Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/0ZxpJXAYYbfoHoi_eFL2AW43xEU.roa
File: 0ZxpJXAYYbfoHoi_eFL2AW43xEU.roa (raw, json)
Hash identifier: qJJLtGKDpBjw+g4HM+ATgoRwp69DzQ12MXlq9RHZKjo=
Subject key identifier: D1:9C:69:25:70:18:61:B7:E8:1E:88:BF:78:52:F6:01:6E:37:C4:45
Certificate issuer: /CN=fcb6b17bd2e5f14bd375a0c0e69dfc77d9702f4a
Certificate serial: 018CC3B7389CB268B91809F6565445C0F4CA
Authority key identifier: FC:B6:B1:7B:D2:E5:F1:4B:D3:75:A0:C0:E6:9D:FC:77:D9:70:2F:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Laxe9Ll8UvTdaDA5p38d9lwL0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/0ZxpJXAYYbfoHoi_eFL2AW43xEU.roa
Signing time: Mon 01 Jan 2024 06:30:13 +0000
ROA not before: Mon 01 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203244
IP address blocks: 177.8.68.0/24 maxlen: 24
45.80.85.0/24 maxlen: 24
45.80.86.0/24 maxlen: 24
45.80.87.0/24 maxlen: 24
185.246.196.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/_Laxe9Ll8UvTdaDA5p38d9lwL0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/_Laxe9Ll8UvTdaDA5p38d9lwL0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Laxe9Ll8UvTdaDA5p38d9lwL0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:38:9c:b2:68:b9:18:09:f6:56:54:45:c0:f4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcb6b17bd2e5f14bd375a0c0e69dfc77d9702f4a
Validity
Not Before: Jan 1 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d19c6925701861b7e81e88bf7852f6016e37c445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:77:c6:84:04:9c:8f:c6:5a:7a:0d:6a:01:95:
64:30:01:b8:48:30:f1:55:d1:84:d4:32:ff:34:34:
66:e4:d9:0e:c6:97:e4:a4:95:00:79:04:10:14:93:
aa:4d:9f:d9:6c:0d:79:5f:70:f5:b0:73:23:18:76:
98:4b:39:fc:24:0b:c1:92:80:6a:c3:e6:79:76:eb:
d7:6b:91:25:45:05:b0:87:26:be:67:36:08:57:2a:
db:56:07:27:62:11:cd:8b:6d:4f:92:36:ea:2e:4d:
62:18:67:a4:89:5b:95:87:72:d7:20:f9:b6:17:3c:
47:90:c7:16:77:b8:00:01:4a:38:27:fd:dc:59:3e:
86:c6:3f:8d:64:0b:52:73:de:c0:5c:5a:c3:d0:4d:
e2:86:be:dd:33:e0:f5:4b:67:79:d0:14:66:89:b5:
3e:1d:d2:a4:25:2f:03:bc:b1:f7:bc:fd:cc:96:bd:
91:37:16:49:f6:7c:c9:6e:e3:b7:9c:32:16:4c:cc:
6c:70:00:35:c3:b1:2b:58:65:8f:e4:a0:fb:bc:29:
fc:80:db:84:c6:0d:d5:9b:a1:a5:2f:11:2d:fb:ec:
4f:30:74:b3:16:ce:ce:dc:77:6f:cd:f8:5b:a8:aa:
f2:7c:59:58:b5:f5:c9:07:29:7d:a6:92:3b:a7:a2:
42:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:9C:69:25:70:18:61:B7:E8:1E:88:BF:78:52:F6:01:6E:37:C4:45
X509v3 Authority Key Identifier:
keyid:FC:B6:B1:7B:D2:E5:F1:4B:D3:75:A0:C0:E6:9D:FC:77:D9:70:2F:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Laxe9Ll8UvTdaDA5p38d9lwL0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/0ZxpJXAYYbfoHoi_eFL2AW43xEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/01a421-bdbf-43e0-8aeb-2c48cb298646/1/_Laxe9Ll8UvTdaDA5p38d9lwL0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.85.0-45.80.87.255
177.8.68.0/24
185.246.196.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:cc:e4:03:34:ed:e2:69:bb:69:ad:f8:50:3b:be:85:4b:f2:
b3:26:60:00:dd:ea:f7:1f:8f:e4:5f:26:df:47:bc:9e:2e:33:
66:b4:d5:9c:2f:7f:e2:9c:a2:29:f7:40:b1:a8:74:dc:4b:6d:
7b:88:83:7e:0d:ca:2d:67:87:30:5f:a1:95:57:71:34:7c:7c:
28:7e:2f:a0:09:ff:cf:13:af:63:37:3c:7a:33:67:21:48:28:
7c:80:f4:25:db:09:49:f7:da:2c:c5:4d:81:42:6c:8e:a6:2f:
b5:2a:0f:d1:97:61:b4:3c:f5:7f:48:94:78:3e:88:39:89:3b:
1f:51:73:90:b1:a6:dc:5e:de:5a:7e:94:57:59:cc:b2:44:fb:
cc:25:9d:54:88:83:16:50:bb:2e:af:6c:44:1c:6f:70:fa:38:
00:92:eb:43:34:1d:f4:4f:0f:83:4a:28:44:53:62:ea:10:1f:
0c:1c:10:63:37:30:0f:86:1c:1e:f0:36:36:d1:e3:67:3b:ff:
4e:9f:31:ee:2c:44:30:4a:10:b5:96:7a:3f:c9:19:b1:99:d6:
c2:fe:46:10:03:6d:bc:08:70:58:16:55:e1:7f:01:94:f0:08:
74:bf:4b:02:63:8d:a5:a1:57:5e:17:02:92:bb:b3:70:97:fc:
39:48:cd:31
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDtzicsmi5GAn2VlRFwPTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYjZiMTdiZDJlNWYxNGJkMzc1YTBjMGU2OWRmYzc3ZDk3
MDJmNGEwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTljNjkyNTcwMTg2MWI3ZTgxZTg4YmY3ODUyZjYwMTZlMzdjNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3fGhAScj8Zaeg1qAZVkMAG4SDDx
VdGE1DL/NDRm5NkOxpfkpJUAeQQQFJOqTZ/ZbA15X3D1sHMjGHaYSzn8JAvBkoBq
w+Z5duvXa5ElRQWwhya+ZzYIVyrbVgcnYhHNi21PkjbqLk1iGGekiVuVh3LXIPm2
FzxHkMcWd7gAAUo4J/3cWT6Gxj+NZAtSc97AXFrD0E3ihr7dM+D1S2d50BRmibU+
HdKkJS8DvLH3vP3Mlr2RNxZJ9nzJbuO3nDIWTMxscAA1w7ErWGWP5KD7vCn8gNuE
xg3Vm6GlLxEt++xPMHSzFs7O3HdvzfhbqKryfFlYtfXJByl9ppI7p6JCtwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNGcaSVwGGG36B6Iv3hS9gFuN8RFMB8GA1UdIwQY
MBaAFPy2sXvS5fFL03WgwOad/HfZcC9KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0xheGU5TGw4VXZUZGFEQTVwMzhkOWx3TDBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wMWE0MjEtYmRiZi00M2UwLThhZWIt
MmM0OGNiMjk4NjQ2LzEvMFp4cEpYQVlZYmZvSG9pX2VGTDJBVzQzeEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wMWE0MjEtYmRiZi00M2UwLThhZWItMmM0OGNiMjk4NjQ2
LzEvX0xheGU5TGw4VXZUZGFEQTVwMzhkOWx3TDBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtUFUD
BAMtUFADBACxCEQDBAK59sQwDQYJKoZIhvcNAQELBQADggEBAJ7M5AM07eJpu2mt
+FA7voVL8rMmYADd6vcfj+RfJt9HvJ4uM2a01Zwvf+Kcoin3QLGodNxLbXuIg34N
yi1nhzBfoZVXcTR8fCh+L6AJ/88Tr2M3PHozZyFIKHyA9CXbCUn32izFTYFCbI6m
L7UqD9GXYbQ89X9IlHg+iDmJOx9Rc5Cxptxe3lp+lFdZzLJE+8wlnVSIgxZQuy6v
bEQcb3D6OACS60M0HfRPD4NKKERTYuoQHwwcEGM3MA+GHB7wNjbR42c7/06fMe4s
RDBKELWWej/JGbGZ1sL+RhADbbwIcFgWVeF/AZTwCHS/SwJjjaWhV14XApK7s3CX
/DlIzTE=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:43:02 2024 by rpki-client on console-ams.rpki-client.org