Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/tjeo698XO2nOGlaLrRlCtObpgYY.roa
File: tjeo698XO2nOGlaLrRlCtObpgYY.roa (raw, json)
Hash identifier: NuR0B/nqJIsMPNQHngHmr8hgPf1jTLBaXla4xTFtG3Q=
Subject key identifier: B6:37:A8:EB:DF:17:3B:69:CE:1A:56:8B:AD:19:42:B4:E6:E9:81:86
Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Certificate serial: 018CC7264A8E4287C99EA320F923A660D12C
Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/tjeo698XO2nOGlaLrRlCtObpgYY.roa
Signing time: Mon 01 Jan 2024 22:30:24 +0000
ROA not before: Mon 01 Jan 2024 22:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57264
IP address blocks: 45.159.36.0/24 maxlen: 24
45.159.36.0/22 maxlen: 22
45.159.38.0/24 maxlen: 24
45.159.37.0/24 maxlen: 24
45.159.39.0/24 maxlen: 24
2a0f:7080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.mft
rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:4a:8e:42:87:c9:9e:a3:20:f9:23:a6:60:d1:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Validity
Not Before: Jan 1 22:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b637a8ebdf173b69ce1a568bad1942b4e6e98186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3f:b6:8d:58:14:94:ec:e2:22:93:4c:43:a1:
50:16:0f:eb:49:c2:59:62:35:20:21:8e:fe:dd:2b:
ee:a2:05:de:62:73:2c:b1:42:23:cf:99:40:ea:f5:
ba:99:f7:cf:f9:60:86:db:fe:be:76:77:aa:28:46:
5e:ab:67:44:c0:a1:70:dc:c0:64:57:61:86:c4:c6:
b7:79:b2:44:1a:85:34:b6:79:ef:f3:c9:5d:be:7c:
22:21:dd:81:f7:1d:5f:56:60:8b:68:78:88:05:72:
0e:bc:08:fc:2b:67:c7:26:1d:2f:ec:06:51:41:33:
c5:eb:a5:e0:6e:0d:fd:3b:92:e4:ed:36:b7:4a:0f:
3c:05:2e:5f:f9:44:c7:32:fa:88:e4:00:b7:65:6b:
12:1c:da:8d:72:12:cf:3a:c7:d5:a3:02:dd:e5:21:
78:0c:ef:c6:2d:30:fc:f1:b4:ea:3d:41:07:5e:b2:
ee:8d:0b:db:14:83:50:10:bb:63:32:1f:e6:a7:46:
56:30:dd:92:a4:51:2b:82:a2:13:5b:bd:f5:5e:0b:
0b:b6:a1:a0:4f:a4:67:f6:4d:bc:b3:18:02:08:2b:
eb:aa:78:a0:a2:7a:79:a7:37:f2:ed:85:bb:7e:30:
04:01:3b:29:af:b8:9c:c6:3b:7e:8c:a6:ee:fd:ff:
cf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:37:A8:EB:DF:17:3B:69:CE:1A:56:8B:AD:19:42:B4:E6:E9:81:86
X509v3 Authority Key Identifier:
keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/tjeo698XO2nOGlaLrRlCtObpgYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.36.0/22
IPv6:
2a0f:7080::/29
Signature Algorithm: sha256WithRSAEncryption
45:8a:a2:08:19:8d:b4:d2:be:23:1f:18:a7:34:62:57:a5:62:
6d:1e:36:fa:d0:14:ad:87:0c:97:66:08:ad:6d:44:0b:00:41:
d2:e9:2a:4d:58:0f:e3:1d:83:90:be:d0:d2:db:5c:3e:51:01:
9c:c3:c3:37:46:c1:7d:d2:8c:07:58:8a:ae:a0:c9:90:bb:fb:
ca:4e:fe:d4:69:84:e4:a9:d8:ec:4d:3c:ae:78:95:98:1f:f6:
52:40:bf:f5:de:bf:5a:81:79:dc:b4:97:eb:71:4c:a1:c7:d4:
b2:15:4b:1b:bb:aa:0c:4d:2d:b9:85:df:37:aa:5a:e8:ca:b7:
6b:24:1b:60:aa:a1:5a:ab:8e:1e:38:48:1f:15:bd:ef:7a:04:
7a:5c:2c:23:b3:c3:01:c2:2c:55:72:e9:8d:79:6b:1c:8d:95:
fb:14:fc:8d:02:1f:0f:3e:09:8a:b8:d1:aa:17:42:fd:84:4c:
b5:1c:ee:42:f3:0f:48:c7:91:91:13:e1:c7:54:3d:08:17:39:
cc:f5:92:95:69:92:88:15:25:4b:8c:25:fa:43:84:1a:9b:9f:
11:0a:1c:c7:57:63:d6:8b:2f:03:10:6b:78:77:13:18:28:13:
cf:90:db:69:45:c8:86:99:03:8f:aa:f6:eb:5d:a2:84:b5:bc:
26:89:8a:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJkqOQofJnqMg+SOmYNEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy
MmMyMjgwHhcNMjQwMTAxMjIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjM3YThlYmRmMTczYjY5Y2UxYTU2OGJhZDE5NDJiNGU2ZTk4MTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT+2jVgUlOziIpNMQ6FQFg/rScJZ
YjUgIY7+3SvuogXeYnMssUIjz5lA6vW6mffP+WCG2/6+dneqKEZeq2dEwKFw3MBk
V2GGxMa3ebJEGoU0tnnv88ldvnwiId2B9x1fVmCLaHiIBXIOvAj8K2fHJh0v7AZR
QTPF66Xgbg39O5Lk7Ta3Sg88BS5f+UTHMvqI5AC3ZWsSHNqNchLPOsfVowLd5SF4
DO/GLTD88bTqPUEHXrLujQvbFINQELtjMh/mp0ZWMN2SpFErgqITW731XgsLtqGg
T6Rn9k28sxgCCCvrqnigonp5pzfy7YW7fjAEATspr7icxjt+jKbu/f/PAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLY3qOvfFztpzhpWi60ZQrTm6YGGMB8GA1UdIwQY
MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt
MDc3YmM4YmExZTVkLzEvdGplbzY5OFhPMm5PR2xhTHJSbEN0T2JwZ1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk
LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ8kMA0E
AgACMAcDBQMqD3CAMA0GCSqGSIb3DQEBCwUAA4IBAQBFiqIIGY200r4jHxinNGJX
pWJtHjb60BSthwyXZgitbUQLAEHS6SpNWA/jHYOQvtDS21w+UQGcw8M3RsF90owH
WIquoMmQu/vKTv7UaYTkqdjsTTyueJWYH/ZSQL/13r9agXnctJfrcUyhx9SyFUsb
u6oMTS25hd83qlroyrdrJBtgqqFaq44eOEgfFb3vegR6XCwjs8MBwixVcumNeWsc
jZX7FPyNAh8PPgmKuNGqF0L9hEy1HO5C8w9Ix5GRE+HHVD0IFznM9ZKVaZKIFSVL
jCX6Q4Qam58RChzHV2PWiy8DEGt4dxMYKBPPkNtpRciGmQOPqvbrXaKEtbwmiYrd
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:50:49 2024 by rpki-client on console-ams.rpki-client.org