Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/4UH7V0wM__QER66W_4MI9Xp-RlQ.roa
File: 4UH7V0wM__QER66W_4MI9Xp-RlQ.roa (raw, json)
Hash identifier: HAd3twO0mwrEjIbr0imHTs/cecnXR8gP5KAbVrxfaUg=
Subject key identifier: E1:41:FB:57:4C:0C:FF:F4:04:47:AE:96:FF:83:08:F5:7A:7E:46:54
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018F5CC9BFCCC1168A16BB079A3D33083BBE
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/4UH7V0wM__QER66W_4MI9Xp-RlQ.roa
Signing time: Thu 09 May 2024 09:57:56 +0000
ROA not before: Thu 09 May 2024 09:57:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 45.145.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:c9:bf:cc:c1:16:8a:16:bb:07:9a:3d:33:08:3b:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: May 9 09:57:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e141fb574c0cfff40447ae96ff8308f57a7e4654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:93:7f:00:8a:c6:0d:31:48:06:c1:d3:13:53:
81:59:eb:69:f9:ab:4b:ee:b5:6e:37:26:95:94:b1:
b9:77:b2:08:72:e7:9a:5a:b1:69:7f:e4:67:8a:8b:
76:71:d1:91:e2:f0:d2:1c:ee:ad:2d:be:b3:55:74:
43:ae:56:06:04:96:bf:6b:5a:4d:9a:b5:3e:72:d6:
5d:a1:40:20:fc:18:99:5e:e2:6f:c8:cd:10:97:fd:
1e:73:67:6c:64:e0:7d:b5:31:83:08:04:f3:8d:85:
ba:a8:65:8a:1c:be:4f:2b:45:1f:24:07:f2:f1:7d:
55:26:25:b5:ef:be:5b:0b:99:d8:f4:c0:37:85:fa:
f1:24:67:3f:10:69:4d:30:a5:24:2e:db:91:4f:b7:
bd:0f:98:ff:9b:b5:92:78:ce:24:2c:fd:69:3a:39:
7a:b3:fc:8a:d9:79:ad:74:0d:df:dd:5a:e4:db:0a:
16:c4:b9:c3:67:3b:d8:9f:c2:21:0a:c2:c8:d2:24:
b7:22:24:a3:25:28:33:79:47:b7:5f:c8:9b:0c:4e:
73:32:c3:9e:83:fe:7e:76:a5:0f:0a:3d:de:56:ac:
69:7c:b7:d2:0b:7c:62:39:bb:0d:32:4a:f9:99:2b:
01:93:ce:f9:33:56:84:9e:ab:18:16:6b:23:c2:af:
21:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:41:FB:57:4C:0C:FF:F4:04:47:AE:96:FF:83:08:F5:7A:7E:46:54
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/4UH7V0wM__QER66W_4MI9Xp-RlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.16.0/24
Signature Algorithm: sha256WithRSAEncryption
46:18:3f:31:00:09:ae:ae:dd:91:a1:83:2e:48:94:40:bb:b0:
ca:1a:80:28:2d:08:10:a0:20:74:2c:a9:40:c7:df:08:4f:df:
01:58:f3:81:c9:39:7e:f3:12:f2:0b:51:18:64:b6:90:98:ab:
a4:2d:71:97:b0:60:b9:34:bf:cc:08:ad:ad:fa:99:cd:5a:1c:
9d:67:ce:26:b0:94:5f:99:05:8b:ca:6b:e1:ac:32:a5:66:f8:
e6:1e:66:79:06:99:dc:f9:96:33:0a:9f:6f:26:55:ea:b0:44:
4c:08:2d:b0:1d:ea:24:15:e5:70:18:0f:dd:8b:7a:af:40:7c:
fe:18:b8:83:f8:09:f7:1d:54:80:bd:77:7c:28:8f:58:8b:d4:
88:f4:fe:7c:8f:6b:a4:13:03:51:f8:d8:8f:77:18:03:99:fe:
c6:75:19:26:ef:81:18:f0:cc:4b:84:40:12:2e:20:9b:42:7d:
73:7f:db:5c:90:8c:42:63:08:27:ae:fa:9e:a8:9f:09:5b:96:
12:23:ac:68:8c:87:de:c3:fc:e7:9a:57:fc:b0:42:29:e1:88:
ef:c5:6b:3c:f8:44:d5:89:df:a8:b4:30:5c:a9:a8:ac:89:ce:
64:dc:7e:73:75:29:f8:b7:d3:67:0e:37:71:92:63:66:6c:42:
8b:5f:e8:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9cyb/MwRaKFrsHmj0zCDu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwNTA5MDk1NzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQxZmI1NzRjMGNmZmY0MDQ0N2FlOTZmZjgzMDhmNTdhN2U0NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpN/AIrGDTFIBsHTE1OBWetp+atL
7rVuNyaVlLG5d7IIcueaWrFpf+Rniot2cdGR4vDSHO6tLb6zVXRDrlYGBJa/a1pN
mrU+ctZdoUAg/BiZXuJvyM0Ql/0ec2dsZOB9tTGDCATzjYW6qGWKHL5PK0UfJAfy
8X1VJiW1775bC5nY9MA3hfrxJGc/EGlNMKUkLtuRT7e9D5j/m7WSeM4kLP1pOjl6
s/yK2XmtdA3f3Vrk2woWxLnDZzvYn8IhCsLI0iS3IiSjJSgzeUe3X8ibDE5zMsOe
g/5+dqUPCj3eVqxpfLfSC3xiObsNMkr5mSsBk875M1aEnqsYFmsjwq8hLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFB+1dMDP/0BEeulv+DCPV6fkZUMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvNFVIN1Ywd01fX1FFUjY2V180TUk5WHAtUmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZEQMA0G
CSqGSIb3DQEBCwUAA4IBAQBGGD8xAAmurt2RoYMuSJRAu7DKGoAoLQgQoCB0LKlA
x98IT98BWPOByTl+8xLyC1EYZLaQmKukLXGXsGC5NL/MCK2t+pnNWhydZ84msJRf
mQWLymvhrDKlZvjmHmZ5Bpnc+ZYzCp9vJlXqsERMCC2wHeokFeVwGA/di3qvQHz+
GLiD+An3HVSAvXd8KI9Yi9SI9P58j2ukEwNR+NiPdxgDmf7GdRkm74EY8MxLhEAS
LiCbQn1zf9tckIxCYwgnrvqeqJ8JW5YSI6xojIfew/znmlf8sEIp4YjvxWs8+ETV
id+otDBcqaisic5k3H5zdSn4t9NnDjdxkmNmbEKLX+is
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:27:24 2024 by rpki-client on console-fra.rpki-client.org