Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/7hT9MbcySzfUt1zaYMcQxQ7fVzI.roa
File: 7hT9MbcySzfUt1zaYMcQxQ7fVzI.roa (raw, json)
Hash identifier: VeRnAnjeJl8F3/O/tQSPKEZmfx40R8SVy99PvAKcSNI=
Subject key identifier: EE:14:FD:31:B7:32:4B:37:D4:B7:5C:DA:60:C7:10:C5:0E:DF:57:32
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 018E09CCD001B664D06F2328B512A6B206D7
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/7hT9MbcySzfUt1zaYMcQxQ7fVzI.roa
Signing time: Mon 04 Mar 2024 14:10:01 +0000
ROA not before: Mon 04 Mar 2024 14:10:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211318
IP address blocks: 45.10.56.0/24 maxlen: 24
2a07:4a00::/29 maxlen: 29
2a0a:37c0::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0b:a280::/29 maxlen: 29
2a0b:a300::/29 maxlen: 29
2a0c:7440::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a0d:2cc0::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a0f:1180::/29 maxlen: 29
2a0f:2380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:09:cc:d0:01:b6:64:d0:6f:23:28:b5:12:a6:b2:06:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Mar 4 14:10:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee14fd31b7324b37d4b75cda60c710c50edf5732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:50:a6:9f:32:bf:51:ec:ee:5c:e0:33:87:7c:
0e:e6:88:d9:a1:0a:12:64:77:8d:bb:00:5b:87:ef:
71:b1:e3:d0:fa:c2:6e:ee:e5:12:5e:38:b8:57:b6:
d3:7d:58:d2:50:53:63:b6:7e:cd:37:3d:e4:f0:f7:
68:40:34:a3:6a:a1:e3:0d:65:22:ce:f0:ce:cd:a9:
39:c7:f1:77:37:2d:61:df:bb:b7:32:19:cf:e2:da:
92:fb:21:2b:3f:db:0d:18:8d:14:68:f3:bb:89:35:
2e:03:83:9a:f6:cd:28:18:5d:32:09:b3:3b:02:bd:
e7:4d:41:78:ec:48:16:e7:25:55:0a:d3:ff:fa:b2:
80:b9:4b:1b:87:cb:b4:11:b1:45:5d:51:91:0d:b3:
41:c7:70:3b:81:7b:05:8b:a6:d6:47:76:47:33:17:
b7:af:bf:53:f0:5d:cd:19:a4:2e:a2:53:51:0d:23:
f5:ba:01:f1:77:f2:b6:56:d0:19:e9:97:46:92:b9:
98:3c:e7:e9:14:89:8f:26:b1:8c:05:22:8d:52:c2:
aa:1d:4d:33:27:af:98:0f:7f:7c:5d:26:df:cc:f6:
08:fb:82:76:89:4f:b6:53:78:0d:bc:62:98:46:78:
d5:15:6d:b3:da:2a:7d:19:23:d7:3c:5e:a8:08:e8:
76:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:14:FD:31:B7:32:4B:37:D4:B7:5C:DA:60:C7:10:C5:0E:DF:57:32
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/7hT9MbcySzfUt1zaYMcQxQ7fVzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.56.0/24
IPv6:
2a07:4a00::/29
2a0a:37c0::/29
2a0b:9800::/29
2a0b:a280::/29
2a0b:a300::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:2cc0::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
Signature Algorithm: sha256WithRSAEncryption
4f:f3:13:9c:6b:b1:15:31:64:25:5d:0d:6d:df:ae:dc:c1:ef:
fe:a0:61:dd:90:6c:c4:8d:7a:8c:90:cf:d1:07:1d:ad:56:13:
7f:da:76:6a:00:27:9a:0e:4a:f2:83:77:b0:d5:9f:5f:30:75:
5a:67:01:52:ed:ae:79:98:00:4d:79:9d:9e:20:a8:17:99:88:
b7:e9:93:60:35:40:34:b1:46:d9:23:c7:3a:11:15:64:2e:a9:
72:09:9a:1b:0b:88:a8:5c:b5:fd:b5:ff:c3:e4:83:0e:27:b7:
92:ea:b3:82:d5:20:76:7f:37:35:18:4a:6a:6a:08:2f:e5:48:
bc:df:50:e6:0f:56:cc:db:32:3e:03:cb:ec:f8:d0:8e:49:10:
18:a0:fc:6f:21:d4:f8:e0:f5:86:2f:f6:6e:8c:18:55:61:d7:
39:37:81:06:62:8e:35:f5:db:ab:fa:a5:bf:bb:1c:fa:66:4d:
a0:af:32:01:cc:52:28:5a:d9:fa:23:d7:16:03:85:5d:5c:50:
cc:df:91:01:0f:ab:57:9d:71:72:38:58:96:af:6c:f3:f2:04:
70:20:5c:1f:f1:d9:bb:89:db:2a:1d:9d:e3:c1:b7:78:26:b7:
6a:dd:23:3b:6b:6c:af:6a:c5:4e:ee:37:3f:e4:58:29:25:4f:
31:97:6f:10
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY4JzNABtmTQbyMotRKmsgbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwMzA0MTQxMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE0ZmQzMWI3MzI0YjM3ZDRiNzVjZGE2MGM3MTBjNTBlZGY1NzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVCmnzK/UezuXOAzh3wO5ojZoQoS
ZHeNuwBbh+9xsePQ+sJu7uUSXji4V7bTfVjSUFNjtn7NNz3k8PdoQDSjaqHjDWUi
zvDOzak5x/F3Ny1h37u3MhnP4tqS+yErP9sNGI0UaPO7iTUuA4Oa9s0oGF0yCbM7
Ar3nTUF47EgW5yVVCtP/+rKAuUsbh8u0EbFFXVGRDbNBx3A7gXsFi6bWR3ZHMxe3
r79T8F3NGaQuolNRDSP1ugHxd/K2VtAZ6ZdGkrmYPOfpFImPJrGMBSKNUsKqHU0z
J6+YD398XSbfzPYI+4J2iU+2U3gNvGKYRnjVFW2z2ip9GSPXPF6oCOh2mwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFO4U/TG3Mks31Ldc2mDHEMUO31cyMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvN2hUOU1iY3lTemZVdDF6YVlNY1F4UTdmVnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajAMBAIAATAGAwQALQo4MFoE
AgACMFQDBQMqB0oAAwUDKgo3wAMFAyoLmAADBQMqC6KAAwUDKgujAAMFAyoMdEAD
BQMqDHTAAwUDKgx1QAMFAyoNLMADBQMqDYjAAwUDKg8RgAMFAyoPI4AwDQYJKoZI
hvcNAQELBQADggEBAE/zE5xrsRUxZCVdDW3frtzB7/6gYd2QbMSNeoyQz9EHHa1W
E3/admoAJ5oOSvKDd7DVn18wdVpnAVLtrnmYAE15nZ4gqBeZiLfpk2A1QDSxRtkj
xzoRFWQuqXIJmhsLiKhctf21/8Pkgw4nt5Lqs4LVIHZ/NzUYSmpqCC/lSLzfUOYP
VszbMj4Dy+z40I5JEBig/G8h1Pjg9YYv9m6MGFVh1zk3gQZijjX126v6pb+7HPpm
TaCvMgHMUiha2foj1xYDhV1cUMzfkQEPq1edcXI4WJavbPPyBHAgXB/x2buJ2yod
nePBt3gmt2rdIztrbK9qxU7uNz/kWCklTzGXbxA=
-----END CERTIFICATE-----
Generated at Thu May 9 20:44:14 2024 by rpki-client on console-ams.rpki-client.org