Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/nE7azVb23AxQkHjhatVMv1zV_fA.roa
File: nE7azVb23AxQkHjhatVMv1zV_fA.roa (raw, json)
Hash identifier: H3qjsIYFcV6hZ/HzJRE3H0EZdOO9NSYNOClNyUqcOBY=
Subject key identifier: 9C:4E:DA:CD:56:F6:DC:0C:50:90:78:E1:6A:D5:4C:BF:5C:D5:FD:F0
Certificate issuer: /CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Certificate serial: 018CC26D3162F6A817818FB51B46E79F4D66
Authority key identifier: BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/nE7azVb23AxQkHjhatVMv1zV_fA.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.85.240.0/24 maxlen: 24
45.85.241.0/24 maxlen: 24
45.85.243.0/24 maxlen: 24
45.81.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.mft
rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:31:62:f6:a8:17:81:8f:b5:1b:46:e7:9f:4d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c4edacd56f6dc0c509078e16ad54cbf5cd5fdf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b5:06:9d:1d:c3:75:e5:cb:49:e4:55:4b:37:
32:f6:8e:4e:40:f8:76:20:cf:57:1e:c8:e0:a9:fd:
b4:cd:36:28:a1:05:b5:bd:3c:3b:09:41:8c:25:1c:
07:08:cd:97:24:6b:35:dd:95:70:43:fa:11:c4:cc:
62:c3:8f:48:5f:d0:8a:b8:37:7a:a4:f0:08:7f:57:
b2:85:20:c8:b1:8f:d1:2c:5c:10:73:c9:0c:59:1f:
cd:ac:3d:87:c7:33:4f:ba:93:4d:81:4f:f7:1d:46:
b4:7f:fa:7f:5d:27:cf:e5:92:31:7c:c2:44:4e:5b:
41:41:38:9a:b1:2d:ca:13:b7:1b:e4:6a:80:a8:c3:
02:0c:26:c6:af:c6:a0:b2:90:80:24:a9:d6:f7:aa:
27:2b:81:ae:86:dc:f1:38:9d:8b:50:15:dd:47:ea:
f4:a0:e0:ca:62:2c:3d:d7:ac:49:db:14:68:2a:8d:
fd:a3:1c:06:0a:ee:15:59:98:bb:c5:d8:53:4f:21:
d0:ad:96:08:8a:fb:7b:2c:a3:e6:b3:b3:a5:35:d6:
03:04:bf:24:16:67:59:6f:a0:a6:96:af:99:62:0a:
8c:2c:64:93:df:60:b1:1c:ee:b1:59:8f:6d:8f:ec:
53:dc:25:26:00:c8:a0:42:92:fd:b3:d0:45:f5:c1:
1b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4E:DA:CD:56:F6:DC:0C:50:90:78:E1:6A:D5:4C:BF:5C:D5:FD:F0
X509v3 Authority Key Identifier:
keyid:BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/nE7azVb23AxQkHjhatVMv1zV_fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.118.0/24
45.85.240.0/23
45.85.243.0/24
Signature Algorithm: sha256WithRSAEncryption
53:c4:a0:fe:74:62:8e:90:b4:a0:1c:c3:5c:7a:1e:3f:22:36:
22:3f:da:12:a4:a5:85:25:27:cd:69:b4:00:65:2f:fa:7b:9c:
6f:b3:89:03:f8:4e:f6:37:f1:53:29:71:fa:2d:b7:d4:76:11:
9b:a9:50:43:99:7a:5e:dd:a0:e4:7a:48:c9:6b:44:43:bc:74:
4d:6d:f1:91:3e:74:32:8a:9c:92:e6:0f:c4:1d:0c:2f:b6:c9:
71:19:bc:23:f8:0b:7a:bb:90:2f:c2:37:d7:8f:f1:f4:74:7a:
23:6e:d2:2c:27:d1:16:1e:d4:d2:de:93:34:28:0f:8a:b2:04:
2b:3a:ca:c0:c3:6b:92:48:fe:b3:76:5b:93:53:f7:97:ee:30:
92:7a:11:82:1c:b9:18:03:5e:65:59:a7:eb:8f:16:c4:fe:cd:
db:29:bf:8c:0b:41:80:47:e2:04:48:88:75:bd:aa:78:f9:33:
5a:16:5a:f4:8a:ad:e6:8f:b2:24:e4:2a:db:f9:cb:e9:88:b9:
b2:88:e6:f4:46:2f:44:8d:16:8b:6c:e0:e0:8a:cf:65:9d:64:
7a:80:e5:38:06:b9:09:80:2c:9d:22:26:5c:7b:1a:89:d7:26:
1f:5d:34:e0:93:5d:b8:17:51:f3:98:39:69:46:5c:c3:88:25:
03:a0:bb:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbTFi9qgXgY+1G0bnn01mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjgzZTk5YmY3MjU0Zjk0ODA1N2E1ZTk4MWJlNmZhNWMy
MDU0ZGQwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRlZGFjZDU2ZjZkYzBjNTA5MDc4ZTE2YWQ1NGNiZjVjZDVmZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLUGnR3DdeXLSeRVSzcy9o5OQPh2
IM9XHsjgqf20zTYooQW1vTw7CUGMJRwHCM2XJGs13ZVwQ/oRxMxiw49IX9CKuDd6
pPAIf1eyhSDIsY/RLFwQc8kMWR/NrD2HxzNPupNNgU/3HUa0f/p/XSfP5ZIxfMJE
TltBQTiasS3KE7cb5GqAqMMCDCbGr8agspCAJKnW96onK4GuhtzxOJ2LUBXdR+r0
oODKYiw916xJ2xRoKo39oxwGCu4VWZi7xdhTTyHQrZYIivt7LKPms7OlNdYDBL8k
FmdZb6Cmlq+ZYgqMLGST32CxHO6xWY9tj+xT3CUmAMigQpL9s9BF9cEbwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJxO2s1W9twMUJB44WrVTL9c1f3wMB8GA1UdIwQY
MBaAFL24Ppm/clT5SAV6Xpgb5vpcIFTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEt
ZTQ5NWFhYTBjYWMwLzEvbkU3YXpWYjIzQXhRa0hqaGF0Vk12MXpWX2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEtZTQ5NWFhYTBjYWMw
LzEvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVF2AwQB
LVXwAwQALVXzMA0GCSqGSIb3DQEBCwUAA4IBAQBTxKD+dGKOkLSgHMNceh4/IjYi
P9oSpKWFJSfNabQAZS/6e5xvs4kD+E72N/FTKXH6LbfUdhGbqVBDmXpe3aDkekjJ
a0RDvHRNbfGRPnQyipyS5g/EHQwvtslxGbwj+At6u5AvwjfXj/H0dHojbtIsJ9EW
HtTS3pM0KA+KsgQrOsrAw2uSSP6zdluTU/eX7jCSehGCHLkYA15lWafrjxbE/s3b
Kb+MC0GAR+IESIh1vap4+TNaFlr0iq3mj7Ik5Crb+cvpiLmyiOb0Ri9EjRaLbODg
is9lnWR6gOU4BrkJgCydIiZcexqJ1yYfXTTgk124F1HzmDlpRlzDiCUDoLvq
-----END CERTIFICATE-----
Generated at Sun Apr 28 04:27:51 2024 by rpki-client on console-ams.rpki-client.org