Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/aQeMD2vXO5xniZKYX0r8QdxEzo4.roa
File: aQeMD2vXO5xniZKYX0r8QdxEzo4.roa (raw, json)
Hash identifier: 0qRmgNnpnRbtWA+DNew1+ZGHFACyhgPR0D4jdV8UoeY=
Subject key identifier: 69:07:8C:0F:6B:D7:3B:9C:67:89:92:98:5F:4A:FC:41:DC:44:CE:8E
Certificate issuer: /CN=46ccab7479a4e0d8a4177350a00a69bd883b048d
Certificate serial: 018CC94C2D7EA20CA437B26DB8F0DF7A299B
Authority key identifier: 46:CC:AB:74:79:A4:E0:D8:A4:17:73:50:A0:0A:69:BD:88:3B:04:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsyrdHmk4NikF3NQoAppvYg7BI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/aQeMD2vXO5xniZKYX0r8QdxEzo4.roa
Signing time: Tue 02 Jan 2024 08:31:01 +0000
ROA not before: Tue 02 Jan 2024 08:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206894
IP address blocks: 185.191.100.0/22 maxlen: 22
185.212.232.0/22 maxlen: 22
185.102.44.0/22 maxlen: 22
45.8.80.0/22 maxlen: 22
185.234.155.0/24 maxlen: 24
2a00:d220::/32 maxlen: 32
2a0b:7e40::/32 maxlen: 32
2a0a:17c0::/29 maxlen: 29
2a0e:1a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/RsyrdHmk4NikF3NQoAppvYg7BI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/RsyrdHmk4NikF3NQoAppvYg7BI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/RsyrdHmk4NikF3NQoAppvYg7BI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 11:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:2d:7e:a2:0c:a4:37:b2:6d:b8:f0:df:7a:29:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ccab7479a4e0d8a4177350a00a69bd883b048d
Validity
Not Before: Jan 2 08:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69078c0f6bd73b9c678992985f4afc41dc44ce8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:67:af:a7:c6:b7:71:9d:8d:0e:41:fa:10:8d:
ad:df:05:3f:3f:ed:14:d0:fa:7e:7b:8d:d9:33:23:
a1:5c:ab:82:75:8f:9d:5a:7f:7a:fb:57:a5:dd:9e:
51:dd:58:6f:26:b8:b4:06:6e:3d:a5:01:de:1c:7c:
68:e9:1b:97:2b:b2:d7:42:f9:64:34:df:6e:e2:a5:
b0:8c:65:81:66:6e:00:6c:84:74:fe:c0:c0:54:1c:
84:d4:51:e0:88:b2:e5:50:23:cd:4a:08:89:eb:e3:
83:8f:c9:ec:eb:f9:0a:ae:17:f7:2d:4b:e9:cf:1f:
b3:89:60:fa:c5:18:53:be:db:36:16:55:96:a5:a4:
23:76:1b:07:34:ae:65:9d:f8:26:e2:23:1a:9d:76:
3f:fd:fd:10:63:90:fd:16:ab:91:81:f6:a6:f8:ea:
c5:9f:8d:0a:d7:b0:c6:bb:4a:0e:b9:38:77:82:45:
7c:6b:f6:e5:31:88:20:25:3e:76:8d:ff:2b:bd:ac:
6c:dc:41:9b:26:7a:3e:14:71:e6:cd:12:f6:ea:e4:
6d:5e:d5:e6:91:56:26:8e:e6:9b:dd:23:ec:db:1c:
18:80:14:c5:a3:6d:aa:8e:71:44:6b:07:8f:d1:ef:
7c:e2:e0:43:2f:38:c7:7e:a7:5e:02:9b:12:31:91:
61:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:07:8C:0F:6B:D7:3B:9C:67:89:92:98:5F:4A:FC:41:DC:44:CE:8E
X509v3 Authority Key Identifier:
keyid:46:CC:AB:74:79:A4:E0:D8:A4:17:73:50:A0:0A:69:BD:88:3B:04:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsyrdHmk4NikF3NQoAppvYg7BI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/aQeMD2vXO5xniZKYX0r8QdxEzo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/RsyrdHmk4NikF3NQoAppvYg7BI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.80.0/22
185.102.44.0/22
185.191.100.0/22
185.212.232.0/22
185.234.155.0/24
IPv6:
2a00:d220::/32
2a0a:17c0::/29
2a0b:7e40::/32
2a0e:1a00::/29
Signature Algorithm: sha256WithRSAEncryption
23:87:af:7e:8f:46:a7:69:0f:a6:fb:93:e3:a6:3e:56:e4:ed:
0a:75:52:66:c8:f2:ad:6a:66:dd:2a:b1:ad:70:f2:42:58:89:
48:59:90:89:41:7c:f6:35:ed:b1:12:36:cb:90:f3:64:2c:a0:
bb:64:df:ed:a6:01:b0:5b:a8:f6:c8:e0:2b:71:0f:93:d9:17:
4f:8c:89:26:3f:37:82:e6:62:02:7f:59:8c:20:38:e7:1f:cb:
eb:d6:f2:a7:9d:ad:34:27:df:98:2e:32:19:82:d3:d5:36:7d:
e5:a9:5d:91:88:9c:02:68:f0:a9:4f:ec:90:c3:ea:5f:ad:fc:
3a:52:62:b5:d2:db:4b:1c:09:12:13:51:a2:7b:86:24:19:7a:
e1:3a:45:2f:f7:65:eb:cd:a7:a1:16:a2:9f:bc:84:2d:f6:47:
9e:65:22:94:83:c8:9e:3a:ec:3f:6a:8b:b2:64:f6:45:27:21:
c3:2d:42:02:4a:ac:23:32:2e:91:eb:21:d3:0f:08:89:93:1d:
af:c8:f8:2b:f5:cf:b0:d2:d6:83:e4:76:26:1f:27:33:07:80:
ab:22:37:ce:4b:9e:e2:8e:9c:f3:d8:0e:3c:0f:85:94:75:b9:
58:96:9c:80:e8:b7:f9:db:bc:bb:09:ac:3b:ac:27:93:27:50:
28:58:c4:fb
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzJTC1+ogykN7JtuPDfeimbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Y2NhYjc0NzlhNGUwZDhhNDE3NzM1MGEwMGE2OWJkODgz
YjA0OGQwHhcNMjQwMTAyMDgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA3OGMwZjZiZDczYjljNjc4OTkyOTg1ZjRhZmM0MWRjNDRjZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWevp8a3cZ2NDkH6EI2t3wU/P+0U
0Pp+e43ZMyOhXKuCdY+dWn96+1el3Z5R3VhvJri0Bm49pQHeHHxo6RuXK7LXQvlk
NN9u4qWwjGWBZm4AbIR0/sDAVByE1FHgiLLlUCPNSgiJ6+ODj8ns6/kKrhf3LUvp
zx+ziWD6xRhTvts2FlWWpaQjdhsHNK5lnfgm4iManXY//f0QY5D9FquRgfam+OrF
n40K17DGu0oOuTh3gkV8a/blMYggJT52jf8rvaxs3EGbJno+FHHmzRL26uRtXtXm
kVYmjuab3SPs2xwYgBTFo22qjnFEaweP0e984uBDLzjHfqdeApsSMZFhawIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGkHjA9r1zucZ4mSmF9K/EHcRM6OMB8GA1UdIwQY
MBaAFEbMq3R5pODYpBdzUKAKab2IOwSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnN5cmRIbWs0TmlrRjNOUW9BcHB2WWc3QkkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kYzUyNDMtYmJhNC00YWNmLWEyMTgt
MmYzMDI1MmViNDQyLzEvYVFlTUQydlhPNXhuaVpLWVgwcjhRZHhFem80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kYzUyNDMtYmJhNC00YWNmLWEyMTgtMmYzMDI1MmViNDQy
LzEvUnN5cmRIbWs0TmlrRjNOUW9BcHB2WWc3QkkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQCLQhQAwQC
uWYsAwQCub9kAwQCudToAwQAueqbMCIEAgACMBwDBQAqANIgAwUDKgoXwAMFACoL
fkADBQMqDhoAMA0GCSqGSIb3DQEBCwUAA4IBAQAjh69+j0anaQ+m+5Pjpj5W5O0K
dVJmyPKtambdKrGtcPJCWIlIWZCJQXz2Ne2xEjbLkPNkLKC7ZN/tpgGwW6j2yOAr
cQ+T2RdPjIkmPzeC5mICf1mMIDjnH8vr1vKnna00J9+YLjIZgtPVNn3lqV2RiJwC
aPCpT+yQw+pfrfw6UmK10ttLHAkSE1Gie4YkGXrhOkUv92XrzaehFqKfvIQt9kee
ZSKUg8ieOuw/aouyZPZFJyHDLUICSqwjMi6R6yHTDwiJkx2vyPgr9c+w0taD5HYm
HyczB4CrIjfOS57ijpzz2A48D4WUdblYlpyA6Lf527y7Caw7rCeTJ1AoWMT7
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:07:54 2024 by rpki-client on console-ams.rpki-client.org