Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/m6gfmA-0tQNjbyYhad2oGDY_hOY.roa
File: m6gfmA-0tQNjbyYhad2oGDY_hOY.roa (raw, json)
Hash identifier: uhCmjq8TAYTM4MhgBqdFjIL8RfnChfiTN8VIgA1xPEA=
Subject key identifier: 9B:A8:1F:98:0F:B4:B5:03:63:6F:26:21:69:DD:A8:18:36:3F:84:E6
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018EDC658E272258E476333837BF87089049
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/m6gfmA-0tQNjbyYhad2oGDY_hOY.roa
Signing time: Sun 14 Apr 2024 11:37:06 +0000
ROA not before: Sun 14 Apr 2024 11:37:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57604
IP address blocks: 45.141.208.0/22 maxlen: 24
45.150.8.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:dc:65:8e:27:22:58:e4:76:33:38:37:bf:87:08:90:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Apr 14 11:37:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ba81f980fb4b503636f262169dda818363f84e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f8:9e:ee:4d:3d:2e:56:0c:7a:d6:c9:2f:ea:
50:1f:31:9d:c5:f9:e1:28:c8:77:3e:8f:ed:18:1f:
cf:32:82:05:d1:d1:ac:cd:c5:27:54:d6:86:12:d7:
ec:ea:11:9e:58:61:ab:f1:53:dc:6e:27:8e:c2:32:
3c:c6:7c:6f:69:a8:b3:6a:2c:e7:71:18:7b:f8:27:
29:99:39:12:08:65:64:54:8b:87:43:c6:77:87:92:
30:f4:bc:01:a4:00:83:fa:e6:64:5f:8c:63:a1:63:
a9:54:bf:82:8d:fe:2c:e4:a8:f2:f9:99:2d:84:a6:
03:44:ab:06:72:ad:62:31:69:19:b6:9c:06:c9:46:
fd:e5:2e:7c:85:c7:56:fb:19:d3:2d:03:5e:cd:5d:
96:ee:6a:75:d8:f0:b9:44:33:b0:c5:a2:0d:19:ae:
e1:b5:ce:9c:ec:10:e6:16:d1:20:27:c1:d9:c4:48:
4f:f3:2d:70:39:a6:9a:e7:d2:e3:95:fb:61:eb:a2:
3c:17:e0:91:15:41:c5:2f:13:0f:e6:a4:9c:c7:2f:
2b:b2:aa:5c:6f:0f:6c:db:86:cb:b5:c8:f6:9d:85:
82:07:c9:d0:fd:87:f0:70:6d:7d:d7:11:8f:89:f9:
64:15:ce:1f:83:53:05:9b:dd:ad:c8:cb:b1:50:e8:
df:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A8:1F:98:0F:B4:B5:03:63:6F:26:21:69:DD:A8:18:36:3F:84:E6
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/m6gfmA-0tQNjbyYhad2oGDY_hOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.208.0/22
45.150.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:98:5f:0f:b7:86:40:ba:ff:94:21:5a:35:5f:ae:ee:08:6b:
74:0d:98:07:f4:e8:23:1a:02:7d:00:e6:73:0f:d6:7a:32:d9:
e0:17:a0:73:8d:7e:87:c4:0d:7b:0d:3a:8f:19:b6:ec:bd:db:
9d:b1:1c:fc:5b:43:75:51:4b:c6:88:c9:23:b9:80:db:09:7f:
03:d4:53:55:ad:9b:8c:81:be:df:86:27:14:1e:cc:cb:68:c9:
9c:60:7f:30:80:9f:ce:ca:da:38:88:66:ae:c5:a5:c1:ff:ad:
19:f9:c1:d2:e1:6b:b8:a3:5d:69:d0:56:18:b7:db:9d:91:59:
6b:9e:ab:af:7c:4b:03:05:5a:ea:3c:91:aa:fd:3a:ee:24:97:
ae:3f:1f:37:c6:46:7b:14:49:a7:21:3c:5d:b0:65:91:e1:11:
23:c5:55:b0:5a:f2:73:e9:57:ad:57:17:02:c6:27:25:2c:0a:
3a:30:c8:4d:dc:23:11:d6:62:de:c4:c0:84:cc:7b:e3:68:b8:
33:10:95:f4:2d:b2:b5:45:93:1d:d4:df:cb:b6:5c:76:12:fe:
ed:ba:9b:3d:26:f2:29:c6:07:48:a8:84:51:4e:f8:6a:a0:b3:
a1:0e:02:4d:51:56:f1:83:2f:a1:73:91:07:e2:68:17:af:fb:
9a:e5:c1:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7cZY4nIljkdjM4N7+HCJBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwNDE0MTEzNzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmE4MWY5ODBmYjRiNTAzNjM2ZjI2MjE2OWRkYTgxODM2M2Y4NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/ie7k09LlYMetbJL+pQHzGdxfnh
KMh3Po/tGB/PMoIF0dGszcUnVNaGEtfs6hGeWGGr8VPcbieOwjI8xnxvaaizaizn
cRh7+CcpmTkSCGVkVIuHQ8Z3h5Iw9LwBpACD+uZkX4xjoWOpVL+Cjf4s5Kjy+Zkt
hKYDRKsGcq1iMWkZtpwGyUb95S58hcdW+xnTLQNezV2W7mp12PC5RDOwxaINGa7h
tc6c7BDmFtEgJ8HZxEhP8y1wOaaa59Ljlfth66I8F+CRFUHFLxMP5qScxy8rsqpc
bw9s24bLtcj2nYWCB8nQ/YfwcG191xGPiflkFc4fg1MFm92tyMuxUOjfHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJuoH5gPtLUDY28mIWndqBg2P4TmMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvbTZnZm1BLTB0UU5qYnlZaGFkMm9HRFlfaE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY3QAwQC
LZYIMA0GCSqGSIb3DQEBCwUAA4IBAQBNmF8Pt4ZAuv+UIVo1X67uCGt0DZgH9Ogj
GgJ9AOZzD9Z6MtngF6BzjX6HxA17DTqPGbbsvdudsRz8W0N1UUvGiMkjuYDbCX8D
1FNVrZuMgb7fhicUHszLaMmcYH8wgJ/Oyto4iGauxaXB/60Z+cHS4Wu4o11p0FYY
t9udkVlrnquvfEsDBVrqPJGq/TruJJeuPx83xkZ7FEmnITxdsGWR4REjxVWwWvJz
6VetVxcCxiclLAo6MMhN3CMR1mLexMCEzHvjaLgzEJX0LbK1RZMd1N/Ltlx2Ev7t
ups9JvIpxgdIqIRRTvhqoLOhDgJNUVbxgy+hc5EH4mgXr/ua5cFy
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:01:57 2024 by rpki-client on console-fra.rpki-client.org