Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/T4cqfjnENNSKj9M7dYvA_IXZGH4.roa
File: T4cqfjnENNSKj9M7dYvA_IXZGH4.roa (raw, json)
Hash identifier: BfhxC+A1x6yY45FStJ6mZdgkbBbx5PyhgFntDJQ1NlA=
Subject key identifier: 4F:87:2A:7E:39:C4:34:D4:8A:8F:D3:3B:75:8B:C0:FC:85:D9:18:7E
Certificate issuer: /CN=121a37282dd992d88658160559e048392798c84b
Certificate serial: 018E2CA896FF897A80BE68D9566511D65CEE
Authority key identifier: 12:1A:37:28:2D:D9:92:D8:86:58:16:05:59:E0:48:39:27:98:C8:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eho3KC3ZktiGWBYFWeBIOSeYyEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/T4cqfjnENNSKj9M7dYvA_IXZGH4.roa
Signing time: Mon 11 Mar 2024 08:37:09 +0000
ROA not before: Mon 11 Mar 2024 08:37:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44092
IP address blocks: 45.13.128.0/22 maxlen: 22
45.13.128.0/24 maxlen: 24
45.13.129.0/24 maxlen: 24
45.13.130.0/24 maxlen: 24
45.13.131.0/24 maxlen: 24
185.149.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/Eho3KC3ZktiGWBYFWeBIOSeYyEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/Eho3KC3ZktiGWBYFWeBIOSeYyEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eho3KC3ZktiGWBYFWeBIOSeYyEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:a8:96:ff:89:7a:80:be:68:d9:56:65:11:d6:5c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=121a37282dd992d88658160559e048392798c84b
Validity
Not Before: Mar 11 08:37:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f872a7e39c434d48a8fd33b758bc0fc85d9187e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4a:1b:b9:5b:e6:c3:8a:b9:89:2e:1c:98:9c:
78:94:ab:52:c2:1e:9e:9e:75:84:c6:04:63:52:40:
0a:10:58:50:c0:28:c2:30:bf:1b:6e:fb:cd:03:66:
a1:03:84:6f:2f:ed:c1:7c:23:34:1a:71:3f:ad:ac:
f4:5b:40:eb:85:97:cf:bf:c0:b8:ef:74:76:9f:80:
90:ab:98:3d:f1:2a:af:a5:d0:f5:16:44:11:c0:68:
77:8a:10:b6:c6:f6:91:bd:ad:8a:85:eb:b2:e8:fc:
f3:15:b2:5f:34:57:6b:3d:e2:24:d1:79:92:e6:57:
ff:fc:f6:a6:f9:f9:b3:9e:9f:ef:3d:a6:68:93:b8:
51:95:fa:9c:dc:52:82:c5:5e:ef:a1:2b:ac:c6:3f:
54:d9:75:27:3b:47:03:1e:da:a6:f8:88:ce:9b:16:
c0:d4:2b:40:97:a0:c5:31:39:70:c6:fc:33:4e:d2:
d6:95:ae:ef:07:88:6c:26:bd:8f:3b:3e:ff:d8:bd:
98:b2:60:ce:8c:ef:56:96:15:c1:1b:53:12:ee:f5:
fa:09:61:a8:01:40:58:75:c6:6f:0a:e9:76:13:f4:
05:54:b6:70:88:c1:50:d7:dd:b8:e7:8c:45:7c:2b:
b3:0e:bb:62:98:ff:cd:f7:83:43:7f:f5:89:c0:1b:
28:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:87:2A:7E:39:C4:34:D4:8A:8F:D3:3B:75:8B:C0:FC:85:D9:18:7E
X509v3 Authority Key Identifier:
keyid:12:1A:37:28:2D:D9:92:D8:86:58:16:05:59:E0:48:39:27:98:C8:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eho3KC3ZktiGWBYFWeBIOSeYyEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/T4cqfjnENNSKj9M7dYvA_IXZGH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/Eho3KC3ZktiGWBYFWeBIOSeYyEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.128.0/22
185.149.35.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:cf:36:6f:b4:1d:9e:e5:1b:39:cf:bf:98:ac:12:dc:1c:7b:
ba:03:40:6d:7c:4d:ea:bd:57:b1:1a:1f:9d:18:17:02:cc:57:
a3:f3:ce:1e:3e:24:a9:e0:66:13:04:45:90:8b:b4:89:7c:15:
f0:e3:18:1e:7a:28:38:51:6a:45:dc:19:91:23:24:7e:23:22:
40:42:dc:24:be:84:92:0f:b7:5b:e4:92:91:b1:15:20:f4:12:
8a:40:3d:bf:ab:a0:bf:c6:ae:3c:65:05:52:24:20:8a:dc:4b:
26:f0:69:6b:c6:0c:d2:04:3c:54:fa:e3:15:7f:fa:95:cb:bd:
45:46:4c:ee:fe:91:33:f5:c2:9e:d8:9d:17:0c:5e:9a:ad:27:
cc:25:63:f9:4d:2d:66:4c:91:37:b3:67:5e:d4:06:2c:87:fc:
9a:da:f8:3d:aa:c4:9b:d5:51:6e:ea:cf:fa:bc:2e:d5:e5:7d:
c5:50:48:1f:18:7e:70:b4:cc:36:7b:e6:02:ea:5d:ec:f8:7f:
a0:9b:47:4d:06:9c:ad:e5:78:ba:62:d8:5f:aa:b8:96:34:b7:
e5:86:a5:20:b2:d5:73:66:57:b3:ab:97:ca:d8:bd:fe:22:34:
bb:74:69:28:95:96:13:7a:d3:1d:4a:76:88:ec:a4:74:9a:4b:
f7:ec:e0:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4sqJb/iXqAvmjZVmUR1lzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMWEzNzI4MmRkOTkyZDg4NjU4MTYwNTU5ZTA0ODM5Mjc5
OGM4NGIwHhcNMjQwMzExMDgzNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjg3MmE3ZTM5YzQzNGQ0OGE4ZmQzM2I3NThiYzBmYzg1ZDkxODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUobuVvmw4q5iS4cmJx4lKtSwh6e
nnWExgRjUkAKEFhQwCjCML8bbvvNA2ahA4RvL+3BfCM0GnE/raz0W0DrhZfPv8C4
73R2n4CQq5g98SqvpdD1FkQRwGh3ihC2xvaRva2Kheuy6PzzFbJfNFdrPeIk0XmS
5lf//Pam+fmznp/vPaZok7hRlfqc3FKCxV7voSusxj9U2XUnO0cDHtqm+IjOmxbA
1CtAl6DFMTlwxvwzTtLWla7vB4hsJr2POz7/2L2YsmDOjO9WlhXBG1MS7vX6CWGo
AUBYdcZvCul2E/QFVLZwiMFQ192454xFfCuzDrtimP/N94NDf/WJwBsoYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE+HKn45xDTUio/TO3WLwPyF2Rh+MB8GA1UdIwQY
MBaAFBIaNygt2ZLYhlgWBVngSDknmMhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhvM0tDM1prdGlHV0JZRldlQklPU2VZeUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mZWQxMzEtZjlkNy00MWIyLWI4YmMt
MDgyYjFmN2YwZGIyLzEvVDRjcWZqbkVOTlNLajlNN2RZdkFfSVhaR0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mZWQxMzEtZjlkNy00MWIyLWI4YmMtMDgyYjFmN2YwZGIy
LzEvRWhvM0tDM1prdGlHV0JZRldlQklPU2VZeUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQ2AAwQA
uZUjMA0GCSqGSIb3DQEBCwUAA4IBAQCczzZvtB2e5Rs5z7+YrBLcHHu6A0BtfE3q
vVexGh+dGBcCzFej884ePiSp4GYTBEWQi7SJfBXw4xgeeig4UWpF3BmRIyR+IyJA
QtwkvoSSD7db5JKRsRUg9BKKQD2/q6C/xq48ZQVSJCCK3Esm8GlrxgzSBDxU+uMV
f/qVy71FRkzu/pEz9cKe2J0XDF6arSfMJWP5TS1mTJE3s2de1AYsh/ya2vg9qsSb
1VFu6s/6vC7V5X3FUEgfGH5wtMw2e+YC6l3s+H+gm0dNBpyt5Xi6YthfqriWNLfl
hqUgstVzZlezq5fK2L3+IjS7dGkolZYTetMdSnaI7KR0mkv37ODD
-----END CERTIFICATE-----
Generated at Sun Apr 28 10:08:57 2024 by rpki-client on console-ams.rpki-client.org