Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/n-aqSwR2X_mJ8nj-vsH7vY4C9Io.roa
File: n-aqSwR2X_mJ8nj-vsH7vY4C9Io.roa (raw, json)
Hash identifier: iUJbq6AYapPSO596+YyM8vKarq6LJaBYFjg++suodzw=
Subject key identifier: 9F:E6:AA:4B:04:76:5F:F9:89:F2:78:FE:BE:C1:FB:BD:8E:02:F4:8A
Certificate issuer: /CN=8a72b60f5fb4930016ceb860cc174a53135f1616
Certificate serial: 018CC6B93DE0AB46D3F18647FB6E4D0D1B2E
Authority key identifier: 8A:72:B6:0F:5F:B4:93:00:16:CE:B8:60:CC:17:4A:53:13:5F:16:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/inK2D1-0kwAWzrhgzBdKUxNfFhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/n-aqSwR2X_mJ8nj-vsH7vY4C9Io.roa
Signing time: Mon 01 Jan 2024 20:31:17 +0000
ROA not before: Mon 01 Jan 2024 20:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45009
IP address blocks: 45.150.43.0/24 maxlen: 24
45.150.40.0/24 maxlen: 24
45.150.41.0/24 maxlen: 24
45.150.40.0/22 maxlen: 22
45.150.42.0/24 maxlen: 24
2a0f:9201::/48 maxlen: 48
2a0f:9207::/32 maxlen: 32
2a0f:9200::/29 maxlen: 29
2a0f:9207::/48 maxlen: 48
2a0f:9200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/inK2D1-0kwAWzrhgzBdKUxNfFhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/inK2D1-0kwAWzrhgzBdKUxNfFhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/inK2D1-0kwAWzrhgzBdKUxNfFhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3d:e0:ab:46:d3:f1:86:47:fb:6e:4d:0d:1b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a72b60f5fb4930016ceb860cc174a53135f1616
Validity
Not Before: Jan 1 20:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fe6aa4b04765ff989f278febec1fbbd8e02f48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:53:e4:45:4b:9c:96:8c:4c:b0:71:33:fb:7d:
c5:af:65:38:f1:65:52:7b:4e:5d:f3:5e:3f:ce:b5:
e9:7d:d8:1b:4e:33:70:03:ab:5c:e2:4f:48:2e:a1:
1f:f3:1b:ad:75:91:9a:60:b3:98:a3:5b:8a:6f:0c:
61:35:38:00:d7:ce:d1:f6:d4:c0:2d:a3:2c:62:78:
c5:16:78:c0:db:7a:fe:97:e7:0f:1e:13:9c:9c:d3:
db:7c:42:6e:c0:cf:e4:6c:4e:3f:f7:78:1f:30:07:
41:75:3a:ed:07:ac:26:70:7e:93:0d:ec:5f:a9:e9:
61:f8:ed:8f:3b:f7:3b:98:8e:86:82:d3:bb:37:a8:
e9:42:18:b0:99:62:ee:00:08:8f:53:fe:3c:cf:55:
11:42:a9:5a:e3:4e:aa:32:89:f4:f3:dc:16:d9:a8:
56:22:21:43:58:93:9d:47:a8:6c:ab:ee:83:75:64:
55:9e:54:c0:41:a5:ec:79:5d:60:66:7a:59:cb:9f:
61:a0:20:fd:31:05:36:55:d5:5a:ef:da:16:2f:8f:
ef:86:68:9a:10:ca:88:dc:f3:5e:13:51:4a:62:da:
5b:2e:bd:d8:e3:75:9b:82:76:a6:11:45:81:cf:fa:
a9:5d:5c:5d:f9:6a:66:aa:59:9b:4c:20:ef:0b:2f:
f9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E6:AA:4B:04:76:5F:F9:89:F2:78:FE:BE:C1:FB:BD:8E:02:F4:8A
X509v3 Authority Key Identifier:
keyid:8A:72:B6:0F:5F:B4:93:00:16:CE:B8:60:CC:17:4A:53:13:5F:16:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/inK2D1-0kwAWzrhgzBdKUxNfFhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/n-aqSwR2X_mJ8nj-vsH7vY4C9Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/41fe89-08d6-44f8-b754-e08505c91066/1/inK2D1-0kwAWzrhgzBdKUxNfFhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.40.0/22
IPv6:
2a0f:9200::/29
Signature Algorithm: sha256WithRSAEncryption
a4:d5:49:06:0d:78:83:2d:38:c5:9f:89:3b:10:58:d1:78:fc:
c1:08:e2:6d:7d:20:2b:bb:b3:80:e1:22:ec:74:59:6b:04:b3:
00:96:0e:3f:8a:8f:66:f9:38:0e:59:10:74:1d:26:13:3e:59:
c7:0f:cf:45:31:ce:07:ba:85:32:0c:74:e8:d5:6f:ba:40:fe:
61:62:26:2b:63:34:0f:48:01:e3:0c:57:de:5a:ee:b4:94:02:
bd:97:15:90:cc:10:a1:dd:f1:11:49:e4:70:aa:56:a1:09:69:
d7:41:79:27:92:d9:79:ca:0d:3b:a7:86:cc:f6:18:ca:d1:f4:
bc:dd:f5:5c:b6:aa:08:f9:8d:02:1e:f0:93:2c:e8:a4:15:4e:
4a:34:2a:d9:ea:2d:99:4a:05:92:95:ba:34:ee:41:57:c1:f4:
1d:08:ee:cd:8f:db:72:f2:5f:b1:c3:b5:85:52:2e:9f:a6:79:
06:9b:97:8a:30:77:be:e3:58:5c:1b:db:da:d0:33:83:d5:ba:
67:a0:b1:51:fb:73:cd:82:e2:57:02:f5:ee:bb:e0:ad:dc:d4:
35:a7:76:d2:69:41:c2:53:55:c3:06:50:7d:e5:88:6b:77:23:
bd:5f:30:7a:41:f7:09:5a:46:8e:15:45:bc:4b:bc:94:c5:ab:
bd:1d:80:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuT3gq0bT8YZH+25NDRsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNzJiNjBmNWZiNDkzMDAxNmNlYjg2MGNjMTc0YTUzMTM1
ZjE2MTYwHhcNMjQwMTAxMjAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmU2YWE0YjA0NzY1ZmY5ODlmMjc4ZmViZWMxZmJiZDhlMDJmNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1PkRUucloxMsHEz+33Fr2U48WVS
e05d814/zrXpfdgbTjNwA6tc4k9ILqEf8xutdZGaYLOYo1uKbwxhNTgA187R9tTA
LaMsYnjFFnjA23r+l+cPHhOcnNPbfEJuwM/kbE4/93gfMAdBdTrtB6wmcH6TDexf
qelh+O2PO/c7mI6GgtO7N6jpQhiwmWLuAAiPU/48z1URQqla406qMon089wW2ahW
IiFDWJOdR6hsq+6DdWRVnlTAQaXseV1gZnpZy59hoCD9MQU2VdVa79oWL4/vhmia
EMqI3PNeE1FKYtpbLr3Y43WbgnamEUWBz/qpXVxd+WpmqlmbTCDvCy/5JwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ/mqksEdl/5ifJ4/r7B+72OAvSKMB8GA1UdIwQY
MBaAFIpytg9ftJMAFs64YMwXSlMTXxYWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW5LMkQxLTBrd0FXenJoZ3pCZEtVeE5mRmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80MWZlODktMDhkNi00NGY4LWI3NTQt
ZTA4NTA1YzkxMDY2LzEvbi1hcVN3UjJYX21KOG5qLXZzSDd2WTRDOUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80MWZlODktMDhkNi00NGY4LWI3NTQtZTA4NTA1YzkxMDY2
LzEvaW5LMkQxLTBrd0FXenJoZ3pCZEtVeE5mRmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZYoMA0E
AgACMAcDBQMqD5IAMA0GCSqGSIb3DQEBCwUAA4IBAQCk1UkGDXiDLTjFn4k7EFjR
ePzBCOJtfSAru7OA4SLsdFlrBLMAlg4/io9m+TgOWRB0HSYTPlnHD89FMc4HuoUy
DHTo1W+6QP5hYiYrYzQPSAHjDFfeWu60lAK9lxWQzBCh3fERSeRwqlahCWnXQXkn
ktl5yg07p4bM9hjK0fS83fVctqoI+Y0CHvCTLOikFU5KNCrZ6i2ZSgWSlbo07kFX
wfQdCO7Nj9ty8l+xw7WFUi6fpnkGm5eKMHe+41hcG9va0DOD1bpnoLFR+3PNguJX
AvXuu+Ct3NQ1p3bSaUHCU1XDBlB95YhrdyO9XzB6QfcJWkaOFUW8S7yUxau9HYBX
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:17:05 2024 by rpki-client on console-fra.rpki-client.org