Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Rx2RuMU8YrB6FN4Ns4lNfRO-2Jg.roa
File: Rx2RuMU8YrB6FN4Ns4lNfRO-2Jg.roa (raw, json)
Hash identifier: FzsPaNPKSPMxZybNeKoEuM2ZDzMHCZykFUtUlm0HZ10=
Subject key identifier: 47:1D:91:B8:C5:3C:62:B0:7A:14:DE:0D:B3:89:4D:7D:13:BE:D8:98
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B5932B4558FDFF697928621365529
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Rx2RuMU8YrB6FN4Ns4lNfRO-2Jg.roa
Signing time: Tue 02 Jan 2024 12:34:47 +0000
ROA not before: Tue 02 Jan 2024 12:34:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59598
IP address blocks: 45.136.2.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.0.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 05:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:59:32:b4:55:8f:df:f6:97:92:86:21:36:55:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=471d91b8c53c62b07a14de0db3894d7d13bed898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:aa:1e:f4:09:93:80:72:2b:08:3e:da:c8:45:
c7:0e:67:ed:05:7c:93:a4:70:90:c9:49:b0:e5:47:
8b:59:5d:71:78:d5:7b:73:80:0f:67:33:08:5e:fb:
72:75:1a:63:9a:7e:37:15:57:93:94:a1:28:b5:ae:
c8:cc:24:b7:43:7f:41:25:fb:2d:c2:17:7b:49:8c:
a8:b6:d7:8d:75:ce:09:9f:e6:f7:03:a5:df:fa:96:
e6:c0:1c:82:3d:a1:45:6b:df:40:96:9b:87:b4:f6:
16:0b:c2:2d:ac:7d:6a:4c:74:9c:52:ed:f2:19:3f:
e1:fc:fa:8b:59:46:cd:02:81:0f:3d:b7:e4:f2:9a:
37:fa:15:a4:fa:f2:25:88:d4:e8:e7:d4:15:e0:55:
6f:19:21:01:2f:54:39:52:a6:98:bd:61:8f:dd:bb:
4c:6b:4b:04:b2:91:16:c3:a7:86:f2:b1:b5:a6:97:
48:a8:9b:41:90:28:90:a8:c7:1b:eb:e8:f9:e5:d9:
ea:e1:0d:96:a7:70:10:67:1f:24:d6:a7:8c:72:f7:
8a:98:83:ee:1c:04:a9:ea:e4:09:2d:c2:db:18:fa:
68:b8:fc:a1:de:80:f1:ad:41:e7:7f:cb:cd:1a:0d:
62:20:df:b9:a7:59:85:c7:54:68:ab:6e:31:06:fb:
1a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1D:91:B8:C5:3C:62:B0:7A:14:DE:0D:B3:89:4D:7D:13:BE:D8:98
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Rx2RuMU8YrB6FN4Ns4lNfRO-2Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:b1:88:3e:67:b8:4b:78:23:ba:ef:ac:f9:e2:1a:41:79:6a:
11:a8:24:16:e7:82:06:7f:c2:6f:a7:04:fd:41:87:6d:64:4b:
b8:7a:c8:fc:6c:5d:43:1a:2d:27:26:46:43:c9:cb:a6:e7:a9:
82:7e:26:d6:7a:97:1f:62:8f:23:af:47:ee:14:f6:eb:f6:59:
ab:c6:5b:57:98:45:d8:48:55:69:00:61:d4:f5:85:38:1c:85:
3d:d7:a2:dc:7c:c6:73:be:03:f8:cb:c7:a2:38:0e:fa:00:d3:
84:42:9c:61:9d:60:34:7d:64:d3:43:6b:d3:af:95:b8:43:c1:
8f:54:ba:ff:74:ee:41:c9:09:59:3b:b2:4c:da:99:12:38:eb:
e8:b6:eb:f9:f6:82:01:44:9d:d8:e6:b9:66:88:4e:43:ac:00:
3c:06:ae:95:43:e5:5a:8c:40:35:a1:a3:d1:5a:5b:f6:bd:68:
75:7d:74:5d:3c:10:34:c2:0b:d4:a7:d9:e9:9c:ae:80:db:b7:
fc:08:2a:29:ce:08:22:4a:88:60:bb:b2:e0:2b:1f:69:37:2d:
15:cf:c3:6f:a7:19:ea:94:47:e2:93:ed:1e:f7:69:30:c9:8c:
7a:23:51:11:10:92:36:85:b1:f2:1f:e2:cf:64:ca:70:e4:31:
aa:d8:a4:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK1kytFWP3/aXkoYhNlUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFkOTFiOGM1M2M2MmIwN2ExNGRlMGRiMzg5NGQ3ZDEzYmVkODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqoe9AmTgHIrCD7ayEXHDmftBXyT
pHCQyUmw5UeLWV1xeNV7c4APZzMIXvtydRpjmn43FVeTlKEota7IzCS3Q39BJfst
whd7SYyotteNdc4Jn+b3A6Xf+pbmwByCPaFFa99AlpuHtPYWC8ItrH1qTHScUu3y
GT/h/PqLWUbNAoEPPbfk8po3+hWk+vIliNTo59QV4FVvGSEBL1Q5UqaYvWGP3btM
a0sEspEWw6eG8rG1ppdIqJtBkCiQqMcb6+j55dnq4Q2Wp3AQZx8k1qeMcveKmIPu
HASp6uQJLcLbGPpouPyh3oDxrUHnf8vNGg1iIN+5p1mFx1Roq24xBvsaSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcdkbjFPGKwehTeDbOJTX0TvtiYMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvUngyUnVNVThZckI2Rk40TnM0bE5mUk8tMkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYgAMA0G
CSqGSIb3DQEBCwUAA4IBAQCNsYg+Z7hLeCO676z54hpBeWoRqCQW54IGf8JvpwT9
QYdtZEu4esj8bF1DGi0nJkZDycum56mCfibWepcfYo8jr0fuFPbr9lmrxltXmEXY
SFVpAGHU9YU4HIU916LcfMZzvgP4y8eiOA76ANOEQpxhnWA0fWTTQ2vTr5W4Q8GP
VLr/dO5ByQlZO7JM2pkSOOvotuv59oIBRJ3Y5rlmiE5DrAA8Bq6VQ+VajEA1oaPR
Wlv2vWh1fXRdPBA0wgvUp9npnK6A27f8CCopzggiSohgu7LgKx9pNy0Vz8Nvpxnq
lEfik+0e92kwyYx6I1EREJI2hbHyH+LPZMpw5DGq2KQU
-----END CERTIFICATE-----
Generated at Wed May 22 11:42:23 2024 by rpki-client on console-fra.rpki-client.org