Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/h58SHKJxNStdxjrDZAvyv5aROFU.roa
File: h58SHKJxNStdxjrDZAvyv5aROFU.roa (raw, json)
Hash identifier: x0CELqKL1gqtGYSo+2gS3NmZTvPp5rOrOzgxs29MP1U=
Subject key identifier: 87:9F:12:1C:A2:71:35:2B:5D:C6:3A:C3:64:0B:F2:BF:96:91:38:55
Certificate issuer: /CN=c8d322beb7e363f4d4575e1e4feee5ccb84e1275
Certificate serial: 018CC649EE4DA7EEFB500680637FC8879A3A
Authority key identifier: C8:D3:22:BE:B7:E3:63:F4:D4:57:5E:1E:4F:EE:E5:CC:B8:4E:12:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNMivrfjY_TUV14eT-7lzLhOEnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/h58SHKJxNStdxjrDZAvyv5aROFU.roa
Signing time: Mon 01 Jan 2024 18:29:43 +0000
ROA not before: Mon 01 Jan 2024 18:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200562
IP address blocks: 146.255.116.0/22 maxlen: 22
45.159.172.0/22 maxlen: 22
185.75.144.0/22 maxlen: 22
2a05:5300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/yNMivrfjY_TUV14eT-7lzLhOEnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/yNMivrfjY_TUV14eT-7lzLhOEnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yNMivrfjY_TUV14eT-7lzLhOEnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:ee:4d:a7:ee:fb:50:06:80:63:7f:c8:87:9a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d322beb7e363f4d4575e1e4feee5ccb84e1275
Validity
Not Before: Jan 1 18:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=879f121ca271352b5dc63ac3640bf2bf96913855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:86:e2:d5:cd:63:62:38:d0:b8:51:9d:aa:74:
61:61:ac:39:19:d7:60:35:62:48:b6:8a:71:b5:f8:
6f:55:c7:20:25:36:ad:29:cb:3a:2f:47:c5:37:03:
6f:a7:7b:c8:91:e7:64:0c:fe:90:23:5c:7a:ad:b4:
88:3e:d3:45:25:10:62:81:05:87:50:f6:82:4d:30:
2b:f0:9e:2b:b5:48:48:22:34:72:fa:52:89:85:08:
53:6b:93:44:e9:1c:9b:1d:95:f9:35:0c:08:2c:6f:
30:02:7c:d7:a0:31:ba:a6:40:c7:ac:59:47:dc:28:
19:cf:c0:e7:14:51:3d:0b:eb:85:29:eb:50:a7:b0:
42:a7:03:3c:fe:b5:0e:59:c4:3e:f8:6e:71:13:3a:
6e:f0:44:0e:66:4d:38:49:85:08:dd:e0:63:04:d3:
ea:2a:93:9c:c4:f4:90:e2:78:fa:ad:48:ae:6e:7d:
fa:c6:cd:2a:1f:cd:88:48:96:d7:1e:f0:2d:ee:34:
d7:62:56:52:d6:cd:95:f4:d2:b7:d5:96:b9:3f:fe:
b0:9b:dc:1c:ab:c8:6d:e4:44:4e:89:59:6f:77:27:
21:84:4d:9b:74:e2:aa:40:ef:6f:7f:b2:1a:56:0e:
dc:2f:7f:91:22:c1:5c:ee:c4:2a:db:1e:9b:7c:4a:
4f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:9F:12:1C:A2:71:35:2B:5D:C6:3A:C3:64:0B:F2:BF:96:91:38:55
X509v3 Authority Key Identifier:
keyid:C8:D3:22:BE:B7:E3:63:F4:D4:57:5E:1E:4F:EE:E5:CC:B8:4E:12:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNMivrfjY_TUV14eT-7lzLhOEnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/h58SHKJxNStdxjrDZAvyv5aROFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ef4db0-b6c9-47aa-84c1-dc3769e8f6a1/1/yNMivrfjY_TUV14eT-7lzLhOEnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.172.0/22
146.255.116.0/22
185.75.144.0/22
IPv6:
2a05:5300::/29
Signature Algorithm: sha256WithRSAEncryption
69:52:d9:30:1b:20:91:36:54:61:3d:43:39:88:1e:be:ae:be:
fb:a0:65:ff:f4:70:b7:af:33:d0:3f:9d:6e:10:2c:ad:34:54:
03:23:2c:b4:40:32:55:e6:f2:79:cb:58:d4:61:2f:fb:6f:42:
57:02:86:9e:08:10:32:fb:a4:4f:58:77:38:58:70:9f:9d:f4:
ec:a0:a0:20:94:bb:e8:f9:fc:fe:c3:00:97:40:fa:2a:9a:45:
3d:95:91:5c:b4:92:17:48:5f:d0:d0:a4:d7:a0:a5:ee:6d:01:
79:83:82:c6:ab:84:e8:16:e5:86:bd:f6:57:3f:17:e6:1d:ab:
15:07:b9:0b:87:cc:d2:76:75:46:7d:99:18:51:2a:97:d2:90:
37:b0:b6:ae:77:4b:a6:00:ad:b9:55:66:af:43:43:be:0c:16:
4a:f7:b1:13:55:57:0e:63:d7:25:86:a4:f9:98:e5:7d:36:0c:
27:d1:b9:f9:4b:e3:96:2c:b0:cb:a1:87:ef:d6:3d:3e:9c:61:
45:36:76:03:ae:29:50:0b:87:ba:9d:06:23:11:ee:ac:be:77:
8b:f6:79:51:d4:5b:b0:b9:a2:6e:3b:34:57:fc:85:89:22:3e:
b4:8c:56:aa:f4:f4:53:50:78:e1:67:15:a0:e9:95:f7:24:12:
4f:86:e1:a7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSe5Np+77UAaAY3/Ih5o6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDMyMmJlYjdlMzYzZjRkNDU3NWUxZTRmZWVlNWNjYjg0
ZTEyNzUwHhcNMjQwMTAxMTgyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzlmMTIxY2EyNzEzNTJiNWRjNjNhYzM2NDBiZjJiZjk2OTEzODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4bi1c1jYjjQuFGdqnRhYaw5Gddg
NWJItopxtfhvVccgJTatKcs6L0fFNwNvp3vIkedkDP6QI1x6rbSIPtNFJRBigQWH
UPaCTTAr8J4rtUhIIjRy+lKJhQhTa5NE6RybHZX5NQwILG8wAnzXoDG6pkDHrFlH
3CgZz8DnFFE9C+uFKetQp7BCpwM8/rUOWcQ++G5xEzpu8EQOZk04SYUI3eBjBNPq
KpOcxPSQ4nj6rUiubn36xs0qH82ISJbXHvAt7jTXYlZS1s2V9NK31Za5P/6wm9wc
q8ht5EROiVlvdychhE2bdOKqQO9vf7IaVg7cL3+RIsFc7sQq2x6bfEpPKwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIefEhyicTUrXcY6w2QL8r+WkThVMB8GA1UdIwQY
MBaAFMjTIr6342P01FdeHk/u5cy4ThJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5NaXZyZmpZX1RVVjE0ZVQtN2x6TGhPRW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9lZjRkYjAtYjZjOS00N2FhLTg0YzEt
ZGMzNzY5ZThmNmExLzEvaDU4U0hLSnhOU3RkeGpyRFpBdnl2NWFST0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9lZjRkYjAtYjZjOS00N2FhLTg0YzEtZGMzNzY5ZThmNmEx
LzEveU5NaXZyZmpZX1RVVjE0ZVQtN2x6TGhPRW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZ+sAwQC
kv90AwQCuUuQMA0EAgACMAcDBQMqBVMAMA0GCSqGSIb3DQEBCwUAA4IBAQBpUtkw
GyCRNlRhPUM5iB6+rr77oGX/9HC3rzPQP51uECytNFQDIyy0QDJV5vJ5y1jUYS/7
b0JXAoaeCBAy+6RPWHc4WHCfnfTsoKAglLvo+fz+wwCXQPoqmkU9lZFctJIXSF/Q
0KTXoKXubQF5g4LGq4ToFuWGvfZXPxfmHasVB7kLh8zSdnVGfZkYUSqX0pA3sLau
d0umAK25VWavQ0O+DBZK97ETVVcOY9clhqT5mOV9Ngwn0bn5S+OWLLDLoYfv1j0+
nGFFNnYDrilQC4e6nQYjEe6svneL9nlR1FuwuaJuOzRX/IWJIj60jFaq9PRTUHjh
ZxWg6ZX3JBJPhuGn
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:45:06 2024 by rpki-client on console-ams.rpki-client.org