Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/Ry9whxn1ivVogvQWm4pw636HC7M.roa
File: Ry9whxn1ivVogvQWm4pw636HC7M.roa (raw, json)
Hash identifier: r3rkGj53HVGn+IUerIvgWsqg5Nb/8dybQAfx0amb/gY=
Subject key identifier: 47:2F:70:87:19:F5:8A:F5:68:82:F4:16:9B:8A:70:EB:7E:87:0B:B3
Certificate issuer: /CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Certificate serial: 018CC56DF53A0F9AA37BA1FA2322A6D6D1B6
Authority key identifier: 51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/Ry9whxn1ivVogvQWm4pw636HC7M.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31529
IP address blocks: 45.142.220.0/24 maxlen: 24
45.142.221.0/24 maxlen: 24
45.142.223.0/24 maxlen: 24
45.142.222.0/24 maxlen: 24
2a0e:dbc0::/48 maxlen: 48
2a0e:dbc0:3::/48 maxlen: 48
2a0e:dbc0:1::/48 maxlen: 48
2a0e:dbc0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f5:3a:0f:9a:a3:7b:a1:fa:23:22:a6:d6:d1:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=472f708719f58af56882f4169b8a70eb7e870bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c9:b1:ac:57:6a:73:c7:b5:16:25:cd:68:02:
dd:5c:5d:e4:17:68:c2:c5:08:32:d4:17:74:c9:a6:
ea:0b:e6:0b:fe:a1:66:70:57:81:d7:74:7d:96:68:
8f:53:55:a3:b0:65:63:6f:91:6b:9e:36:b9:16:9e:
9a:11:d6:cf:4e:ea:17:0b:78:82:82:9a:f6:bf:d3:
7b:02:5e:fd:6f:0c:79:5c:5a:02:ee:97:b2:94:c9:
d2:a9:8b:72:01:15:f1:e4:a1:2d:ed:73:e8:0e:46:
e3:cf:c7:2c:fe:15:81:00:f7:74:b7:c3:d0:f6:24:
7d:48:92:2d:60:16:65:a9:8f:46:bc:30:5a:ab:3f:
7f:2f:fd:86:72:e6:fa:90:9f:f5:60:ec:94:16:f6:
e0:d5:3e:2d:1f:1f:93:fd:3c:82:5c:9d:8f:42:d4:
5c:9d:bd:27:7a:e8:8b:45:fc:ef:97:12:4d:83:7f:
34:ee:16:35:d7:b7:c3:9a:f1:04:f4:ee:3b:23:3c:
e4:20:0a:03:c5:60:73:05:c1:50:91:4c:21:00:51:
6a:a8:f7:1a:61:80:98:8d:88:e7:a8:d5:fa:59:f1:
52:29:73:6b:18:e6:8d:db:82:9e:d9:c9:e4:aa:ab:
0f:a6:18:56:aa:7b:ab:88:b9:a2:f6:ca:eb:74:28:
f5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2F:70:87:19:F5:8A:F5:68:82:F4:16:9B:8A:70:EB:7E:87:0B:B3
X509v3 Authority Key Identifier:
keyid:51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/Ry9whxn1ivVogvQWm4pw636HC7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.220.0/22
IPv6:
2a0e:dbc0::/46
Signature Algorithm: sha256WithRSAEncryption
95:b9:2e:9c:28:04:65:ce:4e:02:fb:02:0c:0b:f0:85:21:55:
fa:7f:e1:5f:be:c3:20:6a:1c:a6:48:99:b4:72:ed:63:07:58:
84:91:5a:18:f4:81:f2:35:2a:b2:74:41:ff:de:c7:d0:51:50:
3a:c1:4b:da:37:83:bc:be:25:e8:c4:53:d0:31:ac:03:10:f7:
bb:29:0d:1f:cf:41:db:d9:f7:56:72:cc:f9:26:03:68:9e:c2:
5c:5c:db:05:a2:e3:16:41:d1:28:5f:7d:64:58:9f:fa:99:5a:
97:b7:57:0d:a5:57:9b:93:ed:07:9c:31:49:8b:aa:ba:37:e3:
40:07:6f:14:ea:7a:ff:90:32:c7:79:29:e4:fd:c6:94:d9:25:
db:dc:9c:bc:5b:0d:7d:50:52:5c:36:32:72:74:51:35:ae:a6:
05:20:42:67:99:80:82:04:65:62:3e:72:73:6b:93:d0:ea:c1:
e0:e5:19:ac:0c:d2:9a:6b:94:76:c1:84:79:7a:d0:60:e1:8a:
1a:10:f9:33:f8:6b:91:ef:38:b7:ea:60:48:65:f8:b2:89:f1:
0e:ec:c9:6d:5d:cc:11:24:09:2e:81:91:73:78:a2:84:5a:f3:
a4:fb:9b:cd:16:cd:ca:60:ed:bd:a6:45:84:bc:cd:01:8f:79:
78:f8:9f:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbfU6D5qje6H6IyKm1tG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxODhkZWRhY2RjMjQwYjRiMmY3ODZmMTIzNDJlMGE4M2Q4
YWU4MGYwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJmNzA4NzE5ZjU4YWY1Njg4MmY0MTY5YjhhNzBlYjdlODcwYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cmxrFdqc8e1FiXNaALdXF3kF2jC
xQgy1Bd0yabqC+YL/qFmcFeB13R9lmiPU1WjsGVjb5Frnja5Fp6aEdbPTuoXC3iC
gpr2v9N7Al79bwx5XFoC7peylMnSqYtyARXx5KEt7XPoDkbjz8cs/hWBAPd0t8PQ
9iR9SJItYBZlqY9GvDBaqz9/L/2Gcub6kJ/1YOyUFvbg1T4tHx+T/TyCXJ2PQtRc
nb0neuiLRfzvlxJNg3807hY117fDmvEE9O47IzzkIAoDxWBzBcFQkUwhAFFqqPca
YYCYjYjnqNX6WfFSKXNrGOaN24Ke2cnkqqsPphhWqnuriLmi9srrdCj1/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEcvcIcZ9Yr1aIL0FpuKcOt+hwuzMB8GA1UdIwQY
MBaAFFGI3trNwkC0sveG8SNC4Kg9iugPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQt
NzliM2RiNjU5ZGZjLzEvUnk5d2h4bjFpdlZvZ3ZRV200cHc2MzZIQzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQtNzliM2RiNjU5ZGZj
LzEvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLY7cMA8E
AgACMAkDBwIqDtvAAAAwDQYJKoZIhvcNAQELBQADggEBAJW5LpwoBGXOTgL7AgwL
8IUhVfp/4V++wyBqHKZImbRy7WMHWISRWhj0gfI1KrJ0Qf/ex9BRUDrBS9o3g7y+
JejEU9AxrAMQ97spDR/PQdvZ91ZyzPkmA2iewlxc2wWi4xZB0ShffWRYn/qZWpe3
Vw2lV5uT7QecMUmLqro340AHbxTqev+QMsd5KeT9xpTZJdvcnLxbDX1QUlw2MnJ0
UTWupgUgQmeZgIIEZWI+cnNrk9DqweDlGawM0pprlHbBhHl60GDhihoQ+TP4a5Hv
OLfqYEhl+LKJ8Q7syW1dzBEkCS6BkXN4ooRa86T7m80Wzcpg7b2mRYS8zQGPeXj4
n2w=
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:04:35 2024 by rpki-client on console-ams.rpki-client.org