Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/rEvKKYk-uyP9iDHVV3Pr6hjJZJQ.roa
File: rEvKKYk-uyP9iDHVV3Pr6hjJZJQ.roa (raw, json)
Hash identifier: +otqiAIAfgiWeAhIJeLyGJgH1Oj34eFwOFgK33oW7fo=
Subject key identifier: AC:4B:CA:29:89:3E:BB:23:FD:88:31:D5:57:73:EB:EA:18:C9:64:94
Certificate issuer: /CN=a04de87501c7d3082c76659f4debd9428843b4cb
Certificate serial: 018CC348D6BBF067C26525125DE43FC4F9EA
Authority key identifier: A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/rEvKKYk-uyP9iDHVV3Pr6hjJZJQ.roa
Signing time: Mon 01 Jan 2024 04:29:39 +0000
ROA not before: Mon 01 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41529
IP address blocks: 45.131.84.0/24 maxlen: 24
45.131.85.0/24 maxlen: 24
45.131.84.0/22 maxlen: 22
45.131.87.0/24 maxlen: 24
45.131.86.0/24 maxlen: 24
2a0e:5f40:84::/48 maxlen: 48
2a0e:5f40:87::/48 maxlen: 48
2a0e:5f40::/29 maxlen: 29
2a0e:5f40:85::/48 maxlen: 48
2a0e:5f40:86::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.mft
rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d6:bb:f0:67:c2:65:25:12:5d:e4:3f:c4:f9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04de87501c7d3082c76659f4debd9428843b4cb
Validity
Not Before: Jan 1 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac4bca29893ebb23fd8831d55773ebea18c96494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:c5:47:69:d1:32:21:6d:3e:84:01:4a:ea:e7:
88:32:41:96:31:4b:a8:41:43:5e:a0:40:f1:24:64:
3d:92:b4:08:11:23:f8:2c:f5:a4:76:49:ec:09:4b:
b0:7a:f4:60:1a:91:af:a2:b1:60:4e:21:fc:cc:cc:
ca:0f:cf:0d:d9:0b:55:ef:64:8e:46:16:a9:a9:ba:
29:a5:34:a2:2e:22:85:31:0d:cf:a0:5d:25:a7:e9:
23:10:5c:24:b9:39:75:9c:30:cc:e5:b7:85:04:c6:
7d:e2:47:28:e0:90:48:4a:4f:90:fe:67:7c:dd:ff:
ee:9f:06:f9:7c:47:d4:2b:e1:9b:11:62:4a:68:2c:
cf:07:94:1c:48:11:8b:95:f6:be:db:3a:93:e8:f5:
ca:cf:32:ee:7f:f8:cd:b4:75:1a:dc:cd:c9:94:dc:
d8:e3:b2:ba:98:1d:82:96:d1:63:ac:6d:8f:63:a8:
1e:49:dc:ca:40:da:75:7d:ed:d0:5e:83:b9:a9:20:
0e:2b:ec:07:d3:21:24:d2:2a:88:9a:01:96:47:79:
94:0e:44:2d:a9:56:bb:99:59:37:b5:00:1c:f4:bf:
cc:6d:74:b1:c6:e6:3f:85:d1:c4:9a:84:4e:f6:24:
bc:5f:92:e2:a7:7b:d9:b7:4c:f6:2b:b0:d4:bd:f0:
9b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4B:CA:29:89:3E:BB:23:FD:88:31:D5:57:73:EB:EA:18:C9:64:94
X509v3 Authority Key Identifier:
keyid:A0:4D:E8:75:01:C7:D3:08:2C:76:65:9F:4D:EB:D9:42:88:43:B4:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oE3odQHH0wgsdmWfTevZQohDtMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/rEvKKYk-uyP9iDHVV3Pr6hjJZJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/465c90-70fb-4015-b969-748f7878388a/1/oE3odQHH0wgsdmWfTevZQohDtMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.84.0/22
IPv6:
2a0e:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
30:0e:0d:b7:b9:6c:06:ae:0a:18:87:0a:46:a2:2e:91:37:de:
cc:14:75:77:bf:45:e8:35:0c:22:c9:9c:d7:dc:c1:8c:fc:e4:
aa:21:b0:40:68:58:4b:35:b7:52:ac:89:0d:e6:b8:95:f6:ac:
cc:5e:06:cf:7f:93:69:23:df:5c:8e:ad:ed:08:6b:5f:38:9d:
81:7f:da:b7:fe:5d:61:db:43:94:a2:a4:41:fd:fa:f5:80:62:
ba:f8:20:1e:3e:81:9c:d8:a4:78:db:31:27:04:a6:3f:15:a5:
bd:d2:49:a3:4d:c9:50:05:44:24:4d:1a:df:be:bf:06:20:33:
64:21:bc:db:8d:03:31:ff:82:48:04:09:43:22:f7:87:2a:d4:
f0:00:99:c2:ff:a7:70:bc:e8:64:52:bc:dc:67:64:bf:f1:39:
47:90:30:a1:19:64:70:7c:87:bc:3c:61:94:5b:4a:79:13:73:
1e:cd:94:b6:7b:df:dc:3a:a5:d7:55:f8:38:e3:ee:c8:77:5e:
b3:8b:5a:8c:a2:05:94:d3:b0:e0:b4:48:e0:6c:c4:30:9a:fa:
e3:2e:1c:1e:a9:c4:31:32:72:d4:cd:0a:ec:ea:48:6f:32:4d:
6e:7d:f7:ac:c3:5b:08:22:56:fc:b6:40:88:70:0d:53:78:3e:
0e:20:81:21
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSNa78GfCZSUSXeQ/xPnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNGRlODc1MDFjN2QzMDgyYzc2NjU5ZjRkZWJkOTQyODg0
M2I0Y2IwHhcNMjQwMTAxMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzRiY2EyOTg5M2ViYjIzZmQ4ODMxZDU1NzczZWJlYTE4Yzk2NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+sVHadEyIW0+hAFK6ueIMkGWMUuo
QUNeoEDxJGQ9krQIESP4LPWkdknsCUuwevRgGpGvorFgTiH8zMzKD88N2QtV72SO
RhapqboppTSiLiKFMQ3PoF0lp+kjEFwkuTl1nDDM5beFBMZ94kco4JBISk+Q/md8
3f/unwb5fEfUK+GbEWJKaCzPB5QcSBGLlfa+2zqT6PXKzzLuf/jNtHUa3M3JlNzY
47K6mB2CltFjrG2PY6geSdzKQNp1fe3QXoO5qSAOK+wH0yEk0iqImgGWR3mUDkQt
qVa7mVk3tQAc9L/MbXSxxuY/hdHEmoRO9iS8X5Lip3vZt0z2K7DUvfCbiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKxLyimJPrsj/Ygx1Vdz6+oYyWSUMB8GA1UdIwQY
MBaAFKBN6HUBx9MILHZln03r2UKIQ7TLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5Njkt
NzQ4Zjc4NzgzODhhLzEvckV2S0tZay11eVA5aURIVlYzUHI2aGpKWkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80NjVjOTAtNzBmYi00MDE1LWI5NjktNzQ4Zjc4NzgzODhh
LzEvb0Uzb2RRSEgwd2dzZG1XZlRldlpRb2hEdE1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYNUMA0E
AgACMAcDBQMqDl9AMA0GCSqGSIb3DQEBCwUAA4IBAQAwDg23uWwGrgoYhwpGoi6R
N97MFHV3v0XoNQwiyZzX3MGM/OSqIbBAaFhLNbdSrIkN5riV9qzMXgbPf5NpI99c
jq3tCGtfOJ2Bf9q3/l1h20OUoqRB/fr1gGK6+CAePoGc2KR42zEnBKY/FaW90kmj
TclQBUQkTRrfvr8GIDNkIbzbjQMx/4JIBAlDIveHKtTwAJnC/6dwvOhkUrzcZ2S/
8TlHkDChGWRwfIe8PGGUW0p5E3MezZS2e9/cOqXXVfg44+7Id16zi1qMogWU07Dg
tEjgbMQwmvrjLhweqcQxMnLUzQrs6khvMk1uffesw1sIIlb8tkCIcA1TeD4OIIEh
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:43 2024 by rpki-client on console-ams.rpki-client.org