Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/AZ0EKMNhDgxkEtsjJqf4HzlBiow.roa
File: AZ0EKMNhDgxkEtsjJqf4HzlBiow.roa (raw, json)
Hash identifier: Ptq0RvT2Z+dHBBjQcaKIh914MNARNUwFGCvxuidAjfA=
Subject key identifier: 01:9D:04:28:C3:61:0E:0C:64:12:DB:23:26:A7:F8:1F:39:41:8A:8C
Certificate issuer: /CN=eb337ead6b9b93dd0d758abf9d7b303072a99eb9
Certificate serial: 018CC42493030FDE6853981E24D36A66431E
Authority key identifier: EB:33:7E:AD:6B:9B:93:DD:0D:75:8A:BF:9D:7B:30:30:72:A9:9E:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zN-rWubk90NdYq_nXswMHKpnrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/AZ0EKMNhDgxkEtsjJqf4HzlBiow.roa
Signing time: Mon 01 Jan 2024 08:29:40 +0000
ROA not before: Mon 01 Jan 2024 08:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209322
IP address blocks: 45.67.77.0/24 maxlen: 24
45.67.78.0/24 maxlen: 24
45.67.76.0/24 maxlen: 24
45.67.79.0/24 maxlen: 24
2a07:3c80:600::/40 maxlen: 40
2a07:3c80:400::/40 maxlen: 40
2a07:3c80:200::/40 maxlen: 40
2a07:3c80::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/6zN-rWubk90NdYq_nXswMHKpnrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/6zN-rWubk90NdYq_nXswMHKpnrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/6zN-rWubk90NdYq_nXswMHKpnrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 04:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:93:03:0f:de:68:53:98:1e:24:d3:6a:66:43:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb337ead6b9b93dd0d758abf9d7b303072a99eb9
Validity
Not Before: Jan 1 08:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=019d0428c3610e0c6412db2326a7f81f39418a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:01:d0:5e:2f:26:48:82:7e:c1:3d:ab:75:
6f:d8:7f:c9:d2:17:bd:64:f5:20:02:c9:7b:74:78:
4c:54:48:40:87:b0:d3:9f:50:59:f7:1e:2e:b3:85:
a7:7a:14:4f:58:2d:61:39:50:2f:80:50:dc:6b:81:
1d:29:7d:36:98:09:02:df:64:48:84:b1:6f:cb:97:
09:db:e3:a1:c5:83:48:92:69:1a:86:16:96:a5:0b:
2c:26:25:92:81:81:c4:17:4c:e7:46:80:b3:2f:9e:
7d:d0:c9:4c:a5:57:cb:b1:04:6e:b8:66:19:1f:6b:
3a:cb:44:1d:6d:26:84:6e:65:be:5a:51:e4:b6:c6:
15:90:ad:67:65:7d:d4:83:5d:2c:f2:81:d6:8b:b5:
48:22:4d:87:bc:ef:65:22:b0:95:9c:61:25:68:c2:
ef:b8:8d:a6:c1:e3:bf:bc:a2:af:12:9b:da:2a:93:
ae:b5:89:f8:51:e6:a9:ca:90:60:e3:78:83:fa:97:
5c:37:02:74:ff:2f:26:d2:0d:d7:29:b0:42:7a:1e:
f0:dd:da:a8:a4:cd:8f:0d:cd:8c:84:3a:22:f3:7f:
da:90:0b:ca:48:0b:c6:93:c1:b1:14:4b:05:7a:08:
8c:88:ea:27:d0:4a:07:a3:a4:90:61:fe:d9:d6:02:
18:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9D:04:28:C3:61:0E:0C:64:12:DB:23:26:A7:F8:1F:39:41:8A:8C
X509v3 Authority Key Identifier:
keyid:EB:33:7E:AD:6B:9B:93:DD:0D:75:8A:BF:9D:7B:30:30:72:A9:9E:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zN-rWubk90NdYq_nXswMHKpnrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/AZ0EKMNhDgxkEtsjJqf4HzlBiow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b8c30c-82d9-46bb-bb07-9ca100428f10/1/6zN-rWubk90NdYq_nXswMHKpnrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.76.0/22
IPv6:
2a07:3c80::/40
2a07:3c80:200::/40
2a07:3c80:400::/40
2a07:3c80:600::/40
Signature Algorithm: sha256WithRSAEncryption
62:86:86:82:12:af:72:5b:b0:cf:e5:72:0e:8e:cd:42:c3:5e:
be:19:70:14:ae:a7:d1:03:44:d3:83:24:c9:b2:30:52:c0:68:
1a:e9:1e:7c:f8:66:84:33:36:43:84:2f:88:62:50:04:4b:12:
ec:89:e5:93:59:df:13:68:86:40:f3:5f:36:82:96:9f:99:3e:
4b:82:7c:58:44:75:13:ac:38:69:df:3b:b0:07:1c:53:ca:94:
ff:d6:04:75:9b:b3:1b:13:d3:f1:0b:4c:19:98:2a:ca:44:78:
a8:31:d5:b6:8d:c6:ec:40:31:c8:fe:33:f0:12:49:1c:e4:b2:
b2:34:f0:d3:20:c8:23:0f:4c:ef:ce:eb:79:75:49:5a:e4:2f:
42:78:52:62:19:22:9c:31:f5:33:b4:07:82:7d:2c:2c:fb:1c:
19:02:07:fc:ca:aa:8a:0f:9d:7a:c6:4e:77:e0:08:50:ae:6a:
6c:09:31:30:7f:59:e4:15:cf:6a:57:54:38:21:87:ed:f0:86:
3f:b1:77:9c:5e:9a:08:b8:d8:22:85:23:ef:3a:0a:a5:af:7e:
e1:cf:28:d0:03:2f:30:63:f3:96:fa:b7:6d:f3:7f:42:f7:8c:
9d:54:4e:2a:0a:d5:27:23:7c:23:f0:17:f4:f3:f4:46:d7:a6:
66:ca:35:cd
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzEJJMDD95oU5geJNNqZkMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzM3ZWFkNmI5YjkzZGQwZDc1OGFiZjlkN2IzMDMwNzJh
OTllYjkwHhcNMjQwMTAxMDgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTlkMDQyOGMzNjEwZTBjNjQxMmRiMjMyNmE3ZjgxZjM5NDE4YThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7QB0F4vJkiCfsE9q3Vv2H/J0he9
ZPUgAsl7dHhMVEhAh7DTn1BZ9x4us4WnehRPWC1hOVAvgFDca4EdKX02mAkC32RI
hLFvy5cJ2+OhxYNIkmkahhaWpQssJiWSgYHEF0znRoCzL5590MlMpVfLsQRuuGYZ
H2s6y0QdbSaEbmW+WlHktsYVkK1nZX3Ug10s8oHWi7VIIk2HvO9lIrCVnGElaMLv
uI2mweO/vKKvEpvaKpOutYn4UeapypBg43iD+pdcNwJ0/y8m0g3XKbBCeh7w3dqo
pM2PDc2MhDoi83/akAvKSAvGk8GxFEsFegiMiOon0EoHo6SQYf7Z1gIYZQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAGdBCjDYQ4MZBLbIyan+B85QYqMMB8GA1UdIwQY
MBaAFOszfq1rm5PdDXWKv517MDByqZ65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpOLXJXdWJrOTBOZFlxX25Yc3dNSEtwbnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iOGMzMGMtODJkOS00NmJiLWJiMDct
OWNhMTAwNDI4ZjEwLzEvQVowRUtNTmhEZ3hrRXRzakpxZjRIemxCaW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iOGMzMGMtODJkOS00NmJiLWJiMDctOWNhMTAwNDI4ZjEw
LzEvNnpOLXJXdWJrOTBOZFlxX25Yc3dNSEtwbnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAMBAIAATAGAwQCLUNMMCYE
AgACMCADBgAqBzyAAAMGACoHPIACAwYAKgc8gAQDBgAqBzyABjANBgkqhkiG9w0B
AQsFAAOCAQEAYoaGghKvcluwz+VyDo7NQsNevhlwFK6n0QNE04MkybIwUsBoGuke
fPhmhDM2Q4QviGJQBEsS7Inlk1nfE2iGQPNfNoKWn5k+S4J8WER1E6w4ad87sAcc
U8qU/9YEdZuzGxPT8QtMGZgqykR4qDHVto3G7EAxyP4z8BJJHOSysjTw0yDIIw9M
787reXVJWuQvQnhSYhkinDH1M7QHgn0sLPscGQIH/Mqqig+desZOd+AIUK5qbAkx
MH9Z5BXPaldUOCGH7fCGP7F3nF6aCLjYIoUj7zoKpa9+4c8o0AMvMGPzlvq3bfN/
QveMnVROKgrVJyN8I/AX9PP0RtemZso1zQ==
-----END CERTIFICATE-----
Generated at Fri May 10 12:42:42 2024 by rpki-client on console-ams.rpki-client.org