Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/ir_5RKa0uc4aYUual04MEfLT0_c.roa
File: ir_5RKa0uc4aYUual04MEfLT0_c.roa (raw, json)
Hash identifier: k8ZlKRN3SO6VfBS0hyskxsgtMQiANGH3scY14UqVLt8=
Subject key identifier: 8A:BF:F9:44:A6:B4:B9:CE:1A:61:4B:9A:97:4E:0C:11:F2:D3:D3:F7
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018E9EDFD4374EB66C522492BA574D3A5F8A
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/ir_5RKa0uc4aYUual04MEfLT0_c.roa
Signing time: Tue 02 Apr 2024 12:54:12 +0000
ROA not before: Tue 02 Apr 2024 12:54:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:df:d4:37:4e:b6:6c:52:24:92:ba:57:4d:3a:5f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Apr 2 12:54:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8abff944a6b4b9ce1a614b9a974e0c11f2d3d3f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b7:aa:7d:9a:f8:cb:dc:a3:43:0e:2e:5c:fe:
01:72:44:7a:c8:69:fb:2e:fe:7b:52:e0:03:36:0b:
37:c3:74:5a:01:6e:c9:d7:12:f0:6a:f8:c9:76:64:
af:fc:35:b3:8c:2c:48:46:68:0e:ca:00:1f:c9:95:
81:ba:58:65:2f:13:cd:cd:65:9c:25:17:1a:63:b7:
5b:63:ad:bc:db:35:07:b6:71:3d:15:f6:02:16:e8:
70:03:09:b7:4d:c3:a2:65:0b:35:a3:d2:91:40:e7:
98:48:a6:85:bb:8c:6c:e9:94:44:61:b1:50:26:d8:
e1:33:8f:b9:12:91:d7:ed:a8:8b:a4:f7:b9:94:72:
20:8b:da:f2:97:70:b3:aa:5f:c2:90:eb:e7:be:15:
e2:cd:3d:ba:b2:61:6b:88:63:f6:fd:f5:ef:ca:44:
e4:ae:21:a3:b1:49:c6:47:64:29:32:7d:d4:0d:03:
0a:ec:90:e6:28:cb:be:e5:c2:64:a6:f5:0e:69:93:
79:97:84:49:dd:5f:27:cd:1f:51:ce:2a:ec:4b:e0:
e4:b3:e9:ea:37:67:31:5e:5a:4f:21:d5:28:cc:3c:
eb:51:ba:0e:40:3d:f1:04:4a:aa:76:72:df:c7:29:
88:b8:81:b3:7b:79:50:a7:e0:e0:cf:5a:4a:11:f7:
ef:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BF:F9:44:A6:B4:B9:CE:1A:61:4B:9A:97:4E:0C:11:F2:D3:D3:F7
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/ir_5RKa0uc4aYUual04MEfLT0_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.44.0/24
45.90.47.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:38:0a:39:92:2d:b4:04:99:fd:c5:c8:31:21:ec:ed:9c:b4:
27:5f:e5:f4:ae:c3:0d:50:ae:7a:26:00:0c:8f:75:cf:5f:78:
c5:c5:f0:70:76:db:c2:e2:86:9a:02:ad:d9:d0:ef:a1:29:15:
7e:c6:4f:80:8f:9c:30:6d:f4:2a:70:54:b5:69:c5:97:bd:34:
8e:11:f2:f6:81:71:1c:b0:fe:c6:a3:80:18:b5:1e:32:27:50:
67:4b:94:96:90:5a:e9:ae:08:80:24:63:36:4b:25:a6:80:8f:
9a:87:36:fa:db:d3:75:25:83:c8:90:35:63:96:38:9f:f3:02:
ab:2f:21:6e:3e:15:0b:bb:9c:1d:38:0f:20:b8:bf:9d:c3:80:
7b:bf:4e:67:d0:7f:ca:7e:91:f4:36:69:22:31:21:fe:83:b8:
cd:2a:40:39:4d:f8:94:a3:52:47:29:6f:80:e6:d9:3e:c5:b9:
d2:52:26:d4:7e:e7:cd:b9:83:96:0f:3b:75:c7:e9:9a:16:0f:
c8:d2:7d:bb:28:d9:47:12:ca:8b:73:29:13:1a:be:42:ac:c4:
28:e6:68:3a:8f:51:93:cf:13:3c:ad:c3:55:f2:e3:3e:49:52:
9d:72:92:5e:02:78:83:fe:2a:e6:7f:e4:af:1d:51:2d:90:0b:
4c:df:64:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6e39Q3TrZsUiSSuldNOl+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwNDAyMTI1NDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWJmZjk0NGE2YjRiOWNlMWE2MTRiOWE5NzRlMGMxMWYyZDNkM2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLeqfZr4y9yjQw4uXP4BckR6yGn7
Lv57UuADNgs3w3RaAW7J1xLwavjJdmSv/DWzjCxIRmgOygAfyZWBulhlLxPNzWWc
JRcaY7dbY6282zUHtnE9FfYCFuhwAwm3TcOiZQs1o9KRQOeYSKaFu4xs6ZREYbFQ
JtjhM4+5EpHX7aiLpPe5lHIgi9ryl3Czql/CkOvnvhXizT26smFriGP2/fXvykTk
riGjsUnGR2QpMn3UDQMK7JDmKMu+5cJkpvUOaZN5l4RJ3V8nzR9RzirsS+Dks+nq
N2cxXlpPIdUozDzrUboOQD3xBEqqdnLfxymIuIGze3lQp+Dgz1pKEffvgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIq/+USmtLnOGmFLmpdODBHy09P3MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvaXJfNVJLYTB1YzRhWVV1YWwwNE1FZkxUMF9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVosAwQA
LVovMA0GCSqGSIb3DQEBCwUAA4IBAQA+OAo5ki20BJn9xcgxIeztnLQnX+X0rsMN
UK56JgAMj3XPX3jFxfBwdtvC4oaaAq3Z0O+hKRV+xk+Aj5wwbfQqcFS1acWXvTSO
EfL2gXEcsP7Go4AYtR4yJ1BnS5SWkFrprgiAJGM2SyWmgI+ahzb629N1JYPIkDVj
ljif8wKrLyFuPhULu5wdOA8guL+dw4B7v05n0H/KfpH0NmkiMSH+g7jNKkA5TfiU
o1JHKW+A5tk+xbnSUibUfufNuYOWDzt1x+maFg/I0n27KNlHEsqLcykTGr5CrMQo
5mg6j1GTzxM8rcNV8uM+SVKdcpJeAniD/irmf+SvHVEtkAtM32Si
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:40:10 2024 by rpki-client on console-fra.rpki-client.org