Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/7g63JuL9uHmXcL4qOG1F3EqOMxw.roa
File: 7g63JuL9uHmXcL4qOG1F3EqOMxw.roa (raw, json)
Hash identifier: CgqnxpznS3GTrXtyLzgoMUjTwKd7awAtMPLPSWi60Cs=
Subject key identifier: EE:0E:B7:26:E2:FD:B8:79:97:70:BE:2A:38:6D:45:DC:4A:8E:33:1C
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018CC7948AD4E808F96601A1DD2B30E874C8
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/7g63JuL9uHmXcL4qOG1F3EqOMxw.roa
Signing time: Tue 02 Jan 2024 00:30:50 +0000
ROA not before: Tue 02 Jan 2024 00:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31122
IP address blocks: 45.88.184.0/23 maxlen: 24
45.153.200.0/22 maxlen: 24
45.93.150.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:8a:d4:e8:08:f9:66:01:a1:dd:2b:30:e8:74:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 2 00:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee0eb726e2fdb8799770be2a386d45dc4a8e331c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b4:54:da:f5:85:c0:e4:e1:48:11:64:29:70:
7a:31:79:65:41:86:0a:3b:b2:24:12:c2:90:b4:f7:
63:9d:1e:d1:bf:c3:c9:89:29:e3:ec:6c:9d:31:bc:
8c:6f:46:41:97:05:61:ef:b1:2e:aa:7a:73:08:8e:
38:77:e1:44:19:03:ca:16:71:cf:58:7b:14:b1:68:
a5:08:b4:65:18:21:22:cb:b4:76:07:e5:f8:d8:04:
8c:a0:71:20:c3:0f:fa:b1:d5:da:c4:ee:cd:32:5e:
cf:ee:fc:19:75:e9:61:9d:ce:e9:b0:21:0c:81:85:
f4:49:9b:2b:78:c1:66:fa:f3:e4:11:ed:df:23:fd:
3a:3d:32:fd:8d:7a:fe:3b:6b:00:96:f6:38:ad:bd:
fc:d9:7c:14:77:e2:45:e0:34:e9:6d:e8:0f:58:d4:
38:c7:b6:1b:a8:06:2b:70:88:ce:63:ff:23:b4:89:
68:45:c6:59:2b:ab:c9:4e:d2:0d:21:d4:e3:35:ef:
b9:4f:8b:c3:cd:28:8e:f6:32:14:8c:48:e0:10:cf:
a8:2d:78:b7:b0:ca:a1:e8:f4:1c:cc:7e:49:cf:b9:
0a:43:7b:87:5c:70:a6:04:78:58:c4:c2:70:99:50:
f7:42:41:4b:24:16:e8:9b:88:d8:a8:b5:6e:90:f0:
a1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:0E:B7:26:E2:FD:B8:79:97:70:BE:2A:38:6D:45:DC:4A:8E:33:1C
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/7g63JuL9uHmXcL4qOG1F3EqOMxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.184.0/23
45.93.150.0/23
45.153.200.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:29:a6:d4:bf:4c:c5:e0:1a:7b:ac:9d:23:d4:39:67:09:f8:
0d:07:b6:fa:78:bd:1f:f2:2f:35:eb:d3:96:03:8d:41:1a:7e:
54:88:4d:b7:eb:d1:62:d6:bf:0d:04:6f:d7:e7:68:24:3d:c9:
29:79:61:f4:2c:fd:6a:ec:81:6f:7d:cc:e8:28:6e:1a:29:e8:
90:29:be:e3:81:64:61:ac:0c:6f:02:ac:c3:40:af:f5:fe:ac:
83:14:a4:c8:b2:90:13:e4:58:c3:e0:60:8f:b5:c4:f3:e0:e3:
af:61:79:fb:21:e7:c6:1d:ee:82:0f:5d:74:1d:7a:bd:cd:41:
e2:dd:32:c2:88:20:d3:ca:53:53:70:ff:a7:2f:9d:65:57:6e:
39:8b:e2:e7:00:e5:73:30:e9:59:c2:3e:63:ef:95:15:ee:47:
6a:aa:0b:1d:90:71:2b:8c:5d:82:b1:8b:8c:6b:3d:b9:90:83:
92:2b:fc:d4:04:d1:20:d3:2d:6e:39:df:53:fa:cd:87:de:73:
b3:47:59:8d:24:fc:db:45:fb:28:2a:32:b5:ff:ef:0e:e1:2d:
4d:11:99:a6:8a:72:a3:f1:93:fd:a9:bc:9c:59:d8:7f:ac:15:
2a:12:2b:3f:23:a6:9b:f1:28:0a:02:15:e6:9f:9e:10:22:5d:
04:b2:d1:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlIrU6Aj5ZgGh3Ssw6HTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwMTAyMDAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTBlYjcyNmUyZmRiODc5OTc3MGJlMmEzODZkNDVkYzRhOGUzMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrRU2vWFwOThSBFkKXB6MXllQYYK
O7IkEsKQtPdjnR7Rv8PJiSnj7GydMbyMb0ZBlwVh77EuqnpzCI44d+FEGQPKFnHP
WHsUsWilCLRlGCEiy7R2B+X42ASMoHEgww/6sdXaxO7NMl7P7vwZdelhnc7psCEM
gYX0SZsreMFm+vPkEe3fI/06PTL9jXr+O2sAlvY4rb382XwUd+JF4DTpbegPWNQ4
x7YbqAYrcIjOY/8jtIloRcZZK6vJTtINIdTjNe+5T4vDzSiO9jIUjEjgEM+oLXi3
sMqh6PQczH5Jz7kKQ3uHXHCmBHhYxMJwmVD3QkFLJBbom4jYqLVukPCh/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO4Otybi/bh5l3C+KjhtRdxKjjMcMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvN2c2M0p1TDl1SG1YY0w0cU9HMUYzRXFPTXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVi4AwQB
LV2WAwQCLZnIMA0GCSqGSIb3DQEBCwUAA4IBAQCkKabUv0zF4Bp7rJ0j1DlnCfgN
B7b6eL0f8i8169OWA41BGn5UiE2369Fi1r8NBG/X52gkPckpeWH0LP1q7IFvfczo
KG4aKeiQKb7jgWRhrAxvAqzDQK/1/qyDFKTIspAT5FjD4GCPtcTz4OOvYXn7IefG
He6CD110HXq9zUHi3TLCiCDTylNTcP+nL51lV245i+LnAOVzMOlZwj5j75UV7kdq
qgsdkHErjF2CsYuMaz25kIOSK/zUBNEg0y1uOd9T+s2H3nOzR1mNJPzbRfsoKjK1
/+8O4S1NEZmminKj8ZP9qbycWdh/rBUqEis/I6ab8SgKAhXmn54QIl0EstHi
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:26:45 2024 by rpki-client on console-ams.rpki-client.org