Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/1-LnSp8dm6xyM02jNIKboyKvNz_8.roa
File: 1-LnSp8dm6xyM02jNIKboyKvNz_8.roa (raw, json)
Hash identifier: 8mC40dBmf7v+VH5OtgwvQwd3U7HTjfcMJQLp38VicUY=
Subject key identifier: F8:B9:D2:A7:C7:66:EB:1C:8C:D3:68:CD:20:A6:E8:C8:AB:CD:CF:FF
Certificate issuer: /CN=0d4b74d489c49278a3003994ac97fd407d7236e5
Certificate serial: 018CC56DF1DBF0DF0C0FDEA7C7841EEE0227
Authority key identifier: 0D:4B:74:D4:89:C4:92:78:A3:00:39:94:AC:97:FD:40:7D:72:36:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUt01InEknijADmUrJf9QH1yNuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/1-LnSp8dm6xyM02jNIKboyKvNz_8.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212751
IP address blocks: 45.66.145.0/24 maxlen: 24
45.66.144.0/24 maxlen: 24
45.66.146.0/24 maxlen: 24
45.66.147.0/24 maxlen: 24
2a10:7c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/DUt01InEknijADmUrJf9QH1yNuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/DUt01InEknijADmUrJf9QH1yNuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUt01InEknijADmUrJf9QH1yNuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 17:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f1:db:f0:df:0c:0f:de:a7:c7:84:1e:ee:02:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4b74d489c49278a3003994ac97fd407d7236e5
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8b9d2a7c766eb1c8cd368cd20a6e8c8abcdcfff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:21:33:24:ee:97:bf:92:ca:24:c4:3b:fb:
de:05:be:bc:3c:c7:67:ab:5c:d4:ab:ff:5f:e7:32:
f5:c2:bb:59:39:1f:e2:dc:2a:f8:c5:a9:38:ac:8e:
e9:3a:08:18:e0:56:c7:e9:c6:d2:e0:9d:ce:49:d3:
06:cf:0d:c2:ea:2a:82:c4:19:8b:02:9e:30:63:7d:
6a:c6:c6:ff:e5:db:94:81:35:e3:84:aa:80:fa:14:
32:08:e6:88:bd:bd:74:b7:9b:3c:66:03:34:63:77:
d3:85:c4:04:4b:f2:e3:16:6c:eb:92:85:9b:dd:89:
8d:33:ea:51:5c:18:ec:39:17:a6:cc:af:da:7d:23:
0a:35:52:b9:9e:4f:73:5d:80:94:44:e4:98:c3:eb:
c2:0e:c4:15:ed:7c:c2:48:11:76:44:d4:c3:87:41:
98:c3:d5:b1:72:4f:de:79:9c:00:60:8c:db:87:75:
d4:7b:d9:aa:91:3d:0f:5c:3d:6b:46:d3:4a:37:6c:
f3:89:f5:5b:e3:4a:c4:f5:fa:0b:81:58:f4:ad:a8:
fe:23:dc:2c:79:f1:f4:91:db:15:8e:4a:1b:0d:19:
75:43:0d:fc:02:6b:ea:3c:ac:52:5f:39:9f:27:47:
10:23:14:05:b6:8a:26:b3:8c:10:e0:eb:47:3f:14:
92:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B9:D2:A7:C7:66:EB:1C:8C:D3:68:CD:20:A6:E8:C8:AB:CD:CF:FF
X509v3 Authority Key Identifier:
keyid:0D:4B:74:D4:89:C4:92:78:A3:00:39:94:AC:97:FD:40:7D:72:36:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUt01InEknijADmUrJf9QH1yNuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/1-LnSp8dm6xyM02jNIKboyKvNz_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/b69633-c031-4d25-9e0e-65640f1c179a/1/DUt01InEknijADmUrJf9QH1yNuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.144.0/22
IPv6:
2a10:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
71:37:52:8f:0c:ed:d6:d4:a3:1f:37:5f:c8:49:d7:1c:d9:a9:
7b:fa:e3:37:60:0c:54:3e:e9:99:f1:49:32:d4:7c:0f:74:75:
ee:aa:57:4a:8a:45:16:84:0c:ae:14:cf:c9:ed:d5:11:c0:04:
21:d3:e1:f8:91:f9:32:11:6e:5f:29:99:8b:29:e6:d7:8d:12:
e6:03:dd:c1:39:c4:bd:a7:e9:bc:a6:e1:77:84:1c:9a:b6:7b:
90:c0:4c:70:e9:ec:d4:44:14:25:2b:ae:41:8e:36:d9:9b:d4:
a5:7a:6c:20:5a:80:aa:52:40:4e:60:c6:71:f2:86:80:db:78:
7b:0c:46:ea:12:65:4b:5d:ed:7c:54:21:be:9c:6e:fe:d4:63:
a5:21:9f:3e:b9:63:f9:73:4b:05:4c:be:0c:0b:a6:07:73:8e:
2a:12:f4:01:de:15:b7:be:23:5e:44:de:36:bc:d9:f8:9d:1b:
c5:0b:e3:d7:f2:12:8f:73:b3:33:b6:6e:fd:9f:ee:13:37:74:
6c:44:71:24:d3:b7:a9:56:35:15:a2:fe:86:a2:05:c2:3d:08:
87:26:50:01:77:6b:18:cc:b2:0a:70:3d:98:e7:37:09:0c:df:
37:08:6a:cb:f8:45:95:4b:5f:dc:78:74:bf:b9:c9:f1:fe:b2:
67:80:4e:f1
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzFbfHb8N8MD96nx4Qe7gInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGI3NGQ0ODljNDkyNzhhMzAwMzk5NGFjOTdmZDQwN2Q3
MjM2ZTUwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGI5ZDJhN2M3NjZlYjFjOGNkMzY4Y2QyMGE2ZThjOGFiY2RjZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/0hMyTul7+SyiTEO/veBb68PMdn
q1zUq/9f5zL1wrtZOR/i3Cr4xak4rI7pOggY4FbH6cbS4J3OSdMGzw3C6iqCxBmL
Ap4wY31qxsb/5duUgTXjhKqA+hQyCOaIvb10t5s8ZgM0Y3fThcQES/LjFmzrkoWb
3YmNM+pRXBjsORemzK/afSMKNVK5nk9zXYCUROSYw+vCDsQV7XzCSBF2RNTDh0GY
w9Wxck/eeZwAYIzbh3XUe9mqkT0PXD1rRtNKN2zzifVb40rE9foLgVj0raj+I9ws
efH0kdsVjkobDRl1Qw38AmvqPKxSXzmfJ0cQIxQFtooms4wQ4OtHPxSSgQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPi50qfHZuscjNNozSCm6Mirzc//MB8GA1UdIwQY
MBaAFA1LdNSJxJJ4owA5lKyX/UB9cjblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFV0MDFJbkVrbmlqQURtVXJKZjlRSDF5TnVVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iNjk2MzMtYzAzMS00ZDI1LTllMGUt
NjU2NDBmMWMxNzlhLzEvMS1MblNwOGRtNnh5TTAyak5JS2JveUt2TnpfOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvYjY5NjMzLWMwMzEtNGQyNS05ZTBlLTY1NjQwZjFjMTc5
YS8xL0RVdDAxSW5Fa25pakFEbVVySmY5UUgxeU51VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1CkDAN
BAIAAjAHAwUDKhB8QDANBgkqhkiG9w0BAQsFAAOCAQEAcTdSjwzt1tSjHzdfyEnX
HNmpe/rjN2AMVD7pmfFJMtR8D3R17qpXSopFFoQMrhTPye3VEcAEIdPh+JH5MhFu
XymZiynm140S5gPdwTnEvafpvKbhd4QcmrZ7kMBMcOns1EQUJSuuQY422ZvUpXps
IFqAqlJATmDGcfKGgNt4ewxG6hJlS13tfFQhvpxu/tRjpSGfPrlj+XNLBUy+DAum
B3OOKhL0Ad4Vt74jXkTeNrzZ+J0bxQvj1/ISj3OzM7Zu/Z/uEzd0bERxJNO3qVY1
FaL+hqIFwj0IhyZQAXdrGMyyCnA9mOc3CQzfNwhqy/hFlUtf3Hh0v7nJ8f6yZ4BO
8Q==
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:09:26 2024 by rpki-client on console-ams.rpki-client.org