Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/T6Zb-4ko1gVhSldgLe3tm2yxpy4.roa
File: T6Zb-4ko1gVhSldgLe3tm2yxpy4.roa (raw, json)
Hash identifier: RRhkGo8BwVi6QmK0sipn2dDGQ7587q529vTVQ0ATq94=
Subject key identifier: 4F:A6:5B:FB:89:28:D6:05:61:4A:57:60:2D:ED:ED:9B:6C:B1:A7:2E
Certificate issuer: /CN=dc5d2cfbdb9d58d5740ff375a315b382544a94ae
Certificate serial: 018CC7955250DD7457B5789930D8369E6B2F
Authority key identifier: DC:5D:2C:FB:DB:9D:58:D5:74:0F:F3:75:A3:15:B3:82:54:4A:94:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3F0s-9udWNV0D_N1oxWzglRKlK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/T6Zb-4ko1gVhSldgLe3tm2yxpy4.roa
Signing time: Tue 02 Jan 2024 00:31:41 +0000
ROA not before: Tue 02 Jan 2024 00:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57866
IP address blocks: 45.149.8.0/22 maxlen: 22
185.242.64.0/22 maxlen: 22
185.21.48.0/24 maxlen: 24
2a0c:c080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/3F0s-9udWNV0D_N1oxWzglRKlK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/3F0s-9udWNV0D_N1oxWzglRKlK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3F0s-9udWNV0D_N1oxWzglRKlK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:52:50:dd:74:57:b5:78:99:30:d8:36:9e:6b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc5d2cfbdb9d58d5740ff375a315b382544a94ae
Validity
Not Before: Jan 2 00:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fa65bfb8928d605614a57602deded9b6cb1a72e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:df:5c:e4:7b:26:fb:c3:c8:1f:e0:92:b6:55:
11:e1:31:d3:65:3f:82:de:1c:24:a0:b9:bf:66:14:
16:fa:71:e2:0a:84:76:c4:f7:f8:95:d5:90:cd:5f:
e2:4b:84:88:b1:f4:06:46:a0:d0:7f:88:31:05:a4:
74:ce:2e:2b:03:12:f0:39:55:1d:f7:27:42:37:2c:
c7:e4:8a:09:6e:9c:c9:44:04:f1:a4:16:d6:fc:86:
e2:8b:cd:b2:9b:77:ef:93:3d:a5:c0:44:fc:6b:69:
8d:79:d6:49:92:c1:61:74:6d:39:06:ce:ad:cc:31:
e1:f5:e0:60:3d:13:b8:5a:1f:43:81:5d:3f:75:07:
13:05:ec:16:f4:be:20:74:79:10:c0:0a:14:64:83:
1b:c4:a7:0f:e9:1a:bf:b5:83:6e:e6:e3:af:19:ef:
2b:a5:4b:62:f5:43:91:21:de:af:ec:29:2e:2f:3e:
0a:9d:42:58:8d:cb:60:af:cd:c4:4a:a8:34:ee:9a:
30:37:41:17:0e:30:64:b9:7e:81:4e:d1:d6:76:57:
62:25:1f:c8:72:56:48:83:77:9c:83:ba:80:c1:2c:
72:1c:65:87:27:5f:b6:a4:af:30:a3:39:4b:51:87:
67:ec:f8:d5:8e:72:33:09:8a:aa:6c:cc:de:02:f8:
c1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A6:5B:FB:89:28:D6:05:61:4A:57:60:2D:ED:ED:9B:6C:B1:A7:2E
X509v3 Authority Key Identifier:
keyid:DC:5D:2C:FB:DB:9D:58:D5:74:0F:F3:75:A3:15:B3:82:54:4A:94:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3F0s-9udWNV0D_N1oxWzglRKlK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/T6Zb-4ko1gVhSldgLe3tm2yxpy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0b99d9-5ae9-4aa6-a2fc-1842348f5c6c/1/3F0s-9udWNV0D_N1oxWzglRKlK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.8.0/22
185.21.48.0/24
185.242.64.0/22
IPv6:
2a0c:c080::/29
Signature Algorithm: sha256WithRSAEncryption
80:bd:ec:7c:cc:a1:e5:20:ba:a8:0d:63:f7:a3:b0:cf:ba:05:
27:4a:3f:f3:ad:1b:df:8c:9d:5e:cb:1c:50:48:fd:a8:59:7e:
7f:0f:02:71:83:7a:53:67:5a:76:7b:75:c0:2f:c7:94:40:4d:
a1:5a:fa:b6:86:8a:25:fc:c8:a5:dc:52:e8:1e:f0:62:27:81:
96:5d:f2:da:04:cc:5e:61:85:66:f2:f8:d5:3e:e8:86:9f:79:
f9:2a:82:cb:0a:41:a2:5d:db:36:00:f0:0d:f8:a2:41:51:3c:
ff:2a:df:e5:76:00:d6:25:cf:6e:7f:54:31:db:35:a2:46:da:
8d:63:64:30:41:7a:ad:a4:ad:54:b2:df:c7:35:dc:6e:75:17:
43:51:f2:c3:b7:8d:ef:8c:0e:fd:b8:e4:6b:75:5e:ff:47:fc:
10:1f:86:d3:84:19:93:72:98:b3:80:a0:0c:a2:ad:c3:f0:51:
ae:28:dd:a3:eb:6d:1c:28:5c:df:de:57:35:70:72:60:f1:35:
a8:16:a4:a4:79:b4:87:12:ee:68:21:8b:e5:64:ed:3a:c5:26:
82:25:0d:62:7e:d0:22:b7:2d:ab:23:ec:c7:47:a4:5d:5a:bc:
20:50:90:2c:2b:01:1b:be:c9:bb:7c:08:39:98:6b:9a:ba:47:
c9:24:7f:2f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHlVJQ3XRXtXiZMNg2nmsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNWQyY2ZiZGI5ZDU4ZDU3NDBmZjM3NWEzMTViMzgyNTQ0
YTk0YWUwHhcNMjQwMTAyMDAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmE2NWJmYjg5MjhkNjA1NjE0YTU3NjAyZGVkZWQ5YjZjYjFhNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht9c5Hsm+8PIH+CStlUR4THTZT+C
3hwkoLm/ZhQW+nHiCoR2xPf4ldWQzV/iS4SIsfQGRqDQf4gxBaR0zi4rAxLwOVUd
9ydCNyzH5IoJbpzJRATxpBbW/Ibii82ym3fvkz2lwET8a2mNedZJksFhdG05Bs6t
zDHh9eBgPRO4Wh9DgV0/dQcTBewW9L4gdHkQwAoUZIMbxKcP6Rq/tYNu5uOvGe8r
pUti9UORId6v7CkuLz4KnUJYjctgr83ESqg07powN0EXDjBkuX6BTtHWdldiJR/I
clZIg3ecg7qAwSxyHGWHJ1+2pK8wozlLUYdn7PjVjnIzCYqqbMzeAvjBQQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE+mW/uJKNYFYUpXYC3t7ZtssacuMB8GA1UdIwQY
MBaAFNxdLPvbnVjVdA/zdaMVs4JUSpSuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Ywcy05dWRXTlYwRF9OMW94V3pnbFJLbEs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wYjk5ZDktNWFlOS00YWE2LWEyZmMt
MTg0MjM0OGY1YzZjLzEvVDZaYi00a28xZ1ZoU2xkZ0xlM3RtMnl4cHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wYjk5ZDktNWFlOS00YWE2LWEyZmMtMTg0MjM0OGY1YzZj
LzEvM0Ywcy05dWRXTlYwRF9OMW94V3pnbFJLbEs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZUIAwQA
uRUwAwQCufJAMA0EAgACMAcDBQMqDMCAMA0GCSqGSIb3DQEBCwUAA4IBAQCAvex8
zKHlILqoDWP3o7DPugUnSj/zrRvfjJ1eyxxQSP2oWX5/DwJxg3pTZ1p2e3XAL8eU
QE2hWvq2hool/Mil3FLoHvBiJ4GWXfLaBMxeYYVm8vjVPuiGn3n5KoLLCkGiXds2
APAN+KJBUTz/Kt/ldgDWJc9uf1Qx2zWiRtqNY2QwQXqtpK1Ust/HNdxudRdDUfLD
t43vjA79uORrdV7/R/wQH4bThBmTcpizgKAMoq3D8FGuKN2j620cKFzf3lc1cHJg
8TWoFqSkebSHEu5oIYvlZO06xSaCJQ1iftAity2rI+zHR6RdWrwgUJAsKwEbvsm7
fAg5mGuaukfJJH8v
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:10:39 2024 by rpki-client on console-ams.rpki-client.org