Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Ty2cxn2AaE_sooIu1RihlJYmQfc.roa
File: Ty2cxn2AaE_sooIu1RihlJYmQfc.roa (raw, json)
Hash identifier: 7QVGPLTV7OceeqBJFDC8ph5tP/HK1t2piz8mOW8/SPY=
Subject key identifier: 4F:2D:9C:C6:7D:80:68:4F:EC:A2:82:2E:D5:18:A1:94:96:26:41:F7
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018CC50153BFA3D061EFB9E688484EE24A8E
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Ty2cxn2AaE_sooIu1RihlJYmQfc.roa
Signing time: Mon 01 Jan 2024 12:30:47 +0000
ROA not before: Mon 01 Jan 2024 12:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208226
IP address blocks: 45.140.164.0/24 maxlen: 24
45.140.165.0/24 maxlen: 24
185.248.33.0/24 maxlen: 24
2a0e:4007:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:53:bf:a3:d0:61:ef:b9:e6:88:48:4e:e2:4a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 12:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f2d9cc67d80684feca2822ed518a194962641f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ed:5d:bf:c1:17:42:b5:ba:a6:77:06:b8:97:
71:34:da:03:71:7a:22:6b:0d:06:36:f7:65:0c:a6:
45:6f:b4:f8:68:d2:41:38:83:4e:9b:83:c8:7c:da:
ea:a6:42:c9:17:b9:f6:db:7f:0c:fe:0f:4a:d2:67:
fe:33:89:44:57:a3:eb:0b:e9:c6:f5:c1:7d:90:ed:
8b:b1:9f:e9:f4:e6:b9:63:d6:5e:bd:86:01:b5:16:
9a:74:f9:74:27:08:32:45:4e:ad:1a:da:a7:20:2a:
3c:5f:0b:0d:f1:21:b4:60:67:ae:20:ca:ac:77:54:
95:ca:51:43:e0:94:c3:43:59:ae:d1:78:8f:45:b0:
5d:00:61:4a:6f:90:34:53:27:b3:e5:36:6a:6a:4d:
e2:3f:5b:f6:7e:aa:96:d4:5b:9b:ad:c9:d5:6e:5c:
99:89:86:15:5a:12:78:d4:24:37:45:a3:54:ab:17:
95:a4:8e:cd:ce:55:ef:39:1a:96:26:3d:59:81:c7:
8d:8a:25:7a:37:66:36:f8:5d:b7:54:11:d4:d7:01:
2d:fd:67:75:04:05:c5:a6:b3:94:6d:28:34:52:73:
b3:0f:d9:3e:52:9a:eb:ee:e6:1f:49:9b:7a:86:2f:
2d:72:c3:62:f1:4d:d9:c1:fc:5d:ad:81:69:d2:58:
1c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2D:9C:C6:7D:80:68:4F:EC:A2:82:2E:D5:18:A1:94:96:26:41:F7
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Ty2cxn2AaE_sooIu1RihlJYmQfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.164.0/23
185.248.33.0/24
IPv6:
2a0e:4007:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
6d:b2:f5:3c:9f:20:5f:f9:6a:f9:5c:19:6b:05:bf:58:85:57:
19:0c:03:c4:61:71:bf:54:4f:e5:b8:bd:0b:30:c6:97:94:8b:
63:ef:a2:df:f5:2d:8c:5e:41:19:30:f7:a5:60:36:46:35:2e:
8d:24:8e:69:05:c0:5e:6b:3d:85:b6:78:cc:bc:52:a9:93:3c:
5c:45:28:df:e2:1d:32:67:f6:80:8b:ab:03:67:39:1c:15:a5:
10:ae:4f:ee:55:10:d5:36:54:41:dc:98:ff:f6:f9:ad:16:0e:
a0:20:76:43:bb:49:01:cf:fb:8c:8a:a9:07:0e:60:cd:0a:72:
e1:e4:f3:f2:e1:4b:fe:4c:87:7f:80:43:40:13:e6:3d:7d:95:
29:35:e7:53:79:d0:c8:f3:af:81:b6:b3:11:e6:26:65:ab:10:
fd:f5:cc:eb:37:57:39:65:e5:f4:0f:44:0b:95:88:40:5a:71:
90:84:9c:67:76:cd:f9:9b:94:18:9c:07:7c:81:c9:3d:1f:cc:
8a:f6:d4:26:ea:cc:ba:a2:3d:69:de:dd:24:ff:8e:69:73:21:
0a:2a:a8:b4:0c:a8:04:25:a2:c3:f4:a3:c1:b8:cd:10:39:57:
5c:e4:7c:62:81:fa:21:c6:1c:19:32:72:c4:df:a1:2e:a1:10:
2e:60:c9:ac
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFAVO/o9Bh77nmiEhO4kqOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJkOWNjNjdkODA2ODRmZWNhMjgyMmVkNTE4YTE5NDk2MjY0MWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO1dv8EXQrW6pncGuJdxNNoDcXoi
aw0GNvdlDKZFb7T4aNJBOINOm4PIfNrqpkLJF7n2238M/g9K0mf+M4lEV6PrC+nG
9cF9kO2LsZ/p9Oa5Y9ZevYYBtRaadPl0JwgyRU6tGtqnICo8XwsN8SG0YGeuIMqs
d1SVylFD4JTDQ1mu0XiPRbBdAGFKb5A0Uyez5TZqak3iP1v2fqqW1FubrcnVblyZ
iYYVWhJ41CQ3RaNUqxeVpI7NzlXvORqWJj1ZgceNiiV6N2Y2+F23VBHU1wEt/Wd1
BAXFprOUbSg0UnOzD9k+Uprr7uYfSZt6hi8tcsNi8U3ZwfxdrYFp0lgc0QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFE8tnMZ9gGhP7KKCLtUYoZSWJkH3MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvVHkyY3huMkFhRV9zb29JdTFSaWhsSlltUWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBLYykAwQA
ufghMA8EAgACMAkDBwAqDkAH//4wDQYJKoZIhvcNAQELBQADggEBAG2y9TyfIF/5
avlcGWsFv1iFVxkMA8Rhcb9UT+W4vQswxpeUi2Pvot/1LYxeQRkw96VgNkY1Lo0k
jmkFwF5rPYW2eMy8UqmTPFxFKN/iHTJn9oCLqwNnORwVpRCuT+5VENU2VEHcmP/2
+a0WDqAgdkO7SQHP+4yKqQcOYM0KcuHk8/LhS/5Mh3+AQ0AT5j19lSk151N50Mjz
r4G2sxHmJmWrEP31zOs3Vzll5fQPRAuViEBacZCEnGd2zfmblBicB3yByT0fzIr2
1CbqzLqiPWne3ST/jmlzIQoqqLQMqAQlosP0o8G4zRA5V1zkfGKB+iHGHBkycsTf
oS6hEC5gyaw=
-----END CERTIFICATE-----
Generated at Tue May 7 17:13:00 2024 by rpki-client on console-ams.rpki-client.org