Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/087c77-8fa0-41a1-b28e-8010f13ba15a/1/xz2xx6U07DhZ2TSETQip8SdIj7o.roa
File: xz2xx6U07DhZ2TSETQip8SdIj7o.roa (raw, json)
Hash identifier: nh3ACcrP2YQdO/nuy5OOh+ZeWbYARMxtQlFZ7CP78pY=
Subject key identifier: C7:3D:B1:C7:A5:34:EC:38:59:D9:34:84:4D:08:A9:F1:27:48:8F:BA
Certificate issuer: /CN=480526dbf3d578ed8b630c0e71dbd18cd547a5cd
Certificate serial: 019113939565EB435D6CA19366B1799023C9
Authority key identifier: 48:05:26:DB:F3:D5:78:ED:8B:63:0C:0E:71:DB:D1:8C:D5:47:A5:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAUm2_PVeO2LYwwOcdvRjNVHpc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/087c77-8fa0-41a1-b28e-8010f13ba15a/1/xz2xx6U07DhZ2TSETQip8SdIj7o.roa
Signing time: Fri 02 Aug 2024 14:52:04 +0000
ROA not before: Fri 02 Aug 2024 14:52:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208247
IP address blocks: 45.151.86.0/23 maxlen: 23
45.151.86.0/24 maxlen: 24
45.151.87.0/24 maxlen: 24
2a0f:1500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/087c77-8fa0-41a1-b28e-8010f13ba15a/1/SAUm2_PVeO2LYwwOcdvRjNVHpc0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/087c77-8fa0-41a1-b28e-8010f13ba15a/1/SAUm2_PVeO2LYwwOcdvRjNVHpc0.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAUm2_PVeO2LYwwOcdvRjNVHpc0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:93:95:65:eb:43:5d:6c:a1:93:66:b1:79:90:23:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=480526dbf3d578ed8b630c0e71dbd18cd547a5cd
Validity
Not Before: Aug 2 14:52:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c73db1c7a534ec3859d934844d08a9f127488fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:78:1d:17:37:e5:23:21:f4:da:6d:97:2a:39:
a7:71:0a:1c:fa:e3:c5:f1:97:99:f4:24:06:23:7c:
0b:64:94:bb:cd:01:d5:5c:4b:3c:3d:87:9f:7b:ed:
1d:ba:aa:da:29:cc:6b:86:d2:03:6c:2c:28:05:ed:
fc:f8:2d:94:8f:9a:21:7f:b7:12:f4:10:54:b7:b4:
80:99:81:4e:7e:e5:c0:34:73:c6:f1:88:15:53:9f:
79:ef:4e:4f:03:d9:e0:4a:bb:6f:04:75:63:8c:14:
e6:12:69:1f:02:29:e3:34:c2:00:2b:d7:08:dc:8d:
69:15:8f:63:14:85:b0:4c:fc:6d:4a:ce:c0:2f:08:
45:df:c9:8a:f4:32:55:2e:08:6d:72:43:c9:6d:cb:
25:7b:f0:f2:fe:a7:c9:9b:93:8b:b4:f4:f0:80:6d:
d3:c3:85:2f:2c:7f:c4:74:0e:2a:a4:18:71:da:1e:
44:f9:65:ff:12:a3:76:9e:36:df:9e:c6:14:ad:bb:
53:26:5c:c9:9c:8a:bd:ca:e8:3c:6f:d1:f2:9d:3e:
86:bb:74:32:36:e0:53:63:25:dd:c9:00:a7:ec:f4:
5f:82:51:9a:77:7c:fc:89:b1:28:b4:04:67:ca:bf:
3f:f4:57:1b:69:ae:b4:f6:87:c6:19:47:b9:3d:37:
4c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3D:B1:C7:A5:34:EC:38:59:D9:34:84:4D:08:A9:F1:27:48:8F:BA
X509v3 Authority Key Identifier:
keyid:48:05:26:DB:F3:D5:78:ED:8B:63:0C:0E:71:DB:D1:8C:D5:47:A5:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAUm2_PVeO2LYwwOcdvRjNVHpc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/087c77-8fa0-41a1-b28e-8010f13ba15a/1/xz2xx6U07DhZ2TSETQip8SdIj7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/087c77-8fa0-41a1-b28e-8010f13ba15a/1/SAUm2_PVeO2LYwwOcdvRjNVHpc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.86.0/23
IPv6:
2a0f:1500::/29
Signature Algorithm: sha256WithRSAEncryption
86:1a:75:ba:87:99:56:9a:77:06:68:5e:aa:1d:e1:8a:81:0a:
87:ca:88:a2:fd:37:40:42:22:06:a5:4c:f9:41:54:17:f9:b4:
6f:30:bc:99:94:2c:16:60:91:a8:22:d3:76:58:12:80:84:43:
9e:aa:0f:60:b4:59:95:fb:49:d1:9e:49:fd:66:aa:94:00:6c:
52:55:90:bf:64:37:1e:f3:69:27:a8:81:6e:0d:ab:64:3e:20:
a2:f6:bc:b6:7e:86:7f:be:63:8d:82:f2:f2:1e:08:3e:f4:65:
ac:b6:87:7b:e0:27:d7:48:ca:79:b7:fa:51:33:d4:57:c9:4b:
62:9b:3f:a3:92:5e:65:5a:2c:a2:c2:55:ce:1d:c1:93:8a:69:
94:62:5b:e3:0d:47:a6:0e:0a:cf:80:f8:b3:ae:9d:1d:c4:83:
28:62:88:c7:3a:f2:46:71:42:60:5b:04:7e:8f:1c:b7:9c:72:
5a:4c:95:bd:69:c7:f4:2c:41:61:7a:25:9a:4d:0a:8c:41:54:
08:32:fe:ac:18:06:e8:db:b8:52:e9:26:70:28:aa:80:2d:9c:
9a:56:1f:8c:5f:09:7a:04:d3:97:76:54:1c:cd:5f:89:aa:84:
4e:00:41:9f:92:b1:00:e5:ca:95:2f:29:99:f1:92:19:d8:e1:
e0:07:a0:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZETk5Vl60NdbKGTZrF5kCPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDUyNmRiZjNkNTc4ZWQ4YjYzMGMwZTcxZGJkMThjZDU0
N2E1Y2QwHhcNMjQwODAyMTQ1MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzNkYjFjN2E1MzRlYzM4NTlkOTM0ODQ0ZDA4YTlmMTI3NDg4ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwngdFzflIyH02m2XKjmncQoc+uPF
8ZeZ9CQGI3wLZJS7zQHVXEs8PYefe+0duqraKcxrhtIDbCwoBe38+C2Uj5ohf7cS
9BBUt7SAmYFOfuXANHPG8YgVU595705PA9ngSrtvBHVjjBTmEmkfAinjNMIAK9cI
3I1pFY9jFIWwTPxtSs7ALwhF38mK9DJVLghtckPJbcsle/Dy/qfJm5OLtPTwgG3T
w4UvLH/EdA4qpBhx2h5E+WX/EqN2njbfnsYUrbtTJlzJnIq9yug8b9HynT6Gu3Qy
NuBTYyXdyQCn7PRfglGad3z8ibEotARnyr8/9Fcbaa609ofGGUe5PTdMNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMc9scelNOw4Wdk0hE0IqfEnSI+6MB8GA1UdIwQY
MBaAFEgFJtvz1Xjti2MMDnHb0YzVR6XNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FVbTJfUFZlTzJMWXd3T2NkdlJqTlZIcGMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wODdjNzctOGZhMC00MWExLWIyOGUt
ODAxMGYxM2JhMTVhLzEveHoyeHg2VTA3RGhaMlRTRVRRaXA4U2RJajdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wODdjNzctOGZhMC00MWExLWIyOGUtODAxMGYxM2JhMTVh
LzEvU0FVbTJfUFZlTzJMWXd3T2NkdlJqTlZIcGMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLZdWMA0E
AgACMAcDBQMqDxUAMA0GCSqGSIb3DQEBCwUAA4IBAQCGGnW6h5lWmncGaF6qHeGK
gQqHyoii/TdAQiIGpUz5QVQX+bRvMLyZlCwWYJGoItN2WBKAhEOeqg9gtFmV+0nR
nkn9ZqqUAGxSVZC/ZDce82knqIFuDatkPiCi9ry2foZ/vmONgvLyHgg+9GWstod7
4CfXSMp5t/pRM9RXyUtimz+jkl5lWiyiwlXOHcGTimmUYlvjDUemDgrPgPizrp0d
xIMoYojHOvJGcUJgWwR+jxy3nHJaTJW9acf0LEFheiWaTQqMQVQIMv6sGAbo27hS
6SZwKKqALZyaVh+MXwl6BNOXdlQczV+JqoROAEGfkrEA5cqVLymZ8ZIZ2OHgB6Dh
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:53:00 2024 by rpki-client on console-ams.rpki-client.org