Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1EYYhC1YAcY-gOKqNoMuegsg82s.roa
File: 1EYYhC1YAcY-gOKqNoMuegsg82s.roa (raw, json)
Hash identifier: /ktSa3X/9fGyBK0GzLGTbzCCeI6s9kphP7KRH6tFcpA=
Subject key identifier: D4:46:18:84:2D:58:01:C6:3E:80:E2:AA:36:83:2E:7A:0B:20:F3:6B
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A77481929687C2E3910394F801A1D
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1EYYhC1YAcY-gOKqNoMuegsg82s.roa
Signing time: Tue 02 Jan 2024 12:33:49 +0000
ROA not before: Tue 02 Jan 2024 12:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209642
IP address blocks: 45.146.242.0/23 maxlen: 24
89.251.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:77:48:19:29:68:7c:2e:39:10:39:4f:80:1a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d44618842d5801c63e80e2aa36832e7a0b20f36b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fe:af:b6:bc:f4:a0:33:10:75:0f:09:38:4a:
4f:28:6f:af:3b:6b:57:f6:3f:ed:95:39:49:6d:54:
58:de:d3:9c:00:1e:b1:6c:70:68:67:ff:3c:3c:d9:
bb:be:f9:70:9c:15:d2:da:48:69:8a:49:37:0c:59:
05:8e:68:76:59:75:57:9e:9b:b6:07:d3:b1:e4:db:
b8:e7:cd:82:d3:46:27:20:b8:a2:84:ae:36:87:e6:
7e:34:bb:b1:0e:df:8c:69:75:48:ce:91:8e:f4:42:
fa:50:09:b4:d3:10:68:82:13:e6:f6:4a:03:95:9c:
5b:03:6d:8b:63:59:09:81:05:7b:42:ae:35:44:ed:
f7:02:1d:03:29:a6:11:25:d8:b5:03:2e:55:49:de:
88:db:44:a9:e9:fe:25:fb:08:0d:85:de:02:24:1f:
08:aa:2f:3b:0e:76:e3:87:3d:05:c1:f9:a4:9e:0e:
70:a4:d2:40:5b:4c:cd:1a:b5:31:b2:25:fd:be:8c:
2b:72:34:e0:0f:a1:39:de:8e:e2:00:ae:a7:e3:15:
16:79:ea:cb:3b:24:1d:fb:16:eb:31:1a:27:e8:79:
5b:82:6f:b1:4d:a6:1c:30:32:f7:d2:e8:50:0b:77:
89:dd:b3:dd:b9:a4:6a:60:1c:4f:a8:06:2e:3a:e5:
f5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:46:18:84:2D:58:01:C6:3E:80:E2:AA:36:83:2E:7A:0B:20:F3:6B
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1EYYhC1YAcY-gOKqNoMuegsg82s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.242.0/23
89.251.11.0/24
Signature Algorithm: sha256WithRSAEncryption
82:0e:8e:1b:83:b9:aa:8f:9a:9b:3e:86:21:02:a6:e6:81:42:
6b:01:58:cc:8e:47:6c:c0:5f:70:ec:52:f5:77:a0:1a:27:79:
6a:40:32:dc:90:42:0c:77:60:b5:41:7b:98:9a:b6:ee:ac:9f:
4f:ec:a4:c8:30:f6:8d:3a:6d:4f:7c:6d:a0:50:c4:ca:c6:c8:
5b:8c:1b:32:95:24:cd:a0:4f:fb:ba:56:9d:7f:26:67:b4:09:
5e:d8:cb:89:71:57:5d:9d:3b:e3:54:2f:a1:ee:45:74:0d:1a:
8a:49:6a:62:c9:15:3b:99:ed:b3:4a:f8:16:9e:52:b4:de:8d:
04:62:fb:85:46:4c:14:ef:0e:ad:b8:f7:5f:f8:87:1c:97:a6:
2d:df:11:11:f4:23:41:d2:35:8f:5a:1e:97:b2:3e:75:6a:a9:
f8:02:71:dd:40:04:4c:05:b2:17:c5:fb:d7:cb:80:54:ed:16:
3b:36:58:15:58:54:6a:71:f6:0c:27:7d:02:bf:1e:a5:c1:70:
0f:53:2e:f4:84:55:ca:52:7e:96:30:8f:f5:bb:94:94:36:84:
af:df:7f:2c:65:3e:4d:ec:e6:e1:c9:cd:67:0b:b5:58:af:5e:
55:d6:8b:c4:61:04:04:f3:b3:39:b5:7f:a7:69:95:2b:5e:b0:
a0:3b:83:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKndIGSlofC45EDlPgBodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQ2MTg4NDJkNTgwMWM2M2U4MGUyYWEzNjgzMmU3YTBiMjBmMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/6vtrz0oDMQdQ8JOEpPKG+vO2tX
9j/tlTlJbVRY3tOcAB6xbHBoZ/88PNm7vvlwnBXS2khpikk3DFkFjmh2WXVXnpu2
B9Ox5Nu4582C00YnILiihK42h+Z+NLuxDt+MaXVIzpGO9EL6UAm00xBoghPm9koD
lZxbA22LY1kJgQV7Qq41RO33Ah0DKaYRJdi1Ay5VSd6I20Sp6f4l+wgNhd4CJB8I
qi87Dnbjhz0Fwfmkng5wpNJAW0zNGrUxsiX9vowrcjTgD6E53o7iAK6n4xUWeerL
OyQd+xbrMRon6Hlbgm+xTaYcMDL30uhQC3eJ3bPduaRqYBxPqAYuOuX1jwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNRGGIQtWAHGPoDiqjaDLnoLIPNrMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMUVZWWhDMVlBY1ktZ09LcU5vTXVlZ3NnODJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZLyAwQA
WfsLMA0GCSqGSIb3DQEBCwUAA4IBAQCCDo4bg7mqj5qbPoYhAqbmgUJrAVjMjkds
wF9w7FL1d6AaJ3lqQDLckEIMd2C1QXuYmrburJ9P7KTIMPaNOm1PfG2gUMTKxshb
jBsylSTNoE/7uladfyZntAle2MuJcVddnTvjVC+h7kV0DRqKSWpiyRU7me2zSvgW
nlK03o0EYvuFRkwU7w6tuPdf+Iccl6Yt3xER9CNB0jWPWh6Xsj51aqn4AnHdQARM
BbIXxfvXy4BU7RY7NlgVWFRqcfYMJ30Cvx6lwXAPUy70hFXKUn6WMI/1u5SUNoSv
338sZT5N7Obhyc1nC7VYr15V1ovEYQQE87M5tX+naZUrXrCgO4Py
-----END CERTIFICATE-----
Generated at Mon May 6 09:48:00 2024 by rpki-client on console-fra.rpki-client.org