Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/b8cMShMrRsZNeCR-DHToKJSbSFc.roa
File: b8cMShMrRsZNeCR-DHToKJSbSFc.roa (raw, json)
Hash identifier: Xs+2pmDsikwjys7lR2WnXyOpx7FAM2jx9740akpfIYg=
Subject key identifier: 6F:C7:0C:4A:13:2B:46:C6:4D:78:24:7E:0C:74:E8:28:94:9B:48:57
Certificate issuer: /CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1
Certificate serial: 019423D6F9C2F3EC8498FE0650FD67A712FC
Authority key identifier: 5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/b8cMShMrRsZNeCR-DHToKJSbSFc.roa
Signing time: Wed 01 Jan 2025 21:47:58 +0000
ROA not before: Wed 01 Jan 2025 21:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209970
IP address blocks: 45.67.112.0/22 maxlen: 24
185.155.120.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.mft
rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f9:c2:f3:ec:84:98:fe:06:50:fd:67:a7:12:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1
Validity
Not Before: Jan 1 21:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fc70c4a132b46c64d78247e0c74e828949b4857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e1:70:58:e4:d3:8d:54:34:f9:17:7b:26:b1:
e2:dc:d0:e9:84:3f:16:ce:f5:3f:02:8b:64:20:cd:
2e:7d:2e:ce:ae:de:db:bc:f4:b9:2d:7a:da:2f:5a:
fd:21:69:cb:79:43:d4:25:2c:17:a2:b8:99:61:c9:
0b:b1:7a:f7:a7:06:9a:17:b1:33:b3:b0:cf:aa:23:
64:7e:f7:31:73:0e:d1:ff:0c:b4:5f:f9:b2:0d:00:
74:18:06:4d:76:8f:d6:06:df:0d:0a:cb:66:65:0e:
2c:52:d0:a4:d9:cc:d6:e2:4f:d5:8a:44:5b:89:df:
79:b1:da:89:5f:ce:80:7d:87:d5:c9:87:55:59:bd:
9f:fd:f2:1a:6e:14:f2:72:8f:d9:69:ef:a0:7c:f7:
c0:38:1e:48:09:f4:38:cc:ba:f5:c5:62:74:ad:a1:
fb:4c:d5:99:d5:06:7f:ba:b4:df:fe:51:8e:1e:aa:
5a:9c:e6:f9:29:a9:31:f4:a6:b3:d5:7b:06:db:48:
5d:3a:43:e1:ff:a2:87:d0:c1:02:d4:5f:fb:a0:0b:
dd:e2:6d:eb:41:cf:22:02:a6:56:f0:48:10:4d:36:
5f:2c:71:9b:c1:25:9b:39:fd:68:69:81:89:ee:4a:
2e:f7:7e:5e:69:81:2a:de:b2:a5:61:5b:f6:74:22:
33:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C7:0C:4A:13:2B:46:C6:4D:78:24:7E:0C:74:E8:28:94:9B:48:57
X509v3 Authority Key Identifier:
keyid:5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/b8cMShMrRsZNeCR-DHToKJSbSFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.112.0/22
185.155.120.0/22
Signature Algorithm: sha256WithRSAEncryption
98:1b:b1:e1:5e:e6:af:80:43:66:ca:a7:4c:d4:87:c9:22:64:
2b:80:81:6f:30:30:2f:93:59:18:92:7a:56:79:ca:9b:b8:ed:
53:dd:37:be:69:3d:8a:47:d1:1c:f7:d3:91:f3:3c:6c:e1:b5:
fd:42:0e:8b:62:1b:df:52:60:89:a8:83:74:de:07:73:a6:49:
39:4b:e0:5d:18:c1:60:df:ab:95:ab:73:89:56:00:e5:cc:1a:
0b:7b:6a:5b:3b:8f:c0:c0:7b:91:40:45:8e:22:e6:55:cd:83:
ea:cd:5c:16:65:ec:34:8a:d3:60:9a:ee:37:de:d9:eb:cc:42:
3c:6e:0a:a4:a6:47:60:8a:ff:64:87:a1:fa:92:85:ab:16:ec:
22:9f:6c:58:26:a3:b0:f8:a2:e4:ab:8d:41:69:1a:6d:48:4d:
0c:e9:28:dd:ff:9d:9f:97:38:fd:8a:7c:d8:36:8c:75:65:7c:
a6:df:4d:d3:54:8b:f0:e4:9d:89:1f:78:60:cc:83:b8:7a:15:
68:5e:a6:13:da:1a:3f:ef:50:be:ba:5a:3a:5b:f5:c4:c7:95:
b8:50:80:bc:18:87:fc:30:fe:31:c3:17:2a:b8:89:bf:63:23:
8c:93:1d:5a:df:d4:c1:ce:fc:70:1a:81:79:c1:40:e7:bb:f0:
5d:ac:d1:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1vnC8+yEmP4GUP1npxL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZGY1MTZjOTVkZDZlYjJkMWQ5ZGQ0ZTBlMDMyODZjMTkx
MWY2ZTEwHhcNMjUwMTAxMjE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmM3MGM0YTEzMmI0NmM2NGQ3ODI0N2UwYzc0ZTgyODk0OWI0ODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eFwWOTTjVQ0+Rd7JrHi3NDphD8W
zvU/AotkIM0ufS7Ort7bvPS5LXraL1r9IWnLeUPUJSwXoriZYckLsXr3pwaaF7Ez
s7DPqiNkfvcxcw7R/wy0X/myDQB0GAZNdo/WBt8NCstmZQ4sUtCk2czW4k/VikRb
id95sdqJX86AfYfVyYdVWb2f/fIabhTyco/Zae+gfPfAOB5ICfQ4zLr1xWJ0raH7
TNWZ1QZ/urTf/lGOHqpanOb5Kakx9Kaz1XsG20hdOkPh/6KH0MEC1F/7oAvd4m3r
Qc8iAqZW8EgQTTZfLHGbwSWbOf1oaYGJ7kou935eaYEq3rKlYVv2dCIzGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG/HDEoTK0bGTXgkfgx06CiUm0hXMB8GA1UdIwQY
MBaAFF/fUWyV3W6y0dndTg4DKGwZEfbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzct
YmYzZjc5NTFjNWVhLzEvYjhjTVNoTXJSc1pOZUNSLURIVG9LSlNiU0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzctYmYzZjc5NTFjNWVh
LzEvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLUNwAwQC
uZt4MA0GCSqGSIb3DQEBCwUAA4IBAQCYG7HhXuavgENmyqdM1IfJImQrgIFvMDAv
k1kYknpWecqbuO1T3Te+aT2KR9Ec99OR8zxs4bX9Qg6LYhvfUmCJqIN03gdzpkk5
S+BdGMFg36uVq3OJVgDlzBoLe2pbO4/AwHuRQEWOIuZVzYPqzVwWZew0itNgmu43
3tnrzEI8bgqkpkdgiv9kh6H6koWrFuwin2xYJqOw+KLkq41BaRptSE0M6Sjd/52f
lzj9inzYNox1ZXym303TVIvw5J2JH3hgzIO4ehVoXqYT2ho/71C+ulo6W/XEx5W4
UIC8GIf8MP4xwxcquIm/YyOMkx1a39TBzvxwGoF5wUDnu/BdrNG0
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:42:05 2025 by rpki-client