Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/bLXdN6bbCn_Cur7QGqpqsA2YunU.roa
File: bLXdN6bbCn_Cur7QGqpqsA2YunU.roa (raw, json)
Hash identifier: PYo3xfxjHEWKQpmIkgchQppi68dGWboW7h/udyEnR5o=
Subject key identifier: 6C:B5:DD:37:A6:DB:0A:7F:C2:BA:BE:D0:1A:AA:6A:B0:0D:98:BA:75
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018D6BBE41102DEA5D378F8DB5494CAE0195
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/bLXdN6bbCn_Cur7QGqpqsA2YunU.roa
Signing time: Fri 02 Feb 2024 21:34:06 +0000
ROA not before: Fri 02 Feb 2024 21:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400696
IP address blocks: 45.8.26.0/24 maxlen: 24
2a10:5e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 11:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6b:be:41:10:2d:ea:5d:37:8f:8d:b5:49:4c:ae:01:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Feb 2 21:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cb5dd37a6db0a7fc2babed01aaa6ab00d98ba75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ef:27:53:41:fb:80:3d:73:52:d4:ba:ce:e7:
12:8b:14:05:e4:86:2a:23:07:f8:60:18:e0:ce:9f:
ce:0b:7a:f1:87:dc:e9:20:96:5a:98:a7:f5:70:ab:
53:d5:09:13:4b:04:4b:86:23:2c:5f:ef:61:4e:f7:
1f:0a:af:42:f9:64:c0:ed:eb:9e:72:39:09:26:15:
f9:33:3c:94:8c:4c:50:96:41:85:60:9c:bf:4c:e8:
3f:5f:d2:34:a6:8f:f7:44:87:bd:b2:95:d6:95:76:
be:13:55:48:ee:79:13:4c:e3:4f:d2:5a:c0:42:e1:
b8:53:26:da:47:cc:2c:60:38:97:82:23:33:80:af:
2e:f7:94:de:b3:67:c1:f2:42:ed:30:ef:ad:5d:a4:
b2:3d:9f:e6:79:f2:91:78:e0:c2:64:f8:62:b5:71:
3c:72:97:32:09:bc:c3:68:e7:71:26:66:14:0c:a0:
e2:07:d8:64:10:af:94:93:96:3c:12:77:30:c4:c2:
7f:5a:81:cf:57:64:dc:f8:2c:5d:79:da:4c:8a:2e:
dd:44:f0:c3:d7:a3:86:07:69:cd:8a:7b:54:1d:f6:
a6:c4:42:ba:5d:64:75:00:8e:8b:b3:14:c4:89:4b:
e7:72:3b:65:48:48:31:a7:76:15:d7:18:ac:31:60:
a4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B5:DD:37:A6:DB:0A:7F:C2:BA:BE:D0:1A:AA:6A:B0:0D:98:BA:75
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/bLXdN6bbCn_Cur7QGqpqsA2YunU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.26.0/24
IPv6:
2a10:5e80::/32
Signature Algorithm: sha256WithRSAEncryption
45:c4:42:56:8e:39:14:80:bb:d0:82:69:72:22:a3:84:03:c1:
0c:94:ce:59:31:04:c1:2d:18:b3:bd:88:c2:27:88:11:ff:a1:
03:03:2f:5d:a2:11:e8:11:e7:5f:23:ba:14:e4:11:10:82:d8:
1d:f4:17:7c:ef:41:ec:06:76:a0:2d:93:89:71:ac:fe:71:b8:
a3:76:21:43:ae:c8:df:5d:3d:d5:5a:2c:16:f8:fa:6e:83:92:
c7:6a:26:03:9c:cf:ed:a4:6c:16:d6:5a:f0:b0:23:16:0f:43:
c5:8c:16:f7:7c:38:68:8c:74:a9:0c:50:f4:66:51:d1:90:c8:
f3:02:7a:8a:ea:99:d8:90:05:f4:f4:ec:ec:9c:a8:b6:11:35:
c1:2f:a4:3d:b5:c2:ae:0a:73:8e:01:fb:62:7d:58:b3:3b:63:
62:e5:03:76:65:79:c4:a0:37:a3:8e:98:93:a5:07:22:9c:81:
ed:f5:81:19:16:94:21:bf:96:8e:ca:fc:01:94:ef:ea:c6:17:
49:cf:8b:58:cd:1f:c5:85:68:8d:7a:f5:b8:b8:4a:2f:b8:35:
b9:89:30:43:17:17:4a:15:15:c5:51:37:7a:fd:29:32:1a:16:
6b:44:60:8e:f3:3e:91:da:4d:81:a0:11:ac:72:f4:f5:9f:e0:
48:26:a9:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1rvkEQLepdN4+NtUlMrgGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwMjAyMjEzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2I1ZGQzN2E2ZGIwYTdmYzJiYWJlZDAxYWFhNmFiMDBkOThiYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+8nU0H7gD1zUtS6zucSixQF5IYq
Iwf4YBjgzp/OC3rxh9zpIJZamKf1cKtT1QkTSwRLhiMsX+9hTvcfCq9C+WTA7eue
cjkJJhX5MzyUjExQlkGFYJy/TOg/X9I0po/3RIe9spXWlXa+E1VI7nkTTONP0lrA
QuG4UybaR8wsYDiXgiMzgK8u95Tes2fB8kLtMO+tXaSyPZ/mefKReODCZPhitXE8
cpcyCbzDaOdxJmYUDKDiB9hkEK+Uk5Y8EncwxMJ/WoHPV2Tc+CxdedpMii7dRPDD
16OGB2nNintUHfamxEK6XWR1AI6LsxTEiUvncjtlSEgxp3YV1xisMWCkwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGy13Tem2wp/wrq+0BqqarANmLp1MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvYkxYZE42YmJDbl9DdXI3UUdxcHFzQTJZdW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQgaMA0E
AgACMAcDBQAqEF6AMA0GCSqGSIb3DQEBCwUAA4IBAQBFxEJWjjkUgLvQgmlyIqOE
A8EMlM5ZMQTBLRizvYjCJ4gR/6EDAy9dohHoEedfI7oU5BEQgtgd9Bd870HsBnag
LZOJcaz+cbijdiFDrsjfXT3VWiwW+Ppug5LHaiYDnM/tpGwW1lrwsCMWD0PFjBb3
fDhojHSpDFD0ZlHRkMjzAnqK6pnYkAX09OzsnKi2ETXBL6Q9tcKuCnOOAftifViz
O2Ni5QN2ZXnEoDejjpiTpQcinIHt9YEZFpQhv5aOyvwBlO/qxhdJz4tYzR/FhWiN
evW4uEovuDW5iTBDFxdKFRXFUTd6/SkyGhZrRGCO8z6R2k2BoBGscvT1n+BIJql7
-----END CERTIFICATE-----
Generated at Sun May 5 19:04:50 2024 by rpki-client on console-fra.rpki-client.org