Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/035e8a-70e3-487b-a04d-3d461dade4a9/1/8UjxeFiffhnoTYQzh-um7H-UJ9w.roa
File: 8UjxeFiffhnoTYQzh-um7H-UJ9w.roa (raw, json)
Hash identifier: 86njtbMxXJpG0FJxuO02geUPD9yqshA4G+HG1csUSwk=
Subject key identifier: F1:48:F1:78:58:9F:7E:19:E8:4D:84:33:87:EB:A6:EC:7F:94:27:DC
Certificate issuer: /CN=c19b5a2c49e1c648a70c708ae1bde40b644c7802
Certificate serial: 018E7A2B5A21CA25975C12158596A8AA9FD0
Authority key identifier: C1:9B:5A:2C:49:E1:C6:48:A7:0C:70:8A:E1:BD:E4:0B:64:4C:78:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wZtaLEnhxkinDHCK4b3kC2RMeAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/035e8a-70e3-487b-a04d-3d461dade4a9/1/8UjxeFiffhnoTYQzh-um7H-UJ9w.roa
Signing time: Tue 26 Mar 2024 09:50:45 +0000
ROA not before: Tue 26 Mar 2024 09:50:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42148
IP address blocks: 45.94.116.0/22 maxlen: 22
45.94.116.0/24 maxlen: 24
45.94.117.0/24 maxlen: 24
45.94.118.0/24 maxlen: 24
45.94.119.0/24 maxlen: 24
45.134.64.0/22 maxlen: 22
45.134.64.0/24 maxlen: 24
45.134.65.0/24 maxlen: 24
45.134.66.0/24 maxlen: 24
45.134.67.0/24 maxlen: 24
185.150.152.0/22 maxlen: 22
2a07:7180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/035e8a-70e3-487b-a04d-3d461dade4a9/1/wZtaLEnhxkinDHCK4b3kC2RMeAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/035e8a-70e3-487b-a04d-3d461dade4a9/1/wZtaLEnhxkinDHCK4b3kC2RMeAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/wZtaLEnhxkinDHCK4b3kC2RMeAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:2b:5a:21:ca:25:97:5c:12:15:85:96:a8:aa:9f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c19b5a2c49e1c648a70c708ae1bde40b644c7802
Validity
Not Before: Mar 26 09:50:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f148f178589f7e19e84d843387eba6ec7f9427dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8c:3c:10:5a:83:55:b7:cf:1f:0f:15:ce:ef:
c7:06:77:c7:f8:7a:d9:80:7b:e6:f4:a3:32:e9:e6:
12:da:44:e4:2b:12:61:60:56:fd:48:e0:36:77:62:
00:38:0d:e5:07:5d:3b:6b:a6:54:9a:77:a5:c3:c5:
9d:c7:2f:67:54:3d:80:18:de:b1:34:54:52:dc:4a:
3e:52:64:2c:3e:49:0a:0e:61:51:5c:6d:a3:0e:07:
dc:2c:9f:5a:c2:f5:7b:2a:ec:9e:66:a0:6f:9a:ca:
52:0d:71:26:a4:e6:a6:a2:68:12:86:55:19:60:d2:
9f:87:e1:d4:65:99:9a:f3:ca:b2:e9:54:04:64:fe:
c6:cf:5d:5a:5f:25:18:a1:8a:c5:20:2b:ac:6d:d4:
04:ad:57:fe:8e:26:ca:b7:03:9f:b8:e6:1c:3e:ed:
e1:2a:02:d1:ee:c4:97:87:44:e4:ae:dc:27:2f:89:
27:84:de:8a:48:ce:15:05:b8:0c:af:dd:f9:a6:a1:
6a:6d:71:3a:a0:0c:eb:b4:19:fe:fa:36:05:37:43:
58:b7:2c:98:e9:be:1a:b7:ef:5a:c0:9e:7e:b5:b7:
58:dd:8c:b8:e0:e1:cd:01:e0:6f:09:1c:72:56:1a:
59:f9:ea:bc:ea:58:27:a2:96:35:fb:50:21:84:d7:
61:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:48:F1:78:58:9F:7E:19:E8:4D:84:33:87:EB:A6:EC:7F:94:27:DC
X509v3 Authority Key Identifier:
keyid:C1:9B:5A:2C:49:E1:C6:48:A7:0C:70:8A:E1:BD:E4:0B:64:4C:78:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wZtaLEnhxkinDHCK4b3kC2RMeAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/035e8a-70e3-487b-a04d-3d461dade4a9/1/8UjxeFiffhnoTYQzh-um7H-UJ9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/035e8a-70e3-487b-a04d-3d461dade4a9/1/wZtaLEnhxkinDHCK4b3kC2RMeAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.116.0/22
45.134.64.0/22
185.150.152.0/22
IPv6:
2a07:7180::/29
Signature Algorithm: sha256WithRSAEncryption
a7:dc:05:fd:99:22:37:5b:03:03:cc:c6:03:52:48:01:dd:ef:
16:bf:f5:7a:a3:73:73:66:83:01:30:80:4d:b5:f4:8d:05:91:
63:2b:bf:5f:a3:f9:75:61:02:64:1b:34:02:42:41:13:e5:16:
02:dd:2e:8d:4f:b3:49:08:fb:d1:aa:b8:34:81:90:01:e9:76:
03:e8:3d:22:19:e3:6a:17:b7:b6:78:62:fd:b1:b8:63:0e:4e:
77:c8:92:71:84:32:30:16:09:81:5a:18:5c:85:d6:d3:e9:f6:
05:b2:c6:c5:d5:4c:03:84:b1:16:9e:76:71:6d:9c:90:cb:e0:
11:8e:e4:bc:7f:80:3a:d0:39:9e:58:09:67:08:9f:8d:f5:77:
1b:12:57:85:ad:8a:0a:0c:24:7b:9b:8c:1b:03:01:f4:55:c6:
cd:3f:1e:7a:39:4c:b1:a0:66:6a:46:4c:58:c9:c6:ca:c3:bd:
cb:a7:51:e8:d9:ff:e4:fc:24:07:19:59:a8:10:8e:8b:d5:84:
20:f4:98:1e:bd:19:c4:73:5a:e4:9f:ad:2b:83:66:23:fe:bf:
eb:04:b9:20:8b:c4:97:d3:f5:9d:29:aa:16:47:01:ec:2d:b0:
b2:f3:1f:dc:bf:6a:5e:86:bb:41:70:00:c2:5a:9d:07:5c:03:
ed:77:9a:ba
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY56K1ohyiWXXBIVhZaoqp/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxOWI1YTJjNDllMWM2NDhhNzBjNzA4YWUxYmRlNDBiNjQ0
Yzc4MDIwHhcNMjQwMzI2MDk1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTQ4ZjE3ODU4OWY3ZTE5ZTg0ZDg0MzM4N2ViYTZlYzdmOTQyN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYw8EFqDVbfPHw8Vzu/HBnfH+HrZ
gHvm9KMy6eYS2kTkKxJhYFb9SOA2d2IAOA3lB107a6ZUmnelw8Wdxy9nVD2AGN6x
NFRS3Eo+UmQsPkkKDmFRXG2jDgfcLJ9awvV7KuyeZqBvmspSDXEmpOamomgShlUZ
YNKfh+HUZZma88qy6VQEZP7Gz11aXyUYoYrFICusbdQErVf+jibKtwOfuOYcPu3h
KgLR7sSXh0TkrtwnL4knhN6KSM4VBbgMr935pqFqbXE6oAzrtBn++jYFN0NYtyyY
6b4at+9awJ5+tbdY3Yy44OHNAeBvCRxyVhpZ+eq86lgnopY1+1AhhNdhQQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPFI8XhYn34Z6E2EM4frpux/lCfcMB8GA1UdIwQY
MBaAFMGbWixJ4cZIpwxwiuG95AtkTHgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1p0YUxFbmh4a2luREhDSzRiM2tDMlJNZUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8wMzVlOGEtNzBlMy00ODdiLWEwNGQt
M2Q0NjFkYWRlNGE5LzEvOFVqeGVGaWZmaG5vVFlRemgtdW03SC1VSjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8wMzVlOGEtNzBlMy00ODdiLWEwNGQtM2Q0NjFkYWRlNGE5
LzEvd1p0YUxFbmh4a2luREhDSzRiM2tDMlJNZUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLV50AwQC
LYZAAwQCuZaYMA0EAgACMAcDBQMqB3GAMA0GCSqGSIb3DQEBCwUAA4IBAQCn3AX9
mSI3WwMDzMYDUkgB3e8Wv/V6o3NzZoMBMIBNtfSNBZFjK79fo/l1YQJkGzQCQkET
5RYC3S6NT7NJCPvRqrg0gZAB6XYD6D0iGeNqF7e2eGL9sbhjDk53yJJxhDIwFgmB
WhhchdbT6fYFssbF1UwDhLEWnnZxbZyQy+ARjuS8f4A60DmeWAlnCJ+N9XcbEleF
rYoKDCR7m4wbAwH0VcbNPx56OUyxoGZqRkxYycbKw73Lp1Ho2f/k/CQHGVmoEI6L
1YQg9JgevRnEc1rkn60rg2Yj/r/rBLkgi8SX0/WdKaoWRwHsLbCy8x/cv2pehrtB
cADCWp0HXAPtd5q6
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:26 2024 by rpki-client on console-fra.rpki-client.org