Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/bVOYoYY4kLtFcWCOQBT8OJMEsLw.roa
File: bVOYoYY4kLtFcWCOQBT8OJMEsLw.roa (raw, json)
Hash identifier: HEY7oQmlr4VRcp8jdMagOVRTFXuphMM4418OBnIr4dg=
Subject key identifier: 6D:53:98:A1:86:38:90:BB:45:71:60:8E:40:14:FC:38:93:04:B0:BC
Certificate issuer: /CN=856f0c90073afb8ecde7e83409ceabdb93b41a4e
Certificate serial: 018CC86F343D04CA1EBD19B6817C68A38575
Authority key identifier: 85:6F:0C:90:07:3A:FB:8E:CD:E7:E8:34:09:CE:AB:DB:93:B4:1A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/bVOYoYY4kLtFcWCOQBT8OJMEsLw.roa
Signing time: Tue 02 Jan 2024 04:29:40 +0000
ROA not before: Tue 02 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57814
IP address blocks: 45.138.44.0/24 maxlen: 32
45.138.44.0/22 maxlen: 32
185.110.93.0/24 maxlen: 32
45.138.45.0/24 maxlen: 32
195.69.140.0/22 maxlen: 32
45.138.47.0/24 maxlen: 32
45.138.46.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/hW8MkAc6-47N5-g0Cc6r25O0Gk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/hW8MkAc6-47N5-g0Cc6r25O0Gk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:34:3d:04:ca:1e:bd:19:b6:81:7c:68:a3:85:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856f0c90073afb8ecde7e83409ceabdb93b41a4e
Validity
Not Before: Jan 2 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d5398a1863890bb4571608e4014fc389304b0bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:ea:26:ad:12:7b:a7:9e:5f:07:fd:f0:84:
e0:0c:46:25:7b:44:c8:79:28:cf:06:7c:66:e1:2c:
89:88:a6:0f:ee:2c:89:66:a9:8e:5a:51:e6:8b:7d:
1e:7b:42:bc:02:b4:6c:77:5e:39:9c:b3:a5:9c:87:
c3:c7:a6:63:8c:f1:31:e7:4d:56:9e:58:eb:82:97:
d3:8c:79:fc:8d:12:a9:8a:34:27:65:19:6d:4c:10:
62:07:b4:3d:bc:ac:c7:ea:af:9f:cb:f7:d2:6a:cf:
d0:24:cf:d5:91:51:ec:a3:15:b7:26:9d:1a:86:14:
3a:34:b1:f8:a0:44:b9:c6:10:ac:65:1b:2a:6f:19:
33:a3:22:20:94:5c:1d:29:f2:dd:68:f4:20:05:38:
34:e3:cc:a8:84:49:e3:0c:fc:e4:52:76:7d:5a:d4:
63:47:cd:58:d8:b6:12:7d:19:6d:84:08:05:13:56:
a7:5c:2f:6d:44:57:e8:fb:3a:78:e9:81:e6:bf:90:
a7:41:13:69:47:dc:f1:d8:4f:06:e6:f8:72:5f:c0:
c6:95:35:ec:cf:ff:6c:82:2f:1f:c2:9d:0f:64:fd:
c8:43:55:8b:a1:2f:5b:78:25:8d:bb:c6:11:15:28:
41:81:d8:78:89:69:92:ae:74:8e:cf:57:de:b0:e4:
0c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:53:98:A1:86:38:90:BB:45:71:60:8E:40:14:FC:38:93:04:B0:BC
X509v3 Authority Key Identifier:
keyid:85:6F:0C:90:07:3A:FB:8E:CD:E7:E8:34:09:CE:AB:DB:93:B4:1A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/bVOYoYY4kLtFcWCOQBT8OJMEsLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/hW8MkAc6-47N5-g0Cc6r25O0Gk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.44.0/22
185.110.93.0/24
195.69.140.0/22
Signature Algorithm: sha256WithRSAEncryption
01:7e:c8:e5:43:2b:cc:03:5a:3a:c5:03:72:18:06:c5:e8:99:
e4:d1:c9:e8:3a:68:d9:f9:e2:1f:03:69:96:55:e6:aa:f0:c9:
83:27:23:fd:e9:7d:ba:b3:74:e8:87:4d:cd:e9:3a:8d:96:96:
7a:67:7c:ef:f4:21:4f:59:f8:75:57:81:4a:40:41:d8:14:06:
7d:06:64:a3:0e:ea:4d:44:fd:78:65:e8:06:9c:de:b4:9c:8a:
5d:97:8d:5a:fc:f5:2e:43:66:ad:8c:48:7a:5b:6e:58:f1:c4:
50:ca:1c:77:7a:2f:1b:15:de:2f:2f:17:44:bc:06:c8:a2:c9:
7e:76:fc:95:f4:77:d0:db:39:63:05:be:b3:27:4f:bd:35:51:
6a:f0:a5:a4:45:d2:3c:28:d4:4d:27:62:80:a0:9d:21:6f:8c:
77:4f:d2:4e:a0:7f:db:ea:ac:0f:ce:33:0b:57:29:6d:01:c9:
63:97:fa:05:64:6d:3a:54:0e:a3:47:a0:cc:08:a3:36:9f:d5:
fc:a1:91:73:a2:c4:4a:f5:f8:ad:76:48:02:b5:dc:73:46:ac:
b4:97:22:66:c7:a0:c0:b7:7f:50:22:a8:88:fb:7c:b0:7b:5e:
43:15:69:86:22:4b:77:75:a2:15:89:f8:92:2a:99:ed:d0:e7:
92:c1:67:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIbzQ9BMoevRm2gXxoo4V1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NmYwYzkwMDczYWZiOGVjZGU3ZTgzNDA5Y2VhYmRiOTNi
NDFhNGUwHhcNMjQwMTAyMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDUzOThhMTg2Mzg5MGJiNDU3MTYwOGU0MDE0ZmMzODkzMDRiMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutzqJq0Se6eeXwf98ITgDEYle0TI
eSjPBnxm4SyJiKYP7iyJZqmOWlHmi30ee0K8ArRsd145nLOlnIfDx6ZjjPEx501W
nljrgpfTjHn8jRKpijQnZRltTBBiB7Q9vKzH6q+fy/fSas/QJM/VkVHsoxW3Jp0a
hhQ6NLH4oES5xhCsZRsqbxkzoyIglFwdKfLdaPQgBTg048yohEnjDPzkUnZ9WtRj
R81Y2LYSfRlthAgFE1anXC9tRFfo+zp46YHmv5CnQRNpR9zx2E8G5vhyX8DGlTXs
z/9sgi8fwp0PZP3IQ1WLoS9beCWNu8YRFShBgdh4iWmSrnSOz1fesOQMBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG1TmKGGOJC7RXFgjkAU/DiTBLC8MB8GA1UdIwQY
MBaAFIVvDJAHOvuOzefoNAnOq9uTtBpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFc4TWtBYzYtNDdONS1nMENjNnIyNU8wR2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yMDQyNjgtNjA3OC00YjUzLTk0ZDIt
NDRmZGU5NmI4YWVjLzEvYlZPWW9ZWTRrTHRGY1dDT1FCVDhPSk1Fc0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yMDQyNjgtNjA3OC00YjUzLTk0ZDItNDRmZGU5NmI4YWVj
LzEvaFc4TWtBYzYtNDdONS1nMENjNnIyNU8wR2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYosAwQA
uW5dAwQCw0WMMA0GCSqGSIb3DQEBCwUAA4IBAQABfsjlQyvMA1o6xQNyGAbF6Jnk
0cnoOmjZ+eIfA2mWVeaq8MmDJyP96X26s3Toh03N6TqNlpZ6Z3zv9CFPWfh1V4FK
QEHYFAZ9BmSjDupNRP14ZegGnN60nIpdl41a/PUuQ2atjEh6W25Y8cRQyhx3ei8b
Fd4vLxdEvAbIosl+dvyV9HfQ2zljBb6zJ0+9NVFq8KWkRdI8KNRNJ2KAoJ0hb4x3
T9JOoH/b6qwPzjMLVyltAcljl/oFZG06VA6jR6DMCKM2n9X8oZFzosRK9fitdkgC
tdxzRqy0lyJmx6DAt39QIqiI+3ywe15DFWmGIkt3daIVifiSKpnt0OeSwWc+
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:08:27 2024 by rpki-client on console-ams.rpki-client.org