Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/15afe5-42b3-4ce6-9d9d-87c3368cb3fa/1/2kGGUyup1BQauD1cNvNMeXHGDQ8.roa
File: 2kGGUyup1BQauD1cNvNMeXHGDQ8.roa (raw, json)
Hash identifier: EkLnpf6TXt7V28SLKvEJDz/oi9kZ70p3mkXOtdBCo9Y=
Subject key identifier: DA:41:86:53:2B:A9:D4:14:1A:B8:3D:5C:36:F3:4C:79:71:C6:0D:0F
Certificate issuer: /CN=b5745bb8ef0088cb519a4095d651719ef51ee354
Certificate serial: 018CC8DF37F0F54D2B6094FA7CB295D08179
Authority key identifier: B5:74:5B:B8:EF:00:88:CB:51:9A:40:95:D6:51:71:9E:F5:1E:E3:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tXRbuO8AiMtRmkCV1lFxnvUe41Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/15afe5-42b3-4ce6-9d9d-87c3368cb3fa/1/2kGGUyup1BQauD1cNvNMeXHGDQ8.roa
Signing time: Tue 02 Jan 2024 06:32:01 +0000
ROA not before: Tue 02 Jan 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48437
IP address blocks: 45.14.28.0/22 maxlen: 22
195.22.140.0/23 maxlen: 23
185.175.244.0/22 maxlen: 22
91.200.8.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/15afe5-42b3-4ce6-9d9d-87c3368cb3fa/1/tXRbuO8AiMtRmkCV1lFxnvUe41Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/15afe5-42b3-4ce6-9d9d-87c3368cb3fa/1/tXRbuO8AiMtRmkCV1lFxnvUe41Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/tXRbuO8AiMtRmkCV1lFxnvUe41Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:37:f0:f5:4d:2b:60:94:fa:7c:b2:95:d0:81:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5745bb8ef0088cb519a4095d651719ef51ee354
Validity
Not Before: Jan 2 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da4186532ba9d4141ab83d5c36f34c7971c60d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:4b:fd:d9:58:1a:f8:4b:fc:0b:c1:f3:94:
da:42:b3:71:b7:05:88:a3:00:6e:04:97:22:72:d6:
d3:f2:86:bf:ca:58:84:84:6f:24:d2:1d:2f:f0:9f:
6a:40:42:a5:86:02:36:67:d7:40:a3:7a:a0:5e:67:
0c:14:ef:5c:0e:f3:8b:f0:8e:b3:97:fe:c4:87:80:
97:00:a2:53:0f:fd:42:c6:c2:36:76:ce:74:19:f7:
45:bd:68:c4:5e:67:d4:8a:b6:be:2f:05:ed:e2:ec:
89:0b:1f:64:6a:97:ef:3b:85:ad:c6:b2:ba:39:6c:
aa:b8:09:34:7e:b5:fd:09:7c:30:46:02:0a:e9:f7:
b4:53:d0:a6:83:ae:32:0e:d8:db:0a:80:5a:63:61:
e8:b8:44:bf:6b:65:40:2f:e6:de:56:05:db:35:74:
4a:31:ca:dd:9e:86:8c:a5:c5:88:1f:30:db:90:bb:
ee:8a:cc:93:d0:2b:dc:23:22:c0:78:59:e7:f2:f8:
7e:a8:fe:d0:ff:cf:9e:24:bb:95:ed:61:5e:f3:f3:
45:27:9c:7c:19:bc:f7:72:60:6d:73:67:ec:dd:a4:
83:c3:8e:ee:ad:7a:d8:c0:c7:2a:a2:b7:69:a6:88:
af:0d:8a:64:e5:42:44:66:a9:ab:0e:b7:68:63:24:
e2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:41:86:53:2B:A9:D4:14:1A:B8:3D:5C:36:F3:4C:79:71:C6:0D:0F
X509v3 Authority Key Identifier:
keyid:B5:74:5B:B8:EF:00:88:CB:51:9A:40:95:D6:51:71:9E:F5:1E:E3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tXRbuO8AiMtRmkCV1lFxnvUe41Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/15afe5-42b3-4ce6-9d9d-87c3368cb3fa/1/2kGGUyup1BQauD1cNvNMeXHGDQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/15afe5-42b3-4ce6-9d9d-87c3368cb3fa/1/tXRbuO8AiMtRmkCV1lFxnvUe41Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.28.0/22
91.200.8.0/22
185.175.244.0/22
195.22.140.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:cc:e6:75:87:93:fd:14:03:b2:3e:5a:ca:57:fd:18:8b:00:
48:fe:97:5f:f1:bf:9b:52:9b:22:ea:8e:4e:82:98:ee:34:a2:
1a:c5:80:9e:9b:55:5f:e8:02:8d:22:81:a0:e6:d9:e8:b6:91:
1a:54:96:63:79:46:0d:d9:c7:ec:08:d1:64:d0:0b:2e:43:94:
d1:93:a5:a6:3c:f5:33:62:25:4d:8a:47:b5:4a:72:ef:3a:b8:
50:1a:53:16:08:d2:37:ae:b8:76:57:d7:ff:27:6f:9b:9b:e6:
4c:eb:87:dd:db:e6:16:68:b5:4c:67:b6:43:0c:3f:d5:39:58:
d4:39:c9:75:17:e5:da:f0:a7:62:1d:5b:0c:5d:86:58:64:22:
79:bc:f8:ea:06:c4:fc:4e:f4:64:71:e5:2b:9f:a1:d2:55:e9:
e2:82:9e:e5:ec:99:38:f5:7f:c7:1f:00:18:88:a3:e5:23:2a:
28:4d:1d:75:f2:ed:b5:69:e8:d4:20:05:30:17:3b:a9:ff:f6:
a4:95:e7:84:bf:a6:4b:6e:f6:66:67:63:90:66:ae:6b:d4:f6:
5c:14:32:a7:a5:4f:a3:e9:cb:fe:21:ff:b9:50:08:25:77:07:
19:ee:8e:a7:c3:8b:fc:e7:a5:d2:a2:13:71:7e:3a:9e:24:c7:
37:95:65:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3zfw9U0rYJT6fLKV0IF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NzQ1YmI4ZWYwMDg4Y2I1MTlhNDA5NWQ2NTE3MTllZjUx
ZWUzNTQwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQxODY1MzJiYTlkNDE0MWFiODNkNWMzNmYzNGM3OTcxYzYwZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/RL/dlYGvhL/AvB85TaQrNxtwWI
owBuBJcictbT8oa/yliEhG8k0h0v8J9qQEKlhgI2Z9dAo3qgXmcMFO9cDvOL8I6z
l/7Eh4CXAKJTD/1CxsI2ds50GfdFvWjEXmfUira+LwXt4uyJCx9kapfvO4WtxrK6
OWyquAk0frX9CXwwRgIK6fe0U9Cmg64yDtjbCoBaY2HouES/a2VAL+beVgXbNXRK
McrdnoaMpcWIHzDbkLvuisyT0CvcIyLAeFnn8vh+qP7Q/8+eJLuV7WFe8/NFJ5x8
Gbz3cmBtc2fs3aSDw47urXrYwMcqordppoivDYpk5UJEZqmrDrdoYyTidwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNpBhlMrqdQUGrg9XDbzTHlxxg0PMB8GA1UdIwQY
MBaAFLV0W7jvAIjLUZpAldZRcZ71HuNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFhSYnVPOEFpTXRSbWtDVjFsRnhudlVlNDFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8xNWFmZTUtNDJiMy00Y2U2LTlkOWQt
ODdjMzM2OGNiM2ZhLzEvMmtHR1V5dXAxQlFhdUQxY052Tk1lWEhHRFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8xNWFmZTUtNDJiMy00Y2U2LTlkOWQtODdjMzM2OGNiM2Zh
LzEvdFhSYnVPOEFpTXRSbWtDVjFsRnhudlVlNDFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLQ4cAwQC
W8gIAwQCua/0AwQBwxaMMA0GCSqGSIb3DQEBCwUAA4IBAQBOzOZ1h5P9FAOyPlrK
V/0YiwBI/pdf8b+bUpsi6o5OgpjuNKIaxYCem1Vf6AKNIoGg5tnotpEaVJZjeUYN
2cfsCNFk0AsuQ5TRk6WmPPUzYiVNike1SnLvOrhQGlMWCNI3rrh2V9f/J2+bm+ZM
64fd2+YWaLVMZ7ZDDD/VOVjUOcl1F+Xa8KdiHVsMXYZYZCJ5vPjqBsT8TvRkceUr
n6HSVenigp7l7Jk49X/HHwAYiKPlIyooTR118u21aejUIAUwFzup//akleeEv6ZL
bvZmZ2OQZq5r1PZcFDKnpU+j6cv+If+5UAgldwcZ7o6nw4v856XSohNxfjqeJMc3
lWXp
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:03:22 2024 by rpki-client on console-fra.rpki-client.org