Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/meF5u28fQU70A-Ss08m3sy6pvoM.roa
File: meF5u28fQU70A-Ss08m3sy6pvoM.roa (raw, json)
Hash identifier: WJJHuqGN2HCmMuzqtw+W9b+aUrP8orKxYxxRiFVlY9M=
Subject key identifier: 99:E1:79:BB:6F:1F:41:4E:F4:03:E4:AC:D3:C9:B7:B3:2E:A9:BE:83
Certificate issuer: /CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Certificate serial: 018CC9BC3AA07C81FE23F52B7E97B78D5BE9
Authority key identifier: 8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/meF5u28fQU70A-Ss08m3sy6pvoM.roa
Signing time: Tue 02 Jan 2024 10:33:25 +0000
ROA not before: Tue 02 Jan 2024 10:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207787
IP address blocks: 45.93.246.0/24 maxlen: 24
45.93.245.0/24 maxlen: 24
45.93.244.0/24 maxlen: 24
45.93.247.0/24 maxlen: 24
2a0e:2940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:3a:a0:7c:81:fe:23:f5:2b:7e:97:b7:8d:5b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Validity
Not Before: Jan 2 10:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99e179bb6f1f414ef403e4acd3c9b7b32ea9be83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d5:f9:fa:9c:36:d0:37:9b:c5:f7:cf:b6:fc:
0a:2b:f8:3a:3e:cd:90:1d:42:34:c3:b2:84:ef:af:
81:55:97:fd:cd:97:7b:91:f3:f2:fa:6f:f1:b4:c5:
a1:64:8c:d3:92:30:42:99:7c:69:0e:e0:cc:78:c1:
fe:ee:5d:5c:e2:60:77:8c:4d:15:9d:03:24:18:1d:
a3:02:99:4d:38:c4:6e:77:58:30:89:ae:5b:46:21:
5b:21:0b:d0:d9:74:05:75:fb:63:31:6e:2f:63:c7:
73:94:09:0b:50:cb:44:18:11:a3:94:4c:50:5b:e5:
65:0e:fe:03:fe:99:a2:52:cc:f2:87:6a:9a:9a:2f:
91:c1:31:9d:3e:5e:f4:e0:5d:ff:0d:da:66:cc:3a:
6e:36:2e:34:8d:6b:aa:0d:15:5a:87:c6:57:cf:7a:
de:3d:94:a3:3d:a0:31:26:79:7b:e2:59:b9:9e:36:
0d:98:6b:fe:d9:0f:3f:64:6d:02:40:0e:c4:39:2d:
7e:c7:47:e2:da:2c:27:94:f0:50:d1:b2:0a:6b:7b:
e5:c0:83:29:c6:88:fc:f8:24:72:8a:4a:ae:7e:21:
a8:04:4a:fd:ce:53:f7:56:2d:40:51:a9:2a:7b:8e:
1e:39:25:70:08:40:84:74:73:ec:f2:74:98:f2:8a:
2c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E1:79:BB:6F:1F:41:4E:F4:03:E4:AC:D3:C9:B7:B3:2E:A9:BE:83
X509v3 Authority Key Identifier:
keyid:8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/meF5u28fQU70A-Ss08m3sy6pvoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.244.0/22
IPv6:
2a0e:2940::/29
Signature Algorithm: sha256WithRSAEncryption
25:92:7a:f1:14:71:ee:d0:e8:25:4d:2f:b3:11:3a:c6:00:a2:
37:90:1e:4e:e6:82:9f:70:d6:a2:ad:d3:40:ed:a6:b4:0a:ec:
49:dd:e4:84:bc:68:7a:7f:ad:dd:e6:34:f6:c0:51:65:87:d3:
59:32:ac:80:81:17:47:95:01:cb:33:4b:80:cd:f3:87:13:93:
60:39:a3:11:32:6e:f8:1a:5a:7f:ee:4d:27:40:b5:83:16:00:
30:59:03:2d:b9:8a:82:69:5c:62:8f:0a:14:99:f8:77:e7:76:
71:69:7a:59:a6:9b:ca:15:e6:9e:bc:58:94:a7:df:d0:b7:96:
86:1b:9c:2f:7b:ec:51:da:31:ac:0c:a4:2b:7d:87:40:9a:e0:
88:1a:91:b0:a1:52:4b:e9:39:91:dc:9a:8b:04:7a:ac:6e:53:
17:6c:94:fb:d9:bb:cb:cc:44:ea:d8:6d:2c:09:ef:56:aa:4d:
f6:56:07:3e:81:64:3e:54:d2:81:26:d4:c5:a4:9e:f7:af:76:
66:39:bf:92:51:a2:11:76:8a:fc:43:75:cb:9b:c9:85:c6:3f:
a8:3b:97:7f:45:0c:8f:8a:7e:98:74:3d:26:bc:3e:37:8a:ae:
32:25:ed:9c:03:d3:6d:e0:53:7e:11:c5:81:89:fb:17:69:5a:
b2:25:99:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvDqgfIH+I/Urfpe3jVvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjEzMDhjNmE5NzdkNWNiOTAzYmYyNWE5NjMwOGIwZThj
ZTNiNDYwHhcNMjQwMTAyMTAzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWUxNzliYjZmMWY0MTRlZjQwM2U0YWNkM2M5YjdiMzJlYTliZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9X5+pw20DebxffPtvwKK/g6Ps2Q
HUI0w7KE76+BVZf9zZd7kfPy+m/xtMWhZIzTkjBCmXxpDuDMeMH+7l1c4mB3jE0V
nQMkGB2jAplNOMRud1gwia5bRiFbIQvQ2XQFdftjMW4vY8dzlAkLUMtEGBGjlExQ
W+VlDv4D/pmiUszyh2qami+RwTGdPl704F3/DdpmzDpuNi40jWuqDRVah8ZXz3re
PZSjPaAxJnl74lm5njYNmGv+2Q8/ZG0CQA7EOS1+x0fi2iwnlPBQ0bIKa3vlwIMp
xoj8+CRyikqufiGoBEr9zlP3Vi1AUakqe44eOSVwCECEdHPs8nSY8ooswQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJnhebtvH0FO9APkrNPJt7Muqb6DMB8GA1UdIwQY
MBaAFIuxMIxql31cuQO/JaljCLDozjtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMt
MTAxYWJkNzM5MWE2LzEvbWVGNXUyOGZRVTcwQS1TczA4bTNzeTZwdm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMtMTAxYWJkNzM5MWE2
LzEvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV30MA0E
AgACMAcDBQMqDilAMA0GCSqGSIb3DQEBCwUAA4IBAQAlknrxFHHu0OglTS+zETrG
AKI3kB5O5oKfcNairdNA7aa0CuxJ3eSEvGh6f63d5jT2wFFlh9NZMqyAgRdHlQHL
M0uAzfOHE5NgOaMRMm74Glp/7k0nQLWDFgAwWQMtuYqCaVxijwoUmfh353ZxaXpZ
ppvKFeaevFiUp9/Qt5aGG5wve+xR2jGsDKQrfYdAmuCIGpGwoVJL6TmR3JqLBHqs
blMXbJT72bvLzETq2G0sCe9Wqk32Vgc+gWQ+VNKBJtTFpJ73r3ZmOb+SUaIRdor8
Q3XLm8mFxj+oO5d/RQyPin6YdD0mvD43iq4yJe2cA9Nt4FN+EcWBifsXaVqyJZky
-----END CERTIFICATE-----
Generated at Sun May 5 19:20:44 2024 by rpki-client on console-ams.rpki-client.org