Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/RqoEriWOydI2kwlR73Jsg6juQS4.roa
File: RqoEriWOydI2kwlR73Jsg6juQS4.roa (raw, json)
Hash identifier: QZCDT7y+5UwJPUMhOGPbd8KaMlUsCBhpbhE06SOGw2c=
Subject key identifier: 46:AA:04:AE:25:8E:C9:D2:36:93:09:51:EF:72:6C:83:A8:EE:41:2E
Certificate issuer: /CN=bc464ba9d26385f54df6254ac248926d370445b0
Certificate serial: 018CC56EF68679CACCDD769C50C2B8705DE4
Authority key identifier: BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/RqoEriWOydI2kwlR73Jsg6juQS4.roa
Signing time: Mon 01 Jan 2024 14:30:32 +0000
ROA not before: Mon 01 Jan 2024 14:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8540
IP address blocks: 146.19.52.0/24 maxlen: 24
185.151.20.0/22 maxlen: 24
45.155.184.0/22 maxlen: 24
185.227.88.0/23 maxlen: 24
185.227.91.0/24 maxlen: 24
185.236.166.0/24 maxlen: 24
185.236.164.0/23 maxlen: 24
185.209.204.0/22 maxlen: 24
195.128.151.0/24 maxlen: 24
2a0b:4c40::/29 maxlen: 29
2a07:7540::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f6:86:79:ca:cc:dd:76:9c:50:c2:b8:70:5d:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc464ba9d26385f54df6254ac248926d370445b0
Validity
Not Before: Jan 1 14:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46aa04ae258ec9d236930951ef726c83a8ee412e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:be:ee:52:c7:42:df:29:59:67:7a:15:16:b3:
a1:0d:d2:2d:36:d3:c4:77:37:ce:96:0f:d7:fb:70:
ea:76:3a:57:07:db:f2:9f:9f:bf:e5:a9:ea:5b:a2:
46:d2:cb:fc:47:9a:66:ce:88:c8:98:f6:2f:78:a8:
ed:7d:34:77:e3:6d:13:94:37:e4:34:05:6f:75:cd:
0c:5e:2b:36:9d:8c:66:f1:cf:5d:11:a8:9b:c2:05:
4a:41:4b:82:ba:92:9d:49:2d:fb:77:70:57:bb:96:
17:e0:2b:7f:c7:c2:d0:0c:92:f8:76:5c:04:b2:dc:
5f:92:cf:3e:e3:7f:fa:a2:bb:38:f1:52:54:12:28:
5b:56:12:85:4c:14:e0:59:8f:df:15:45:05:7b:18:
05:e7:64:97:89:29:e4:36:89:c6:8a:58:dc:24:d4:
ac:c3:7c:84:25:63:a0:dc:20:59:94:99:2b:da:e1:
5d:16:0b:25:b6:80:b3:08:15:61:bf:dc:b8:be:f8:
9e:f9:2a:0e:90:05:9f:21:f8:78:17:d0:77:b4:51:
4f:55:6f:42:73:71:14:ad:42:19:c8:9f:4a:5f:8c:
19:32:4f:32:71:d4:b2:b8:12:a4:b3:e3:16:7e:cf:
11:ca:13:2f:e6:39:a7:af:70:3a:42:35:3b:72:88:
e9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AA:04:AE:25:8E:C9:D2:36:93:09:51:EF:72:6C:83:A8:EE:41:2E
X509v3 Authority Key Identifier:
keyid:BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/RqoEriWOydI2kwlR73Jsg6juQS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.184.0/22
146.19.52.0/24
185.151.20.0/22
185.209.204.0/22
185.227.88.0/23
185.227.91.0/24
185.236.164.0-185.236.166.255
195.128.151.0/24
IPv6:
2a07:7540::/29
2a0b:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
12:57:1e:d1:95:a4:ad:e5:8b:88:1e:15:de:81:c5:94:1f:1a:
76:9c:27:91:a0:bb:24:64:9d:0e:d6:81:89:b0:a5:45:32:b1:
01:d9:ec:80:07:4d:36:9d:ba:d1:48:b4:b3:e1:f3:a9:0e:4c:
f2:55:1f:77:7d:13:b5:d3:25:70:2a:6d:ef:77:c6:0a:d1:d6:
2d:96:07:a6:6f:6f:89:ed:20:e0:77:9a:68:1d:fe:b9:37:5c:
4a:3d:aa:e7:18:15:4d:8f:d6:3f:0c:3b:3e:5c:a5:02:38:ee:
66:53:0f:7b:f7:92:1c:d5:61:0e:4a:f4:ca:ed:3b:d6:7b:a3:
de:00:08:40:2e:d9:7c:5a:c6:02:cb:6b:60:db:3c:66:f7:74:
3d:08:ce:37:3b:11:18:e3:35:1f:63:f4:4e:a3:b9:2b:ad:c0:
2b:19:e7:10:58:de:d3:24:7a:18:ec:9e:fd:66:a0:3e:73:20:
29:0b:cb:e3:60:2f:91:70:e0:e4:05:d7:69:41:5b:2b:68:34:
e2:2f:e3:53:c8:55:29:03:04:14:5f:dc:4a:65:b6:65:51:06:
d2:f1:cb:c1:3e:ed:ca:22:d2:ac:a2:e6:f3:db:3b:1f:f6:c4:
30:e6:05:46:ef:7f:30:d6:3b:98:a5:e3:49:85:26:22:03:2a:
e5:fd:e0:a6
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzFbvaGecrM3XacUMK4cF3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDY0YmE5ZDI2Mzg1ZjU0ZGY2MjU0YWMyNDg5MjZkMzcw
NDQ1YjAwHhcNMjQwMTAxMTQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFhMDRhZTI1OGVjOWQyMzY5MzA5NTFlZjcyNmM4M2E4ZWU0MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkL7uUsdC3ylZZ3oVFrOhDdItNtPE
dzfOlg/X+3DqdjpXB9vyn5+/5anqW6JG0sv8R5pmzojImPYveKjtfTR3420TlDfk
NAVvdc0MXis2nYxm8c9dEaibwgVKQUuCupKdSS37d3BXu5YX4Ct/x8LQDJL4dlwE
stxfks8+43/6ors48VJUEihbVhKFTBTgWY/fFUUFexgF52SXiSnkNonGiljcJNSs
w3yEJWOg3CBZlJkr2uFdFgsltoCzCBVhv9y4vvie+SoOkAWfIfh4F9B3tFFPVW9C
c3EUrUIZyJ9KX4wZMk8ycdSyuBKks+MWfs8RyhMv5jmnr3A6QjU7cojpHwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEaqBK4ljsnSNpMJUe9ybIOo7kEuMB8GA1UdIwQY
MBaAFLxGS6nSY4X1TfYlSsJIkm03BEWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQt
ZDczZGM0YjQxY2UxLzEvUnFvRXJpV095ZEkya3dsUjczSnNnNmp1UVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQtZDczZGM0YjQxY2Ux
LzEvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQCLZu4AwQA
khM0AwQCuZcUAwQCudHMAwQBueNYAwQAueNbMAwDBAK57KQDBAC57KYDBADDgJcw
FAQCAAIwDgMFAyoHdUADBQMqC0xAMA0GCSqGSIb3DQEBCwUAA4IBAQASVx7RlaSt
5YuIHhXegcWUHxp2nCeRoLskZJ0O1oGJsKVFMrEB2eyAB002nbrRSLSz4fOpDkzy
VR93fRO10yVwKm3vd8YK0dYtlgemb2+J7SDgd5poHf65N1xKParnGBVNj9Y/DDs+
XKUCOO5mUw9795Ic1WEOSvTK7TvWe6PeAAhALtl8WsYCy2tg2zxm93Q9CM43OxEY
4zUfY/ROo7krrcArGecQWN7TJHoY7J79ZqA+cyApC8vjYC+RcODkBddpQVsraDTi
L+NTyFUpAwQUX9xKZbZlUQbS8cvBPu3KItKsoubz2zsf9sQw5gVG738w1juYpeNJ
hSYiAyrl/eCm
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:21:48 2024 by rpki-client on console-ams.rpki-client.org