Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/_l0XUJR_w-lqpHk2m9rB85p4dCA.roa
File: _l0XUJR_w-lqpHk2m9rB85p4dCA.roa (raw, json)
Hash identifier: FnXsJymPwa3kqAWJHA+eiiBByW1yc3j5bsFhW30bmSI=
Subject key identifier: FE:5D:17:50:94:7F:C3:E9:6A:A4:79:36:9B:DA:C1:F3:9A:78:74:20
Certificate issuer: /CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1
Certificate serial: 018CC86F0BCBA87BCB1E03457509D0360520
Authority key identifier: 5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/_l0XUJR_w-lqpHk2m9rB85p4dCA.roa
Signing time: Tue 02 Jan 2024 04:29:29 +0000
ROA not before: Tue 02 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209970
IP address blocks: 45.67.112.0/22 maxlen: 24
185.155.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.mft
rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:0b:cb:a8:7b:cb:1e:03:45:75:09:d0:36:05:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1
Validity
Not Before: Jan 2 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe5d1750947fc3e96aa479369bdac1f39a787420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d2:55:c8:c2:2d:cd:ce:58:09:9f:74:e0:39:
cf:30:2f:cf:76:bb:c0:20:34:54:c5:98:d1:b2:12:
85:5b:40:0c:ab:82:46:61:44:2b:51:9c:4b:d7:77:
c1:89:0b:cb:d4:f9:1e:e5:6e:ea:5a:ec:27:45:89:
a7:07:01:5b:9b:f5:c4:a5:76:82:d5:4f:56:e1:ed:
4f:f0:f6:d8:d4:b9:0f:09:86:78:20:4a:b8:f5:a2:
f5:6a:eb:c4:2e:fb:29:fc:e3:3a:4f:5f:ca:80:7c:
f6:0f:33:a7:07:36:cd:57:6a:b0:6c:4c:3a:53:d1:
70:c8:57:cd:4d:98:7e:02:ff:42:60:86:ec:d9:e3:
0f:aa:88:1b:f5:e9:7f:35:38:03:69:12:6e:aa:67:
d4:9c:28:8c:29:f7:05:ac:5d:5d:70:49:7a:25:16:
0b:75:11:e4:a4:f1:27:45:d5:d4:6d:d2:22:60:c3:
d5:42:9c:65:12:e1:f3:da:2a:1c:95:e7:73:6c:e6:
f8:a6:94:1f:3b:b6:80:b4:a1:11:c9:de:6a:9e:5f:
b5:90:8f:be:71:4d:d2:65:bc:ed:8d:a3:c2:88:b4:
7d:23:21:69:e4:38:0c:e3:52:1c:b5:a4:71:2a:cf:
e7:68:ec:a8:82:6c:7f:c6:ce:cb:ec:28:65:af:7c:
88:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5D:17:50:94:7F:C3:E9:6A:A4:79:36:9B:DA:C1:F3:9A:78:74:20
X509v3 Authority Key Identifier:
keyid:5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/_l0XUJR_w-lqpHk2m9rB85p4dCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.112.0/22
185.155.120.0/22
Signature Algorithm: sha256WithRSAEncryption
75:22:4d:26:bc:31:f6:9c:bf:47:be:da:90:9f:5f:f9:5e:59:
27:16:ff:55:19:af:73:6d:e6:45:55:a0:ed:af:e0:97:c0:69:
e8:c7:80:97:74:28:ea:e8:05:cb:49:4e:ef:f6:8d:18:e2:5e:
b6:05:82:b0:ff:31:d2:85:c1:e6:b7:65:ec:84:b1:ce:fe:e6:
d7:4e:12:d6:60:3a:1a:55:c2:57:a5:3d:34:5b:9f:ad:fb:10:
f4:75:64:71:10:eb:0c:a8:b7:d0:31:0a:94:8d:65:68:f9:27:
0b:7a:1d:1a:5b:12:57:b5:60:2d:15:1c:60:80:9c:37:90:47:
3b:b6:56:b8:04:1d:e7:e1:ab:45:fa:61:52:14:e8:eb:20:d7:
d1:c5:4d:8d:31:05:1d:25:fa:25:84:f8:fa:3b:92:c0:f7:94:
77:b0:be:8c:7a:46:e3:84:65:7c:06:65:83:a1:3c:d2:51:8c:
af:23:85:33:fc:d1:53:8c:2a:d7:82:52:de:00:f9:46:5d:3a:
3a:c6:af:a2:72:cc:62:b0:eb:a9:01:ba:47:77:97:15:5f:fd:
ad:29:98:f4:05:ea:bc:80:28:df:a3:36:f2:2c:d0:68:87:0b:
90:88:99:d9:03:31:dc:18:94:5e:f2:bd:6c:69:b6:42:aa:fc:
a7:f5:62:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbwvLqHvLHgNFdQnQNgUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZGY1MTZjOTVkZDZlYjJkMWQ5ZGQ0ZTBlMDMyODZjMTkx
MWY2ZTEwHhcNMjQwMTAyMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTVkMTc1MDk0N2ZjM2U5NmFhNDc5MzY5YmRhYzFmMzlhNzg3NDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9JVyMItzc5YCZ904DnPMC/PdrvA
IDRUxZjRshKFW0AMq4JGYUQrUZxL13fBiQvL1Pke5W7qWuwnRYmnBwFbm/XEpXaC
1U9W4e1P8PbY1LkPCYZ4IEq49aL1auvELvsp/OM6T1/KgHz2DzOnBzbNV2qwbEw6
U9FwyFfNTZh+Av9CYIbs2eMPqogb9el/NTgDaRJuqmfUnCiMKfcFrF1dcEl6JRYL
dRHkpPEnRdXUbdIiYMPVQpxlEuHz2iocledzbOb4ppQfO7aAtKERyd5qnl+1kI++
cU3SZbztjaPCiLR9IyFp5DgM41IctaRxKs/naOyogmx/xs7L7Chlr3yInQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP5dF1CUf8PpaqR5NpvawfOaeHQgMB8GA1UdIwQY
MBaAFF/fUWyV3W6y0dndTg4DKGwZEfbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzct
YmYzZjc5NTFjNWVhLzEvX2wwWFVKUl93LWxxcEhrMm05ckI4NXA0ZENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzctYmYzZjc5NTFjNWVh
LzEvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLUNwAwQC
uZt4MA0GCSqGSIb3DQEBCwUAA4IBAQB1Ik0mvDH2nL9HvtqQn1/5XlknFv9VGa9z
beZFVaDtr+CXwGnox4CXdCjq6AXLSU7v9o0Y4l62BYKw/zHShcHmt2XshLHO/ubX
ThLWYDoaVcJXpT00W5+t+xD0dWRxEOsMqLfQMQqUjWVo+ScLeh0aWxJXtWAtFRxg
gJw3kEc7tla4BB3n4atF+mFSFOjrINfRxU2NMQUdJfolhPj6O5LA95R3sL6Mekbj
hGV8BmWDoTzSUYyvI4Uz/NFTjCrXglLeAPlGXTo6xq+icsxisOupAbpHd5cVX/2t
KZj0Beq8gCjfozbyLNBohwuQiJnZAzHcGJRe8r1sabZCqvyn9WI4
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:57:03 2024 by rpki-client on console-ams.rpki-client.org