Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/58a86c-b882-42ff-b743-c41b8aa2df95/1/syXTb2vdIOpOYs1zD93EPvHLWFk.roa
File: syXTb2vdIOpOYs1zD93EPvHLWFk.roa (raw, json)
Hash identifier: 4Lj8Ak0TwCiriJa6D7LmeSQFxb9CffyyqDRRhwZEdDQ=
Subject key identifier: B3:25:D3:6F:6B:DD:20:EA:4E:62:CD:73:0F:DD:C4:3E:F1:CB:58:59
Certificate issuer: /CN=7a18fcaac6c8409f24d3fa90df8e30218ee9c3ff
Certificate serial: 018CC94CE738DF645FF7CF6245987F72A1E5
Authority key identifier: 7A:18:FC:AA:C6:C8:40:9F:24:D3:FA:90:DF:8E:30:21:8E:E9:C3:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ehj8qsbIQJ8k0_qQ344wIY7pw_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/58a86c-b882-42ff-b743-c41b8aa2df95/1/syXTb2vdIOpOYs1zD93EPvHLWFk.roa
Signing time: Tue 02 Jan 2024 08:31:49 +0000
ROA not before: Tue 02 Jan 2024 08:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201299
IP address blocks: 45.155.136.0/22 maxlen: 24
45.155.136.0/24 maxlen: 24
45.155.139.0/24 maxlen: 24
45.155.137.0/24 maxlen: 24
45.155.138.0/24 maxlen: 24
2a0f:c500::/29 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/58a86c-b882-42ff-b743-c41b8aa2df95/1/ehj8qsbIQJ8k0_qQ344wIY7pw_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/58a86c-b882-42ff-b743-c41b8aa2df95/1/ehj8qsbIQJ8k0_qQ344wIY7pw_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ehj8qsbIQJ8k0_qQ344wIY7pw_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:e7:38:df:64:5f:f7:cf:62:45:98:7f:72:a1:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a18fcaac6c8409f24d3fa90df8e30218ee9c3ff
Validity
Not Before: Jan 2 08:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b325d36f6bdd20ea4e62cd730fddc43ef1cb5859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:85:6d:28:58:2e:b6:cb:ca:dc:57:a4:fd:e1:
97:83:98:e3:21:1d:ad:f4:52:f9:de:5c:d0:cd:e0:
69:46:34:5d:a8:ab:40:9f:04:2a:d1:14:aa:bc:91:
c7:76:6f:9c:30:f8:3d:86:0c:3d:66:09:91:06:57:
19:15:a6:6d:5e:fa:15:46:77:06:31:2b:9a:75:a8:
9d:b8:d9:8f:4f:ce:95:b6:c1:a7:1b:a7:f5:24:5b:
15:44:61:e1:d4:e1:d3:4d:78:05:7b:a5:1d:a7:44:
ca:d1:a1:db:7d:19:ed:ac:7b:02:43:00:80:8e:f6:
a1:32:15:12:8a:6b:80:5f:6d:b4:fc:02:16:35:d8:
c5:51:ae:58:52:a3:d4:59:1d:b4:e3:13:eb:f3:a3:
bc:6f:1c:15:b8:53:69:d3:cf:61:31:f7:d2:62:ff:
20:04:a2:b6:43:90:d7:00:be:3f:99:10:cf:e1:ad:
24:06:5e:69:ea:ee:42:80:90:36:8b:35:b9:0c:6f:
01:5b:bd:1d:2a:96:5b:da:91:62:2a:23:86:b0:d2:
9e:73:06:59:12:ab:1a:e4:78:16:69:e0:0a:77:62:
76:6e:27:89:47:d1:be:8a:bc:9c:c8:ab:61:10:4b:
16:f7:7c:e8:3c:5f:cf:84:5e:e3:d9:0e:40:d5:7a:
bf:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:25:D3:6F:6B:DD:20:EA:4E:62:CD:73:0F:DD:C4:3E:F1:CB:58:59
X509v3 Authority Key Identifier:
keyid:7A:18:FC:AA:C6:C8:40:9F:24:D3:FA:90:DF:8E:30:21:8E:E9:C3:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehj8qsbIQJ8k0_qQ344wIY7pw_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/58a86c-b882-42ff-b743-c41b8aa2df95/1/syXTb2vdIOpOYs1zD93EPvHLWFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/58a86c-b882-42ff-b743-c41b8aa2df95/1/ehj8qsbIQJ8k0_qQ344wIY7pw_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.136.0/22
IPv6:
2a0f:c500::/29
Signature Algorithm: sha256WithRSAEncryption
3b:c9:b3:7e:1d:d2:38:e9:86:16:04:73:2f:db:4e:52:5a:94:
7c:72:72:4f:d4:f1:f8:74:71:e3:79:3a:15:10:18:58:77:e1:
61:90:4a:ed:93:a4:f9:45:d2:9f:72:33:70:33:48:72:74:3d:
c1:48:65:67:76:20:6d:a1:8e:5b:9d:54:24:6f:27:e4:44:b3:
1c:0d:b7:0e:6e:d4:a7:28:c4:4d:09:bc:88:95:08:23:9a:2b:
b2:f9:b7:ee:a4:71:27:b3:61:19:03:4e:38:4e:61:69:5e:6e:
5e:8d:f7:f7:13:5c:3f:b2:4e:3a:f2:c7:81:14:73:64:c6:fd:
d1:c8:5e:07:90:e0:02:05:43:27:09:dc:5b:95:42:6d:d0:1d:
1c:ee:49:c8:b1:44:19:99:5a:67:af:ea:d9:87:7e:23:39:1f:
5e:fc:81:75:c2:fb:8b:93:bb:3d:b3:84:0b:07:f1:86:a0:88:
9d:9c:8b:ac:17:2e:f1:2a:c1:22:3a:4b:8e:1a:51:c5:11:cd:
96:fc:aa:01:50:b1:86:51:8b:12:d8:1a:ee:62:a8:24:e8:ed:
18:b4:fe:78:e1:56:00:50:47:40:62:53:7b:44:c4:5c:06:91:
37:82:23:a5:c7:71:9a:cd:09:ac:58:f6:84:c6:cd:d7:ad:30:
77:9a:26:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTOc432Rf989iRZh/cqHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMThmY2FhYzZjODQwOWYyNGQzZmE5MGRmOGUzMDIxOGVl
OWMzZmYwHhcNMjQwMTAyMDgzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzI1ZDM2ZjZiZGQyMGVhNGU2MmNkNzMwZmRkYzQzZWYxY2I1ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oVtKFgutsvK3Fek/eGXg5jjIR2t
9FL53lzQzeBpRjRdqKtAnwQq0RSqvJHHdm+cMPg9hgw9ZgmRBlcZFaZtXvoVRncG
MSuadaiduNmPT86VtsGnG6f1JFsVRGHh1OHTTXgFe6Udp0TK0aHbfRntrHsCQwCA
jvahMhUSimuAX220/AIWNdjFUa5YUqPUWR204xPr86O8bxwVuFNp089hMffSYv8g
BKK2Q5DXAL4/mRDP4a0kBl5p6u5CgJA2izW5DG8BW70dKpZb2pFiKiOGsNKecwZZ
Eqsa5HgWaeAKd2J2bieJR9G+irycyKthEEsW93zoPF/PhF7j2Q5A1Xq/2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLMl029r3SDqTmLNcw/dxD7xy1hZMB8GA1UdIwQY
MBaAFHoY/KrGyECfJNP6kN+OMCGO6cP/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhqOHFzYklRSjhrMF9xUTM0NHdJWTdwd184LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC81OGE4NmMtYjg4Mi00MmZmLWI3NDMt
YzQxYjhhYTJkZjk1LzEvc3lYVGIydmRJT3BPWXMxekQ5M0VQdkhMV0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC81OGE4NmMtYjg4Mi00MmZmLWI3NDMtYzQxYjhhYTJkZjk1
LzEvZWhqOHFzYklRSjhrMF9xUTM0NHdJWTdwd184LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZuIMA0E
AgACMAcDBQMqD8UAMA0GCSqGSIb3DQEBCwUAA4IBAQA7ybN+HdI46YYWBHMv205S
WpR8cnJP1PH4dHHjeToVEBhYd+FhkErtk6T5RdKfcjNwM0hydD3BSGVndiBtoY5b
nVQkbyfkRLMcDbcObtSnKMRNCbyIlQgjmiuy+bfupHEns2EZA044TmFpXm5ejff3
E1w/sk468seBFHNkxv3RyF4HkOACBUMnCdxblUJt0B0c7knIsUQZmVpnr+rZh34j
OR9e/IF1wvuLk7s9s4QLB/GGoIidnIusFy7xKsEiOkuOGlHFEc2W/KoBULGGUYsS
2BruYqgk6O0YtP544VYAUEdAYlN7RMRcBpE3giOlx3GazQmsWPaExs3XrTB3mib8
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:49:22 2024 by rpki-client on console-fra.rpki-client.org