Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/XH8MwnrRriAgwi0t1qOmRFgJcFM.roa
File: XH8MwnrRriAgwi0t1qOmRFgJcFM.roa (raw, json)
Hash identifier: uceifxPtHcuJ0q8bUqyN45WPCASQILcRmI8LqzeVrw0=
Subject key identifier: 5C:7F:0C:C2:7A:D1:AE:20:20:C2:2D:2D:D6:A3:A6:44:58:09:70:53
Certificate issuer: /CN=bea6ca03a8c135ceeae232c937c1ee0bab87e782
Certificate serial: 018E19C3B97A07A40291D67C57F4E11A9F51
Authority key identifier: BE:A6:CA:03:A8:C1:35:CE:EA:E2:32:C9:37:C1:EE:0B:AB:87:E7:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqbKA6jBNc7q4jLJN8HuC6uH54I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/XH8MwnrRriAgwi0t1qOmRFgJcFM.roa
Signing time: Thu 07 Mar 2024 16:34:01 +0000
ROA not before: Thu 07 Mar 2024 16:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209055
IP address blocks: 45.8.40.0/22 maxlen: 22
45.8.40.0/24 maxlen: 24
45.8.41.0/24 maxlen: 24
45.8.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/vqbKA6jBNc7q4jLJN8HuC6uH54I.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/vqbKA6jBNc7q4jLJN8HuC6uH54I.mft
rsync://rpki.ripe.net/repository/DEFAULT/vqbKA6jBNc7q4jLJN8HuC6uH54I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:c3:b9:7a:07:a4:02:91:d6:7c:57:f4:e1:1a:9f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea6ca03a8c135ceeae232c937c1ee0bab87e782
Validity
Not Before: Mar 7 16:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c7f0cc27ad1ae2020c22d2dd6a3a64458097053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:79:f8:2b:8a:a2:76:7f:85:35:5a:30:ee:fc:
8a:82:0a:f8:a6:ff:cb:98:ed:d8:2e:fc:e2:fa:0d:
73:5f:5d:74:84:49:57:8c:44:a6:ee:14:3c:70:37:
22:5c:2a:84:d0:f4:f8:37:cf:2b:da:6d:f1:d1:5d:
02:30:dc:18:06:80:fa:90:bd:fd:0e:44:93:ec:a0:
d1:83:38:43:17:80:79:66:e2:0a:ef:a7:22:47:01:
bd:e8:9b:99:9e:c3:ad:89:87:e7:40:6c:d7:97:f2:
0c:57:58:93:71:dc:52:68:d9:58:df:ba:26:77:dc:
13:d0:93:d6:17:94:88:7f:1a:e4:6b:eb:5e:a5:54:
3a:73:e0:bd:64:17:81:01:20:3c:38:3e:ba:7e:08:
5c:ac:b0:c3:7e:e7:91:5d:39:6a:5b:1f:af:48:0a:
88:77:a6:47:f0:98:12:54:a2:a0:f0:05:a1:f2:0e:
c8:2a:90:0b:5f:45:f3:53:ef:2a:ce:2c:c6:b2:93:
da:b3:7a:0c:66:28:b6:01:ad:a5:20:c5:4d:2a:eb:
25:4b:c4:55:3f:b8:16:f9:56:18:a0:2a:41:7f:c4:
c0:9c:ad:9b:73:73:dd:87:a7:e8:5d:11:ee:9a:c9:
cb:bd:11:ec:12:bd:52:ab:fa:9c:0e:fa:af:61:87:
f6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7F:0C:C2:7A:D1:AE:20:20:C2:2D:2D:D6:A3:A6:44:58:09:70:53
X509v3 Authority Key Identifier:
keyid:BE:A6:CA:03:A8:C1:35:CE:EA:E2:32:C9:37:C1:EE:0B:AB:87:E7:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqbKA6jBNc7q4jLJN8HuC6uH54I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/XH8MwnrRriAgwi0t1qOmRFgJcFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/vqbKA6jBNc7q4jLJN8HuC6uH54I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.40.0/22
Signature Algorithm: sha256WithRSAEncryption
64:43:52:fe:34:cb:29:23:d4:b7:ef:fa:b5:3a:21:24:b1:66:
2a:c5:fb:77:50:99:a2:a6:c7:b6:cb:e6:45:f1:33:39:1c:3e:
39:7f:ff:65:66:9c:8e:54:12:1f:71:02:b9:db:b5:d2:44:11:
68:01:35:e4:7a:f2:1b:11:d6:f3:9e:7c:14:d6:e8:59:46:74:
7a:45:39:81:0b:ac:4f:d1:14:0c:b7:d5:66:96:2a:ef:83:5f:
47:b9:24:fe:90:b8:65:a8:4a:ad:bc:87:e4:6c:70:c4:18:c4:
97:46:47:05:32:e0:a8:de:8d:ac:27:e3:ca:db:cf:34:38:75:
41:cf:00:f6:d7:08:a8:ba:c7:91:6e:1a:fb:f5:d6:cf:b7:12:
fd:88:97:06:86:57:e5:13:0a:52:13:9a:a1:43:aa:f1:e8:fe:
9f:19:27:f8:62:56:3c:74:b2:19:65:40:1a:b2:64:90:02:9b:
e3:15:cc:ea:f6:06:82:d2:d4:60:5e:6f:42:89:ba:65:0f:b8:
5a:67:8c:24:8e:e2:ef:38:c5:93:85:af:45:02:2e:e0:75:6f:
b0:df:80:a4:f2:a9:8a:60:9c:ca:93:45:83:0b:b6:52:7b:7e:
c9:08:61:c7:df:d3:57:6c:68:e8:24:a3:e8:89:2b:2c:45:2c:
04:11:2a:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4Zw7l6B6QCkdZ8V/ThGp9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYTZjYTAzYThjMTM1Y2VlYWUyMzJjOTM3YzFlZTBiYWI4
N2U3ODIwHhcNMjQwMzA3MTYzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzdmMGNjMjdhZDFhZTIwMjBjMjJkMmRkNmEzYTY0NDU4MDk3MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnn4K4qidn+FNVow7vyKggr4pv/L
mO3YLvzi+g1zX110hElXjESm7hQ8cDciXCqE0PT4N88r2m3x0V0CMNwYBoD6kL39
DkST7KDRgzhDF4B5ZuIK76ciRwG96JuZnsOtiYfnQGzXl/IMV1iTcdxSaNlY37om
d9wT0JPWF5SIfxrka+tepVQ6c+C9ZBeBASA8OD66fghcrLDDfueRXTlqWx+vSAqI
d6ZH8JgSVKKg8AWh8g7IKpALX0XzU+8qzizGspPas3oMZii2Aa2lIMVNKuslS8RV
P7gW+VYYoCpBf8TAnK2bc3Pdh6foXRHumsnLvRHsEr1Sq/qcDvqvYYf2NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFx/DMJ60a4gIMItLdajpkRYCXBTMB8GA1UdIwQY
MBaAFL6mygOowTXO6uIyyTfB7gurh+eCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnFiS0E2akJOYzdxNGpMSk44SHVDNnVINTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iYzY1ZjYtMGMzYi00MDRlLWJmYWQt
OWZhNDIyOGMwMmVhLzEvWEg4TXduclJyaUFnd2kwdDFxT21SRmdKY0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iYzY1ZjYtMGMzYi00MDRlLWJmYWQtOWZhNDIyOGMwMmVh
LzEvdnFiS0E2akJOYzdxNGpMSk44SHVDNnVINTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQgoMA0G
CSqGSIb3DQEBCwUAA4IBAQBkQ1L+NMspI9S37/q1OiEksWYqxft3UJmipse2y+ZF
8TM5HD45f/9lZpyOVBIfcQK527XSRBFoATXkevIbEdbznnwU1uhZRnR6RTmBC6xP
0RQMt9Vmlirvg19HuST+kLhlqEqtvIfkbHDEGMSXRkcFMuCo3o2sJ+PK2880OHVB
zwD21wiouseRbhr79dbPtxL9iJcGhlflEwpSE5qhQ6rx6P6fGSf4YlY8dLIZZUAa
smSQApvjFczq9gaC0tRgXm9CibplD7haZ4wkjuLvOMWTha9FAi7gdW+w34Ck8qmK
YJzKk0WDC7ZSe37JCGHH39NXbGjoJKPoiSssRSwEESqG
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:15:32 2024 by rpki-client on console-fra.rpki-client.org