Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/EWzxzxZAOiO262DRpbR-6zLg_ks.roa
File: EWzxzxZAOiO262DRpbR-6zLg_ks.roa (raw, json)
Hash identifier: 9kkcSrC+6hU8hE0tESSUuC7TEdFIg8AmZp9vTz6iLlA=
Subject key identifier: 11:6C:F1:CF:16:40:3A:23:B6:EB:60:D1:A5:B4:7E:EB:32:E0:FE:4B
Certificate issuer: /CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Certificate serial: 018CC9BBDDABC8209DB2A0374F374688ABCD
Authority key identifier: BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/EWzxzxZAOiO262DRpbR-6zLg_ks.roa
Signing time: Tue 02 Jan 2024 10:33:01 +0000
ROA not before: Tue 02 Jan 2024 10:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137443
IP address blocks: 45.138.80.0/22 maxlen: 24
45.86.140.0/22 maxlen: 24
45.133.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:dd:ab:c8:20:9d:b2:a0:37:4f:37:46:88:ab:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Validity
Not Before: Jan 2 10:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=116cf1cf16403a23b6eb60d1a5b47eeb32e0fe4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b5:c0:e8:47:f9:0d:61:bb:1f:21:d4:aa:fe:
a7:d1:7f:f4:ed:f0:b2:82:6d:fc:38:31:92:aa:63:
92:15:64:fc:6e:e9:df:68:e8:bf:7f:ed:63:cd:e8:
0e:78:19:ff:01:73:c5:3e:70:1e:bf:59:3f:4e:20:
19:d9:d6:c0:64:2d:ac:81:9b:40:9b:76:3d:fd:bf:
38:bb:3f:cb:8c:5e:09:4d:46:d1:2f:18:f8:07:9a:
14:66:3c:72:a1:20:0b:58:aa:4d:c3:60:31:9a:40:
ee:fc:5a:c8:d3:0a:bd:18:a9:7b:0f:fa:b7:08:a5:
19:06:a1:14:7f:6e:0f:df:0c:14:01:d8:2d:53:a5:
f2:8d:e9:10:62:35:9d:a4:a7:d1:71:e5:2c:2d:10:
40:7d:0c:9b:20:01:e3:c1:62:48:e9:dc:ef:cb:68:
54:9f:06:21:8b:bf:b1:08:91:de:6f:4a:77:24:d3:
5a:e5:06:5b:e5:14:90:be:c3:00:41:ef:3e:d5:95:
e1:a5:07:4e:6d:f6:22:16:2d:34:83:f8:39:5d:d0:
53:31:39:6a:03:4e:e9:d9:d0:83:ea:99:c6:89:cd:
6f:b3:42:0f:4d:c1:c4:b6:c5:8a:47:f1:85:57:a6:
84:1d:6d:9c:71:43:96:0f:03:2f:86:fa:b4:7b:28:
02:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6C:F1:CF:16:40:3A:23:B6:EB:60:D1:A5:B4:7E:EB:32:E0:FE:4B
X509v3 Authority Key Identifier:
keyid:BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/EWzxzxZAOiO262DRpbR-6zLg_ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.140.0/22
45.133.228.0/22
45.138.80.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:0e:29:df:2a:c9:02:cb:b9:71:43:6e:f7:8b:1d:f3:aa:3f:
a2:8e:a4:ce:3c:cd:cc:c2:b0:be:bf:70:ad:7a:d0:e9:07:f8:
66:58:2c:f1:a2:5e:b8:b0:db:80:34:9c:02:a8:e2:f9:68:a8:
c2:82:06:81:61:17:2a:39:8f:04:01:24:77:d5:7a:f9:21:b0:
2e:a5:bc:71:e4:ce:2b:8b:0d:30:5d:5b:2c:a7:6d:69:0f:1d:
a0:ea:45:e4:1b:e9:00:45:65:18:f4:e8:62:36:88:3b:8c:d0:
8f:e0:db:da:85:5c:fc:89:13:61:9b:1a:f9:0f:3a:b8:5c:da:
c5:80:01:76:cc:d4:aa:38:3d:80:cc:14:43:8e:d1:ba:c8:13:
4c:49:e9:e0:fc:53:b2:f9:94:f5:02:58:42:a1:27:da:a4:7d:
fd:6f:d0:5f:8d:30:89:ea:ea:59:20:b2:5f:28:f1:3c:af:8b:
94:de:b4:79:d1:70:2b:1d:34:50:a7:8f:0f:54:6c:d1:7e:2c:
23:6b:53:fb:61:0b:52:88:0d:9a:3b:d6:11:cb:a2:06:8c:a2:
35:a5:19:1b:70:f7:f8:69:13:ed:f5:9e:1a:92:50:6a:2a:df:
a7:27:ed:77:25:e3:da:46:ac:b3:41:f6:cd:3d:aa:26:b0:17:
f7:a0:89:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJu92ryCCdsqA3TzdGiKvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNmZhMzdhMjQ4M2NmNTc5ZmE4NjI1MDExOWFjMDEzMzQ3
NWFhZDgwHhcNMjQwMTAyMTAzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTZjZjFjZjE2NDAzYTIzYjZlYjYwZDFhNWI0N2VlYjMyZTBmZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7XA6Ef5DWG7HyHUqv6n0X/07fCy
gm38ODGSqmOSFWT8bunfaOi/f+1jzegOeBn/AXPFPnAev1k/TiAZ2dbAZC2sgZtA
m3Y9/b84uz/LjF4JTUbRLxj4B5oUZjxyoSALWKpNw2AxmkDu/FrI0wq9GKl7D/q3
CKUZBqEUf24P3wwUAdgtU6XyjekQYjWdpKfRceUsLRBAfQybIAHjwWJI6dzvy2hU
nwYhi7+xCJHeb0p3JNNa5QZb5RSQvsMAQe8+1ZXhpQdObfYiFi00g/g5XdBTMTlq
A07p2dCD6pnGic1vs0IPTcHEtsWKR/GFV6aEHW2ccUOWDwMvhvq0eygCiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBFs8c8WQDojtutg0aW0fusy4P5LMB8GA1UdIwQY
MBaAFL1vo3okg89Xn6hiUBGawBM0darYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYt
OGZmMTYxMWU4YmI0LzEvRVd6eHp4WkFPaU8yNjJEUnBiUi02ekxnX2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYtOGZmMTYxMWU4YmI0
LzEvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVaMAwQC
LYXkAwQCLYpQMA0GCSqGSIb3DQEBCwUAA4IBAQAODinfKskCy7lxQ273ix3zqj+i
jqTOPM3MwrC+v3CtetDpB/hmWCzxol64sNuANJwCqOL5aKjCggaBYRcqOY8EASR3
1Xr5IbAupbxx5M4riw0wXVssp21pDx2g6kXkG+kARWUY9OhiNog7jNCP4NvahVz8
iRNhmxr5Dzq4XNrFgAF2zNSqOD2AzBRDjtG6yBNMSeng/FOy+ZT1AlhCoSfapH39
b9BfjTCJ6upZILJfKPE8r4uU3rR50XArHTRQp48PVGzRfiwja1P7YQtSiA2aO9YR
y6IGjKI1pRkbcPf4aRPt9Z4aklBqKt+nJ+13JePaRqyzQfbNPaomsBf3oIn7
-----END CERTIFICATE-----
Generated at Thu May 2 18:04:37 2024 by rpki-client on console-ams.rpki-client.org