25 2024 by rpki-client on console-fra.rpki-client.org