Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/4U5SmYmNnVpovPAbKEm_KbGdPMQ.roa
File: 4U5SmYmNnVpovPAbKEm_KbGdPMQ.roa (raw, json)
Hash identifier: nPI3k7R41D+B+KHyyqnW0Jcpk9yeAOiJZIUVDolyhb4=
Subject key identifier: E1:4E:52:99:89:8D:9D:5A:68:BC:F0:1B:28:49:BF:29:B1:9D:3C:C4
Certificate issuer: /CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Certificate serial: 018F557E126B0B8ACA69293DFF211EA746AC
Authority key identifier: 0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/4U5SmYmNnVpovPAbKEm_KbGdPMQ.roa
Signing time: Tue 07 May 2024 23:57:56 +0000
ROA not before: Tue 07 May 2024 23:57:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39896
IP address blocks: 45.159.108.0/22 maxlen: 22
45.159.108.0/24 maxlen: 24
45.159.109.0/24 maxlen: 24
45.159.110.0/24 maxlen: 24
45.159.111.0/24 maxlen: 24
146.255.24.0/21 maxlen: 21
193.150.128.0/20 maxlen: 20
193.150.144.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:55:7e:12:6b:0b:8a:ca:69:29:3d:ff:21:1e:a7:46:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Validity
Not Before: May 7 23:57:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e14e5299898d9d5a68bcf01b2849bf29b19d3cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9c:9c:c6:13:16:b0:ce:40:11:41:d0:3b:52:
d6:7f:09:fd:f3:ee:c7:f1:a1:db:f8:8f:b7:03:72:
f4:53:90:b4:e0:76:10:ac:1f:8b:90:10:da:74:dc:
bd:b0:45:b4:f9:e9:95:df:c6:43:23:42:88:b9:c1:
62:3b:96:6a:bb:8d:a1:9d:cb:7f:a4:9f:72:a3:94:
63:c1:21:e7:4e:01:1e:05:72:c1:34:56:c2:db:bc:
c9:7a:c2:6f:03:7c:27:ad:7d:c0:dc:91:3b:83:5a:
50:6e:69:ac:bb:ac:a6:98:b7:45:e3:2e:81:f2:47:
a1:4a:ef:d2:3a:f6:da:72:4d:02:6e:a2:3a:77:67:
36:34:e5:0c:2d:8a:a6:c3:c6:3f:f2:12:4c:35:8e:
90:fc:69:81:c9:fb:2f:b5:39:5c:84:43:36:d0:66:
f2:41:f1:d6:cf:dc:86:0b:e4:25:0f:4e:97:bd:0c:
25:cb:f7:15:26:86:f2:28:6b:bc:e7:a7:77:4b:cb:
b4:cb:66:ae:7d:24:a5:2e:99:66:c2:01:65:30:54:
73:15:67:7f:ef:44:e3:45:b3:d7:7c:52:56:39:32:
1f:98:b7:fa:7b:99:6d:62:3c:f9:df:fe:e6:2b:6b:
e3:f4:08:b6:c9:54:ba:96:2c:b1:50:33:dc:21:67:
b6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4E:52:99:89:8D:9D:5A:68:BC:F0:1B:28:49:BF:29:B1:9D:3C:C4
X509v3 Authority Key Identifier:
keyid:0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/4U5SmYmNnVpovPAbKEm_KbGdPMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.108.0/22
146.255.24.0/21
193.150.128.0-193.150.151.255
Signature Algorithm: sha256WithRSAEncryption
2e:e7:d1:db:8c:0a:00:a0:12:6a:5c:ab:84:33:92:f1:13:3e:
bd:67:7c:a2:12:9f:8c:32:21:76:5c:41:e8:40:a7:ad:f0:92:
b8:59:0f:67:31:60:e4:70:e1:2b:09:c8:71:1f:be:41:4e:41:
80:40:63:01:aa:f0:72:1f:79:31:19:e9:91:ab:28:6e:88:d6:
7e:bd:bb:df:16:9a:4f:a6:7e:42:3d:f6:3b:75:a3:71:15:fa:
c5:5a:9e:c0:bb:f8:78:60:8f:8c:6b:e8:e8:06:66:f5:20:b5:
9b:14:11:24:f8:0b:5c:87:fb:cd:8b:b5:3d:ae:7b:c3:5c:f2:
50:6f:6e:cf:69:75:5b:1a:df:36:4f:47:43:2b:37:13:df:6a:
47:8b:e3:3c:00:75:a3:93:0f:25:9a:e3:0f:ed:76:62:98:61:
d5:e4:a4:1b:eb:0e:06:ec:c1:ed:08:95:77:f3:7e:34:56:5a:
7e:dd:6d:62:af:d7:36:2f:74:60:87:fc:c4:16:6b:c6:99:64:
66:48:f4:8c:72:c4:92:7a:c0:c4:f4:e7:69:f4:c3:a5:45:5e:
7d:db:31:e9:79:37:53:65:b2:6b:af:8e:59:94:0d:41:be:e3:
50:ab:43:05:29:93:3b:ae:3e:55:37:bb:ff:0a:8e:c7:8e:5e:
96:e6:03:56
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY9VfhJrC4rKaSk9/yEep0asMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWJkNjgyYzFhOGZjNTAzN2FkYmY2ODE0M2FlNzdmZDAw
ZjM4YWIwHhcNMjQwNTA3MjM1NzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTRlNTI5OTg5OGQ5ZDVhNjhiY2YwMWIyODQ5YmYyOWIxOWQzY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZycxhMWsM5AEUHQO1LWfwn98+7H
8aHb+I+3A3L0U5C04HYQrB+LkBDadNy9sEW0+emV38ZDI0KIucFiO5Zqu42hnct/
pJ9yo5RjwSHnTgEeBXLBNFbC27zJesJvA3wnrX3A3JE7g1pQbmmsu6ymmLdF4y6B
8kehSu/SOvback0CbqI6d2c2NOUMLYqmw8Y/8hJMNY6Q/GmByfsvtTlchEM20Gby
QfHWz9yGC+QlD06XvQwly/cVJobyKGu856d3S8u0y2aufSSlLplmwgFlMFRzFWd/
70TjRbPXfFJWOTIfmLf6e5ltYjz53/7mK2vj9Ai2yVS6liyxUDPcIWe2OQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOFOUpmJjZ1aaLzwGyhJvymxnTzEMB8GA1UdIwQY
MBaAFAur1oLBqPxQN62/aBQ653/QDzirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUt
ZmFjM2Q1NTQzYTJjLzEvNFU1U21ZbU5uVnBvdlBBYktFbV9LYkdkUE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUtZmFjM2Q1NTQzYTJj
LzEvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLZ9sAwQD
kv8YMAwDBAfBloADBAPBlpAwDQYJKoZIhvcNAQELBQADggEBAC7n0duMCgCgEmpc
q4QzkvETPr1nfKISn4wyIXZcQehAp63wkrhZD2cxYORw4SsJyHEfvkFOQYBAYwGq
8HIfeTEZ6ZGrKG6I1n69u98Wmk+mfkI99jt1o3EV+sVansC7+Hhgj4xr6OgGZvUg
tZsUEST4C1yH+82LtT2ue8Nc8lBvbs9pdVsa3zZPR0MrNxPfakeL4zwAdaOTDyWa
4w/tdmKYYdXkpBvrDgbswe0IlXfzfjRWWn7dbWKv1zYvdGCH/MQWa8aZZGZI9Ixy
xJJ6wMT052n0w6VFXn3bMel5N1NlsmuvjlmUDUG+41CrQwUpkzuuPlU3u/8KjseO
XpbmA1Y=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:35:39 2024 by rpki-client on console-fra.rpki-client.org