Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5ox225RCAqCXcyWTBPhBIiMQNuc.roa
File: 5ox225RCAqCXcyWTBPhBIiMQNuc.roa (raw, json)
Hash identifier: Yna6SMOIPIb3A3EELcLk8RuTDYTj2Yvk3KDdkTd2y3E=
Subject key identifier: E6:8C:76:DB:94:42:02:A0:97:73:25:93:04:F8:41:22:23:10:36:E7
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018E0F9279C158DB144B6D85B748AED06FC2
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5ox225RCAqCXcyWTBPhBIiMQNuc.roa
Signing time: Tue 05 Mar 2024 17:04:01 +0000
ROA not before: Tue 05 Mar 2024 17:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400696
IP address blocks: 45.84.214.0/24 maxlen: 24
45.94.29.0/24 maxlen: 24
45.94.30.0/24 maxlen: 24
45.95.240.0/24 maxlen: 24
45.130.142.0/24 maxlen: 24
2a0f:15c0::/32 maxlen: 48
2a0f:15c2::/32 maxlen: 32
2a0f:15c3::/32 maxlen: 32
2a0f:15c4::/32 maxlen: 32
2a0f:15c5::/32 maxlen: 32
2a0f:15c6::/32 maxlen: 32
2a0f:15c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:92:79:c1:58:db:14:4b:6d:85:b7:48:ae:d0:6f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 5 17:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e68c76db944202a09773259304f84122231036e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:30:7c:24:a0:b1:d5:69:ce:9c:d1:ec:8d:e5:
96:e5:5d:e4:1e:10:74:51:30:d3:3e:ec:f9:c8:2f:
e4:75:cc:93:00:23:8d:94:02:53:48:94:99:5c:a6:
48:48:e5:b1:c5:33:59:d8:6e:70:de:3c:7b:e8:61:
a8:74:f0:98:d6:37:7d:4f:62:6d:da:e2:37:3b:b5:
d6:68:ae:fb:8d:ea:4e:6f:e1:29:72:77:c4:7e:56:
f9:67:e7:36:f6:22:aa:a9:eb:12:bb:f8:0e:a1:d2:
97:a8:b2:b1:b7:6d:4d:35:23:8b:a4:5a:a7:51:44:
b7:3c:4e:b0:ae:d9:31:d7:41:0a:87:a6:c5:be:d6:
6b:0c:60:e8:a8:b4:33:15:86:c3:39:49:57:3d:19:
de:2b:a6:2a:99:1f:ab:2a:3e:5a:05:6e:f3:54:dd:
bb:b1:4e:e5:87:d5:6d:59:e3:0b:95:ab:ce:10:dd:
3d:6b:f8:32:21:87:5f:24:f1:dc:9c:5b:be:4b:d7:
18:7e:c6:de:28:f4:1b:0f:dd:e8:70:45:d3:6d:79:
07:97:73:49:b5:ec:9c:bc:0d:71:1f:a1:d9:6a:8d:
35:92:22:21:67:f7:46:de:64:0f:97:e5:0b:38:a2:
4a:e5:3d:44:55:c4:b1:ad:91:94:32:cb:0c:11:e2:
b2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:8C:76:DB:94:42:02:A0:97:73:25:93:04:F8:41:22:23:10:36:E7
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5ox225RCAqCXcyWTBPhBIiMQNuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.214.0/24
45.94.29.0-45.94.30.255
45.95.240.0/24
45.130.142.0/24
IPv6:
2a0f:15c0::/32
2a0f:15c2::-2a0f:15c7:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8a:4a:a0:c6:c9:1f:f3:66:dd:97:31:23:13:7a:7e:59:d5:c8:
cf:80:e0:93:74:ae:28:bd:96:44:5b:a5:f5:7a:15:5e:a0:e0:
da:6a:3e:f3:ea:f7:82:3a:c3:a0:7c:44:87:eb:ff:3a:15:c1:
19:6d:ed:9f:1f:73:cc:27:14:27:1e:be:71:7b:e9:c7:26:0d:
06:2c:92:03:2d:9c:81:a6:8b:8b:3e:81:31:96:7a:40:56:71:
31:19:19:da:be:f5:19:7c:a1:b0:52:af:f0:ec:db:ec:88:66:
75:d1:e2:98:3a:55:6f:e0:80:2d:ff:d5:bf:2d:a3:c4:36:1b:
b2:49:2c:cb:2c:bf:5f:39:21:74:f2:19:98:89:13:d8:03:e5:
d2:f0:52:0c:d9:96:c4:bb:24:be:37:ff:48:80:d9:f9:78:23:
35:0c:c2:d2:14:be:0c:55:27:ad:8c:40:ab:4e:8c:4c:01:6f:
46:86:85:1f:0a:85:e7:ef:0b:26:de:c9:fd:65:3d:a4:df:7d:
57:5c:34:f1:4f:af:25:b2:70:f0:a5:f2:ee:50:02:93:56:10:
79:ed:55:a6:94:7a:62:86:d9:32:26:5e:1a:4b:66:9e:3b:93:
8b:71:fd:6c:bb:8e:75:28:36:4c:a6:8f:b5:46:41:aa:ec:47:
ff:5e:8d:e4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY4PknnBWNsUS22Ft0iu0G/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMzA1MTcwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjhjNzZkYjk0NDIwMmEwOTc3MzI1OTMwNGY4NDEyMjIzMTAzNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDB8JKCx1WnOnNHsjeWW5V3kHhB0
UTDTPuz5yC/kdcyTACONlAJTSJSZXKZISOWxxTNZ2G5w3jx76GGodPCY1jd9T2Jt
2uI3O7XWaK77jepOb+EpcnfEflb5Z+c29iKqqesSu/gOodKXqLKxt21NNSOLpFqn
UUS3PE6wrtkx10EKh6bFvtZrDGDoqLQzFYbDOUlXPRneK6YqmR+rKj5aBW7zVN27
sU7lh9VtWeMLlavOEN09a/gyIYdfJPHcnFu+S9cYfsbeKPQbD93ocEXTbXkHl3NJ
teycvA1xH6HZao01kiIhZ/dG3mQPl+ULOKJK5T1EVcSxrZGUMssMEeKyjQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOaMdtuUQgKgl3MlkwT4QSIjEDbnMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvNW94MjI1UkNBcUNYY3lXVEJQaEJJaU1RTnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAmBAIAATAgAwQALVTWMAwD
BAAtXh0DBAAtXh4DBAAtX/ADBAAtgo4wHQQCAAIwFwMFACoPFcAwDgMFASoPFcID
BQMqDxXAMA0GCSqGSIb3DQEBCwUAA4IBAQCKSqDGyR/zZt2XMSMTen5Z1cjPgOCT
dK4ovZZEW6X1ehVeoODaaj7z6veCOsOgfESH6/86FcEZbe2fH3PMJxQnHr5xe+nH
Jg0GLJIDLZyBpouLPoExlnpAVnExGRnavvUZfKGwUq/w7NvsiGZ10eKYOlVv4IAt
/9W/LaPENhuySSzLLL9fOSF08hmYiRPYA+XS8FIM2ZbEuyS+N/9IgNn5eCM1DMLS
FL4MVSetjECrToxMAW9GhoUfCoXn7wsm3sn9ZT2k331XXDTxT68lsnDwpfLuUAKT
VhB57VWmlHpihtkyJl4aS2aeO5OLcf1su451KDZMpo+1RkGq7Ef/Xo3k
-----END CERTIFICATE-----
Generated at Fri May 17 09:04:19 2024 by rpki-client on console-fra.rpki-client.org