Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Fe0DBcbD6oEMRtgnXKsc_5ctawg.roa
File: Fe0DBcbD6oEMRtgnXKsc_5ctawg.roa (raw, json)
Hash identifier: zDnbuGMA3HviYHZ7z91OiWcdNIacQbGwc/xdkSFCyc8=
Subject key identifier: 15:ED:03:05:C6:C3:EA:81:0C:46:D8:27:5C:AB:1C:FF:97:2D:6B:08
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018F38FA92886F38AFF340F910916CA0D66F
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Fe0DBcbD6oEMRtgnXKsc_5ctawg.roa
Signing time: Thu 02 May 2024 11:04:56 +0000
ROA not before: Thu 02 May 2024 11:04:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197071
IP address blocks: 45.86.156.0/23 maxlen: 23
45.86.156.0/24 maxlen: 24
185.236.8.0/24 maxlen: 24
193.38.249.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:fa:92:88:6f:38:af:f3:40:f9:10:91:6c:a0:d6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: May 2 11:04:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15ed0305c6c3ea810c46d8275cab1cff972d6b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c0:75:e4:8a:73:6b:c3:6d:2c:f3:01:c0:ac:
52:40:a5:ac:7a:31:30:44:f2:dc:5b:a7:22:b4:57:
09:7c:ad:95:76:f0:ae:1e:0e:10:97:63:22:fe:01:
5a:6c:01:e8:51:aa:f8:95:57:34:ec:2c:cb:ac:fd:
b7:42:9b:96:e7:c2:e3:9e:1e:bf:05:2c:84:d3:73:
4e:82:5e:c7:fd:cb:4d:ad:ad:34:ef:92:cc:eb:d2:
00:e0:9a:81:49:e7:fc:2a:e3:08:29:16:90:d8:bd:
5b:0a:8f:d5:65:2f:2d:61:e4:60:81:8d:e0:1c:32:
9e:3a:d6:82:e1:7d:aa:da:16:d9:c2:4d:45:5b:c6:
9e:39:1f:e7:1c:22:7d:5d:04:0b:17:5f:0d:b9:cf:
ae:c4:6e:9c:11:73:83:75:24:c0:dd:92:ca:4b:9f:
f5:83:e6:43:8b:ac:6b:e0:7d:75:19:26:b4:e9:ad:
18:ab:43:9a:bc:2a:29:b5:dc:b7:17:4b:51:ce:27:
0e:ec:01:68:62:49:be:2b:d5:f0:e1:eb:f6:75:d3:
9e:29:45:1a:3f:45:d2:70:7c:ca:a5:c9:b3:4c:eb:
d0:d9:84:57:76:b1:9d:91:e0:76:3a:89:29:30:84:
c7:a6:fb:a0:d2:cb:e6:37:3b:cd:31:86:a4:cb:e8:
c5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:ED:03:05:C6:C3:EA:81:0C:46:D8:27:5C:AB:1C:FF:97:2D:6B:08
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Fe0DBcbD6oEMRtgnXKsc_5ctawg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/23
185.236.8.0/24
193.38.249.0/24
Signature Algorithm: sha256WithRSAEncryption
94:88:4f:86:0f:79:2e:9d:64:37:3c:c2:07:45:88:10:17:46:
d9:99:b1:33:41:21:09:32:5b:32:3c:f9:6e:72:d6:1a:59:8f:
19:5a:ee:91:b3:4f:f8:1f:98:1f:fe:96:03:c9:98:f1:6e:24:
99:59:34:1c:d3:16:28:f9:6d:34:f8:ae:5e:30:ca:0b:3c:f2:
b2:a1:c6:f5:7b:31:d7:c9:bf:db:7e:33:16:05:ec:57:11:77:
d2:e6:5d:0a:91:02:82:f4:48:a1:82:d1:8c:63:69:8b:d8:e6:
12:4a:53:d5:49:f6:ae:78:ed:df:d8:d4:66:8d:bb:77:1e:26:
14:a7:e5:4c:7b:bd:08:c6:4d:40:c0:2d:aa:cd:a7:0c:1d:97:
d2:3c:ff:b7:34:66:b5:93:7b:fe:ec:af:4e:a1:0c:aa:08:33:
fc:dc:af:2c:76:63:75:59:35:23:3b:28:1f:20:e7:5e:53:27:
4c:09:23:17:51:95:9b:44:1f:54:0f:83:cc:70:2c:ff:4b:ec:
5e:28:46:de:3e:be:8d:91:db:1b:46:b2:ea:e2:72:86:c4:90:
b6:32:89:ee:08:8b:a5:b1:18:ba:bc:1b:7e:34:7e:aa:f9:98:
9f:3e:50:91:18:83:11:4c:0c:84:f8:c4:7c:04:9d:e0:3e:40:
f9:65:57:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY84+pKIbziv80D5EJFsoNZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNTAyMTEwNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWVkMDMwNWM2YzNlYTgxMGM0NmQ4Mjc1Y2FiMWNmZjk3MmQ2YjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssB15Ipza8NtLPMBwKxSQKWsejEw
RPLcW6citFcJfK2VdvCuHg4Ql2Mi/gFabAHoUar4lVc07CzLrP23QpuW58Ljnh6/
BSyE03NOgl7H/ctNra0075LM69IA4JqBSef8KuMIKRaQ2L1bCo/VZS8tYeRggY3g
HDKeOtaC4X2q2hbZwk1FW8aeOR/nHCJ9XQQLF18Nuc+uxG6cEXODdSTA3ZLKS5/1
g+ZDi6xr4H11GSa06a0Yq0OavCoptdy3F0tRzicO7AFoYkm+K9Xw4ev2ddOeKUUa
P0XScHzKpcmzTOvQ2YRXdrGdkeB2OokpMITHpvug0svmNzvNMYaky+jFiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBXtAwXGw+qBDEbYJ1yrHP+XLWsIMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvRmUwREJjYkQ2b0VNUnRnblhLc2NfNWN0YXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVacAwQA
uewIAwQAwSb5MA0GCSqGSIb3DQEBCwUAA4IBAQCUiE+GD3kunWQ3PMIHRYgQF0bZ
mbEzQSEJMlsyPPluctYaWY8ZWu6Rs0/4H5gf/pYDyZjxbiSZWTQc0xYo+W00+K5e
MMoLPPKyocb1ezHXyb/bfjMWBexXEXfS5l0KkQKC9EihgtGMY2mL2OYSSlPVSfau
eO3f2NRmjbt3HiYUp+VMe70Ixk1AwC2qzacMHZfSPP+3NGa1k3v+7K9OoQyqCDP8
3K8sdmN1WTUjOygfIOdeUydMCSMXUZWbRB9UD4PMcCz/S+xeKEbePr6NkdsbRrLq
4nKGxJC2MonuCIulsRi6vBt+NH6q+ZifPlCRGIMRTAyE+MR8BJ3gPkD5ZVeM
-----END CERTIFICATE-----
Generated at Sun May 19 21:57:18 2024 by rpki-client on console-ams.rpki-client.org