Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/VxQVxhC7GGFfqObxyWDExl-tdAg.roa
File: VxQVxhC7GGFfqObxyWDExl-tdAg.roa (raw, json)
Hash identifier: 4KByHrX9k5UwoavSziIU4H7Znt0p4r8UmEYZ1DaC0Kc=
Subject key identifier: 57:14:15:C6:10:BB:18:61:5F:A8:E6:F1:C9:60:C4:C6:5F:AD:74:08
Certificate issuer: /CN=498fe5b282b1c7db00f67bb4a13d9f79520508b7
Certificate serial: 018D0FE372A51DB39FA142B67897EE28C082
Authority key identifier: 49:8F:E5:B2:82:B1:C7:DB:00:F6:7B:B4:A1:3D:9F:79:52:05:08:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SY_lsoKxx9sA9nu0oT2feVIFCLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/VxQVxhC7GGFfqObxyWDExl-tdAg.roa
Signing time: Tue 16 Jan 2024 01:29:40 +0000
ROA not before: Tue 16 Jan 2024 01:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51889
IP address blocks: 45.147.76.0/24 maxlen: 24
45.147.77.0/24 maxlen: 24
45.147.78.0/23 maxlen: 23
45.147.78.0/24 maxlen: 24
45.147.76.0/22 maxlen: 22
45.147.76.0/23 maxlen: 23
45.147.79.0/24 maxlen: 24
91.226.246.0/24 maxlen: 24
2a13:1740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/SY_lsoKxx9sA9nu0oT2feVIFCLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/SY_lsoKxx9sA9nu0oT2feVIFCLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SY_lsoKxx9sA9nu0oT2feVIFCLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0f:e3:72:a5:1d:b3:9f:a1:42:b6:78:97:ee:28:c0:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=498fe5b282b1c7db00f67bb4a13d9f79520508b7
Validity
Not Before: Jan 16 01:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=571415c610bb18615fa8e6f1c960c4c65fad7408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:05:f9:2a:6a:72:58:0a:22:db:94:c9:50:3d:
93:fb:3b:4b:47:ee:fd:13:a9:12:9b:21:3b:15:80:
94:2a:21:c4:c4:84:73:fd:7f:db:1f:ce:c7:d7:e1:
08:73:af:a8:95:3b:38:fd:b6:bb:6f:12:1b:4d:5b:
98:bd:f3:aa:31:c3:0f:63:13:28:b8:9d:f5:99:e5:
4b:a2:e2:02:91:d0:5b:5e:1e:7f:a4:a8:5a:71:42:
8f:25:98:2c:9e:b6:ec:cc:d3:95:20:b8:16:8b:f7:
66:69:b0:f7:5d:5a:df:eb:0a:b4:47:5b:d5:07:4b:
df:89:66:12:d5:80:df:7e:09:3f:a7:7c:2d:37:fa:
19:e2:69:4a:42:31:b6:7e:c5:25:e0:bb:89:22:58:
10:a7:0f:35:81:a4:64:96:5c:98:3a:d7:b6:33:ad:
a2:d8:28:1d:fc:79:5e:0e:a6:70:44:2d:f8:5c:a4:
6d:4d:57:d1:0d:1a:3d:a6:5a:cc:da:34:64:3c:be:
49:95:dc:5b:6f:ca:44:75:85:b6:5a:e2:9b:77:5e:
d0:01:f8:02:8b:f8:02:d5:9a:1e:ee:6b:60:4b:c8:
78:8d:fb:cc:e6:05:f9:8d:a7:40:5f:4e:bd:bf:d6:
52:bb:c6:47:ea:17:bd:ef:c2:94:ef:6a:db:e0:0e:
b3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:14:15:C6:10:BB:18:61:5F:A8:E6:F1:C9:60:C4:C6:5F:AD:74:08
X509v3 Authority Key Identifier:
keyid:49:8F:E5:B2:82:B1:C7:DB:00:F6:7B:B4:A1:3D:9F:79:52:05:08:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SY_lsoKxx9sA9nu0oT2feVIFCLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/VxQVxhC7GGFfqObxyWDExl-tdAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/SY_lsoKxx9sA9nu0oT2feVIFCLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.76.0/22
91.226.246.0/24
IPv6:
2a13:1740::/29
Signature Algorithm: sha256WithRSAEncryption
9f:89:8f:ee:73:b2:c8:85:76:eb:eb:91:a6:cc:d5:db:b8:66:
4d:93:c5:fe:c4:5a:0b:de:9d:2e:02:1c:de:d0:e8:75:0f:60:
3a:09:4a:49:78:4c:24:8f:cb:f0:a7:d3:d4:52:94:78:1e:12:
da:4e:6c:4c:27:fa:bd:3b:2e:d7:7f:8d:71:88:7f:a7:f7:08:
3f:73:ff:d8:85:54:74:87:86:cd:7e:f0:8d:ef:27:ae:69:6b:
03:6a:df:70:1c:0b:5f:c3:05:04:93:b6:22:43:40:f9:8f:bb:
66:39:9d:5e:94:b1:8c:4a:81:a0:1c:4f:b3:b5:e3:56:4e:2f:
12:85:aa:0f:ad:f2:c2:80:9e:ed:52:22:94:08:dc:41:27:f5:
6b:1e:92:fd:81:70:72:55:3d:57:ce:89:24:95:11:82:b6:be:
04:51:c4:6d:58:bb:ef:14:b6:65:4a:a0:2e:10:5f:88:d5:cd:
d4:52:92:71:d7:95:90:8b:a6:0c:ce:a8:75:56:12:43:56:72:
b2:5e:21:08:25:ce:d5:2c:69:c3:b8:58:f4:49:87:78:40:9c:
c4:ab:a3:c2:cf:8c:8f:23:5e:82:9e:1c:aa:32:a0:31:aa:65:
bf:19:73:e0:0b:41:ec:af:48:24:f1:63:9f:cb:d5:42:d5:91:
50:18:f5:d1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY0P43KlHbOfoUK2eJfuKMCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5OGZlNWIyODJiMWM3ZGIwMGY2N2JiNGExM2Q5Zjc5NTIw
NTA4YjcwHhcNMjQwMTE2MDEyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzE0MTVjNjEwYmIxODYxNWZhOGU2ZjFjOTYwYzRjNjVmYWQ3NDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgX5KmpyWAoi25TJUD2T+ztLR+79
E6kSmyE7FYCUKiHExIRz/X/bH87H1+EIc6+olTs4/ba7bxIbTVuYvfOqMcMPYxMo
uJ31meVLouICkdBbXh5/pKhacUKPJZgsnrbszNOVILgWi/dmabD3XVrf6wq0R1vV
B0vfiWYS1YDffgk/p3wtN/oZ4mlKQjG2fsUl4LuJIlgQpw81gaRkllyYOte2M62i
2Cgd/HleDqZwRC34XKRtTVfRDRo9plrM2jRkPL5Jldxbb8pEdYW2WuKbd17QAfgC
i/gC1Zoe7mtgS8h4jfvM5gX5jadAX069v9ZSu8ZH6he978KU72rb4A6z+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFcUFcYQuxhhX6jm8clgxMZfrXQIMB8GA1UdIwQY
MBaAFEmP5bKCscfbAPZ7tKE9n3lSBQi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lfbHNvS3h4OXNBOW51MG9UMmZlVklGQ0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zODRmMjktZmQ0ZC00MzZhLWI4NWIt
MDA0MDNiNjQwNTVhLzEvVnhRVnhoQzdHR0ZmcU9ieHlXREV4bC10ZEFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zODRmMjktZmQ0ZC00MzZhLWI4NWItMDA0MDNiNjQwNTVh
LzEvU1lfbHNvS3h4OXNBOW51MG9UMmZlVklGQ0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZNMAwQA
W+L2MA0EAgACMAcDBQMqExdAMA0GCSqGSIb3DQEBCwUAA4IBAQCfiY/uc7LIhXbr
65GmzNXbuGZNk8X+xFoL3p0uAhze0Oh1D2A6CUpJeEwkj8vwp9PUUpR4HhLaTmxM
J/q9Oy7Xf41xiH+n9wg/c//YhVR0h4bNfvCN7yeuaWsDat9wHAtfwwUEk7YiQ0D5
j7tmOZ1elLGMSoGgHE+zteNWTi8ShaoPrfLCgJ7tUiKUCNxBJ/VrHpL9gXByVT1X
zokklRGCtr4EUcRtWLvvFLZlSqAuEF+I1c3UUpJx15WQi6YMzqh1VhJDVnKyXiEI
Jc7VLGnDuFj0SYd4QJzEq6PCz4yPI16CnhyqMqAxqmW/GXPgC0Hsr0gk8WOfy9VC
1ZFQGPXR
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:11:19 2024 by rpki-client on console-fra.rpki-client.org