Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/98lFoizkT-B9XJ9lFdzQpze-EXw.roa
File: 98lFoizkT-B9XJ9lFdzQpze-EXw.roa (raw, json)
Hash identifier: ZTg6jstFO/MtTiGzq4/dHdfjYLrxr2hhhAF3eqNqm0w=
Subject key identifier: F7:C9:45:A2:2C:E4:4F:E0:7D:5C:9F:65:15:DC:D0:A7:37:BE:11:7C
Certificate issuer: /CN=4ecd75a5109e2c106e1193d57ee2b999fec27fe0
Certificate serial: 01902CD8F62CB7B5620D9DAB9AA43C294187
Authority key identifier: 4E:CD:75:A5:10:9E:2C:10:6E:11:93:D5:7E:E2:B9:99:FE:C2:7F:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/98lFoizkT-B9XJ9lFdzQpze-EXw.roa
Signing time: Tue 18 Jun 2024 19:35:34 +0000
ROA not before: Tue 18 Jun 2024 19:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49191
IP address blocks: 45.129.164.0/24 maxlen: 24
185.190.249.0/24 maxlen: 24
2a07:ddc0::/48 maxlen: 48
2a07:ddc0:1::/48 maxlen: 48
2a07:ddc0:2::/48 maxlen: 48
2a07:ddc0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2c:d8:f6:2c:b7:b5:62:0d:9d:ab:9a:a4:3c:29:41:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecd75a5109e2c106e1193d57ee2b999fec27fe0
Validity
Not Before: Jun 18 19:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7c945a22ce44fe07d5c9f6515dcd0a737be117c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:72:08:64:81:96:df:e7:e2:0f:8a:9a:ac:10:
41:ee:c8:98:07:f4:df:89:12:8d:33:8e:1b:21:fc:
55:84:10:39:f3:c5:81:a9:2a:23:59:0a:30:22:bc:
8b:de:34:47:6f:57:a9:29:86:08:10:f5:dc:ef:2a:
71:55:c4:b5:e5:a1:06:2d:9d:29:70:05:49:fd:ed:
f4:07:93:4c:9a:74:5a:72:f8:6c:45:a3:27:7a:ca:
a7:2e:89:23:08:4d:b2:ed:ef:d9:c2:28:65:71:00:
49:2d:01:26:60:f5:3a:f9:90:e7:3b:2c:81:bb:ba:
74:a0:6c:ed:7d:a0:49:63:a9:6f:34:ee:b1:72:f5:
10:bc:c0:c7:aa:c3:42:3d:57:86:8c:5f:49:17:ad:
f7:aa:87:c8:5e:4c:65:fd:28:87:cd:31:fc:c0:bf:
f2:ea:b1:9b:4a:b4:1e:43:e2:ed:2e:bc:42:2b:ca:
1a:2d:84:13:89:f3:a2:d0:eb:59:68:1f:dd:16:59:
84:3a:6b:1f:66:97:27:c0:76:6c:5f:8a:a7:1e:ad:
c4:49:14:37:da:b1:96:87:64:29:6d:84:99:bb:31:
f9:61:38:85:10:9b:4c:68:1b:d3:f1:77:07:10:27:
64:ee:33:b1:ab:d1:19:ef:d9:08:4d:dc:a9:3c:05:
da:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C9:45:A2:2C:E4:4F:E0:7D:5C:9F:65:15:DC:D0:A7:37:BE:11:7C
X509v3 Authority Key Identifier:
keyid:4E:CD:75:A5:10:9E:2C:10:6E:11:93:D5:7E:E2:B9:99:FE:C2:7F:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/98lFoizkT-B9XJ9lFdzQpze-EXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.164.0/24
185.190.249.0/24
IPv6:
2a07:ddc0::/46
Signature Algorithm: sha256WithRSAEncryption
89:5a:ad:b4:78:3e:07:de:e4:86:25:51:dc:e2:15:18:94:05:
28:ae:be:29:1d:2f:e1:4b:8a:ed:c8:19:ba:15:49:5e:6e:79:
80:fc:3b:4a:6b:0a:15:b3:69:66:38:4e:c8:c8:18:98:2b:78:
8e:21:83:4d:a0:34:89:d9:47:6f:cd:f2:24:66:9f:91:64:43:
46:84:8d:65:43:4e:50:ec:1a:32:d4:0c:5b:0c:35:8a:c7:2e:
82:d7:f5:c4:24:ed:80:dd:70:aa:9e:c1:c7:93:ef:05:d5:bc:
68:43:b8:00:94:bb:4f:08:df:29:03:29:46:72:eb:c9:91:4c:
3b:8b:a8:10:8c:e7:8b:ac:f5:63:f4:eb:6a:56:00:77:8b:6c:
91:1d:df:db:66:1a:a3:6e:f5:76:2b:bf:42:7e:bf:d6:c2:16:
e1:c7:fe:30:43:07:9e:51:80:47:f8:e8:f0:c0:52:65:75:f1:
f5:74:2f:f8:a1:ee:ac:12:c2:b9:01:0f:fc:db:66:f4:f2:4c:
1a:63:bc:1f:fd:e3:80:22:d1:6d:e2:b6:07:1c:e7:d5:86:ed:
db:51:79:b2:69:44:d5:1f:d3:4b:09:30:a6:8a:3b:19:9c:50:
fa:d5:ae:98:98:5a:1f:7b:28:8d:20:2d:bd:17:3b:3b:f2:11:
f5:12:96:85
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZAs2PYst7ViDZ2rmqQ8KUGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Q3NWE1MTA5ZTJjMTA2ZTExOTNkNTdlZTJiOTk5ZmVj
MjdmZTAwHhcNMjQwNjE4MTkzNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2M5NDVhMjJjZTQ0ZmUwN2Q1YzlmNjUxNWRjZDBhNzM3YmUxMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nIIZIGW3+fiD4qarBBB7siYB/Tf
iRKNM44bIfxVhBA588WBqSojWQowIryL3jRHb1epKYYIEPXc7ypxVcS15aEGLZ0p
cAVJ/e30B5NMmnRacvhsRaMnesqnLokjCE2y7e/ZwihlcQBJLQEmYPU6+ZDnOyyB
u7p0oGztfaBJY6lvNO6xcvUQvMDHqsNCPVeGjF9JF633qofIXkxl/SiHzTH8wL/y
6rGbSrQeQ+LtLrxCK8oaLYQTifOi0OtZaB/dFlmEOmsfZpcnwHZsX4qnHq3ESRQ3
2rGWh2QpbYSZuzH5YTiFEJtMaBvT8XcHECdk7jOxq9EZ79kITdypPAXakwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPfJRaIs5E/gfVyfZRXc0Kc3vhF8MB8GA1UdIwQY
MBaAFE7NdaUQniwQbhGT1X7iuZn+wn/gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHMxMXBSQ2VMQkJ1RVpQVmZ1SzVtZjdDZi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9kN2JlZWQtZGY5OC00ZWM4LTg3YjYt
NDA3MjU1N2M0N2ZhLzEvOThsRm9pemtULUI5WEo5bEZkelFwemUtRVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9kN2JlZWQtZGY5OC00ZWM4LTg3YjYtNDA3MjU1N2M0N2Zh
LzEvVHMxMXBSQ2VMQkJ1RVpQVmZ1SzVtZjdDZi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALYGkAwQA
ub75MA8EAgACMAkDBwIqB93AAAAwDQYJKoZIhvcNAQELBQADggEBAIlarbR4Pgfe
5IYlUdziFRiUBSiuvikdL+FLiu3IGboVSV5ueYD8O0prChWzaWY4TsjIGJgreI4h
g02gNInZR2/N8iRmn5FkQ0aEjWVDTlDsGjLUDFsMNYrHLoLX9cQk7YDdcKqewceT
7wXVvGhDuACUu08I3ykDKUZy68mRTDuLqBCM54us9WP062pWAHeLbJEd39tmGqNu
9XYrv0J+v9bCFuHH/jBDB55RgEf46PDAUmV18fV0L/ih7qwSwrkBD/zbZvTyTBpj
vB/944Ai0W3itgcc59WG7dtRebJpRNUf00sJMKaKOxmcUPrVrpiYWh97KI0gLb0X
OzvyEfUSloU=
-----END CERTIFICATE-----
Generated at Thu Jun 27 22:43:03 2024 by rpki-client on console-ams.rpki-client.org