Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/tsNrq3-_rTg36aaTcbtEyEt5t-Q.roa
File: tsNrq3-_rTg36aaTcbtEyEt5t-Q.roa (raw, json)
Hash identifier: zEE0lY+LgAdjz2XtweUdsBTZuFTs4x4yuRjE0GtdhCk=
Subject key identifier: B6:C3:6B:AB:7F:BF:AD:38:37:E9:A6:93:71:BB:44:C8:4B:79:B7:E4
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 018CC26D054A5DCCCB09A7BC042F5F95A699
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/tsNrq3-_rTg36aaTcbtEyEt5t-Q.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.85.108.0/22 maxlen: 22
45.94.96.0/22 maxlen: 22
45.139.0.0/24 maxlen: 24
45.139.1.0/24 maxlen: 24
45.13.250.0/24 maxlen: 24
45.13.251.0/24 maxlen: 24
45.130.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:05:4a:5d:cc:cb:09:a7:bc:04:2f:5f:95:a6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6c36bab7fbfad3837e9a69371bb44c84b79b7e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:da:b5:09:f0:31:3d:53:87:b9:c0:98:ed:0e:
2e:db:c1:59:bc:e6:6b:15:66:da:8a:27:2e:9a:a3:
b2:fa:f3:39:23:9a:84:d3:48:84:3c:27:dd:e5:cf:
bb:77:32:8a:58:b4:39:38:53:f4:a4:fb:e1:87:f7:
ce:1a:e5:89:0f:68:93:41:dc:58:d8:51:e6:03:4b:
b8:98:90:25:02:57:05:b1:1d:b3:9c:cd:64:d4:1d:
2a:83:8a:c6:f8:94:dc:ce:f3:97:78:74:c7:4b:7d:
68:0c:f1:e6:02:dc:43:b8:d9:59:63:b4:b4:6c:6d:
06:34:5f:06:b5:2d:56:23:9c:3d:b8:cd:5b:0f:fb:
c5:e5:fb:68:15:ff:cc:69:35:6b:38:fe:2e:c9:47:
96:c7:5b:ed:e0:f2:d3:28:0c:a4:ff:a9:8e:48:be:
42:11:0b:00:76:64:f5:eb:2b:b5:48:82:3b:fd:e4:
f4:45:84:60:e4:9d:6a:b7:f4:b7:19:34:c3:a0:7c:
81:0c:58:1a:98:1d:63:fa:24:49:e2:cf:25:44:90:
10:5f:74:dd:51:25:a0:23:e8:dd:8f:2b:89:ed:56:
b7:5d:a2:d3:3a:86:65:9c:c6:6f:12:04:77:4c:ef:
6b:f5:ea:be:8f:ea:61:9b:02:ea:e3:e6:7e:1e:83:
50:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C3:6B:AB:7F:BF:AD:38:37:E9:A6:93:71:BB:44:C8:4B:79:B7:E4
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/tsNrq3-_rTg36aaTcbtEyEt5t-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.250.0/23
45.85.108.0/22
45.94.96.0/22
45.130.65.0/24
45.139.0.0/23
Signature Algorithm: sha256WithRSAEncryption
82:a1:ee:c2:df:2e:0a:8b:96:0c:59:9d:9c:b4:81:ae:04:4f:
b4:68:bc:6b:92:6e:77:c7:35:99:45:99:58:e2:65:79:03:f6:
e9:cf:9f:30:25:b4:95:9d:63:fb:c6:6f:6d:a9:83:f8:b7:69:
72:cf:9c:3d:d9:a7:a4:d5:c3:91:f9:83:2a:ca:97:74:dd:6d:
0b:83:67:59:8e:07:ad:76:57:2a:b9:f3:9e:dc:5a:29:78:19:
e2:a6:df:6e:78:45:e7:f0:1e:b5:23:6d:f6:15:08:4e:33:60:
8d:a6:6f:14:b9:52:b2:88:de:84:10:86:1e:79:de:99:59:e7:
b7:7b:cd:36:c0:37:bc:5d:7e:ad:e4:da:67:e8:08:1a:c2:17:
6c:ef:67:c5:80:aa:45:bd:57:7e:89:59:da:b4:e0:e4:f9:97:
22:3e:b5:a5:1e:58:ac:e6:14:72:47:91:5a:c6:7c:7b:fa:ca:
39:71:90:14:e5:22:0a:71:ba:a5:f6:90:c7:a9:ca:09:b0:a1:
58:e6:4b:89:08:e5:4e:72:21:98:4b:e4:30:ba:b8:a9:b1:e4:
66:93:29:0c:bf:03:a6:c7:32:76:9f:78:07:c7:0f:23:a3:ad:
bf:90:a7:31:e9:91:01:ac:aa:7c:52:1c:74:90:7b:8c:59:f8:
ff:22:37:00
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzCbQVKXczLCae8BC9flaaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmMzNmJhYjdmYmZhZDM4MzdlOWE2OTM3MWJiNDRjODRiNzliN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9q1CfAxPVOHucCY7Q4u28FZvOZr
FWbaiicumqOy+vM5I5qE00iEPCfd5c+7dzKKWLQ5OFP0pPvhh/fOGuWJD2iTQdxY
2FHmA0u4mJAlAlcFsR2znM1k1B0qg4rG+JTczvOXeHTHS31oDPHmAtxDuNlZY7S0
bG0GNF8GtS1WI5w9uM1bD/vF5ftoFf/MaTVrOP4uyUeWx1vt4PLTKAyk/6mOSL5C
EQsAdmT16yu1SII7/eT0RYRg5J1qt/S3GTTDoHyBDFgamB1j+iRJ4s8lRJAQX3Td
USWgI+jdjyuJ7Va3XaLTOoZlnMZvEgR3TO9r9eq+j+phmwLq4+Z+HoNQJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLbDa6t/v604N+mmk3G7RMhLebfkMB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEvdHNOcnEzLV9yVGczNmFhVGNidEV5RXQ1dC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLQ36AwQC
LVVsAwQCLV5gAwQALYJBAwQBLYsAMA0GCSqGSIb3DQEBCwUAA4IBAQCCoe7C3y4K
i5YMWZ2ctIGuBE+0aLxrkm53xzWZRZlY4mV5A/bpz58wJbSVnWP7xm9tqYP4t2ly
z5w92aek1cOR+YMqypd03W0Lg2dZjgetdlcqufOe3FopeBnipt9ueEXn8B61I232
FQhOM2CNpm8UuVKyiN6EEIYeed6ZWee3e802wDe8XX6t5Npn6Agawhds72fFgKpF
vVd+iVnatODk+ZciPrWlHlis5hRyR5Faxnx7+so5cZAU5SIKcbql9pDHqcoJsKFY
5kuJCOVOciGYS+QwuripseRmkykMvwOmxzJ2n3gHxw8jo62/kKcx6ZEBrKp8Uhx0
kHuMWfj/IjcA
-----END CERTIFICATE-----
Generated at Sun Apr 28 04:14:58 2024 by rpki-client on console-ams.rpki-client.org