Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/X2kJAlcVtYof6QfBTlgto4UwUfU.roa
File: X2kJAlcVtYof6QfBTlgto4UwUfU.roa (raw, json)
Hash identifier: 54KS64Vg/KDy4/+axCyCzbBJOdhQLsZRrGhtoYYhanE=
Subject key identifier: 5F:69:09:02:57:15:B5:8A:1F:E9:07:C1:4E:58:2D:A3:85:30:51:F5
Certificate issuer: /CN=6c592536ce06fdaa5ac2ee48117cf57aa3b4c8d0
Certificate serial: 018DA40278E1D6F0907D912CB2B9CF3B562F
Authority key identifier: 6C:59:25:36:CE:06:FD:AA:5A:C2:EE:48:11:7C:F5:7A:A3:B4:C8:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bFklNs4G_apawu5IEXz1eqO0yNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/X2kJAlcVtYof6QfBTlgto4UwUfU.roa
Signing time: Tue 13 Feb 2024 19:47:21 +0000
ROA not before: Tue 13 Feb 2024 19:47:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200245
IP address blocks: 45.85.44.0/22 maxlen: 22
45.85.44.0/24 maxlen: 24
45.85.45.0/24 maxlen: 24
45.85.46.0/24 maxlen: 24
45.85.47.0/24 maxlen: 24
185.169.104.0/24 maxlen: 24
2a13:2240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/bFklNs4G_apawu5IEXz1eqO0yNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/bFklNs4G_apawu5IEXz1eqO0yNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bFklNs4G_apawu5IEXz1eqO0yNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a4:02:78:e1:d6:f0:90:7d:91:2c:b2:b9:cf:3b:56:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c592536ce06fdaa5ac2ee48117cf57aa3b4c8d0
Validity
Not Before: Feb 13 19:47:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f6909025715b58a1fe907c14e582da3853051f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:98:4f:91:84:ed:f1:23:19:4c:f6:cf:1b:eb:
91:37:21:a0:38:ac:c0:ae:ab:1f:74:c1:02:dc:d0:
59:32:7c:8a:ff:9f:64:91:a0:05:55:96:df:98:f6:
ed:d0:9d:45:fe:a4:f8:bc:22:16:45:34:33:c3:bd:
cc:14:64:fb:6a:c0:df:d7:65:1c:0b:c3:af:ef:2d:
e7:1a:ab:09:92:c0:1f:af:13:5a:f7:7e:42:d1:ff:
1e:e1:77:6a:79:27:b4:14:c1:d3:56:81:1e:2f:2a:
89:0e:be:fc:c7:1f:6d:fb:ec:b1:ae:53:54:d7:1d:
e5:77:08:ce:a6:ab:d4:f8:ee:80:59:ba:c4:39:96:
38:5c:84:8d:db:a6:92:2b:03:6f:c6:76:38:27:ec:
11:e5:d5:39:76:4c:a9:d3:68:09:cb:ff:f4:f9:8c:
73:35:36:35:70:e2:d5:16:13:e4:89:57:aa:8c:ee:
18:26:02:e9:b7:c6:1c:39:ab:0e:03:bd:86:3a:45:
ef:05:b7:38:a7:34:ae:33:6a:f1:4d:df:c5:36:1e:
2f:34:42:0f:aa:b3:28:43:84:3d:0e:96:88:a7:e5:
b5:6e:7d:0a:7b:e4:6e:64:bf:05:f2:f2:8f:d4:b2:
e6:37:ce:c7:41:a9:68:59:f0:d1:2c:1d:81:40:cc:
50:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:69:09:02:57:15:B5:8A:1F:E9:07:C1:4E:58:2D:A3:85:30:51:F5
X509v3 Authority Key Identifier:
keyid:6C:59:25:36:CE:06:FD:AA:5A:C2:EE:48:11:7C:F5:7A:A3:B4:C8:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bFklNs4G_apawu5IEXz1eqO0yNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/X2kJAlcVtYof6QfBTlgto4UwUfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/bFklNs4G_apawu5IEXz1eqO0yNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.44.0/22
185.169.104.0/24
IPv6:
2a13:2240::/29
Signature Algorithm: sha256WithRSAEncryption
06:4e:89:de:e6:43:91:cc:31:24:59:f7:48:eb:6a:0d:58:01:
f9:5e:f5:3c:02:a8:80:6e:05:d4:94:34:77:be:c8:73:a0:a9:
d3:9d:a6:dd:89:ad:57:6b:26:3f:7d:1b:35:b5:8d:4c:2a:8b:
97:55:a3:55:c2:f2:fc:31:60:ba:f4:09:ac:b5:0c:89:fa:6c:
db:2a:d5:24:ea:ba:bc:65:25:9d:e6:ce:ff:85:f4:5a:33:46:
12:35:32:d8:b6:9e:e0:34:0f:56:da:b5:d7:dc:e2:9f:93:c6:
50:1f:fd:d1:d0:04:04:60:4e:01:1c:23:ed:02:fc:35:6e:71:
93:19:d3:63:5b:4b:36:d9:40:4c:3c:be:3c:e8:e8:b5:ce:a2:
5a:7b:13:2b:8f:84:c3:d1:65:90:80:41:5c:b5:22:7f:c3:7f:
51:21:52:0c:9b:0e:af:10:b7:60:b7:63:62:1e:93:f0:ce:d4:
c0:d6:59:d3:59:e1:b3:3d:f8:40:89:98:33:6d:46:b2:2e:fc:
2b:0c:1e:13:fb:17:19:37:95:c3:f2:aa:38:d1:67:1e:54:5c:
26:6b:c8:a9:2f:35:48:26:c8:28:e3:0c:c6:00:c7:89:c0:49:
fc:35:38:f5:d0:d4:9c:7e:87:e3:e0:6e:55:61:71:55:99:5e:
79:c5:3b:db
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2kAnjh1vCQfZEssrnPO1YvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNTkyNTM2Y2UwNmZkYWE1YWMyZWU0ODExN2NmNTdhYTNi
NGM4ZDAwHhcNMjQwMjEzMTk0NzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjY5MDkwMjU3MTViNThhMWZlOTA3YzE0ZTU4MmRhMzg1MzA1MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApphPkYTt8SMZTPbPG+uRNyGgOKzA
rqsfdMEC3NBZMnyK/59kkaAFVZbfmPbt0J1F/qT4vCIWRTQzw73MFGT7asDf12Uc
C8Ov7y3nGqsJksAfrxNa935C0f8e4XdqeSe0FMHTVoEeLyqJDr78xx9t++yxrlNU
1x3ldwjOpqvU+O6AWbrEOZY4XISN26aSKwNvxnY4J+wR5dU5dkyp02gJy//0+Yxz
NTY1cOLVFhPkiVeqjO4YJgLpt8YcOasOA72GOkXvBbc4pzSuM2rxTd/FNh4vNEIP
qrMoQ4Q9DpaIp+W1bn0Ke+RuZL8F8vKP1LLmN87HQaloWfDRLB2BQMxQ6QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF9pCQJXFbWKH+kHwU5YLaOFMFH1MB8GA1UdIwQY
MBaAFGxZJTbOBv2qWsLuSBF89XqjtMjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkZrbE5zNEdfYXBhd3U1SUVYejFlcU8weU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82YTExZjQtZTU3Zi00MTE3LTkzYWIt
MGEyZWM1YTIzYjk4LzEvWDJrSkFsY1Z0WW9mNlFmQlRsZ3RvNFV3VWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82YTExZjQtZTU3Zi00MTE3LTkzYWItMGEyZWM1YTIzYjk4
LzEvYkZrbE5zNEdfYXBhd3U1SUVYejFlcU8weU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVUsAwQA
ualoMA0EAgACMAcDBQMqEyJAMA0GCSqGSIb3DQEBCwUAA4IBAQAGTone5kORzDEk
WfdI62oNWAH5XvU8AqiAbgXUlDR3vshzoKnTnabdia1XayY/fRs1tY1MKouXVaNV
wvL8MWC69AmstQyJ+mzbKtUk6rq8ZSWd5s7/hfRaM0YSNTLYtp7gNA9W2rXX3OKf
k8ZQH/3R0AQEYE4BHCPtAvw1bnGTGdNjW0s22UBMPL486Oi1zqJaexMrj4TD0WWQ
gEFctSJ/w39RIVIMmw6vELdgt2NiHpPwztTA1lnTWeGzPfhAiZgzbUayLvwrDB4T
+xcZN5XD8qo40WceVFwma8ipLzVIJsgo4wzGAMeJwEn8NTj10NScfofj4G5VYXFV
mV55xTvb
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:32:43 2024 by rpki-client on console-fra.rpki-client.org