Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/4QkOU3FCO8k1WYq84luqcQ3A4VQ.roa
File: 4QkOU3FCO8k1WYq84luqcQ3A4VQ.roa (raw, json)
Hash identifier: KqL78yB+Ixk0nSU+goQvM+FOSEx0jj4TjA858XS1BC4=
Subject key identifier: E1:09:0E:53:71:42:3B:C9:35:59:8A:BC:E2:5B:AA:71:0D:C0:E1:54
Certificate issuer: /CN=9af4f122622fc3bb6fb83b7c8269036eda62466f
Certificate serial: 018F76EA1E2550BC2BA8165D7D05AF4DCEC0
Authority key identifier: 9A:F4:F1:22:62:2F:C3:BB:6F:B8:3B:7C:82:69:03:6E:DA:62:46:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvTxImIvw7tvuDt8gmkDbtpiRm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/4QkOU3FCO8k1WYq84luqcQ3A4VQ.roa
Signing time: Tue 14 May 2024 11:43:25 +0000
ROA not before: Tue 14 May 2024 11:43:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215927
IP address blocks: 45.156.176.0/23 maxlen: 23
45.156.176.0/24 maxlen: 24
45.156.177.0/24 maxlen: 24
45.156.178.0/23 maxlen: 23
45.156.178.0/24 maxlen: 24
45.156.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/mvTxImIvw7tvuDt8gmkDbtpiRm8.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/mvTxImIvw7tvuDt8gmkDbtpiRm8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mvTxImIvw7tvuDt8gmkDbtpiRm8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:ea:1e:25:50:bc:2b:a8:16:5d:7d:05:af:4d:ce:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af4f122622fc3bb6fb83b7c8269036eda62466f
Validity
Not Before: May 14 11:43:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1090e5371423bc935598abce25baa710dc0e154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f3:6f:1b:36:f1:07:16:b3:e7:38:61:56:5f:
ed:74:93:03:30:03:76:31:c4:be:6d:6a:0f:ec:58:
54:52:72:c6:1a:28:89:d7:46:5c:04:ef:5e:2f:29:
29:b6:24:06:e3:c6:14:7e:46:df:f2:16:e5:e5:b4:
a2:b6:15:5b:b3:0c:e0:a6:cb:86:b8:78:aa:ff:4c:
e1:a0:e8:c6:ad:c7:2e:8e:b4:84:fc:6e:b2:a8:04:
3e:fd:18:e3:da:2a:64:3f:cf:d3:0e:5f:e2:19:c6:
81:fb:68:bc:75:0c:35:2e:34:e9:5b:e3:88:b1:9f:
de:c8:31:a1:3f:69:71:95:dd:2d:64:78:30:3d:d2:
33:2d:80:44:1c:c0:e4:56:f8:b7:98:82:79:59:27:
27:86:d7:ed:c5:5c:f7:b6:de:33:36:70:eb:06:4e:
d3:88:28:7e:ac:04:96:c7:6d:b5:c3:bb:43:0e:12:
3e:06:ba:d1:30:d9:4f:7e:18:f2:c4:59:2d:83:55:
09:a8:e3:5e:46:99:9f:c8:de:59:c5:13:c2:6d:a8:
8d:d8:13:99:ee:71:db:c1:b3:52:a7:8c:65:f2:b4:
16:ec:82:8d:38:82:76:3a:ff:98:04:76:eb:e2:2a:
3b:93:a8:67:08:98:ac:b1:fc:7c:a7:12:94:a0:fe:
1a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:09:0E:53:71:42:3B:C9:35:59:8A:BC:E2:5B:AA:71:0D:C0:E1:54
X509v3 Authority Key Identifier:
keyid:9A:F4:F1:22:62:2F:C3:BB:6F:B8:3B:7C:82:69:03:6E:DA:62:46:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvTxImIvw7tvuDt8gmkDbtpiRm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/4QkOU3FCO8k1WYq84luqcQ3A4VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/eadacb-e4a4-41f9-89ed-c5718bde6751/1/mvTxImIvw7tvuDt8gmkDbtpiRm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.176.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:d6:13:c4:28:11:a8:2f:b0:7e:01:d1:20:76:53:24:24:b7:
59:30:78:76:cb:33:d0:45:fe:c8:63:9b:ad:f1:20:fe:bb:ae:
fa:a2:5f:80:b1:07:0f:1c:c2:9a:d9:a8:ea:5e:49:26:6d:36:
09:21:64:2a:30:c3:59:ab:5a:a7:68:2c:f7:b9:62:9e:60:5b:
3d:43:9d:b7:c5:be:75:3e:0e:26:36:e9:be:0b:27:ea:6f:a6:
33:91:e8:6d:68:a6:b5:ca:31:36:9a:9c:38:1c:a4:fb:e6:2f:
58:55:12:08:bf:21:8d:75:a9:7a:aa:39:79:75:e4:c3:07:47:
40:b6:79:4a:e8:64:a8:4c:03:10:e5:01:78:95:67:9d:0f:42:
2a:42:d5:38:88:cc:dc:ac:0a:2a:f6:f0:f1:a5:fb:14:42:93:
81:fc:4e:db:f0:36:b9:ee:c7:1d:62:ef:4c:1d:73:cd:63:1f:
90:f4:33:f4:fa:57:43:40:c7:03:ec:2a:55:67:1d:75:af:3f:
29:11:2f:fd:ed:a9:1a:0f:b6:69:c0:6f:2d:75:49:24:f2:9b:
91:c7:cb:57:ad:d2:b7:e1:9b:4d:04:1a:98:6f:95:da:cb:37:
b9:45:33:30:72:0c:3e:ad:1d:02:bc:59:7b:21:4f:8c:82:d4:
2c:41:49:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY926h4lULwrqBZdfQWvTc7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjRmMTIyNjIyZmMzYmI2ZmI4M2I3YzgyNjkwMzZlZGE2
MjQ2NmYwHhcNMjQwNTE0MTE0MzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTA5MGU1MzcxNDIzYmM5MzU1OThhYmNlMjViYWE3MTBkYzBlMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvNvGzbxBxaz5zhhVl/tdJMDMAN2
McS+bWoP7FhUUnLGGiiJ10ZcBO9eLykptiQG48YUfkbf8hbl5bSithVbswzgpsuG
uHiq/0zhoOjGrccujrSE/G6yqAQ+/Rjj2ipkP8/TDl/iGcaB+2i8dQw1LjTpW+OI
sZ/eyDGhP2lxld0tZHgwPdIzLYBEHMDkVvi3mIJ5WScnhtftxVz3tt4zNnDrBk7T
iCh+rASWx221w7tDDhI+BrrRMNlPfhjyxFktg1UJqONeRpmfyN5ZxRPCbaiN2BOZ
7nHbwbNSp4xl8rQW7IKNOIJ2Ov+YBHbr4io7k6hnCJissfx8pxKUoP4aJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEJDlNxQjvJNVmKvOJbqnENwOFUMB8GA1UdIwQY
MBaAFJr08SJiL8O7b7g7fIJpA27aYkZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZUeEltSXZ3N3R2dUR0OGdta0RidHBpUm04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lYWRhY2ItZTRhNC00MWY5LTg5ZWQt
YzU3MThiZGU2NzUxLzEvNFFrT1UzRkNPOGsxV1lxODRsdXFjUTNBNFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lYWRhY2ItZTRhNC00MWY5LTg5ZWQtYzU3MThiZGU2NzUx
LzEvbXZUeEltSXZ3N3R2dUR0OGdta0RidHBpUm04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZywMA0G
CSqGSIb3DQEBCwUAA4IBAQDG1hPEKBGoL7B+AdEgdlMkJLdZMHh2yzPQRf7IY5ut
8SD+u676ol+AsQcPHMKa2ajqXkkmbTYJIWQqMMNZq1qnaCz3uWKeYFs9Q523xb51
Pg4mNum+Cyfqb6YzkehtaKa1yjE2mpw4HKT75i9YVRIIvyGNdal6qjl5deTDB0dA
tnlK6GSoTAMQ5QF4lWedD0IqQtU4iMzcrAoq9vDxpfsUQpOB/E7b8Da57scdYu9M
HXPNYx+Q9DP0+ldDQMcD7CpVZx11rz8pES/97akaD7ZpwG8tdUkk8puRx8tXrdK3
4ZtNBBqYb5Xayze5RTMwcgw+rR0CvFl7IU+MgtQsQUks
-----END CERTIFICATE-----
Generated at Sat Jun 1 22:12:07 2024 by rpki-client on console-fra.rpki-client.org