Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/tKNUM5qYHnLmUR_Pemx-ThQw-tA.roa
File: tKNUM5qYHnLmUR_Pemx-ThQw-tA.roa (raw, json)
Hash identifier: PvbyW/VbJHhyrOY57u29lJ/JOLB46v3gw1/XUwhCPkg=
Subject key identifier: B4:A3:54:33:9A:98:1E:72:E6:51:1F:CF:7A:6C:7E:4E:14:30:FA:D0
Certificate issuer: /CN=5da5ac3bba260538c333e6c860f236012c98675d
Certificate serial: 018CC94CE3BDAA5679043C431CB9FA3AA482
Authority key identifier: 5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/tKNUM5qYHnLmUR_Pemx-ThQw-tA.roa
Signing time: Tue 02 Jan 2024 08:31:48 +0000
ROA not before: Tue 02 Jan 2024 08:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30081
IP address blocks: 45.88.132.0/22 maxlen: 24
2a07:9a40::/29 maxlen: 48
2a07:9a40:dca::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:e3:bd:aa:56:79:04:3c:43:1c:b9:fa:3a:a4:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da5ac3bba260538c333e6c860f236012c98675d
Validity
Not Before: Jan 2 08:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4a354339a981e72e6511fcf7a6c7e4e1430fad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ad:c1:77:67:2b:85:df:ba:18:1e:6c:ac:18:
26:bd:83:26:44:47:23:eb:5d:0f:6d:30:03:26:5c:
49:4b:0e:5f:49:7b:7f:5d:af:7b:64:91:df:8e:70:
8c:95:ad:fb:24:ee:b5:5d:d9:8e:7c:c2:26:d5:51:
a7:b6:b3:a2:03:e9:c3:4d:4d:54:4f:90:78:6f:1a:
3a:67:ab:80:72:4c:65:44:cf:4b:de:9e:48:9f:b8:
95:9b:76:76:a3:00:d1:e7:e3:32:19:bc:e0:41:de:
7c:cd:dd:99:ee:64:fd:d1:40:4e:09:9f:15:98:b7:
a7:39:ee:6b:f7:e8:25:a4:b1:69:1b:b8:b3:c7:e0:
c2:5d:87:70:5f:1d:a9:09:e8:09:d5:fe:12:9a:db:
b0:a6:13:9a:1e:4d:9d:0a:16:f8:0f:86:63:be:a7:
e9:5f:a5:ac:22:2b:32:91:bc:e0:d2:f9:db:9a:0b:
a6:3f:a0:80:2e:e9:ff:3d:c6:19:42:56:43:4b:b7:
19:61:10:66:1a:0e:86:ab:8c:dc:f5:75:b1:52:09:
0f:fc:c7:5b:80:54:74:b6:64:35:85:3e:4d:7d:2c:
b0:f0:b6:f7:62:d4:f0:71:e1:a1:4f:8c:19:e5:b1:
49:07:a3:d0:bc:e3:19:13:84:c9:71:08:79:09:c1:
0a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A3:54:33:9A:98:1E:72:E6:51:1F:CF:7A:6C:7E:4E:14:30:FA:D0
X509v3 Authority Key Identifier:
keyid:5D:A5:AC:3B:BA:26:05:38:C3:33:E6:C8:60:F2:36:01:2C:98:67:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaWsO7omBTjDM-bIYPI2ASyYZ10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/tKNUM5qYHnLmUR_Pemx-ThQw-tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/dafef8-e227-42d3-807f-be810a050944/1/XaWsO7omBTjDM-bIYPI2ASyYZ10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.132.0/22
IPv6:
2a07:9a40::/29
Signature Algorithm: sha256WithRSAEncryption
b0:20:64:a2:2d:45:6d:95:df:66:a5:e4:25:9d:14:77:20:d9:
ce:44:03:c6:e5:77:fc:5c:57:7e:38:12:2a:83:b7:e3:d2:bf:
64:c1:e2:4c:20:ef:1d:d9:78:82:ac:96:36:d3:60:6b:7d:77:
45:57:1a:0b:f2:26:48:a9:89:d2:f4:c2:6f:64:e1:e9:5d:ce:
39:73:7f:4f:34:2a:65:e8:dd:21:4c:6f:45:0d:de:71:2c:91:
a3:5f:56:67:99:a4:ad:49:bc:eb:6d:fc:7e:c1:48:9c:ed:dc:
ec:8c:98:1a:4f:c1:4e:05:45:b9:77:1f:2f:c0:0d:f5:c9:a9:
49:ad:7a:b0:10:6f:d9:e1:ce:c8:56:62:e4:0a:02:18:08:d8:
10:52:fc:9d:65:71:1b:d5:0f:fa:30:55:c9:ab:17:bd:7e:ae:
03:d4:7c:60:7b:90:db:d5:bb:a9:f5:77:30:28:c3:22:ee:67:
c6:41:2a:eb:98:2c:ce:94:f7:61:45:2b:c8:2d:b3:5c:45:1e:
38:b0:45:aa:4c:35:62:de:45:42:02:6e:e5:77:62:90:98:76:
df:7b:fa:27:6f:69:56:1c:39:24:51:30:f8:86:c9:e1:c6:6e:
54:d0:0d:aa:7e:b5:01:55:60:87:1a:95:8f:7e:b6:43:a9:2f:
bb:a0:5c:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTOO9qlZ5BDxDHLn6OqSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTVhYzNiYmEyNjA1MzhjMzMzZTZjODYwZjIzNjAxMmM5
ODY3NWQwHhcNMjQwMTAyMDgzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGEzNTQzMzlhOTgxZTcyZTY1MTFmY2Y3YTZjN2U0ZTE0MzBmYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj63Bd2crhd+6GB5srBgmvYMmREcj
610PbTADJlxJSw5fSXt/Xa97ZJHfjnCMla37JO61XdmOfMIm1VGntrOiA+nDTU1U
T5B4bxo6Z6uAckxlRM9L3p5In7iVm3Z2owDR5+MyGbzgQd58zd2Z7mT90UBOCZ8V
mLenOe5r9+glpLFpG7izx+DCXYdwXx2pCegJ1f4SmtuwphOaHk2dChb4D4Zjvqfp
X6WsIisykbzg0vnbmgumP6CALun/PcYZQlZDS7cZYRBmGg6Gq4zc9XWxUgkP/Mdb
gFR0tmQ1hT5NfSyw8Lb3YtTwceGhT4wZ5bFJB6PQvOMZE4TJcQh5CcEK/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLSjVDOamB5y5lEfz3psfk4UMPrQMB8GA1UdIwQY
MBaAFF2lrDu6JgU4wzPmyGDyNgEsmGddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2Yt
YmU4MTBhMDUwOTQ0LzEvdEtOVU01cVlIbkxtVVJfUGVteC1UaFF3LXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kYWZlZjgtZTIyNy00MmQzLTgwN2YtYmU4MTBhMDUwOTQ0
LzEvWGFXc083b21CVGpETS1iSVlQSTJBU3lZWjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLViEMA0E
AgACMAcDBQMqB5pAMA0GCSqGSIb3DQEBCwUAA4IBAQCwIGSiLUVtld9mpeQlnRR3
INnORAPG5Xf8XFd+OBIqg7fj0r9kweJMIO8d2XiCrJY202BrfXdFVxoL8iZIqYnS
9MJvZOHpXc45c39PNCpl6N0hTG9FDd5xLJGjX1ZnmaStSbzrbfx+wUic7dzsjJga
T8FOBUW5dx8vwA31yalJrXqwEG/Z4c7IVmLkCgIYCNgQUvydZXEb1Q/6MFXJqxe9
fq4D1Hxge5Db1bup9XcwKMMi7mfGQSrrmCzOlPdhRSvILbNcRR44sEWqTDVi3kVC
Am7ld2KQmHbfe/onb2lWHDkkUTD4hsnhxm5U0A2qfrUBVWCHGpWPfrZDqS+7oFzE
-----END CERTIFICATE-----
Generated at Tue Jun 4 14:36:40 2024 by rpki-client on console-ams.rpki-client.org