Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/uCQrcfXgrSZk21T-UnS7GtypZ-4.roa
File: uCQrcfXgrSZk21T-UnS7GtypZ-4.roa (raw, json)
Hash identifier: 9wcOKcYiTq08IY/wUDpdVgSDMZjgh1torwqst0AloyA=
Subject key identifier: B8:24:2B:71:F5:E0:AD:26:64:DB:54:FE:52:74:BB:1A:DC:A9:67:EE
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 018F33D3C8069829997246210A0FD514B8D2
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/uCQrcfXgrSZk21T-UnS7GtypZ-4.roa
Signing time: Wed 01 May 2024 11:04:28 +0000
ROA not before: Wed 01 May 2024 11:04:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64475
IP address blocks: 45.157.8.0/23 maxlen: 24
2a0f:3785::/32 maxlen: 48
2a0f:3786::/40 maxlen: 40
2a0f:3786:10::/44 maxlen: 44
2a0f:3786:20::/44 maxlen: 44
2a0f:3786:80::/41 maxlen: 48
2a0f:3786:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:d3:c8:06:98:29:99:72:46:21:0a:0f:d5:14:b8:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: May 1 11:04:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8242b71f5e0ad2664db54fe5274bb1adca967ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:66:c0:08:36:81:b0:f6:5b:f9:47:6d:39:ce:
60:c8:e9:ce:c2:9e:61:ca:de:60:be:3c:56:bb:ec:
ae:79:d3:b5:62:59:55:3a:40:6a:1a:76:85:5e:43:
47:97:b9:8f:b8:8b:f2:45:62:6d:a2:56:62:90:0c:
c8:48:24:c7:fe:90:43:81:db:0a:22:e3:ea:87:65:
4b:3a:7d:96:1b:38:ce:04:b2:20:8c:cc:69:a2:00:
31:38:f2:b2:d7:a4:24:14:a2:73:d3:cb:d3:c4:3f:
d6:44:dc:b0:30:f4:a7:dc:18:3e:7a:8d:43:56:1f:
4e:0b:61:7f:d2:86:73:01:e0:15:67:8e:2c:48:30:
d9:70:1d:d5:a2:40:e0:a0:bc:d8:da:84:11:7b:a1:
97:d5:04:a6:37:14:61:96:ef:00:db:57:6d:f2:6b:
d9:03:6a:95:d2:80:f8:bb:53:b4:5e:ad:82:20:6f:
6a:ff:c4:3c:d8:42:9f:7b:a5:fc:a0:b6:06:f5:07:
bb:ee:89:ee:b4:86:31:3d:25:54:95:e2:61:8b:3c:
f4:7d:70:e5:e1:d0:6e:7e:da:eb:a9:5b:61:2e:ad:
da:f0:3d:49:b8:67:20:eb:25:62:11:0a:a2:4c:00:
85:da:31:07:22:05:3f:fd:55:45:8b:07:0c:fb:15:
41:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:24:2B:71:F5:E0:AD:26:64:DB:54:FE:52:74:BB:1A:DC:A9:67:EE
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/uCQrcfXgrSZk21T-UnS7GtypZ-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.8.0/23
IPv6:
2a0f:3785::-2a0f:3786:100:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:f1:10:7b:1a:30:c0:ac:ab:9f:2d:5b:e0:82:16:ca:98:05:
ec:fb:77:7d:59:a4:51:66:0d:3b:d3:c0:98:b2:d7:72:33:47:
9f:2a:6b:78:69:4c:97:e9:c4:18:1f:08:5b:06:dd:cb:da:d4:
b1:ef:d8:0f:1d:f9:57:42:4a:aa:75:31:c6:ec:61:a1:7c:84:
01:e2:92:4a:47:5e:98:38:2d:55:ad:9f:dd:d5:f9:3c:ae:af:
d4:19:15:44:b8:86:a9:24:a1:54:fe:8c:34:93:f3:c7:8d:f8:
08:5b:ec:2c:c7:0a:2d:a5:18:31:68:4e:64:95:67:9f:2d:c8:
59:e6:b8:53:f6:91:fe:a4:c1:73:61:2d:25:6d:e2:24:8f:85:
05:36:29:56:1a:65:55:1c:e4:84:58:dd:41:d0:08:6a:09:1c:
04:2c:02:f7:8f:3a:93:fc:e3:7d:90:0e:eb:66:47:ac:db:bd:
8a:ce:77:44:5c:5b:5c:fc:64:58:6b:4b:7e:9a:8b:56:7b:b9:
9c:87:e4:2a:a7:ae:f7:23:8e:eb:5e:56:d2:c1:cb:6a:9d:d5:
41:f3:9e:05:b0:79:47:99:54:0b:26:16:0a:04:8b:6f:52:c6:
9e:a4:dc:4a:ab:98:65:52:63:8f:9c:71:48:9f:33:46:78:2b:
04:c2:6c:58
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY8z08gGmCmZckYhCg/VFLjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjQwNTAxMTEwNDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODI0MmI3MWY1ZTBhZDI2NjRkYjU0ZmU1Mjc0YmIxYWRjYTk2N2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92bACDaBsPZb+UdtOc5gyOnOwp5h
yt5gvjxWu+yuedO1YllVOkBqGnaFXkNHl7mPuIvyRWJtolZikAzISCTH/pBDgdsK
IuPqh2VLOn2WGzjOBLIgjMxpogAxOPKy16QkFKJz08vTxD/WRNywMPSn3Bg+eo1D
Vh9OC2F/0oZzAeAVZ44sSDDZcB3VokDgoLzY2oQRe6GX1QSmNxRhlu8A21dt8mvZ
A2qV0oD4u1O0Xq2CIG9q/8Q82EKfe6X8oLYG9Qe77onutIYxPSVUleJhizz0fXDl
4dBuftrrqVthLq3a8D1JuGcg6yViEQqiTACF2jEHIgU//VVFiwcM+xVBiwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLgkK3H14K0mZNtU/lJ0uxrcqWfuMB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvdUNRcmNmWGdyU1prMjFULVVuUzdHdHlwWi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBLZ0IMBgE
AgACMBIwEAMFACoPN4UDBwAqDzeGAQAwDQYJKoZIhvcNAQELBQADggEBAHnxEHsa
MMCsq58tW+CCFsqYBez7d31ZpFFmDTvTwJiy13IzR58qa3hpTJfpxBgfCFsG3cva
1LHv2A8d+VdCSqp1McbsYaF8hAHikkpHXpg4LVWtn93V+Tyur9QZFUS4hqkkoVT+
jDST88eN+Ahb7CzHCi2lGDFoTmSVZ58tyFnmuFP2kf6kwXNhLSVt4iSPhQU2KVYa
ZVUc5IRY3UHQCGoJHAQsAvePOpP8432QDutmR6zbvYrOd0RcW1z8ZFhrS36ai1Z7
uZyH5CqnrvcjjuteVtLBy2qd1UHzngWweUeZVAsmFgoEi29Sxp6k3EqrmGVSY4+c
cUifM0Z4KwTCbFg=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:37:34 2024 by rpki-client on console-ams.rpki-client.org