Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/T_ItIVUwdPm5aOoD4mKz-_pGJFY.roa
File: T_ItIVUwdPm5aOoD4mKz-_pGJFY.roa (raw, json)
Hash identifier: kf5sT15jWHW5K0N/GK47Ic/7ke4+7vCGEN71T+j2FUo=
Subject key identifier: 4F:F2:2D:21:55:30:74:F9:B9:68:EA:03:E2:62:B3:FB:FA:46:24:56
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018FF2A590C9C85B37281E7CE01E744ABC73
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/T_ItIVUwdPm5aOoD4mKz-_pGJFY.roa
Signing time: Fri 07 Jun 2024 12:21:27 +0000
ROA not before: Fri 07 Jun 2024 12:21:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35751
IP address blocks: 45.10.248.0/22 maxlen: 22
45.94.228.0/22 maxlen: 22
45.95.148.0/22 maxlen: 22
45.129.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:a5:90:c9:c8:5b:37:28:1e:7c:e0:1e:74:4a:bc:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 7 12:21:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ff22d21553074f9b968ea03e262b3fbfa462456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:35:a5:cd:15:be:e9:72:70:d3:d3:5f:18:a1:
db:04:2c:d8:31:b5:47:a5:ee:29:68:de:20:14:1a:
ab:0b:31:57:d7:58:54:e1:d4:e2:48:a0:0e:2b:8d:
c0:8b:51:3c:e8:62:3d:cc:6d:c6:80:ec:50:1c:f5:
d4:a1:36:53:4c:cf:da:4f:73:ad:4a:30:8e:19:08:
4c:33:f7:bb:70:b4:25:8a:93:5a:0e:a0:86:89:9a:
51:65:28:ce:e7:7c:f2:20:5b:69:47:88:d8:63:8a:
cb:84:5b:e2:ab:a8:ce:05:4b:64:70:00:a8:90:07:
a0:57:a4:ab:a6:0d:87:4b:9f:98:c9:cc:99:3e:05:
21:b4:8e:bf:9d:35:07:c5:31:0c:dd:b5:47:19:17:
cf:80:e3:35:9a:4e:80:9e:34:c2:97:27:68:dd:8b:
33:7a:2c:b3:92:8a:e2:df:1e:fc:e4:05:e1:a0:86:
78:cd:52:c5:a2:bf:7d:3a:fa:ce:5b:48:eb:6d:5f:
e9:46:2c:f7:5c:cb:bf:a1:f4:ad:02:ae:b4:1f:a3:
b1:39:dc:b2:67:09:48:cc:45:8b:ec:2b:37:46:87:
df:b6:84:3d:9b:9b:4a:69:66:d3:f9:2a:9b:bb:0a:
aa:32:b7:62:da:ed:7b:60:74:7d:21:6d:6e:ae:97:
2d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F2:2D:21:55:30:74:F9:B9:68:EA:03:E2:62:B3:FB:FA:46:24:56
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/T_ItIVUwdPm5aOoD4mKz-_pGJFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.248.0/22
45.94.228.0/22
45.95.148.0/22
45.129.4.0/22
Signature Algorithm: sha256WithRSAEncryption
18:24:00:c1:dd:d9:af:bb:95:e7:7f:42:c0:40:e9:66:2f:aa:
65:24:bb:47:5d:5b:e7:29:0c:30:b9:d4:48:ee:f4:6f:bf:4a:
29:b9:a0:f3:bf:b4:d2:35:ef:99:14:ac:63:e5:30:f9:cb:0d:
22:47:66:d1:c7:ab:83:3f:cf:dd:3f:04:2b:9e:1c:4a:4c:b9:
0a:aa:7f:a3:1c:b0:7e:9a:e1:bd:10:13:d5:aa:4d:12:ac:3a:
cb:dd:60:e4:66:54:8a:07:bf:42:60:6f:fa:01:b6:60:48:5c:
32:5a:14:af:87:01:f4:05:3e:87:40:69:c3:54:9d:07:df:75:
f2:3c:e0:ed:75:24:c8:11:12:c2:d9:b1:d6:9f:25:c4:a8:ea:
c4:a3:16:72:98:5c:ac:90:95:9d:12:b6:d8:d2:27:af:3a:5a:
e8:48:80:15:b2:f3:b3:d5:63:00:4c:82:3d:49:8c:be:2b:d4:
61:0b:2b:46:54:fe:92:15:40:3e:f7:3d:db:e9:b9:12:90:aa:
37:ea:fb:4f:7b:e7:cf:91:86:5d:a9:28:d4:22:ae:e7:a3:e3:
57:a6:9b:dc:4d:53:ad:22:44:e6:17:58:0c:d6:b8:1f:44:db:
f2:33:76:f3:b8:c3:fc:bf:a2:63:e8:25:a3:6f:c7:94:bc:e7:
84:31:98:8f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/ypZDJyFs3KB584B50SrxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNjA3MTIyMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmYyMmQyMTU1MzA3NGY5Yjk2OGVhMDNlMjYyYjNmYmZhNDYyNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDWlzRW+6XJw09NfGKHbBCzYMbVH
pe4paN4gFBqrCzFX11hU4dTiSKAOK43Ai1E86GI9zG3GgOxQHPXUoTZTTM/aT3Ot
SjCOGQhMM/e7cLQlipNaDqCGiZpRZSjO53zyIFtpR4jYY4rLhFviq6jOBUtkcACo
kAegV6Srpg2HS5+YycyZPgUhtI6/nTUHxTEM3bVHGRfPgOM1mk6AnjTClydo3Ysz
eiyzkori3x785AXhoIZ4zVLFor99OvrOW0jrbV/pRiz3XMu/ofStAq60H6OxOdyy
ZwlIzEWL7Cs3RofftoQ9m5tKaWbT+SqbuwqqMrdi2u17YHR9IW1urpctbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE/yLSFVMHT5uWjqA+Jis/v6RiRWMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvVF9JdElWVXdkUG01YU9vRDRtS3otX3BHSkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLQr4AwQC
LV7kAwQCLV+UAwQCLYEEMA0GCSqGSIb3DQEBCwUAA4IBAQAYJADB3dmvu5Xnf0LA
QOlmL6plJLtHXVvnKQwwudRI7vRvv0opuaDzv7TSNe+ZFKxj5TD5yw0iR2bRx6uD
P8/dPwQrnhxKTLkKqn+jHLB+muG9EBPVqk0SrDrL3WDkZlSKB79CYG/6AbZgSFwy
WhSvhwH0BT6HQGnDVJ0H33XyPODtdSTIERLC2bHWnyXEqOrEoxZymFyskJWdErbY
0ievOlroSIAVsvOz1WMATII9SYy+K9RhCytGVP6SFUA+9z3b6bkSkKo36vtPe+fP
kYZdqSjUIq7no+NXppvcTVOtIkTmF1gM1rgfRNvyM3bzuMP8v6Jj6CWjb8eUvOeE
MZiP
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:26:03 2024 by rpki-client on console-ams.rpki-client.org