Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/9lVY54k8E58cx8Blj1KYqndqT6s.roa
File: 9lVY54k8E58cx8Blj1KYqndqT6s.roa (raw, json)
Hash identifier: qF3jlBWa21zm0OLC2eR4st/KDP5lffW33zJy2+VIt6c=
Subject key identifier: F6:55:58:E7:89:3C:13:9F:1C:C7:C0:65:8F:52:98:AA:77:6A:4F:AB
Certificate issuer: /CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Certificate serial: 018CC56DF59FEE03E3F6948B91F045766446
Authority key identifier: 51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/9lVY54k8E58cx8Blj1KYqndqT6s.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208366
IP address blocks: 45.142.220.0/22 maxlen: 22
45.142.221.0/24 maxlen: 24
45.142.220.0/24 maxlen: 24
45.142.223.0/24 maxlen: 24
45.142.222.0/24 maxlen: 24
2a0e:dbc0::/48 maxlen: 48
2a0e:dbc0:3::/48 maxlen: 48
2a0e:dbc0:1::/48 maxlen: 48
2a0e:dbc0::/29 maxlen: 29
2a0e:dbc0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f5:9f:ee:03:e3:f6:94:8b:91:f0:45:76:64:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f65558e7893c139f1cc7c0658f5298aa776a4fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f2:03:36:48:69:90:1e:0b:51:5b:97:58:8f:
73:d5:25:3d:c8:78:3d:9e:85:eb:c4:02:48:ec:d7:
47:c1:7a:a8:ad:54:a9:3d:5c:9c:88:43:22:87:75:
d4:6f:00:38:d5:e6:f8:00:b0:2b:aa:51:62:b5:08:
e4:01:86:7a:0f:d0:da:6a:91:dd:22:f0:6e:81:7c:
cf:27:3f:84:d1:18:7d:74:6f:1e:bc:00:ab:00:6c:
18:6f:34:8b:ac:1c:9b:2b:fe:f1:38:67:23:bc:55:
2a:6d:8d:6c:8c:25:7d:a0:53:21:e5:54:6f:b8:60:
87:10:84:0e:3b:5c:15:df:35:a7:52:c9:04:69:1f:
e1:ad:b8:3d:4e:71:b5:0c:a5:1a:01:72:c8:62:f7:
84:23:ee:05:51:95:ae:6b:93:a7:28:35:5a:0f:20:
25:09:fc:cf:a5:c7:12:c4:46:db:06:c2:bf:2e:0c:
fe:cf:2a:78:3f:99:8d:01:ad:dd:5c:ab:87:0d:40:
45:e5:57:2a:c7:25:f5:e6:26:db:fd:d0:61:1c:14:
f6:bd:0b:b0:81:0e:97:53:fc:d8:19:0b:f4:03:b6:
bc:e4:a4:d8:0f:bf:75:97:e9:4e:bb:be:14:b8:bc:
67:63:b9:ba:78:9f:0a:21:a8:63:14:36:4a:74:ec:
fe:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:55:58:E7:89:3C:13:9F:1C:C7:C0:65:8F:52:98:AA:77:6A:4F:AB
X509v3 Authority Key Identifier:
keyid:51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/9lVY54k8E58cx8Blj1KYqndqT6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.220.0/22
IPv6:
2a0e:dbc0::/29
Signature Algorithm: sha256WithRSAEncryption
02:29:fc:5d:7f:65:54:60:7c:40:27:1d:d0:db:39:42:2c:11:
98:05:95:81:e0:6f:7f:d3:8a:b4:d5:71:4d:6b:14:4c:77:bd:
08:a5:39:a5:5f:6d:26:eb:e6:e3:42:26:23:dc:81:3a:31:f8:
27:81:20:25:06:80:5a:ec:2c:b4:22:74:2c:50:6f:bd:23:e7:
12:d3:78:4f:cc:a4:9b:25:87:44:4a:67:b1:5c:3d:89:7d:4c:
07:50:6a:12:bb:56:79:54:a7:df:72:d9:80:35:d9:c8:20:c9:
e4:cc:89:43:83:17:0a:e4:26:fc:e5:7f:cd:99:96:ca:a6:88:
d0:f6:c9:7c:0f:b4:30:7e:73:5e:cb:89:f5:5d:a2:1a:3a:1b:
34:9b:98:64:7d:32:b0:d3:70:e2:7f:48:40:75:44:14:98:52:
6b:f1:6f:d5:3a:b1:88:27:c2:e8:b9:a0:0b:10:cb:31:24:55:
18:ca:40:dc:76:ee:bf:a1:7e:ee:b3:f3:2a:28:1a:0d:ec:e9:
b2:57:fb:fa:0a:f5:9b:0a:84:59:2e:54:2d:e1:3f:51:a7:d2:
0c:64:25:f1:91:00:75:68:10:d1:da:c8:42:49:45:28:2a:d5:
ce:33:6a:c0:47:a7:95:5c:4e:55:6c:39:e2:33:ff:a3:73:4c:
5b:be:36:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbfWf7gPj9pSLkfBFdmRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxODhkZWRhY2RjMjQwYjRiMmY3ODZmMTIzNDJlMGE4M2Q4
YWU4MGYwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjU1NThlNzg5M2MxMzlmMWNjN2MwNjU4ZjUyOThhYTc3NmE0ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvIDNkhpkB4LUVuXWI9z1SU9yHg9
noXrxAJI7NdHwXqorVSpPVyciEMih3XUbwA41eb4ALArqlFitQjkAYZ6D9DaapHd
IvBugXzPJz+E0Rh9dG8evACrAGwYbzSLrBybK/7xOGcjvFUqbY1sjCV9oFMh5VRv
uGCHEIQOO1wV3zWnUskEaR/hrbg9TnG1DKUaAXLIYveEI+4FUZWua5OnKDVaDyAl
CfzPpccSxEbbBsK/Lgz+zyp4P5mNAa3dXKuHDUBF5VcqxyX15ibb/dBhHBT2vQuw
gQ6XU/zYGQv0A7a85KTYD791l+lOu74UuLxnY7m6eJ8KIahjFDZKdOz+ewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPZVWOeJPBOfHMfAZY9SmKp3ak+rMB8GA1UdIwQY
MBaAFFGI3trNwkC0sveG8SNC4Kg9iugPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQt
NzliM2RiNjU5ZGZjLzEvOWxWWTU0azhFNThjeDhCbGoxS1lxbmRxVDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQtNzliM2RiNjU5ZGZj
LzEvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY7cMA0E
AgACMAcDBQMqDtvAMA0GCSqGSIb3DQEBCwUAA4IBAQACKfxdf2VUYHxAJx3Q2zlC
LBGYBZWB4G9/04q01XFNaxRMd70IpTmlX20m6+bjQiYj3IE6MfgngSAlBoBa7Cy0
InQsUG+9I+cS03hPzKSbJYdESmexXD2JfUwHUGoSu1Z5VKffctmANdnIIMnkzIlD
gxcK5Cb85X/NmZbKpojQ9sl8D7QwfnNey4n1XaIaOhs0m5hkfTKw03Dif0hAdUQU
mFJr8W/VOrGIJ8LouaALEMsxJFUYykDcdu6/oX7us/MqKBoN7OmyV/v6CvWbCoRZ
LlQt4T9Rp9IMZCXxkQB1aBDR2shCSUUoKtXOM2rAR6eVXE5VbDniM/+jc0xbvjZH
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:49:55 2024 by rpki-client on console-fra.rpki-client.org