Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/AXGW-04jP_8-ZQ3AOgp-LC3GClY.roa
File: AXGW-04jP_8-ZQ3AOgp-LC3GClY.roa (raw, json)
Hash identifier: Llgj9UQ5XGcUcx2FGMpFYGjoPS1JT8eLsnrN9qFDCo8=
Subject key identifier: 01:71:96:FB:4E:23:3F:FF:3E:65:0D:C0:3A:0A:7E:2C:2D:C6:0A:56
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 01920518903F4E0BBD94DDEF09D126BA5AE9
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/AXGW-04jP_8-ZQ3AOgp-LC3GClY.roa
Signing time: Wed 18 Sep 2024 12:25:48 +0000
ROA not before: Wed 18 Sep 2024 12:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56382
IP address blocks: 45.152.124.0/24 maxlen: 24
45.152.125.0/24 maxlen: 24
45.152.126.0/24 maxlen: 24
45.152.127.0/24 maxlen: 24
194.5.96.0/24 maxlen: 24
194.5.99.0/24 maxlen: 24
2a0f:5700::/32 maxlen: 48
2a0f:5700:1220::/44 maxlen: 44
2a0f:5700:fe80::/48 maxlen: 48
2a0f:5701:1220::/44 maxlen: 44
2a0f:5701:fe01::/48 maxlen: 48
2a0f:5701:fe80::/48 maxlen: 48
2a0f:5702::/32 maxlen: 48
2a0f:5707:1220::/44 maxlen: 44
2a0f:5707:aa80::/44 maxlen: 48
2a0f:5707:ab80::/44 maxlen: 48
2a0f:5707:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:18:90:3f:4e:0b:bd:94:dd:ef:09:d1:26:ba:5a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Sep 18 12:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=017196fb4e233fff3e650dc03a0a7e2c2dc60a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:eb:07:4d:e4:43:31:f0:94:79:75:ff:ad:23:
49:2a:c4:d3:71:d3:2a:88:c5:02:c5:73:d0:95:8c:
5a:86:46:13:fe:0b:6a:77:51:b6:a2:0d:98:2e:ba:
19:8f:54:c6:f5:4a:eb:ae:40:11:52:04:17:7d:80:
5a:2d:e5:68:74:98:5d:32:ea:34:d2:4b:82:2c:62:
ce:99:c6:c0:86:39:17:4f:bd:32:25:7e:84:1e:b1:
9f:80:98:c5:9e:f5:55:ef:f6:c4:53:b5:e4:af:0a:
e9:bc:58:a3:a2:a0:fc:c4:1c:57:1c:d0:a4:7c:b5:
f9:1c:34:f4:07:27:91:ba:b5:c0:db:6c:e7:35:cc:
77:af:94:38:6e:a9:d0:68:a3:5b:53:45:60:f5:b8:
3e:e8:53:01:f1:b0:1a:5c:11:96:5a:34:5b:3a:ad:
d5:64:95:b4:10:c8:4c:a1:98:ff:82:8b:3b:b4:a2:
aa:07:c3:6b:59:4a:9e:63:91:6a:c5:59:0e:4b:41:
86:29:81:9e:22:14:67:70:09:fe:e9:52:f6:42:94:
17:de:2b:37:92:3b:c2:d8:6b:74:e1:fa:a5:5c:10:
4e:02:69:7e:4e:13:f4:39:14:71:80:70:bd:c6:e6:
88:24:1c:35:fe:54:0a:1f:b4:35:22:eb:c5:30:5e:
57:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:71:96:FB:4E:23:3F:FF:3E:65:0D:C0:3A:0A:7E:2C:2D:C6:0A:56
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/AXGW-04jP_8-ZQ3AOgp-LC3GClY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.124.0/22
194.5.96.0/24
194.5.99.0/24
IPv6:
2a0f:5700::/32
2a0f:5701:1220::/44
2a0f:5701:fe01::/48
2a0f:5701:fe80::/48
2a0f:5702::/32
2a0f:5707:1220::/44
2a0f:5707:aa80::/44
2a0f:5707:ab80::/44
2a0f:5707:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
16:df:b9:e7:7c:f7:2f:77:32:4a:4f:d6:4f:0e:e4:94:92:d4:
60:55:a6:ed:db:85:44:be:2e:b5:60:f1:1e:80:60:fd:cf:d5:
7d:77:c5:2f:52:55:46:f9:bd:49:f0:1e:83:a1:6e:f1:5d:fc:
cd:73:11:f5:ac:d7:78:85:ed:52:f9:58:34:7d:dd:e4:82:68:
97:dc:c6:7e:78:b5:0f:a3:93:0b:6b:e1:fb:b2:cb:5c:0d:34:
fd:6c:61:b5:0a:f2:91:52:2c:9c:c7:19:d9:85:46:eb:02:d1:
75:a2:08:d4:17:e6:0f:e7:8b:7a:2b:04:a1:9f:a1:82:d3:16:
58:60:cb:f6:62:0c:3f:da:9e:c4:de:7c:ae:2a:9c:08:61:28:
a2:94:39:fa:dd:28:95:46:88:2b:75:79:b6:fb:fd:15:53:26:
5f:2b:86:7a:0e:01:4d:56:50:09:4a:fb:10:8d:c7:85:18:3f:
57:73:a8:fd:db:4f:c6:ef:6e:ee:35:ab:3b:64:68:00:29:4e:
f6:53:8a:08:10:2b:f6:f4:1f:93:87:76:58:70:52:e8:57:6f:
22:22:91:63:f5:08:91:05:b0:e9:c5:f4:b6:4d:19:28:ca:ca:
12:81:33:8c:dd:af:bd:d2:72:88:b7:55:f5:54:e5:6c:32:11:
64:a7:46:03
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZIFGJA/Tgu9lN3vCdEmulrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjQwOTE4MTIyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTcxOTZmYjRlMjMzZmZmM2U2NTBkYzAzYTBhN2UyYzJkYzYwYTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0esHTeRDMfCUeXX/rSNJKsTTcdMq
iMUCxXPQlYxahkYT/gtqd1G2og2YLroZj1TG9UrrrkARUgQXfYBaLeVodJhdMuo0
0kuCLGLOmcbAhjkXT70yJX6EHrGfgJjFnvVV7/bEU7XkrwrpvFijoqD8xBxXHNCk
fLX5HDT0ByeRurXA22znNcx3r5Q4bqnQaKNbU0Vg9bg+6FMB8bAaXBGWWjRbOq3V
ZJW0EMhMoZj/gos7tKKqB8NrWUqeY5FqxVkOS0GGKYGeIhRncAn+6VL2QpQX3is3
kjvC2Gt04fqlXBBOAml+ThP0ORRxgHC9xuaIJBw1/lQKH7Q1IuvFMF5XQwIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFAFxlvtOIz//PmUNwDoKfiwtxgpWMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvQVhHVy0wNGpQXzgtWlEzQU9ncC1MQzNHQ2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wGAQCAAEwEgMEAi2YfAME
AMIFYAMEAMIFYzBTBAIAAjBNAwUAKg9XAAMHBCoPVwESIAMHACoPVwH+AQMHACoP
VwH+gAMFACoPVwIDBwQqD1cHEiADBwQqD1cHqoADBwQqD1cHq4ADBwAqD1cH//8w
DQYJKoZIhvcNAQELBQADggEBABbfued89y93MkpP1k8O5JSS1GBVpu3bhUS+LrVg
8R6AYP3P1X13xS9SVUb5vUnwHoOhbvFd/M1zEfWs13iF7VL5WDR93eSCaJfcxn54
tQ+jkwtr4fuyy1wNNP1sYbUK8pFSLJzHGdmFRusC0XWiCNQX5g/ni3orBKGfoYLT
Flhgy/ZiDD/ansTefK4qnAhhKKKUOfrdKJVGiCt1ebb7/RVTJl8rhnoOAU1WUAlK
+xCNx4UYP1dzqP3bT8bvbu41qztkaAApTvZTiggQK/b0H5OHdlhwUuhXbyIikWP1
CJEFsOnF9LZNGSjKyhKBM4zdr73Scoi3VfVU5WwyEWSnRgM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:05 2024 by rpki-client on console-fra.rpki-client.org