Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/03490c-ea47-402a-8bb0-d5658d0f3292/1/9l1IFGyI7hDV6Gft3Y9Oiqa0qoY.roa
File: 9l1IFGyI7hDV6Gft3Y9Oiqa0qoY.roa (raw, json)
Hash identifier: oYEXqJyD7+QimAjbpjPxjP2BJ1XTGZQPCuhvzszrMm8=
Subject key identifier: F6:5D:48:14:6C:88:EE:10:D5:E8:67:ED:DD:8F:4E:8A:A6:B4:AA:86
Certificate issuer: /CN=5d6317f6936e6b578b38c3dfb198025498fcaea1
Certificate serial: 018E15823F6734CE47F46B10F2FB3AFAB42E
Authority key identifier: 5D:63:17:F6:93:6E:6B:57:8B:38:C3:DF:B1:98:02:54:98:FC:AE:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XWMX9pNua1eLOMPfsZgCVJj8rqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/03490c-ea47-402a-8bb0-d5658d0f3292/1/9l1IFGyI7hDV6Gft3Y9Oiqa0qoY.roa
Signing time: Wed 06 Mar 2024 20:44:01 +0000
ROA not before: Wed 06 Mar 2024 20:44:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208659
IP address blocks: 45.81.92.0/22 maxlen: 22
45.81.92.0/24 maxlen: 24
45.81.93.0/24 maxlen: 24
45.81.94.0/24 maxlen: 24
45.81.95.0/24 maxlen: 24
2a0e:5480::/29 maxlen: 29
2a0e:5480::/30 maxlen: 30
2a0e:5484::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/03490c-ea47-402a-8bb0-d5658d0f3292/1/XWMX9pNua1eLOMPfsZgCVJj8rqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/03490c-ea47-402a-8bb0-d5658d0f3292/1/XWMX9pNua1eLOMPfsZgCVJj8rqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/XWMX9pNua1eLOMPfsZgCVJj8rqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 05:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:15:82:3f:67:34:ce:47:f4:6b:10:f2:fb:3a:fa:b4:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d6317f6936e6b578b38c3dfb198025498fcaea1
Validity
Not Before: Mar 6 20:44:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f65d48146c88ee10d5e867eddd8f4e8aa6b4aa86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:aa:d1:39:d5:25:2e:6c:85:ff:4c:a8:3e:8e:
65:0b:23:72:87:a5:14:ed:98:6f:23:3c:36:71:5f:
54:20:04:42:8b:29:7b:13:d6:aa:b2:72:07:38:98:
cb:30:2f:fd:55:bf:65:6f:fa:a2:ac:1a:a2:84:f2:
fd:81:c4:6d:76:cb:2e:47:e4:3b:97:2e:e2:9c:cb:
cd:d1:c8:79:e2:88:17:22:00:3e:e9:93:55:17:db:
76:5c:c8:f0:78:35:b7:d0:1a:d8:a9:9f:35:ad:e1:
d6:78:92:8a:7e:e2:dd:8d:54:c5:eb:be:7c:79:ed:
67:dd:3b:90:cc:f9:c0:31:f0:70:b0:d3:ee:4f:7f:
b4:34:fd:a0:45:65:34:5b:f3:d0:1c:27:bf:5f:99:
a5:88:c7:d1:fe:21:06:df:e2:25:f9:91:6b:f8:29:
0b:dd:4c:80:d4:35:71:8c:9c:83:6d:57:3a:64:92:
27:fe:d3:54:6c:0e:b8:6c:c2:b2:fa:39:ee:70:49:
7b:5b:32:ee:ed:ed:64:26:a0:63:74:c2:14:62:d8:
20:40:91:82:03:5b:31:83:2a:2c:57:4b:36:5a:6e:
22:f2:b2:f3:3e:01:37:89:59:29:fb:a8:04:b7:3e:
79:9c:d4:b5:a8:9a:09:30:ef:7a:f8:9c:99:d8:f8:
c4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5D:48:14:6C:88:EE:10:D5:E8:67:ED:DD:8F:4E:8A:A6:B4:AA:86
X509v3 Authority Key Identifier:
keyid:5D:63:17:F6:93:6E:6B:57:8B:38:C3:DF:B1:98:02:54:98:FC:AE:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWMX9pNua1eLOMPfsZgCVJj8rqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/03490c-ea47-402a-8bb0-d5658d0f3292/1/9l1IFGyI7hDV6Gft3Y9Oiqa0qoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/03490c-ea47-402a-8bb0-d5658d0f3292/1/XWMX9pNua1eLOMPfsZgCVJj8rqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.92.0/22
IPv6:
2a0e:5480::/29
Signature Algorithm: sha256WithRSAEncryption
8d:e0:64:a3:00:05:ce:fa:d3:f9:f4:03:e6:aa:ca:5c:6d:92:
f7:b5:26:fd:26:07:4f:29:db:38:ea:a0:8b:59:49:30:b9:4a:
62:0b:5b:20:25:6f:36:1a:65:c0:3b:04:2d:cf:87:23:90:a7:
10:95:5b:be:e4:83:11:25:4d:ef:3a:6a:f2:eb:5e:1f:81:64:
7a:4f:39:1f:55:f2:55:0a:00:25:5c:c7:69:c5:9e:61:06:2b:
94:2e:77:0c:55:72:23:a8:34:e7:dc:18:89:e1:eb:8a:04:3c:
ac:d4:2c:c2:e8:96:ff:6d:79:59:73:61:0a:b9:75:dc:8e:23:
67:56:fb:d3:ba:93:6c:f7:44:35:e6:37:38:6a:f2:66:a1:7e:
64:85:03:80:d0:1c:b0:10:4a:60:ce:d8:d1:df:f4:30:bb:52:
9d:18:f5:e2:b0:6d:a3:7c:6c:5d:ad:e4:e9:38:1d:50:80:09:
ea:15:66:75:49:c9:a4:9f:ef:dd:85:9d:ea:31:b6:b0:27:a2:
89:3e:0d:d3:62:c1:65:27:e0:b2:1c:c3:09:5c:31:20:03:67:
af:07:19:fa:b7:22:f3:d5:6f:9e:f1:8c:c3:85:a2:ad:30:bf:
6d:e8:1e:ec:e1:45:ab:db:2b:81:aa:7f:72:e8:ef:db:40:4d:
e1:91:c1:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4Vgj9nNM5H9GsQ8vs6+rQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNjMxN2Y2OTM2ZTZiNTc4YjM4YzNkZmIxOTgwMjU0OThm
Y2FlYTEwHhcNMjQwMzA2MjA0NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjVkNDgxNDZjODhlZTEwZDVlODY3ZWRkZDhmNGU4YWE2YjRhYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6rROdUlLmyF/0yoPo5lCyNyh6UU
7ZhvIzw2cV9UIARCiyl7E9aqsnIHOJjLMC/9Vb9lb/qirBqihPL9gcRtdssuR+Q7
ly7inMvN0ch54ogXIgA+6ZNVF9t2XMjweDW30BrYqZ81reHWeJKKfuLdjVTF6758
ee1n3TuQzPnAMfBwsNPuT3+0NP2gRWU0W/PQHCe/X5mliMfR/iEG3+Il+ZFr+CkL
3UyA1DVxjJyDbVc6ZJIn/tNUbA64bMKy+jnucEl7WzLu7e1kJqBjdMIUYtggQJGC
A1sxgyosV0s2Wm4i8rLzPgE3iVkp+6gEtz55nNS1qJoJMO96+JyZ2PjE0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPZdSBRsiO4Q1ehn7d2PToqmtKqGMB8GA1UdIwQY
MBaAFF1jF/aTbmtXizjD37GYAlSY/K6hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFdNWDlwTnVhMWVMT01QZnNaZ0NWSmo4cnFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wMzQ5MGMtZWE0Ny00MDJhLThiYjAt
ZDU2NThkMGYzMjkyLzEvOWwxSUZHeUk3aERWNkdmdDNZOU9pcWEwcW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wMzQ5MGMtZWE0Ny00MDJhLThiYjAtZDU2NThkMGYzMjky
LzEvWFdNWDlwTnVhMWVMT01QZnNaZ0NWSmo4cnFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVFcMA0E
AgACMAcDBQMqDlSAMA0GCSqGSIb3DQEBCwUAA4IBAQCN4GSjAAXO+tP59APmqspc
bZL3tSb9JgdPKds46qCLWUkwuUpiC1sgJW82GmXAOwQtz4cjkKcQlVu+5IMRJU3v
Omry614fgWR6TzkfVfJVCgAlXMdpxZ5hBiuULncMVXIjqDTn3BiJ4euKBDys1CzC
6Jb/bXlZc2EKuXXcjiNnVvvTupNs90Q15jc4avJmoX5khQOA0BywEEpgztjR3/Qw
u1KdGPXisG2jfGxdreTpOB1QgAnqFWZ1Scmkn+/dhZ3qMbawJ6KJPg3TYsFlJ+Cy
HMMJXDEgA2evBxn6tyLz1W+e8YzDhaKtML9t6B7s4UWr2yuBqn9y6O/bQE3hkcHg
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:51:11 2024 by rpki-client on console-fra.rpki-client.org