Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/_MuTUhvFygA-NGgoaVLRd0IZh0I.roa
File: _MuTUhvFygA-NGgoaVLRd0IZh0I.roa (raw, json)
Hash identifier: N8i+Vc9q2/b3rT3IawRMDPMWumfd1Ycqm9w0iq5FO1E=
Subject key identifier: FC:CB:93:52:1B:C5:CA:00:3E:34:68:28:69:52:D1:77:42:19:87:42
Certificate issuer: /CN=3de49b1844fe4422afbe10cdd2819c7448277e65
Certificate serial: 018CC2DAF5CFD549B968A14E85CAC28A4A82
Authority key identifier: 3D:E4:9B:18:44:FE:44:22:AF:BE:10:CD:D2:81:9C:74:48:27:7E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeSbGET-RCKvvhDN0oGcdEgnfmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/_MuTUhvFygA-NGgoaVLRd0IZh0I.roa
Signing time: Mon 01 Jan 2024 02:29:38 +0000
ROA not before: Mon 01 Jan 2024 02:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216048
IP address blocks: 45.146.208.0/22 maxlen: 22
45.146.208.0/24 maxlen: 24
45.146.211.0/24 maxlen: 24
45.146.210.0/24 maxlen: 24
45.146.209.0/24 maxlen: 24
2a00:1e2a::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/PeSbGET-RCKvvhDN0oGcdEgnfmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/PeSbGET-RCKvvhDN0oGcdEgnfmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/PeSbGET-RCKvvhDN0oGcdEgnfmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f5:cf:d5:49:b9:68:a1:4e:85:ca:c2:8a:4a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de49b1844fe4422afbe10cdd2819c7448277e65
Validity
Not Before: Jan 1 02:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fccb93521bc5ca003e3468286952d17742198742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0c:62:77:49:55:8f:44:4c:f1:f1:b1:6e:09:
d2:42:e0:56:7f:f0:b8:21:46:a7:2b:48:33:08:75:
54:a5:8a:35:33:7e:df:83:ba:88:bf:89:0f:3e:47:
f8:7d:e4:d1:f2:81:81:39:31:f3:1c:76:04:06:b4:
17:23:c0:3a:54:8a:79:55:fb:29:3f:8b:63:11:d2:
7c:72:3b:69:c3:a5:f8:ef:bd:67:b2:70:49:2d:71:
d9:d4:05:de:fa:ba:cb:72:8c:f8:52:5c:05:e4:33:
c6:b5:20:71:fe:3b:6c:63:db:6a:f3:8e:24:c8:44:
53:71:56:dd:c4:19:71:46:ad:23:a0:1e:95:ac:8a:
7e:26:30:c5:dc:23:1f:60:c2:7c:24:ed:e7:19:42:
5a:44:58:eb:32:58:7b:fd:b3:db:e1:9d:a5:c5:72:
ca:e8:6a:d2:29:5f:4e:98:d0:45:3f:8a:5b:e3:23:
e5:d5:88:07:45:dd:2b:57:86:95:99:91:b5:3e:5e:
d0:02:d3:f3:63:5f:88:bc:73:35:e5:73:0d:7d:35:
d1:93:4a:45:5b:c3:8b:0b:f1:17:d7:f8:8d:1c:b8:
3e:69:b5:34:73:2b:37:0b:ba:c0:c5:1c:91:ee:72:
b1:a9:af:44:a2:7c:bd:ab:24:c2:f6:67:f7:a8:d1:
9b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:CB:93:52:1B:C5:CA:00:3E:34:68:28:69:52:D1:77:42:19:87:42
X509v3 Authority Key Identifier:
keyid:3D:E4:9B:18:44:FE:44:22:AF:BE:10:CD:D2:81:9C:74:48:27:7E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeSbGET-RCKvvhDN0oGcdEgnfmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/_MuTUhvFygA-NGgoaVLRd0IZh0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/81b188-255d-49c7-9f98-0ac9b4d7eab7/1/PeSbGET-RCKvvhDN0oGcdEgnfmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.208.0/22
IPv6:
2a00:1e2a::/32
Signature Algorithm: sha256WithRSAEncryption
50:aa:b0:54:c6:77:b0:a6:0e:49:aa:f5:31:5a:9e:24:f9:c7:
db:85:42:8d:78:84:32:8b:2c:c1:f6:aa:7c:d3:7c:1e:1c:75:
41:17:8a:eb:77:5b:fb:8c:31:07:0e:f3:c0:01:47:4d:7e:35:
69:03:99:61:79:ac:ae:5f:9b:0e:11:b5:c2:ee:6a:08:48:d7:
84:5d:24:58:ce:59:0e:46:9e:6b:37:fc:d4:db:71:3b:a4:f8:
37:9b:e5:df:eb:6b:a0:e0:a6:48:73:79:20:22:15:f7:8a:fd:
77:c6:da:23:a6:3f:64:ac:ef:f1:d3:6d:61:fc:ca:df:23:d6:
05:5f:0f:7f:da:dc:7f:a6:8e:74:a4:90:b4:c9:21:7f:d2:53:
ed:d6:e6:ac:60:97:b2:d7:a8:b0:b2:c0:cf:11:8d:6f:fb:8c:
44:e7:12:12:59:8e:fd:29:d1:ae:bb:40:95:f6:60:a4:6d:6d:
c7:42:d8:21:93:2b:f3:02:ee:08:02:fe:3a:2b:d2:8c:4c:94:
e0:91:2a:54:4d:d3:5b:02:e7:63:0b:06:c3:0e:fa:e6:e7:ae:
38:3b:31:6d:f0:81:a7:64:04:94:db:9e:35:89:f9:a6:7a:d0:
24:f7:62:99:4c:74:e5:45:4a:56:39:5d:13:d3:ad:9d:4b:e4:
a2:6b:ad:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2vXP1Um5aKFOhcrCikqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTQ5YjE4NDRmZTQ0MjJhZmJlMTBjZGQyODE5Yzc0NDgy
NzdlNjUwHhcNMjQwMTAxMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2NiOTM1MjFiYzVjYTAwM2UzNDY4Mjg2OTUyZDE3NzQyMTk4NzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwxid0lVj0RM8fGxbgnSQuBWf/C4
IUanK0gzCHVUpYo1M37fg7qIv4kPPkf4feTR8oGBOTHzHHYEBrQXI8A6VIp5Vfsp
P4tjEdJ8cjtpw6X4771nsnBJLXHZ1AXe+rrLcoz4UlwF5DPGtSBx/jtsY9tq844k
yERTcVbdxBlxRq0joB6VrIp+JjDF3CMfYMJ8JO3nGUJaRFjrMlh7/bPb4Z2lxXLK
6GrSKV9OmNBFP4pb4yPl1YgHRd0rV4aVmZG1Pl7QAtPzY1+IvHM15XMNfTXRk0pF
W8OLC/EX1/iNHLg+abU0cys3C7rAxRyR7nKxqa9Eony9qyTC9mf3qNGbXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPzLk1IbxcoAPjRoKGlS0XdCGYdCMB8GA1UdIwQY
MBaAFD3kmxhE/kQir74QzdKBnHRIJ35lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVTYkdFVC1SQ0t2dmhETjBvR2NkRWduZm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84MWIxODgtMjU1ZC00OWM3LTlmOTgt
MGFjOWI0ZDdlYWI3LzEvX011VFVodkZ5Z0EtTkdnb2FWTFJkMElaaDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84MWIxODgtMjU1ZC00OWM3LTlmOTgtMGFjOWI0ZDdlYWI3
LzEvUGVTYkdFVC1SQ0t2dmhETjBvR2NkRWduZm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZLQMA0E
AgACMAcDBQAqAB4qMA0GCSqGSIb3DQEBCwUAA4IBAQBQqrBUxnewpg5JqvUxWp4k
+cfbhUKNeIQyiyzB9qp803weHHVBF4rrd1v7jDEHDvPAAUdNfjVpA5lheayuX5sO
EbXC7moISNeEXSRYzlkORp5rN/zU23E7pPg3m+Xf62ug4KZIc3kgIhX3iv13xtoj
pj9krO/x021h/MrfI9YFXw9/2tx/po50pJC0ySF/0lPt1uasYJey16iwssDPEY1v
+4xE5xISWY79KdGuu0CV9mCkbW3HQtghkyvzAu4IAv46K9KMTJTgkSpUTdNbAudj
CwbDDvrm5644OzFt8IGnZASU2541ifmmetAk92KZTHTlRUpWOV0T062dS+Sia62k
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:54:51 2024 by rpki-client on console-ams.rpki-client.org