Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/f45xm2A_CvMApBLO1HBbEj8Vb3E.roa
File: f45xm2A_CvMApBLO1HBbEj8Vb3E.roa (raw, json)
Hash identifier: CrKtpMv9ACtUsMDAjy48Ewmnl7nbavcGb8EQnUc9Qts=
Subject key identifier: 7F:8E:71:9B:60:3F:0A:F3:00:A4:12:CE:D4:70:5B:12:3F:15:6F:71
Certificate issuer: /CN=2d4873e6e8be4f9d3764184f13e5750f8c61f68b
Certificate serial: 018CC2DB41783EEBFF6756C0A2ABEF9E56B7
Authority key identifier: 2D:48:73:E6:E8:BE:4F:9D:37:64:18:4F:13:E5:75:0F:8C:61:F6:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LUhz5ui-T503ZBhPE-V1D4xh9os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/f45xm2A_CvMApBLO1HBbEj8Vb3E.roa
Signing time: Mon 01 Jan 2024 02:29:58 +0000
ROA not before: Mon 01 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35712
IP address blocks: 91.132.180.0/24 maxlen: 24
91.132.180.0/22 maxlen: 22
91.132.183.0/24 maxlen: 24
91.132.182.0/24 maxlen: 24
91.132.181.0/24 maxlen: 24
2a09:cc84::/31 maxlen: 31
2a09:cc86::/31 maxlen: 31
2a09:cc82::/31 maxlen: 31
2a09:cc80::/29 maxlen: 29
2a09:cc80::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/LUhz5ui-T503ZBhPE-V1D4xh9os.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/LUhz5ui-T503ZBhPE-V1D4xh9os.mft
rsync://rpki.ripe.net/repository/DEFAULT/LUhz5ui-T503ZBhPE-V1D4xh9os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:41:78:3e:eb:ff:67:56:c0:a2:ab:ef:9e:56:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d4873e6e8be4f9d3764184f13e5750f8c61f68b
Validity
Not Before: Jan 1 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f8e719b603f0af300a412ced4705b123f156f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1d:7b:c3:ec:80:da:1c:c9:10:be:bd:9e:b8:
0a:d1:c0:c4:60:0e:6d:2a:cc:1c:7b:3d:72:17:79:
90:42:56:65:56:6c:dc:32:a6:78:47:ab:20:86:26:
59:19:2d:c1:7e:26:6c:91:90:6c:28:11:9c:05:9f:
66:78:3c:50:25:d4:3d:42:c7:e2:90:ff:bc:88:b3:
b2:9b:d8:c0:e9:56:84:c9:0a:76:5b:ee:d2:4a:c9:
06:8a:e3:cd:cb:a1:2d:50:2c:86:2b:b4:6d:57:1f:
5d:52:fd:c1:41:2f:62:c9:79:bc:65:a8:93:e9:49:
1e:f1:ba:00:a8:7a:b9:ac:74:87:40:7c:78:99:d3:
de:61:c7:1a:47:06:81:4e:df:59:5d:5d:88:1d:aa:
ac:d5:aa:10:8a:eb:ce:2e:1f:3a:68:93:81:98:0a:
c0:91:97:4a:c6:b2:37:03:15:9b:46:42:4a:f2:58:
83:15:12:f4:4a:78:c2:5a:62:45:25:5d:e7:47:1e:
55:2b:38:c4:0c:9d:34:45:f5:77:1a:7d:d8:b8:a8:
23:b1:66:ec:f9:43:1d:1e:79:dc:16:22:90:9f:34:
cb:8f:83:53:c4:0d:16:49:c4:ef:dd:cc:19:6a:c0:
04:d8:9a:90:ac:c0:82:59:3b:98:dd:ae:6f:37:5a:
0e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:8E:71:9B:60:3F:0A:F3:00:A4:12:CE:D4:70:5B:12:3F:15:6F:71
X509v3 Authority Key Identifier:
keyid:2D:48:73:E6:E8:BE:4F:9D:37:64:18:4F:13:E5:75:0F:8C:61:F6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LUhz5ui-T503ZBhPE-V1D4xh9os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/f45xm2A_CvMApBLO1HBbEj8Vb3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/47b413-6416-402a-b5e1-6596d5036362/1/LUhz5ui-T503ZBhPE-V1D4xh9os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.180.0/22
IPv6:
2a09:cc80::/29
Signature Algorithm: sha256WithRSAEncryption
5d:46:14:69:9a:21:41:03:fb:f8:82:46:66:92:af:82:42:be:
d2:29:56:d3:99:3a:14:11:ba:69:0b:0b:65:8b:2d:3a:d1:5d:
cc:18:39:dd:a5:ad:bd:87:b8:37:2d:f8:6a:a6:ed:bc:9f:2c:
68:69:c9:4b:04:50:6e:9d:ad:39:d9:1d:7e:af:2e:56:8f:0f:
df:0a:fb:2c:9e:66:0d:ae:c3:71:a7:72:2d:84:01:f6:3d:4a:
cc:5c:93:67:42:2b:7d:40:5b:7f:09:e1:cb:28:3a:ba:49:01:
2a:ee:a7:3f:12:50:4a:87:13:ee:51:15:36:17:0c:d6:33:f6:
41:15:b9:65:3a:b2:40:67:01:ec:16:2c:39:29:02:16:5c:fe:
a6:6c:b2:67:d6:c0:a0:5e:7c:a8:c2:13:b9:1f:a2:01:90:0d:
e7:f4:64:f7:bf:70:c5:a1:6e:e3:1c:78:73:3c:a9:b2:0f:54:
b1:f3:83:dc:9d:2d:1c:c7:0e:8e:8e:cf:0c:43:53:60:65:82:
db:cb:56:30:44:a1:5c:21:2a:ba:84:54:8c:b0:42:21:c9:fc:
3e:3c:7d:63:90:85:35:f4:6b:e7:6b:37:92:0f:6b:d5:4e:de:
2b:74:fd:df:57:a4:c8:f6:ab:3d:fa:67:03:aa:d3:a0:7c:f2:
e7:34:c5:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC20F4Puv/Z1bAoqvvnla3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNDg3M2U2ZThiZTRmOWQzNzY0MTg0ZjEzZTU3NTBmOGM2
MWY2OGIwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjhlNzE5YjYwM2YwYWYzMDBhNDEyY2VkNDcwNWIxMjNmMTU2ZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR17w+yA2hzJEL69nrgK0cDEYA5t
Kswcez1yF3mQQlZlVmzcMqZ4R6sghiZZGS3BfiZskZBsKBGcBZ9meDxQJdQ9Qsfi
kP+8iLOym9jA6VaEyQp2W+7SSskGiuPNy6EtUCyGK7RtVx9dUv3BQS9iyXm8ZaiT
6Uke8boAqHq5rHSHQHx4mdPeYccaRwaBTt9ZXV2IHaqs1aoQiuvOLh86aJOBmArA
kZdKxrI3AxWbRkJK8liDFRL0SnjCWmJFJV3nRx5VKzjEDJ00RfV3Gn3YuKgjsWbs
+UMdHnncFiKQnzTLj4NTxA0WScTv3cwZasAE2JqQrMCCWTuY3a5vN1oO4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH+OcZtgPwrzAKQSztRwWxI/FW9xMB8GA1UdIwQY
MBaAFC1Ic+bovk+dN2QYTxPldQ+MYfaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFVoejV1aS1UNTAzWkJoUEUtVjFENHhoOW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80N2I0MTMtNjQxNi00MDJhLWI1ZTEt
NjU5NmQ1MDM2MzYyLzEvZjQ1eG0yQV9Ddk1BcEJMTzFIQmJFajhWYjNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80N2I0MTMtNjQxNi00MDJhLWI1ZTEtNjU5NmQ1MDM2MzYy
LzEvTFVoejV1aS1UNTAzWkJoUEUtVjFENHhoOW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW4S0MA0E
AgACMAcDBQMqCcyAMA0GCSqGSIb3DQEBCwUAA4IBAQBdRhRpmiFBA/v4gkZmkq+C
Qr7SKVbTmToUEbppCwtliy060V3MGDndpa29h7g3Lfhqpu28nyxoaclLBFBuna05
2R1+ry5Wjw/fCvssnmYNrsNxp3IthAH2PUrMXJNnQit9QFt/CeHLKDq6SQEq7qc/
ElBKhxPuURU2FwzWM/ZBFbllOrJAZwHsFiw5KQIWXP6mbLJn1sCgXnyowhO5H6IB
kA3n9GT3v3DFoW7jHHhzPKmyD1Sx84PcnS0cxw6Ojs8MQ1NgZYLby1YwRKFcISq6
hFSMsEIhyfw+PH1jkIU19GvnazeSD2vVTt4rdP3fV6TI9qs9+mcDqtOgfPLnNMUY
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:27:08 2024 by rpki-client on console-fra.rpki-client.org