Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/hXl9hxQJxxeOVoHm-EvTeLIv6gc.roa
File: hXl9hxQJxxeOVoHm-EvTeLIv6gc.roa (raw, json)
Hash identifier: 4G4IHSxGXawkjFA2pcVAgBeiNtboIeRqfzkKWCqis2g=
Subject key identifier: 85:79:7D:87:14:09:C7:17:8E:56:81:E6:F8:4B:D3:78:B2:2F:EA:07
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 018F86D78DBF013FEE706107A5E1D3D414D7
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/hXl9hxQJxxeOVoHm-EvTeLIv6gc.roa
Signing time: Fri 17 May 2024 13:57:04 +0000
ROA not before: Fri 17 May 2024 13:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211680
IP address blocks: 45.156.128.0/24 maxlen: 24
45.156.129.0/24 maxlen: 24
45.156.130.0/24 maxlen: 24
185.180.140.0/24 maxlen: 24
185.180.143.0/24 maxlen: 24
2a10:3c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:d7:8d:bf:01:3f:ee:70:61:07:a5:e1:d3:d4:14:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: May 17 13:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85797d871409c7178e5681e6f84bd378b22fea07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8c:9c:d7:b7:40:94:00:84:44:cd:72:98:18:
38:be:e1:d9:3c:4a:74:0a:4f:66:41:a4:1f:ab:13:
42:d6:c1:88:41:d7:cc:14:ce:1f:41:b5:d4:85:7d:
45:cb:52:0a:9b:b5:fa:7e:3e:2d:de:0a:10:67:9c:
0a:a8:6c:7b:1c:da:f2:23:fb:ec:4c:01:40:18:e4:
66:2f:d0:84:44:56:35:8e:9a:5a:20:85:28:10:d2:
46:fc:5c:98:d0:ce:f5:26:bb:da:1a:eb:26:1c:f2:
15:66:29:dd:6c:d1:31:41:a5:cc:1b:36:91:13:81:
7a:c2:65:e3:41:7e:79:0e:72:5e:dd:02:02:5c:b2:
42:2c:0a:dd:77:67:8c:52:6e:f7:dc:a6:89:05:b4:
52:c2:b7:94:77:ec:c7:ca:3e:fe:c4:77:fb:8a:20:
bc:ca:46:e4:d4:1e:05:03:6f:7e:90:ca:0d:2c:fe:
24:f2:08:62:b8:98:11:c9:a1:79:a0:c5:86:4a:81:
e8:34:21:85:5d:7a:4e:ee:24:27:0c:bf:6c:6f:f5:
6e:f4:58:fa:06:2c:a8:04:16:43:00:0f:fe:92:6d:
48:43:e7:11:44:b3:01:39:f4:7f:cb:28:a6:30:10:
9f:66:53:c4:77:43:9b:db:12:6d:c1:cb:3f:fb:67:
7d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:79:7D:87:14:09:C7:17:8E:56:81:E6:F8:4B:D3:78:B2:2F:EA:07
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/hXl9hxQJxxeOVoHm-EvTeLIv6gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.128.0-45.156.130.255
185.180.140.0/24
185.180.143.0/24
IPv6:
2a10:3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
ab:50:4e:40:e8:c8:ea:91:7b:4f:6e:e5:22:97:6c:46:e2:98:
53:65:ad:36:a4:6d:8d:33:2a:07:c4:67:19:a6:36:e3:80:fa:
40:c3:f1:7b:df:c2:c4:6e:f5:fc:61:a6:18:b4:d7:60:b0:d3:
7c:73:69:6f:d2:fe:b4:7f:1a:1c:91:d4:f3:f0:6e:62:9e:05:
16:98:13:06:36:05:97:1c:a6:25:d3:ed:95:fc:eb:43:57:5d:
65:57:8c:f0:96:17:8e:cb:03:25:f4:49:c6:0b:09:9d:24:19:
2a:a2:93:ec:da:29:9f:2c:68:f4:24:08:e2:f3:f5:fa:ba:e2:
9d:a4:14:72:62:4b:26:63:6c:d9:c8:27:37:21:dc:e2:74:30:
ca:58:f7:e9:a8:85:e0:26:09:b0:b6:39:ab:f3:09:5d:ad:f1:
06:4f:06:19:91:8f:47:48:ef:42:b9:3a:15:4a:44:26:62:79:
7b:1c:fe:c0:81:e5:7b:3d:03:b7:eb:5d:57:38:57:b4:bf:7f:
ca:06:f1:60:c7:85:be:5f:d0:ff:9e:6e:17:f5:61:04:72:7e:
d4:bc:cf:43:f2:13:dc:45:76:cc:00:e2:0f:35:9d:aa:96:1d:
45:e6:64:00:6a:2a:56:56:59:c1:46:0a:a1:f4:23:d3:08:09:
19:fb:d6:55
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY+G142/AT/ucGEHpeHT1BTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjQwNTE3MTM1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc5N2Q4NzE0MDljNzE3OGU1NjgxZTZmODRiZDM3OGIyMmZlYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIyc17dAlACERM1ymBg4vuHZPEp0
Ck9mQaQfqxNC1sGIQdfMFM4fQbXUhX1Fy1IKm7X6fj4t3goQZ5wKqGx7HNryI/vs
TAFAGORmL9CERFY1jppaIIUoENJG/FyY0M71JrvaGusmHPIVZindbNExQaXMGzaR
E4F6wmXjQX55DnJe3QICXLJCLArdd2eMUm733KaJBbRSwreUd+zHyj7+xHf7iiC8
ykbk1B4FA29+kMoNLP4k8ghiuJgRyaF5oMWGSoHoNCGFXXpO7iQnDL9sb/Vu9Fj6
BiyoBBZDAA/+km1IQ+cRRLMBOfR/yyimMBCfZlPEd0Ob2xJtwcs/+2d9wwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFIV5fYcUCccXjlaB5vhL03iyL+oHMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvaFhsOWh4UUp4eGVPVm9IbS1FdlRlTEl2NmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBActnIAD
BAAtnIIDBAC5tIwDBAC5tI8wDwQCAAIwCQMHACoQA8AAATANBgkqhkiG9w0BAQsF
AAOCAQEAq1BOQOjI6pF7T27lIpdsRuKYU2WtNqRtjTMqB8RnGaY244D6QMPxe9/C
xG71/GGmGLTXYLDTfHNpb9L+tH8aHJHU8/BuYp4FFpgTBjYFlxymJdPtlfzrQ1dd
ZVeM8JYXjssDJfRJxgsJnSQZKqKT7Nopnyxo9CQI4vP1+rrinaQUcmJLJmNs2cgn
NyHc4nQwylj36aiF4CYJsLY5q/MJXa3xBk8GGZGPR0jvQrk6FUpEJmJ5exz+wIHl
ez0Dt+tdVzhXtL9/ygbxYMeFvl/Q/55uF/VhBHJ+1LzPQ/IT3EV2zADiDzWdqpYd
ReZkAGoqVlZZwUYKofQj0wgJGfvWVQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 23:22:53 2024 by rpki-client on console-ams.rpki-client.org