Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/4risuUbTuuksWFjx-zBQE5xaR5s.roa
File: 4risuUbTuuksWFjx-zBQE5xaR5s.roa (raw, json)
Hash identifier: h3vAbWApa2m96KBqQpcaRSI39msq/jE1tIB8zWww0kk=
Subject key identifier: E2:B8:AC:B9:46:D3:BA:E9:2C:58:58:F1:FB:30:50:13:9C:5A:47:9B
Certificate issuer: /CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Certificate serial: 018CC6B8461AEAD9B05EEF10A0BFCA1CC621
Authority key identifier: C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/4risuUbTuuksWFjx-zBQE5xaR5s.roa
Signing time: Mon 01 Jan 2024 20:30:14 +0000
ROA not before: Mon 01 Jan 2024 20:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209007
IP address blocks: 45.11.43.0/24 maxlen: 24
45.11.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:46:1a:ea:d9:b0:5e:ef:10:a0:bf:ca:1c:c6:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Validity
Not Before: Jan 1 20:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2b8acb946d3bae92c5858f1fb3050139c5a479b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:60:20:af:34:b1:93:77:44:8f:d5:af:29:c0:
ff:db:7d:94:c5:bc:5e:41:c2:ea:b4:1a:f6:6a:36:
e6:e8:95:78:17:32:85:72:7b:c4:2c:ce:85:80:a7:
9f:a2:cb:7c:fd:98:bd:2d:1c:90:07:65:47:89:1b:
49:e2:84:53:21:de:b6:28:42:85:8d:b7:fc:e6:bb:
e8:72:75:8f:7c:46:41:51:a2:a3:b1:07:4c:8e:cc:
82:27:ce:9e:f6:5d:dc:0c:37:1e:91:52:05:05:57:
64:b0:84:ae:a4:d5:ec:76:16:67:e9:1f:20:ce:75:
79:0d:f9:d0:91:a2:a2:cc:ed:4f:90:ef:d8:d3:c6:
84:20:47:bf:1c:8a:e7:99:ec:6b:d3:55:55:23:9f:
65:87:79:20:9d:0d:b1:69:1c:19:bc:8a:af:86:f6:
2e:c8:39:a9:c3:52:39:4c:12:55:68:3f:37:5e:14:
66:51:9a:63:05:94:17:24:b9:e4:74:9f:d2:a5:2e:
65:e5:f3:cd:7d:75:19:40:62:10:2c:3a:f3:7b:97:
aa:8a:09:fd:b4:c5:d9:6c:82:68:92:bb:21:d1:06:
d5:68:5a:56:1c:d4:e2:12:b1:53:ae:63:e5:39:14:
3a:d1:d1:d1:7f:15:3c:26:1b:bb:0d:1d:9d:4c:a2:
9f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B8:AC:B9:46:D3:BA:E9:2C:58:58:F1:FB:30:50:13:9C:5A:47:9B
X509v3 Authority Key Identifier:
keyid:C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/4risuUbTuuksWFjx-zBQE5xaR5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.42.0/23
Signature Algorithm: sha256WithRSAEncryption
22:2a:69:7b:57:41:4b:02:78:5a:b4:a7:a6:07:1c:7e:8a:c4:
7f:66:d3:bf:84:41:e1:21:9d:71:3f:d7:9a:5d:60:05:57:9a:
e4:03:d6:21:5e:26:74:ed:39:48:70:b9:ad:91:b1:30:32:a0:
eb:60:be:af:5f:13:55:11:ae:ab:c5:6c:13:66:b3:be:47:d4:
0f:a4:95:e3:41:5c:c8:20:c5:08:89:e5:7f:3d:2a:20:d9:1f:
6c:41:bc:2d:f9:0a:a6:fb:3a:80:57:d1:a8:d8:8d:d4:42:48:
9d:7f:fc:ad:76:d0:9a:b7:31:43:fb:e0:b1:5d:e4:d2:49:a6:
5e:dc:ca:09:02:a3:07:97:f0:60:f9:a4:6b:d7:69:e1:b3:7b:
77:7f:80:5a:d7:7d:e5:68:8a:0a:8a:7a:bd:6e:74:14:d9:b3:
17:fa:1a:41:4b:72:7d:eb:51:e4:df:aa:a3:fd:e8:d8:32:96:
b8:22:fb:f9:06:4f:b5:bd:0c:0d:e5:a3:fc:e6:ea:16:dc:db:
82:32:72:94:cf:96:27:ca:22:5d:b2:5b:f6:c2:c2:b6:0c:ab:
c0:d5:19:8e:7c:59:9f:f5:e3:8f:55:18:75:c2:ac:83:b5:e0:
6b:7c:a7:2d:ea:61:ff:03:23:6f:1d:a4:63:58:98:82:6c:ec:
a3:81:e9:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuEYa6tmwXu8QoL/KHMYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjIxYzg5YmM3ZTJiMjE0MDY3ZjMwNzA3YTRhMDNkYzM0
NmVlMDUwHhcNMjQwMTAxMjAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmI4YWNiOTQ2ZDNiYWU5MmM1ODU4ZjFmYjMwNTAxMzljNWE0NzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGAgrzSxk3dEj9WvKcD/232Uxbxe
QcLqtBr2ajbm6JV4FzKFcnvELM6FgKefost8/Zi9LRyQB2VHiRtJ4oRTId62KEKF
jbf85rvocnWPfEZBUaKjsQdMjsyCJ86e9l3cDDcekVIFBVdksISupNXsdhZn6R8g
znV5DfnQkaKizO1PkO/Y08aEIEe/HIrnmexr01VVI59lh3kgnQ2xaRwZvIqvhvYu
yDmpw1I5TBJVaD83XhRmUZpjBZQXJLnkdJ/SpS5l5fPNfXUZQGIQLDrze5eqign9
tMXZbIJokrsh0QbVaFpWHNTiErFTrmPlORQ60dHRfxU8Jhu7DR2dTKKfpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOK4rLlG07rpLFhY8fswUBOcWkebMB8GA1UdIwQY
MBaAFMSyHIm8fishQGfzBwekoD3DRu4FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODkt
MDYzYjQwMTc0NTk3LzEvNHJpc3VVYlR1dWtzV0ZqeC16QlFFNXhhUjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODktMDYzYjQwMTc0NTk3
LzEveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQsqMA0G
CSqGSIb3DQEBCwUAA4IBAQAiKml7V0FLAnhatKemBxx+isR/ZtO/hEHhIZ1xP9ea
XWAFV5rkA9YhXiZ07TlIcLmtkbEwMqDrYL6vXxNVEa6rxWwTZrO+R9QPpJXjQVzI
IMUIieV/PSog2R9sQbwt+Qqm+zqAV9Go2I3UQkidf/ytdtCatzFD++CxXeTSSaZe
3MoJAqMHl/Bg+aRr12nhs3t3f4Ba133laIoKinq9bnQU2bMX+hpBS3J961Hk36qj
/ejYMpa4Ivv5Bk+1vQwN5aP85uoW3NuCMnKUz5YnyiJdslv2wsK2DKvA1RmOfFmf
9eOPVRh1wqyDteBrfKct6mH/AyNvHaRjWJiCbOyjgenh
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:41:31 2024 by rpki-client on console-fra.rpki-client.org