Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/aeyJfXG2JiP-yYpHChw9fhlGNnU.roa
File: aeyJfXG2JiP-yYpHChw9fhlGNnU.roa (raw, json)
Hash identifier: +UBnKtO5Nh/1xhuiOU4F5toRBr6n+PwGAMzGr4Hrp4s=
Subject key identifier: 69:EC:89:7D:71:B6:26:23:FE:C9:8A:47:0A:1C:3D:7E:19:46:36:75
Certificate issuer: /CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Certificate serial: 018CC801155A9FD68F4AD1A43C8226980319
Authority key identifier: 84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/aeyJfXG2JiP-yYpHChw9fhlGNnU.roa
Signing time: Tue 02 Jan 2024 02:29:23 +0000
ROA not before: Tue 02 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62000
IP address blocks: 45.147.98.0/24 maxlen: 24
45.147.96.0/23 maxlen: 24
45.147.99.0/24 maxlen: 24
193.168.144.0/24 maxlen: 24
193.168.145.0/24 maxlen: 24
193.168.147.0/24 maxlen: 24
193.168.146.0/24 maxlen: 24
45.155.168.0/22 maxlen: 24
45.155.168.0/24 maxlen: 24
185.157.245.0/24 maxlen: 24
185.157.244.0/24 maxlen: 24
185.216.24.0/24 maxlen: 24
185.216.25.0/24 maxlen: 24
185.216.27.0/24 maxlen: 24
185.216.26.0/24 maxlen: 24
2a07:abc0::/29 maxlen: 64
2a0b:b140::/29 maxlen: 64
2a09:6383::/32 maxlen: 64
2a09:6385::/32 maxlen: 64
2a09:6382::/32 maxlen: 64
2a09:6384::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.mft
rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:15:5a:9f:d6:8f:4a:d1:a4:3c:82:26:98:03:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Validity
Not Before: Jan 2 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69ec897d71b62623fec98a470a1c3d7e19463675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1f:c7:40:36:aa:97:d8:f3:e6:44:96:70:91:
8d:b7:6f:50:67:d6:ec:28:2b:51:6b:33:0a:45:6f:
59:3b:b5:a8:a4:f0:fe:71:b5:45:bf:4b:e2:64:6c:
74:75:f6:65:ef:19:14:7e:f5:fd:ea:46:db:a9:f5:
09:ea:ae:74:7c:47:8a:f4:95:a0:e1:b9:98:a8:a7:
1e:40:07:39:a0:f4:51:95:80:d4:47:77:b0:e1:7f:
85:d6:a7:bf:ad:4c:bc:00:63:c4:20:8e:cb:11:07:
91:56:55:2b:ce:d8:a0:05:0a:9b:ca:9e:4b:2d:ff:
bd:00:0f:93:85:b3:db:99:d2:5c:7a:cf:d1:6f:7d:
7a:4a:8d:d0:f0:2c:1d:bc:e2:17:24:2f:da:89:c8:
e9:d2:b8:cd:53:b4:3d:4c:f4:b7:1b:5a:2f:14:5c:
ce:74:22:a9:0b:49:8d:c7:e3:53:5d:52:0d:a7:a2:
d2:2f:c3:c7:73:23:81:6d:bc:f2:b2:e9:29:3c:3c:
7a:c1:6e:eb:b5:b1:45:8a:91:ea:ca:fa:ec:72:11:
24:e3:8e:38:bf:e4:0c:23:e4:ef:0b:ef:10:69:22:
9d:e6:76:70:e8:60:06:e2:dc:c4:47:b9:d0:0d:0f:
63:2f:e1:e4:fc:f5:10:2c:1e:50:1f:3f:39:ea:43:
c7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EC:89:7D:71:B6:26:23:FE:C9:8A:47:0A:1C:3D:7E:19:46:36:75
X509v3 Authority Key Identifier:
keyid:84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/aeyJfXG2JiP-yYpHChw9fhlGNnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.96.0/22
45.155.168.0/22
185.157.244.0/23
185.216.24.0/22
193.168.144.0/22
IPv6:
2a07:abc0::/29
2a09:6382::-2a09:6385:ffff:ffff:ffff:ffff:ffff:ffff
2a0b:b140::/29
Signature Algorithm: sha256WithRSAEncryption
36:85:8c:b7:5f:b9:b5:56:47:b0:5a:1b:91:6d:94:34:b6:7d:
ad:8a:e2:15:86:95:a3:87:b7:a7:f1:d4:93:bb:d3:75:44:5d:
d4:4e:93:d1:35:e8:91:df:9d:af:29:f9:88:5e:bb:50:ad:e7:
16:8d:d9:a1:07:3c:ff:96:f3:f7:49:05:cd:87:9c:3b:41:c8:
90:f5:00:b6:2c:80:30:d6:4b:7a:6c:40:79:43:87:3b:95:63:
31:94:b8:30:20:b2:45:90:b5:e2:3a:a5:37:48:12:83:61:48:
a0:7c:35:85:9b:47:06:b6:71:34:60:1b:e3:d6:2c:bc:ce:16:
e6:be:85:75:94:e3:0d:3c:53:6e:3e:8d:52:4e:b3:39:91:99:
45:98:e8:e1:05:f6:9f:fb:6e:18:ab:e3:61:80:4b:6c:66:58:
79:fa:0d:25:03:de:ef:42:ea:9b:11:87:f2:0a:1f:32:4b:cf:
b3:00:a4:f1:9a:04:ec:26:d9:52:1e:c6:0b:ab:d6:bf:3f:ff:
84:87:95:fc:aa:9e:28:3f:06:75:78:2e:e4:f7:bc:2a:0c:3f:
8c:da:66:28:a7:8a:67:12:a5:5f:aa:d3:38:f2:88:6e:15:d4:
bc:68:67:d7:48:e8:02:50:6b:1d:17:b2:44:2d:16:18:1a:3e:
6a:28:70:97
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzIARVan9aPStGkPIImmAMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZTE0MjlhNTNlNjQ2M2IzYzc0ZjVhM2YxN2M1ZDRhNTFl
YmQwYjgwHhcNMjQwMTAyMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWVjODk3ZDcxYjYyNjIzZmVjOThhNDcwYTFjM2Q3ZTE5NDYzNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1h/HQDaql9jz5kSWcJGNt29QZ9bs
KCtRazMKRW9ZO7WopPD+cbVFv0viZGx0dfZl7xkUfvX96kbbqfUJ6q50fEeK9JWg
4bmYqKceQAc5oPRRlYDUR3ew4X+F1qe/rUy8AGPEII7LEQeRVlUrztigBQqbyp5L
Lf+9AA+ThbPbmdJces/Rb316So3Q8CwdvOIXJC/aicjp0rjNU7Q9TPS3G1ovFFzO
dCKpC0mNx+NTXVINp6LSL8PHcyOBbbzysukpPDx6wW7rtbFFipHqyvrschEk4444
v+QMI+TvC+8QaSKd5nZw6GAG4tzER7nQDQ9jL+Hk/PUQLB5QHz856kPHWQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGnsiX1xtiYj/smKRwocPX4ZRjZ1MB8GA1UdIwQY
MBaAFIThQppT5kY7PHT1o/F8XUpR69C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYt
YzQxZGNjYThiNzc1LzEvYWV5SmZYRzJKaVAteVlwSENodzlmaGxHTm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYtYzQxZGNjYThiNzc1
LzEvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAkBAIAATAeAwQCLZNgAwQC
LZuoAwQBuZ30AwQCudgYAwQCwaiQMCQEAgACMB4DBQMqB6vAMA4DBQEqCWOCAwUB
KgljhAMFAyoLsUAwDQYJKoZIhvcNAQELBQADggEBADaFjLdfubVWR7BaG5FtlDS2
fa2K4hWGlaOHt6fx1JO703VEXdROk9E16JHfna8p+Yheu1Ct5xaN2aEHPP+W8/dJ
Bc2HnDtByJD1ALYsgDDWS3psQHlDhzuVYzGUuDAgskWQteI6pTdIEoNhSKB8NYWb
Rwa2cTRgG+PWLLzOFua+hXWU4w08U24+jVJOszmRmUWY6OEF9p/7bhir42GAS2xm
WHn6DSUD3u9C6psRh/IKHzJLz7MApPGaBOwm2VIexgur1r8//4SHlfyqnig/BnV4
LuT3vCoMP4zaZiinimcSpV+q0zjyiG4V1LxoZ9dI6AJQax0XskQtFhgaPmoocJc=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:18:02 2024 by rpki-client on console-fra.rpki-client.org