Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/1-CkP3P2sf1Ypv_G7cu_FbFGaI5A.roa
File: 1-CkP3P2sf1Ypv_G7cu_FbFGaI5A.roa (raw, json)
Hash identifier: fEOIZphSLFPPUqisjdegyB/7bDpIGCASDC1J7yXXgEM=
Subject key identifier: F8:29:0F:DC:FD:AC:7F:56:29:BF:F1:BB:72:EF:C5:6C:51:9A:23:90
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 018F76E9378ACB0842262459365F17899CD8
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/1-CkP3P2sf1Ypv_G7cu_FbFGaI5A.roa
Signing time: Tue 14 May 2024 11:42:26 +0000
ROA not before: Tue 14 May 2024 11:42:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211056
IP address blocks: 45.81.16.0/24 maxlen: 24
45.81.17.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
185.201.49.0/24 maxlen: 24
2a05:9080:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:e9:37:8a:cb:08:42:26:24:59:36:5f:17:89:9c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: May 14 11:42:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8290fdcfdac7f5629bff1bb72efc56c519a2390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:ae:09:7c:eb:19:e9:77:6e:21:22:4c:16:
94:d9:31:24:f9:4b:f2:cf:9d:e4:f7:1d:a5:4b:4f:
e3:5d:6d:ac:7f:23:21:37:37:61:f2:a3:a7:9a:02:
57:df:dd:be:17:0c:b7:8e:b7:12:9a:5c:92:0a:a4:
48:0d:f6:4f:38:ed:8c:5e:cd:4d:0c:0a:ac:2d:4f:
5d:eb:72:88:ca:81:6b:47:8a:e8:98:76:b9:45:1b:
c8:d8:26:26:58:6e:1d:97:a4:9b:f2:d3:fc:6d:38:
46:71:59:9f:2b:2c:f4:aa:bb:47:2c:4a:9d:1a:4d:
f9:bb:9a:4e:ab:61:16:0c:fc:ef:d2:6f:e5:7f:bc:
1a:9d:3f:cf:5a:94:71:6b:6c:f6:8f:ee:74:e9:2d:
3b:0f:2a:68:d1:90:37:f6:05:08:6e:80:5c:61:fa:
00:fa:64:bc:8b:8b:56:b0:29:fb:23:25:46:b7:63:
9c:5d:b1:38:b1:5f:63:43:ee:a7:07:6b:53:c0:0d:
41:40:59:39:c9:ae:5f:25:31:4c:61:73:db:9c:a6:
53:e6:15:01:f1:9c:b4:09:f6:0a:f9:06:6d:4a:69:
5b:46:56:34:59:93:e5:ce:72:07:7d:29:80:0f:70:
0f:57:49:9b:00:05:c2:f8:c4:e8:35:07:c0:9e:b9:
88:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:29:0F:DC:FD:AC:7F:56:29:BF:F1:BB:72:EF:C5:6C:51:9A:23:90
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/1-CkP3P2sf1Ypv_G7cu_FbFGaI5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0/22
185.201.49.0/24
IPv6:
2a05:9080:3::/48
Signature Algorithm: sha256WithRSAEncryption
7e:8b:37:29:c8:26:a8:30:bb:b7:a8:40:7f:6d:0f:7e:dc:5b:
a4:bd:f9:cf:8e:89:6e:d4:be:52:f1:43:3f:ee:79:42:4c:29:
05:67:05:60:e6:6c:64:4e:3c:e3:ce:06:29:3d:0e:a4:11:02:
0c:99:f8:1e:8d:b1:b3:62:fc:25:78:24:c4:13:ca:c9:07:3c:
a4:d3:42:68:fb:4e:9e:09:98:b1:be:23:19:37:46:8d:f2:d6:
87:50:f5:c3:d1:d2:c5:5d:45:29:60:d3:a0:1e:2e:9b:62:78:
2e:9a:45:ab:d6:e2:f1:4c:82:27:d1:c9:72:00:c3:7b:c4:14:
e3:d8:bc:a0:f7:b8:cc:96:92:ee:5e:ac:8f:7a:09:64:99:79:
8b:f2:dd:5c:bd:5d:33:de:3d:5f:78:94:fc:97:56:f3:3e:34:
59:83:93:63:7e:48:e6:d3:c4:32:2a:37:c0:ce:05:9a:3e:08:
16:2b:c5:f2:27:40:f9:92:e2:04:75:ed:dc:52:10:3b:8f:b4:
f1:bb:a7:e3:68:78:f1:9a:fc:4f:1f:d7:a2:bc:52:3b:6a:1a:
8d:de:aa:a8:18:e2:5d:f1:c7:e1:3e:1d:4d:d4:95:d8:c9:be:
94:82:ed:ba:01:f8:d6:6a:8b:fe:d6:ab:96:3b:88:1b:88:f9:
24:be:64:0b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY926TeKywhCJiRZNl8XiZzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjQwNTE0MTE0MjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODI5MGZkY2ZkYWM3ZjU2MjliZmYxYmI3MmVmYzU2YzUxOWEyMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzGuCXzrGel3biEiTBaU2TEk+Uvy
z53k9x2lS0/jXW2sfyMhNzdh8qOnmgJX392+Fwy3jrcSmlySCqRIDfZPOO2MXs1N
DAqsLU9d63KIyoFrR4romHa5RRvI2CYmWG4dl6Sb8tP8bThGcVmfKyz0qrtHLEqd
Gk35u5pOq2EWDPzv0m/lf7wanT/PWpRxa2z2j+506S07Dypo0ZA39gUIboBcYfoA
+mS8i4tWsCn7IyVGt2OcXbE4sV9jQ+6nB2tTwA1BQFk5ya5fJTFMYXPbnKZT5hUB
8Zy0CfYK+QZtSmlbRlY0WZPlznIHfSmAD3APV0mbAAXC+MToNQfAnrmI9QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPgpD9z9rH9WKb/xu3LvxWxRmiOQMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvMS1Da1AzUDJzZjFZcHZfRzdjdV9GYkZHYUk1QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2YvZmQzNjJmLWFmY2ItNGNmNS05OGM2LTA5NDg5ODllNmQ1
NS8xL2ZEMENLaVFNNXg0S2JoNmFyZ0VTMm9RTXcwcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAi1REAME
ALnJMTAPBAIAAjAJAwcAKgWQgAADMA0GCSqGSIb3DQEBCwUAA4IBAQB+izcpyCao
MLu3qEB/bQ9+3FukvfnPjolu1L5S8UM/7nlCTCkFZwVg5mxkTjzjzgYpPQ6kEQIM
mfgejbGzYvwleCTEE8rJBzyk00Jo+06eCZixviMZN0aN8taHUPXD0dLFXUUpYNOg
Hi6bYngumkWr1uLxTIIn0clyAMN7xBTj2Lyg97jMlpLuXqyPeglkmXmL8t1cvV0z
3j1feJT8l1bzPjRZg5Njfkjm08QyKjfAzgWaPggWK8XyJ0D5kuIEde3cUhA7j7Tx
u6fjaHjxmvxPH9eivFI7ahqN3qqoGOJd8cfhPh1N1JXYyb6Ugu26AfjWaov+1quW
O4gbiPkkvmQL
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:01:26 2024 by rpki-client on console-fra.rpki-client.org