Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b8575a-8b63-4532-81ed-efe5bfc79994/1/eFXStM9IVziQNCd_R9DF-PWPJCw.roa
File: eFXStM9IVziQNCd_R9DF-PWPJCw.roa (raw, json)
Hash identifier: kZYPkxZQMo2RPCiVevSC2DkIvvF6UXUNpbCz9wqCyn4=
Subject key identifier: 78:55:D2:B4:CF:48:57:38:90:34:27:7F:47:D0:C5:F8:F5:8F:24:2C
Certificate issuer: /CN=061618f6d300df2cf59e2df97ffe9f956a23e63c
Certificate serial: 018CC72698229747EC9C335F9FDE0B8EE489
Authority key identifier: 06:16:18:F6:D3:00:DF:2C:F5:9E:2D:F9:7F:FE:9F:95:6A:23:E6:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BhYY9tMA3yz1ni35f_6flWoj5jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b8575a-8b63-4532-81ed-efe5bfc79994/1/eFXStM9IVziQNCd_R9DF-PWPJCw.roa
Signing time: Mon 01 Jan 2024 22:30:44 +0000
ROA not before: Mon 01 Jan 2024 22:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208702
IP address blocks: 45.154.93.0/24 maxlen: 24
45.154.95.0/24 maxlen: 24
45.154.92.0/24 maxlen: 24
45.154.94.0/24 maxlen: 24
2001:678:a98::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b8575a-8b63-4532-81ed-efe5bfc79994/1/BhYY9tMA3yz1ni35f_6flWoj5jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b8575a-8b63-4532-81ed-efe5bfc79994/1/BhYY9tMA3yz1ni35f_6flWoj5jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BhYY9tMA3yz1ni35f_6flWoj5jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 13:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:98:22:97:47:ec:9c:33:5f:9f:de:0b:8e:e4:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=061618f6d300df2cf59e2df97ffe9f956a23e63c
Validity
Not Before: Jan 1 22:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7855d2b4cf4857389034277f47d0c5f8f58f242c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3f:df:24:b1:73:49:a5:d9:92:7c:71:69:bd:
7b:bc:97:2b:47:73:1f:71:34:4d:4a:bc:11:55:fe:
59:c0:8c:68:e4:02:aa:73:c4:7c:75:4c:ef:07:10:
ab:fe:de:83:47:6c:fa:92:a3:99:49:df:27:c4:7d:
54:15:47:77:a9:64:a7:be:1d:ce:16:3e:0e:89:04:
6d:51:8f:82:18:41:f0:42:13:98:18:85:7a:ae:9a:
f3:38:10:21:7c:25:21:ae:fa:d8:46:ca:a8:12:cb:
5b:3c:d9:7d:88:69:bc:7b:81:08:3e:f8:a4:eb:dc:
3e:83:0a:2d:ae:bb:93:9b:cf:9f:ef:46:92:e4:0d:
d0:cf:8f:b2:b3:25:eb:3e:bc:5d:15:c0:b3:72:89:
88:d4:c0:88:db:15:ec:d9:80:36:8e:15:de:d4:28:
66:ae:eb:b4:5f:f3:b6:65:ef:cb:bd:31:f6:71:33:
d7:72:b3:ba:b1:0a:46:2d:4c:20:5a:88:ec:6e:62:
dd:2d:2f:6f:b7:b8:00:54:98:bd:6e:e5:c3:b5:bc:
ea:2e:be:d6:86:b4:46:25:81:8e:01:f7:2a:06:7e:
97:fc:fc:5d:64:ab:46:30:d5:d0:ef:b0:10:42:08:
06:51:00:e9:da:3a:f0:9d:c2:e4:dd:74:5e:cc:50:
99:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:55:D2:B4:CF:48:57:38:90:34:27:7F:47:D0:C5:F8:F5:8F:24:2C
X509v3 Authority Key Identifier:
keyid:06:16:18:F6:D3:00:DF:2C:F5:9E:2D:F9:7F:FE:9F:95:6A:23:E6:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BhYY9tMA3yz1ni35f_6flWoj5jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8575a-8b63-4532-81ed-efe5bfc79994/1/eFXStM9IVziQNCd_R9DF-PWPJCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b8575a-8b63-4532-81ed-efe5bfc79994/1/BhYY9tMA3yz1ni35f_6flWoj5jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.92.0/22
IPv6:
2001:678:a98::/48
Signature Algorithm: sha256WithRSAEncryption
2a:53:1a:72:0c:0a:27:a4:31:f0:98:1f:d9:04:83:f8:a3:58:
f3:d3:74:7e:19:e2:a1:23:f4:b3:19:16:c8:f5:1f:0e:aa:94:
71:f9:ab:8a:55:d9:86:dd:71:ff:74:76:9b:1b:e8:33:48:11:
c5:08:4a:f2:a5:b7:8e:81:06:13:1f:a5:5f:04:56:10:2f:ff:
1c:84:d5:55:a4:d0:bd:e9:2f:c1:86:96:1a:a2:3c:28:bb:23:
c3:15:78:42:7e:d4:af:4b:02:61:86:07:e3:1f:88:cd:94:ed:
84:d7:c7:46:ac:82:ce:78:a0:06:39:72:f6:91:e2:b9:d3:51:
6e:9a:49:01:87:a0:24:8e:d9:54:2e:6e:9a:30:57:71:bc:b9:
30:b7:63:61:b9:4c:46:5b:2b:2b:51:2c:df:34:87:26:b9:01:
33:c5:bb:e9:7b:c3:f4:18:e0:b2:df:7e:69:be:8f:18:98:3d:
e4:d5:18:7e:c6:ec:3b:f0:4f:e0:30:dd:cf:12:df:fb:d7:47:
6d:b2:08:6e:f1:a4:dd:83:26:bd:88:17:c2:f3:8f:a1:ea:36:
ad:50:80:92:f3:c8:c9:7a:e9:fd:9d:c6:ff:e0:a1:e9:12:72:
1a:d5:bd:26:4e:3f:09:b5:2b:08:17:bd:1b:2e:26:a9:74:b8:
11:a7:b5:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJpgil0fsnDNfn94LjuSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MTYxOGY2ZDMwMGRmMmNmNTllMmRmOTdmZmU5Zjk1NmEy
M2U2M2MwHhcNMjQwMTAxMjIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODU1ZDJiNGNmNDg1NzM4OTAzNDI3N2Y0N2QwYzVmOGY1OGYyNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj/fJLFzSaXZknxxab17vJcrR3Mf
cTRNSrwRVf5ZwIxo5AKqc8R8dUzvBxCr/t6DR2z6kqOZSd8nxH1UFUd3qWSnvh3O
Fj4OiQRtUY+CGEHwQhOYGIV6rprzOBAhfCUhrvrYRsqoEstbPNl9iGm8e4EIPvik
69w+gwotrruTm8+f70aS5A3Qz4+ysyXrPrxdFcCzcomI1MCI2xXs2YA2jhXe1Chm
ruu0X/O2Ze/LvTH2cTPXcrO6sQpGLUwgWojsbmLdLS9vt7gAVJi9buXDtbzqLr7W
hrRGJYGOAfcqBn6X/PxdZKtGMNXQ77AQQggGUQDp2jrwncLk3XRezFCZfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHhV0rTPSFc4kDQnf0fQxfj1jyQsMB8GA1UdIwQY
MBaAFAYWGPbTAN8s9Z4t+X/+n5VqI+Y8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmhZWTl0TUEzeXoxbmkzNWZfNmZsV29qNWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iODU3NWEtOGI2My00NTMyLTgxZWQt
ZWZlNWJmYzc5OTk0LzEvZUZYU3RNOUlWemlRTkNkX1I5REYtUFdQSkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iODU3NWEtOGI2My00NTMyLTgxZWQtZWZlNWJmYzc5OTk0
LzEvQmhZWTl0TUEzeXoxbmkzNWZfNmZsV29qNWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLZpcMA8E
AgACMAkDBwAgAQZ4CpgwDQYJKoZIhvcNAQELBQADggEBACpTGnIMCiekMfCYH9kE
g/ijWPPTdH4Z4qEj9LMZFsj1Hw6qlHH5q4pV2Ybdcf90dpsb6DNIEcUISvKlt46B
BhMfpV8EVhAv/xyE1VWk0L3pL8GGlhqiPCi7I8MVeEJ+1K9LAmGGB+MfiM2U7YTX
x0asgs54oAY5cvaR4rnTUW6aSQGHoCSO2VQubpowV3G8uTC3Y2G5TEZbKytRLN80
hya5ATPFu+l7w/QY4LLffmm+jxiYPeTVGH7G7DvwT+Aw3c8S3/vXR22yCG7xpN2D
Jr2IF8Lzj6HqNq1QgJLzyMl66f2dxv/goekSchrVvSZOPwm1KwgXvRsuJql0uBGn
tXQ=
-----END CERTIFICATE-----
Generated at Wed May 15 16:26:21 2024 by rpki-client on console-ams.rpki-client.org