Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8FELwPa-qToq2LcYjFNqcSwzHSo.roa
File: 8FELwPa-qToq2LcYjFNqcSwzHSo.roa (raw, json)
Hash identifier: Hrg5E0MmrzUeg2gX2HQTYDTWO8iDFLnHwie/NUZit+M=
Subject key identifier: F0:51:0B:C0:F6:BE:A9:3A:2A:D8:B7:18:8C:53:6A:71:2C:33:1D:2A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3A3BF22BAE9F4D3A4B886851CEBD7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8FELwPa-qToq2LcYjFNqcSwzHSo.roa
Signing time: Thu 02 Jan 2025 15:47:51 +0000
ROA not before: Thu 02 Jan 2025 15:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60798
IP address blocks: 45.138.18.0/24 maxlen: 24
45.139.162.0/24 maxlen: 24
45.145.250.0/24 maxlen: 24
45.149.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:a3:bf:22:ba:e9:f4:d3:a4:b8:86:85:1c:eb:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0510bc0f6bea93a2ad8b7188c536a712c331d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d8:24:5d:7d:91:46:e0:dc:3b:63:d1:71:23:
61:9d:c6:71:8b:28:de:f2:80:e4:0a:2a:b5:dd:08:
38:bf:28:4a:bf:98:17:a6:91:8a:e7:cb:54:f4:8b:
2d:e7:23:24:2f:c3:e7:30:bc:6f:08:1c:95:34:f6:
40:b6:6c:24:d0:4e:8a:f7:61:5f:43:99:d2:6e:6a:
a4:87:df:00:7c:ce:70:63:6e:ba:ad:cd:92:c1:63:
68:6b:a3:46:d6:1a:4a:ba:46:8e:34:74:ec:f9:e5:
e7:a0:8b:63:bb:5d:20:2a:c4:2d:d6:a9:bb:02:84:
ca:20:48:78:f2:48:e1:ea:d6:ca:5e:e0:67:eb:39:
22:3b:fc:46:68:b7:be:50:06:b0:6e:e0:4f:6c:0e:
51:d3:b0:48:8a:33:e0:23:d6:db:05:ec:55:cf:c2:
47:36:d6:fd:2d:51:f9:2c:8c:f1:68:1b:e5:c4:c3:
d2:69:07:85:29:d3:13:59:fc:2e:04:75:0d:16:2c:
d1:28:ab:11:ab:b8:95:93:31:93:53:ca:2a:4f:78:
bb:d5:97:25:2a:c7:da:b4:f8:be:f0:47:e8:55:ea:
5e:d7:a4:b5:fc:14:fe:7f:ff:d0:d7:bc:c8:ee:6b:
20:27:08:aa:d4:72:b4:e3:3a:33:5f:8e:90:8c:45:
9c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:51:0B:C0:F6:BE:A9:3A:2A:D8:B7:18:8C:53:6A:71:2C:33:1D:2A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8FELwPa-qToq2LcYjFNqcSwzHSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.18.0/24
45.139.162.0/24
45.145.250.0/24
45.149.1.0/24
Signature Algorithm: sha256WithRSAEncryption
55:fc:7d:36:65:56:40:df:15:6e:fa:b2:d5:57:05:98:94:64:
83:ac:fa:54:54:c1:d8:75:55:02:14:2a:30:e2:87:63:97:37:
63:9a:e4:c1:53:08:29:6e:59:14:cc:01:34:ed:4e:2e:b0:55:
66:df:25:b5:de:5b:87:73:39:bd:d5:16:d8:35:5c:e2:7d:4c:
3f:cd:e6:88:31:0c:b5:60:83:ee:03:c7:fb:c3:61:7a:f6:c2:
75:e2:66:5b:a7:08:fa:1f:63:99:7c:5b:e3:e2:c1:1b:c7:40:
ab:dd:4a:be:c8:88:45:1e:4a:c5:c1:4f:97:49:47:c0:63:6e:
78:cb:03:7e:3c:eb:9a:54:a6:9a:31:ec:aa:30:80:ab:1b:9d:
f8:fc:66:2a:55:3c:7f:78:09:a4:b8:a6:47:42:f9:2f:b5:93:
a6:f4:df:51:27:fe:ab:f0:99:04:44:db:08:9d:b8:19:8b:65:
6b:3e:a8:2f:60:2d:1f:09:c8:5e:c0:5e:21:e7:89:01:1b:30:
3b:0a:14:4f:ae:23:cc:b3:6c:f9:cc:30:46:d2:57:37:86:63:
b0:7f:c6:8e:cd:48:74:58:f1:db:09:9e:16:b1:d9:3b:c6:e7:
20:02:6c:f4:4d:55:09:fb:2b:40:20:4b:ad:0a:0b:88:4d:b8:
29:9a:c9:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQns6O/Irrp9NOkuIaFHOvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDUxMGJjMGY2YmVhOTNhMmFkOGI3MTg4YzUzNmE3MTJjMzMxZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtgkXX2RRuDcO2PRcSNhncZxiyje
8oDkCiq13Qg4vyhKv5gXppGK58tU9Ist5yMkL8PnMLxvCByVNPZAtmwk0E6K92Ff
Q5nSbmqkh98AfM5wY266rc2SwWNoa6NG1hpKukaONHTs+eXnoItju10gKsQt1qm7
AoTKIEh48kjh6tbKXuBn6zkiO/xGaLe+UAawbuBPbA5R07BIijPgI9bbBexVz8JH
Ntb9LVH5LIzxaBvlxMPSaQeFKdMTWfwuBHUNFizRKKsRq7iVkzGTU8oqT3i71Zcl
KsfatPi+8EfoVepe16S1/BT+f//Q17zI7msgJwiq1HK04zozX46QjEWcswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPBRC8D2vqk6Kti3GIxTanEsMx0qMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOEZFTHdQYS1xVG9xMkxjWWpGTnFjU3d6SFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYoSAwQA
LYuiAwQALZH6AwQALZUBMA0GCSqGSIb3DQEBCwUAA4IBAQBV/H02ZVZA3xVu+rLV
VwWYlGSDrPpUVMHYdVUCFCow4odjlzdjmuTBUwgpblkUzAE07U4usFVm3yW13luH
czm91RbYNVzifUw/zeaIMQy1YIPuA8f7w2F69sJ14mZbpwj6H2OZfFvj4sEbx0Cr
3Uq+yIhFHkrFwU+XSUfAY254ywN+POuaVKaaMeyqMICrG534/GYqVTx/eAmkuKZH
QvkvtZOm9N9RJ/6r8JkERNsInbgZi2VrPqgvYC0fCchewF4h54kBGzA7ChRPriPM
s2z5zDBG0lc3hmOwf8aOzUh0WPHbCZ4Wsdk7xucgAmz0TVUJ+ytAIEutCguITbgp
msl4
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:50:27 2025 by rpki-client