Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/5ylXAzU6Vf-SE4CakKNb0V2fmU0.roa
File: 5ylXAzU6Vf-SE4CakKNb0V2fmU0.roa (raw, json)
Hash identifier: iCfEESWxyrhy5VUOU0FSuOGqSAeMzzcqGt777OBNVxc=
Subject key identifier: E7:29:57:03:35:3A:55:FF:92:13:80:9A:90:A3:5B:D1:5D:9F:99:4D
Certificate issuer: /CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Certificate serial: 018CC492E91679BD8A6B5EADFF4625D569DD
Authority key identifier: B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/5ylXAzU6Vf-SE4CakKNb0V2fmU0.roa
Signing time: Mon 01 Jan 2024 10:30:11 +0000
ROA not before: Mon 01 Jan 2024 10:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48305
IP address blocks: 45.148.0.0/22 maxlen: 22
91.242.128.0/22 maxlen: 24
185.86.184.0/22 maxlen: 22
91.242.132.0/22 maxlen: 22
2a03:77e0:5301::/48 maxlen: 48
2a03:77e0:4401::/48 maxlen: 48
2a03:77e0:3301::/48 maxlen: 48
2a03:77e0:3302::/48 maxlen: 48
2a0f:4400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.mft
rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e9:16:79:bd:8a:6b:5e:ad:ff:46:25:d5:69:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Validity
Not Before: Jan 1 10:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7295703353a55ff9213809a90a35bd15d9f994d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9c:c0:94:4e:86:45:dc:43:30:f8:c0:4b:0f:
02:15:38:7b:cf:e5:ab:e8:74:53:d3:6a:ad:d3:9b:
72:aa:98:da:11:9f:1b:2f:14:d6:d4:9e:ab:32:66:
e0:ff:05:34:4c:bd:80:f0:2f:0d:f0:6c:1a:16:98:
c6:2b:9a:f3:cf:39:08:fd:7b:96:be:6e:70:3b:26:
b1:bf:3b:b2:54:02:63:fa:88:96:75:5f:82:06:43:
ff:3c:e0:25:bc:3f:a3:21:77:c9:e2:64:b9:53:9e:
af:39:a2:4e:e9:93:40:b6:e4:24:2b:49:38:e4:1c:
0a:9d:2d:80:65:5d:8d:84:b0:91:92:cb:6e:3f:66:
18:3c:6e:7e:71:f2:c9:0b:6c:f7:ad:7a:02:fe:0f:
1d:65:2e:6d:c4:e6:6f:cd:bb:60:49:5c:33:37:b2:
da:4f:b4:85:b0:0e:12:6f:81:d5:52:cc:a0:85:6f:
2f:14:5f:3d:db:2c:77:c6:7f:13:1a:29:bf:53:49:
98:ab:b9:7e:6c:3c:1e:fa:86:03:7a:da:07:d7:af:
3b:48:0e:4c:5d:04:41:34:4a:3c:f5:f3:37:be:27:
c5:fb:bf:da:cb:5a:25:b6:93:5b:94:8b:0f:b3:b6:
d9:fe:e5:46:f9:22:b4:84:2a:f0:ce:db:d0:8f:e2:
17:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:29:57:03:35:3A:55:FF:92:13:80:9A:90:A3:5B:D1:5D:9F:99:4D
X509v3 Authority Key Identifier:
keyid:B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/5ylXAzU6Vf-SE4CakKNb0V2fmU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.0.0/22
91.242.128.0/21
185.86.184.0/22
IPv6:
2a03:77e0:3301::-2a03:77e0:3302:ffff:ffff:ffff:ffff:ffff
2a03:77e0:4401::/48
2a03:77e0:5301::/48
2a0f:4400::/29
Signature Algorithm: sha256WithRSAEncryption
16:a0:e5:88:80:03:08:33:97:d1:65:41:48:d4:38:03:95:ab:
47:87:a1:18:75:7d:16:31:d8:ce:8c:90:76:d2:da:9a:17:5a:
e7:b2:7d:6c:a7:0b:05:45:3c:73:f0:62:d2:0d:d7:65:f3:4b:
bb:92:f6:74:95:f4:6a:e7:d1:c8:1d:85:8d:56:5e:0a:3a:ae:
b2:3b:04:35:e3:ce:66:5a:9f:33:9e:aa:ec:1d:cf:bc:49:4c:
fb:b2:8d:ea:bc:ea:b0:9d:93:df:7b:38:b1:a6:dd:98:a1:ef:
16:1d:bb:e8:48:f7:69:89:51:81:50:3d:63:d0:6c:d3:a2:62:
86:1f:67:82:50:51:ec:4b:df:1c:93:57:ad:d0:65:ed:bf:11:
bc:77:bc:7d:03:0f:0b:6a:71:bf:79:f8:95:95:1a:d4:8c:6e:
c7:d6:81:ee:44:7b:93:a0:f7:d5:58:47:35:70:d1:97:88:0d:
43:79:3e:0f:b1:3c:3c:6d:be:a1:5d:bf:19:ba:2e:e7:d6:88:
89:8d:65:e0:dd:be:47:21:df:f5:7e:0b:82:4e:a7:02:a7:ee:
49:6f:6d:a6:99:88:7c:67:d6:6a:6d:f8:9d:e0:b5:e2:cf:4e:
de:42:74:50:1d:67:e1:ba:3b:58:7a:0d:72:4e:3e:4a:d8:9c:
19:52:d7:7c
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzEkukWeb2Ka16t/0Yl1WndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjhhODg1Zjc3NzZkMmFiOTliYjRmMjBlODRkMzA2ZTAz
OTRhYTMwHhcNMjQwMTAxMTAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzI5NTcwMzM1M2E1NWZmOTIxMzgwOWE5MGEzNWJkMTVkOWY5OTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5zAlE6GRdxDMPjASw8CFTh7z+Wr
6HRT02qt05tyqpjaEZ8bLxTW1J6rMmbg/wU0TL2A8C8N8GwaFpjGK5rzzzkI/XuW
vm5wOyaxvzuyVAJj+oiWdV+CBkP/POAlvD+jIXfJ4mS5U56vOaJO6ZNAtuQkK0k4
5BwKnS2AZV2NhLCRkstuP2YYPG5+cfLJC2z3rXoC/g8dZS5txOZvzbtgSVwzN7La
T7SFsA4Sb4HVUsyghW8vFF892yx3xn8TGim/U0mYq7l+bDwe+oYDetoH1687SA5M
XQRBNEo89fM3vifF+7/ay1oltpNblIsPs7bZ/uVG+SK0hCrwztvQj+IXQwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOcpVwM1OlX/khOAmpCjW9Fdn5lNMB8GA1UdIwQY
MBaAFLD4qIX3d20quZu08g6E0wbgOUqjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEt
NGQwNTQ5OGFhOTdkLzEvNXlsWEF6VTZWZi1TRTRDYWtLTmIwVjJmbVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEtNGQwNTQ5OGFhOTdk
LzEvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAYBAIAATASAwQCLZQAAwQD
W/KAAwQCuVa4MDMEAgACMC0wEgMHACoDd+AzAQMHACoDd+AzAgMHACoDd+BEAQMH
ACoDd+BTAQMFAyoPRAAwDQYJKoZIhvcNAQELBQADggEBABag5YiAAwgzl9FlQUjU
OAOVq0eHoRh1fRYx2M6MkHbS2poXWueyfWynCwVFPHPwYtIN12XzS7uS9nSV9Grn
0cgdhY1WXgo6rrI7BDXjzmZanzOequwdz7xJTPuyjeq86rCdk997OLGm3Zih7xYd
u+hI92mJUYFQPWPQbNOiYoYfZ4JQUexL3xyTV63QZe2/Ebx3vH0DDwtqcb95+JWV
GtSMbsfWge5Ee5Og99VYRzVw0ZeIDUN5Pg+xPDxtvqFdvxm6LufWiImNZeDdvkch
3/V+C4JOpwKn7klvbaaZiHxn1mpt+J3gteLPTt5CdFAdZ+G6O1h6DXJOPkrYnBlS
13w=
-----END CERTIFICATE-----
Generated at Mon Jun 17 09:08:34 2024 by rpki-client on console-ams.rpki-client.org