Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/vET0RqRLK9m7CdojJt23T-NPucQ.roa
File: vET0RqRLK9m7CdojJt23T-NPucQ.roa (raw, json)
Hash identifier: 03wrzwRN9PSh2w5EkixsrOK0O7wc9hTFsk2ESkg46Oc=
Subject key identifier: BC:44:F4:46:A4:4B:2B:D9:BB:09:DA:23:26:DD:B7:4F:E3:4F:B9:C4
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 018CC94E4881D0B61B910719FC0A5A3F73D4
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/vET0RqRLK9m7CdojJt23T-NPucQ.roa
Signing time: Tue 02 Jan 2024 08:33:19 +0000
ROA not before: Tue 02 Jan 2024 08:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20568
IP address blocks: 45.88.204.0/22 maxlen: 22
45.88.204.0/24 maxlen: 24
45.88.206.0/24 maxlen: 24
45.88.205.0/24 maxlen: 24
91.144.100.0/24 maxlen: 24
45.88.207.0/24 maxlen: 24
2a03:9900:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 20:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:48:81:d0:b6:1b:91:07:19:fc:0a:5a:3f:73:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 2 08:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc44f446a44b2bd9bb09da2326ddb74fe34fb9c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:47:dc:7f:3e:43:6d:8c:1d:85:ab:68:5f:df:
fc:9b:39:bf:5b:be:16:c3:df:cf:39:c0:df:e8:ff:
84:e8:6f:d0:9f:e3:23:ca:a7:97:83:ac:05:17:08:
cb:d2:5e:35:c5:85:8b:6a:c6:0f:c6:24:62:5e:b8:
8d:68:d1:a1:e1:4c:eb:47:d2:df:b2:d4:15:60:f0:
92:12:6c:95:4b:ad:fd:cc:66:40:0a:7f:d3:2a:93:
35:da:64:e4:4f:25:12:a6:01:57:ba:56:b6:62:16:
33:33:fd:82:25:e2:dd:d6:e2:b2:f8:36:b4:4f:ae:
46:af:5c:c0:96:18:6b:f7:3c:df:91:f2:ab:f4:32:
0e:74:00:c3:4e:d3:4d:04:df:14:c2:44:dd:09:80:
06:d7:20:90:0c:4b:4f:76:c3:8d:b9:73:a8:f0:80:
5d:58:73:2b:ed:b1:e3:64:13:bb:3f:d9:01:83:bd:
b7:c4:8f:38:a0:9f:d1:01:4b:d3:d5:22:1c:d6:7d:
f6:20:1f:72:ed:1b:d1:b0:16:d2:ef:0f:0d:18:8c:
a8:e2:77:54:45:a0:49:b4:38:c1:77:ba:ec:e0:5e:
9c:34:ab:ff:13:ae:01:34:34:7c:ff:b5:37:1a:da:
9b:c4:09:4c:10:5e:b9:ad:62:7e:09:fd:2e:ad:d1:
4b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:44:F4:46:A4:4B:2B:D9:BB:09:DA:23:26:DD:B7:4F:E3:4F:B9:C4
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/vET0RqRLK9m7CdojJt23T-NPucQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.204.0/22
91.144.100.0/24
IPv6:
2a03:9900:100::/48
Signature Algorithm: sha256WithRSAEncryption
af:0c:09:e2:47:e8:c7:6a:69:b5:5d:d2:c6:55:5e:5d:62:ca:
e7:aa:26:30:3b:72:a0:84:4e:14:0f:28:8a:54:86:10:a8:00:
0a:13:e7:e5:32:ca:02:d0:3e:98:af:d7:07:1f:24:74:bb:a0:
39:38:2f:90:96:e9:25:e3:24:dd:64:4f:c8:8c:3d:12:ea:9d:
77:f6:c4:8c:1d:b9:4a:49:19:03:c0:a0:18:58:79:c0:08:b4:
e7:19:b3:66:bc:39:9b:72:ac:30:65:dd:e3:92:af:50:9d:2f:
34:69:3e:08:40:af:45:51:ae:43:a2:5a:81:55:27:48:95:60:
ad:91:54:de:21:9f:1c:69:8f:89:2c:32:ac:5a:e0:7b:6e:8a:
f4:fa:c5:7c:57:09:a5:d7:de:45:ea:cf:3d:e7:31:1c:1d:04:
88:28:18:87:28:3e:13:15:53:9f:0d:45:92:fa:e9:81:ab:be:
52:87:fc:ff:0c:c1:49:8b:ed:77:64:e9:27:4a:e0:ec:8b:e1:
49:6e:41:2b:93:e6:58:52:ec:69:99:b1:c3:6e:06:34:3c:db:
fc:28:a8:0e:0b:6c:63:81:87:73:24:dd:3d:b0:ae:a1:96:f4:
a1:af:9f:a8:86:0e:a8:08:07:5b:9d:9d:fa:71:0d:dc:fb:2c:
02:45:7b:8a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJTkiB0LYbkQcZ/ApaP3PUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzYxMDMzNDRmY2QzYjU3NTlmMmRiM2YzYzcwNzEzNzZm
OWUyMzMwHhcNMjQwMTAyMDgzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzQ0ZjQ0NmE0NGIyYmQ5YmIwOWRhMjMyNmRkYjc0ZmUzNGZiOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkfcfz5DbYwdhatoX9/8mzm/W74W
w9/POcDf6P+E6G/Qn+MjyqeXg6wFFwjL0l41xYWLasYPxiRiXriNaNGh4UzrR9Lf
stQVYPCSEmyVS639zGZACn/TKpM12mTkTyUSpgFXula2YhYzM/2CJeLd1uKy+Da0
T65Gr1zAlhhr9zzfkfKr9DIOdADDTtNNBN8UwkTdCYAG1yCQDEtPdsONuXOo8IBd
WHMr7bHjZBO7P9kBg723xI84oJ/RAUvT1SIc1n32IB9y7RvRsBbS7w8NGIyo4ndU
RaBJtDjBd7rs4F6cNKv/E64BNDR8/7U3GtqbxAlMEF65rWJ+Cf0urdFLMwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLxE9EakSyvZuwnaIybdt0/jT7nEMB8GA1UdIwQY
MBaAFE82EDNE/NO1dZ8ts/PHBxN2+eIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUt
MGFjYzg5MmIxMWQyLzEvdkVUMFJxUkxLOW03Q2Rvakp0MjNULU5QdWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUtMGFjYzg5MmIxMWQy
LzEvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCLVjMAwQA
W5BkMA8EAgACMAkDBwAqA5kAAQAwDQYJKoZIhvcNAQELBQADggEBAK8MCeJH6Mdq
abVd0sZVXl1iyueqJjA7cqCEThQPKIpUhhCoAAoT5+UyygLQPpiv1wcfJHS7oDk4
L5CW6SXjJN1kT8iMPRLqnXf2xIwduUpJGQPAoBhYecAItOcZs2a8OZtyrDBl3eOS
r1CdLzRpPghAr0VRrkOiWoFVJ0iVYK2RVN4hnxxpj4ksMqxa4HtuivT6xXxXCaXX
3kXqzz3nMRwdBIgoGIcoPhMVU58NRZL66YGrvlKH/P8MwUmL7Xdk6SdK4OyL4Ulu
QSuT5lhS7GmZscNuBjQ82/woqA4LbGOBh3Mk3T2wrqGW9KGvn6iGDqgIB1udnfpx
Ddz7LAJFe4o=
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:09:12 2024 by rpki-client on console-fra.rpki-client.org