Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/25HCzTOvQ-JFhWSIZngD3pCN32M.roa
File: 25HCzTOvQ-JFhWSIZngD3pCN32M.roa (raw, json)
Hash identifier: 10V0fw89+BmmtP5LqpNt1evcWzjIUGFqVXmCVDh8asQ=
Subject key identifier: DB:91:C2:CD:33:AF:43:E2:45:85:64:88:66:78:03:DE:90:8D:DF:63
Certificate issuer: /CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Certificate serial: 018CC87065BE6BABA4D84EB804625D4BEDBA
Authority key identifier: BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/25HCzTOvQ-JFhWSIZngD3pCN32M.roa
Signing time: Tue 02 Jan 2024 04:30:58 +0000
ROA not before: Tue 02 Jan 2024 04:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208567
IP address blocks: 45.91.125.0/24 maxlen: 24
2a0e:f41::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:65:be:6b:ab:a4:d8:4e:b8:04:62:5d:4b:ed:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Validity
Not Before: Jan 2 04:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db91c2cd33af43e245856488667803de908ddf63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c0:a2:d3:02:18:e2:25:c2:c8:b4:ab:5b:23:
96:db:d5:e2:06:84:38:ca:07:e5:1d:b7:79:2b:8c:
e4:e6:a0:e8:70:a6:15:76:98:9a:1e:39:3c:50:90:
cb:8c:da:73:19:92:5e:9c:d3:be:aa:46:f7:93:d3:
44:d5:84:f8:01:ce:54:db:f8:76:ca:31:0b:ba:71:
6f:84:57:ff:96:3b:f3:92:b3:de:ac:d5:8a:8a:a7:
4b:bb:5e:27:5c:ca:e4:a8:da:1a:e4:87:dd:04:03:
07:25:77:d9:05:5e:a7:af:c7:87:38:e2:2b:18:ea:
77:07:c1:de:b6:c8:48:75:fe:a0:b2:c0:e7:e6:fa:
3a:41:7a:97:43:43:31:73:67:3e:6f:47:d4:57:e5:
53:f9:b2:c1:3a:a5:b8:ff:07:56:a6:92:4b:e7:1b:
89:ed:6f:ad:92:93:4d:65:43:7c:a2:3c:1b:18:0f:
72:bf:e1:94:a3:28:f8:6b:ba:00:31:92:b8:e6:56:
e3:d3:b5:9b:96:7f:b1:e6:4c:94:57:6b:3e:72:26:
03:f2:70:1f:de:c2:7a:93:06:74:70:3e:07:65:5a:
12:9a:ce:48:85:4f:39:43:88:ea:f5:26:02:51:97:
0a:fe:86:de:05:5f:3b:43:53:b5:ff:d7:3e:f8:be:
d4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:91:C2:CD:33:AF:43:E2:45:85:64:88:66:78:03:DE:90:8D:DF:63
X509v3 Authority Key Identifier:
keyid:BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/25HCzTOvQ-JFhWSIZngD3pCN32M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.125.0/24
IPv6:
2a0e:f41::/32
Signature Algorithm: sha256WithRSAEncryption
a6:1c:35:56:80:a3:9d:04:32:5d:44:8f:47:ea:a3:5c:52:54:
c7:6b:64:2a:d7:11:4a:1a:0d:ee:b3:9a:42:e5:27:b2:bc:64:
7b:cd:b6:08:e4:a6:30:2c:a6:86:b9:9b:45:1f:0b:bb:b1:1a:
be:cc:3f:b7:15:f5:b8:e4:4c:ad:1f:01:c3:f1:38:81:61:68:
e7:81:a4:86:fc:1b:dc:cc:c2:4b:d5:01:ba:63:ec:f7:8b:49:
69:aa:79:a0:88:f3:40:9d:16:0f:6f:04:39:7b:52:0b:12:5c:
94:5b:13:c7:3b:35:72:05:f1:5b:ba:fd:d4:25:14:6b:0f:8b:
06:c0:ad:26:64:cf:62:f0:99:11:cc:97:13:fc:28:16:83:68:
f4:8e:61:7f:78:11:66:b8:23:cd:b9:57:03:1f:c4:c4:81:d3:
19:82:49:d9:5a:8c:e6:ef:69:23:73:5f:f6:f7:af:61:fc:f7:
23:f0:1d:b5:53:e9:49:17:af:5d:4a:6f:8d:15:1c:08:4e:22:
35:f1:ee:77:cb:0a:a4:5a:7c:38:78:95:94:19:bb:ed:32:92:
87:8b:6f:66:50:b7:32:97:22:b7:88:c3:36:c9:d6:f3:3e:e6:
64:0c:2d:c3:76:5c:5e:33:c6:5e:04:c9:61:a4:92:81:06:8c:
63:83:a1:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcGW+a6uk2E64BGJdS+26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYTY0OWVmNjAzMGZjODA4NDhmZGZlMjFkNDMyMWFjODAx
MWZkMTAwHhcNMjQwMTAyMDQzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjkxYzJjZDMzYWY0M2UyNDU4NTY0ODg2Njc4MDNkZTkwOGRkZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsCi0wIY4iXCyLSrWyOW29XiBoQ4
ygflHbd5K4zk5qDocKYVdpiaHjk8UJDLjNpzGZJenNO+qkb3k9NE1YT4Ac5U2/h2
yjELunFvhFf/ljvzkrPerNWKiqdLu14nXMrkqNoa5IfdBAMHJXfZBV6nr8eHOOIr
GOp3B8HetshIdf6gssDn5vo6QXqXQ0Mxc2c+b0fUV+VT+bLBOqW4/wdWppJL5xuJ
7W+tkpNNZUN8ojwbGA9yv+GUoyj4a7oAMZK45lbj07Wbln+x5kyUV2s+ciYD8nAf
3sJ6kwZ0cD4HZVoSms5IhU85Q4jq9SYCUZcK/obeBV87Q1O1/9c++L7UeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNuRws0zr0PiRYVkiGZ4A96Qjd9jMB8GA1UdIwQY
MBaAFL6mSe9gMPyAhI/f4h1DIayAEf0QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnFaSjcyQXdfSUNFajlfaUhVTWhySUFSX1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xOTQ1NWItZDJjZi00ZTVmLWJmNTgt
MjFkZjU1YmE5ZWJmLzEvMjVIQ3pUT3ZRLUpGaFdTSVpuZ0QzcENOMzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xOTQ1NWItZDJjZi00ZTVmLWJmNTgtMjFkZjU1YmE5ZWJm
LzEvdnFaSjcyQXdfSUNFajlfaUhVTWhySUFSX1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVt9MA0E
AgACMAcDBQAqDg9BMA0GCSqGSIb3DQEBCwUAA4IBAQCmHDVWgKOdBDJdRI9H6qNc
UlTHa2Qq1xFKGg3us5pC5SeyvGR7zbYI5KYwLKaGuZtFHwu7sRq+zD+3FfW45Eyt
HwHD8TiBYWjngaSG/BvczMJL1QG6Y+z3i0lpqnmgiPNAnRYPbwQ5e1ILElyUWxPH
OzVyBfFbuv3UJRRrD4sGwK0mZM9i8JkRzJcT/CgWg2j0jmF/eBFmuCPNuVcDH8TE
gdMZgknZWozm72kjc1/2969h/Pcj8B21U+lJF69dSm+NFRwITiI18e53ywqkWnw4
eJWUGbvtMpKHi29mULcylyK3iMM2ydbzPuZkDC3DdlxeM8ZeBMlhpJKBBoxjg6HV
-----END CERTIFICATE-----
Generated at Wed May 29 08:13:51 2024 by rpki-client on console-fra.rpki-client.org