Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AaxDS7R41ofWjJBdkkOkbWRzywM.roa
File: AaxDS7R41ofWjJBdkkOkbWRzywM.roa (raw, json)
Hash identifier: bXnJTMvLXc26yyGYo2eKW7p1+nUNGDE0DGmgpTPodoM=
Subject key identifier: 01:AC:43:4B:B4:78:D6:87:D6:8C:90:5D:92:43:A4:6D:64:73:CB:03
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FB3EEA6724C2698444E187D1ED636
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AaxDS7R41ofWjJBdkkOkbWRzywM.roa
Signing time: Tue 02 Jan 2024 04:30:12 +0000
ROA not before: Tue 02 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206804
IP address blocks: 45.139.48.0/23 maxlen: 24
45.86.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b3:ee:a6:72:4c:26:98:44:4e:18:7d:1e:d6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01ac434bb478d687d68c905d9243a46d6473cb03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d9:50:46:e8:d7:b5:81:b5:f1:dd:09:1e:a5:
e9:99:fa:20:1b:1a:38:ce:2b:91:ef:a7:26:7b:b1:
3d:dc:df:df:da:b1:9a:b0:1b:8d:fa:42:90:9d:52:
51:ee:2b:d7:d8:b4:55:ab:b3:16:eb:df:bd:8e:6f:
73:97:82:bb:30:39:39:92:7c:d0:99:b2:a8:59:8f:
e7:64:25:05:f2:9b:12:2f:76:76:65:4c:2b:81:97:
74:01:45:7d:9b:10:f1:62:ff:75:4c:e1:6a:53:27:
9f:c1:65:f3:23:89:06:6f:a3:31:b2:77:9f:99:5d:
c6:cc:0d:6e:64:f8:f3:49:6b:07:1d:3f:bd:78:af:
3d:20:13:d0:bb:40:36:3d:eb:39:f7:99:f9:65:6c:
3b:5d:c6:0f:5a:2a:46:c1:e9:10:ee:9d:e2:f1:43:
9a:3b:46:77:49:f4:6b:18:18:36:5a:a7:4e:1b:e5:
99:40:e6:7d:7b:c5:4c:07:9c:fa:44:fc:5f:54:16:
73:0b:c5:fb:83:dc:07:60:96:c9:4f:c6:4a:ea:76:
95:c5:fb:b3:5b:96:cf:1b:77:e5:a6:2c:d9:66:36:
2d:3b:8d:ea:ac:4b:cd:67:f9:80:33:82:7c:7b:ae:
98:89:ff:58:1d:02:1d:7d:98:d4:85:cb:f8:f3:4d:
a5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:AC:43:4B:B4:78:D6:87:D6:8C:90:5D:92:43:A4:6D:64:73:CB:03
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AaxDS7R41ofWjJBdkkOkbWRzywM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.201.0/24
45.139.48.0/23
Signature Algorithm: sha256WithRSAEncryption
19:dd:57:b2:5d:ac:20:7b:7e:af:e6:25:1f:05:f2:46:e4:a8:
ab:1b:56:cb:6d:58:a8:62:2a:41:d0:e3:c8:7f:a5:61:8f:77:
b2:7a:ce:00:35:7b:b8:a3:8e:59:4e:70:71:bc:b9:72:5b:2e:
ef:3d:00:4e:8a:73:4c:e8:40:43:fa:f9:f0:43:5d:07:e7:ab:
70:7f:f3:50:64:99:51:45:22:ce:ed:b5:32:a1:f4:96:bd:63:
3b:bf:d4:dd:23:f4:3f:de:60:a2:fa:83:9b:54:96:7d:ad:14:
d9:da:24:d5:85:72:c9:59:7a:c4:86:19:6f:cc:08:ca:e1:64:
27:7b:7f:8e:05:4c:ee:8f:16:ad:d2:e1:f0:45:90:d7:79:ef:
01:0e:e0:36:cf:70:bb:af:a1:ba:a2:01:a4:cb:0c:d6:d3:29:
8c:74:52:3d:de:ad:26:33:2c:e4:cc:79:bd:34:de:e0:17:04:
49:7c:b8:5b:1a:c9:fc:26:f1:17:31:d6:53:78:b5:64:e4:7c:
25:6c:6b:c2:4d:05:5e:c2:8b:4f:a8:41:0d:0e:37:cb:93:1d:
87:fe:b8:d5:98:72:dc:37:dd:a2:dd:9d:f4:5b:a4:bc:6a:84:
66:a1:35:4f:4b:d9:e4:1e:3d:a7:04:fc:85:e2:f2:6c:cd:87:
05:eb:6e:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb7PupnJMJphEThh9HtY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWFjNDM0YmI0NzhkNjg3ZDY4YzkwNWQ5MjQzYTQ2ZDY0NzNjYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9lQRujXtYG18d0JHqXpmfogGxo4
ziuR76cme7E93N/f2rGasBuN+kKQnVJR7ivX2LRVq7MW69+9jm9zl4K7MDk5knzQ
mbKoWY/nZCUF8psSL3Z2ZUwrgZd0AUV9mxDxYv91TOFqUyefwWXzI4kGb6Mxsnef
mV3GzA1uZPjzSWsHHT+9eK89IBPQu0A2Pes595n5ZWw7XcYPWipGwekQ7p3i8UOa
O0Z3SfRrGBg2WqdOG+WZQOZ9e8VMB5z6RPxfVBZzC8X7g9wHYJbJT8ZK6naVxfuz
W5bPG3flpizZZjYtO43qrEvNZ/mAM4J8e66Yif9YHQIdfZjUhcv4802l3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAGsQ0u0eNaH1oyQXZJDpG1kc8sDMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQWF4RFM3UjQxb2ZXakpCZGtrT2tiV1J6eXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVbJAwQB
LYswMA0GCSqGSIb3DQEBCwUAA4IBAQAZ3VeyXawge36v5iUfBfJG5KirG1bLbVio
YipB0OPIf6Vhj3eyes4ANXu4o45ZTnBxvLlyWy7vPQBOinNM6EBD+vnwQ10H56tw
f/NQZJlRRSLO7bUyofSWvWM7v9TdI/Q/3mCi+oObVJZ9rRTZ2iTVhXLJWXrEhhlv
zAjK4WQne3+OBUzujxat0uHwRZDXee8BDuA2z3C7r6G6ogGkywzW0ymMdFI93q0m
MyzkzHm9NN7gFwRJfLhbGsn8JvEXMdZTeLVk5HwlbGvCTQVewotPqEENDjfLkx2H
/rjVmHLcN92i3Z30W6S8aoRmoTVPS9nkHj2nBPyF4vJszYcF625g
-----END CERTIFICATE-----
Generated at Sat May 18 16:22:19 2024 by rpki-client on console-fra.rpki-client.org