Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/x8TzX6LqqX9zL7MFdq_g__iLtws.roa
File: x8TzX6LqqX9zL7MFdq_g__iLtws.roa (raw, json)
Hash identifier: eMdumGDEicNvqqjxsqLYnbsXifkwcWbeSJ7g1rnWjqY=
Subject key identifier: C7:C4:F3:5F:A2:EA:A9:7F:73:2F:B3:05:76:AF:E0:FF:F8:8B:B7:0B
Certificate issuer: /CN=de085b0d1bbf9e781b154b06f7b9141129db775f
Certificate serial: 018CC3B6A153C1BF2B9B2571273850A1CB01
Authority key identifier: DE:08:5B:0D:1B:BF:9E:78:1B:15:4B:06:F7:B9:14:11:29:DB:77:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ghbDRu_nngbFUsG97kUESnbd18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/x8TzX6LqqX9zL7MFdq_g__iLtws.roa
Signing time: Mon 01 Jan 2024 06:29:35 +0000
ROA not before: Mon 01 Jan 2024 06:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208651
IP address blocks: 45.91.152.0/22 maxlen: 22
45.91.152.0/24 maxlen: 24
45.91.153.0/24 maxlen: 24
45.91.154.0/24 maxlen: 24
45.91.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/3ghbDRu_nngbFUsG97kUESnbd18.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/3ghbDRu_nngbFUsG97kUESnbd18.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ghbDRu_nngbFUsG97kUESnbd18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 15:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a1:53:c1:bf:2b:9b:25:71:27:38:50:a1:cb:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de085b0d1bbf9e781b154b06f7b9141129db775f
Validity
Not Before: Jan 1 06:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7c4f35fa2eaa97f732fb30576afe0fff88bb70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3e:c5:6e:1d:36:d0:82:a8:0a:01:5c:b2:80:
b1:4a:d3:64:eb:92:f5:05:0f:ec:f0:ad:2f:40:81:
08:93:b6:51:c7:0e:92:2e:a9:f2:ec:bb:58:a5:7f:
2e:20:90:f5:5a:5c:b6:69:34:96:ab:14:44:d6:83:
5e:74:0b:e8:28:d4:4f:2b:42:f0:da:c4:fc:bc:df:
fa:4c:b4:f0:05:a9:a4:23:16:24:2f:53:18:d9:26:
71:16:de:8a:52:86:c4:ef:74:7b:91:7a:cb:40:69:
52:bc:10:fc:2e:88:21:bc:66:e9:fb:a1:15:a6:e3:
0e:42:4a:f0:76:87:23:c5:f7:68:ce:d0:d0:9f:8f:
6b:c9:4a:45:2c:b0:b2:d2:bc:85:25:b8:27:db:e7:
6f:fa:8d:32:c9:2a:df:6e:90:4d:59:21:bd:8b:f5:
f7:65:e8:f0:4c:d4:86:d6:24:ba:1c:3f:65:9f:39:
1c:2e:b5:03:e5:4b:a0:1e:94:3a:b4:a7:3f:8d:64:
d8:50:cb:c6:9f:90:8d:1b:fc:06:d2:54:6f:8c:dc:
b6:4e:98:3e:a1:77:4f:90:89:05:12:39:e0:92:10:
d9:78:82:c8:bd:3a:27:8d:f3:16:95:78:1b:df:e1:
fc:55:02:5d:19:35:54:09:84:2b:0c:55:0b:ee:d3:
cd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C4:F3:5F:A2:EA:A9:7F:73:2F:B3:05:76:AF:E0:FF:F8:8B:B7:0B
X509v3 Authority Key Identifier:
keyid:DE:08:5B:0D:1B:BF:9E:78:1B:15:4B:06:F7:B9:14:11:29:DB:77:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ghbDRu_nngbFUsG97kUESnbd18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/x8TzX6LqqX9zL7MFdq_g__iLtws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ff03a3-31a1-4da1-b8e9-7a0b3d5d9156/1/3ghbDRu_nngbFUsG97kUESnbd18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.152.0/22
Signature Algorithm: sha256WithRSAEncryption
34:70:8a:59:45:9e:a7:75:37:c8:67:f1:ff:ed:65:f4:ba:53:
f1:91:a5:53:ce:1e:b4:51:1d:9a:50:a2:ba:9a:4a:fa:fe:b6:
f0:8a:7f:d7:94:d5:70:eb:ec:e2:cc:86:77:68:57:51:09:83:
43:66:14:fa:0f:4a:d6:73:6b:1a:e4:a9:fa:f9:39:fc:7f:23:
8a:1c:d2:fc:3e:a4:7c:cf:22:d2:87:0b:17:1c:c6:1a:eb:bc:
a4:5c:f5:db:be:c5:6a:31:bd:16:bc:c2:a2:14:2a:df:a4:a9:
f3:b3:8f:98:d1:84:65:a9:09:8a:49:94:11:c9:78:c3:36:38:
0f:59:cc:53:b6:df:2b:1c:97:f7:13:6e:12:b7:ef:48:42:aa:
4a:ea:57:e8:39:0f:64:85:5c:b2:7d:c0:01:b8:dc:81:6c:28:
93:b0:9f:8d:14:07:73:da:db:b0:97:54:73:35:df:7f:99:12:
dc:cd:a2:eb:ec:3f:ff:27:53:53:8c:ad:e7:21:f5:45:3e:5b:
b3:a1:9e:37:1b:8f:d2:6c:58:86:e4:c2:d8:7b:2e:16:53:c2:
9d:2b:92:07:e6:06:5a:a2:79:5f:28:05:57:06:2f:2c:83:12:
b1:03:fb:11:5d:71:d9:5f:86:d0:58:fa:2c:9d:83:fa:48:54:
3d:da:25:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtqFTwb8rmyVxJzhQocsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMDg1YjBkMWJiZjllNzgxYjE1NGIwNmY3YjkxNDExMjlk
Yjc3NWYwHhcNMjQwMTAxMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2M0ZjM1ZmEyZWFhOTdmNzMyZmIzMDU3NmFmZTBmZmY4OGJiNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT7Fbh020IKoCgFcsoCxStNk65L1
BQ/s8K0vQIEIk7ZRxw6SLqny7LtYpX8uIJD1Wly2aTSWqxRE1oNedAvoKNRPK0Lw
2sT8vN/6TLTwBamkIxYkL1MY2SZxFt6KUobE73R7kXrLQGlSvBD8LoghvGbp+6EV
puMOQkrwdocjxfdoztDQn49ryUpFLLCy0ryFJbgn2+dv+o0yySrfbpBNWSG9i/X3
ZejwTNSG1iS6HD9lnzkcLrUD5UugHpQ6tKc/jWTYUMvGn5CNG/wG0lRvjNy2Tpg+
oXdPkIkFEjngkhDZeILIvTonjfMWlXgb3+H8VQJdGTVUCYQrDFUL7tPNYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfE81+i6ql/cy+zBXav4P/4i7cLMB8GA1UdIwQY
MBaAFN4IWw0bv554GxVLBve5FBEp23dfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2doYkRSdV9ubmdiRlVzRzk3a1VFU25iZDE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mZjAzYTMtMzFhMS00ZGExLWI4ZTkt
N2EwYjNkNWQ5MTU2LzEveDhUelg2THFxWDl6TDdNRmRxX2dfX2lMdHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mZjAzYTMtMzFhMS00ZGExLWI4ZTktN2EwYjNkNWQ5MTU2
LzEvM2doYkRSdV9ubmdiRlVzRzk3a1VFU25iZDE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVuYMA0G
CSqGSIb3DQEBCwUAA4IBAQA0cIpZRZ6ndTfIZ/H/7WX0ulPxkaVTzh60UR2aUKK6
mkr6/rbwin/XlNVw6+zizIZ3aFdRCYNDZhT6D0rWc2sa5Kn6+Tn8fyOKHNL8PqR8
zyLShwsXHMYa67ykXPXbvsVqMb0WvMKiFCrfpKnzs4+Y0YRlqQmKSZQRyXjDNjgP
WcxTtt8rHJf3E24St+9IQqpK6lfoOQ9khVyyfcABuNyBbCiTsJ+NFAdz2tuwl1Rz
Nd9/mRLczaLr7D//J1NTjK3nIfVFPluzoZ43G4/SbFiG5MLYey4WU8KdK5IH5gZa
onlfKAVXBi8sgxKxA/sRXXHZX4bQWPosnYP6SFQ92iUc
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:24 2024 by rpki-client on console-fra.rpki-client.org