Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2umfIqeZMkxYf37WwtWbh5rGCmA.roa
File: 2umfIqeZMkxYf37WwtWbh5rGCmA.roa (raw, json)
Hash identifier: +X/d0itADGY89Q9oTHyZG/lXS2qL/zZ8VEmlWipKqDc=
Subject key identifier: DA:E9:9F:22:A7:99:32:4C:58:7F:7E:D6:C2:D5:9B:87:9A:C6:0A:60
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018FF20DD5CC600CE4BA933D3962C64CE02E
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2umfIqeZMkxYf37WwtWbh5rGCmA.roa
Signing time: Fri 07 Jun 2024 09:35:43 +0000
ROA not before: Fri 07 Jun 2024 09:35:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 5.253.45.0/24 maxlen: 24
45.8.194.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:0d:d5:cc:60:0c:e4:ba:93:3d:39:62:c6:4c:e0:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 7 09:35:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dae99f22a799324c587f7ed6c2d59b879ac60a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c3:92:25:ca:d3:37:3d:6c:22:5a:46:3e:57:
34:16:20:68:0a:3e:25:e7:c8:0b:01:91:b4:25:74:
82:f6:df:5b:c9:7c:29:ac:51:e7:7d:77:be:67:87:
d6:78:57:4a:ec:d3:37:20:64:c8:20:74:c5:9d:a8:
85:05:14:b5:77:5b:90:25:8f:52:f7:bb:c1:ea:db:
8a:e7:1b:80:99:51:65:d3:e3:ac:81:bb:3a:b6:20:
53:2c:ec:36:52:7e:66:bc:85:38:75:b6:a2:b2:68:
34:ef:d5:a2:ce:27:92:5b:8a:b5:5c:9f:0a:ad:49:
b0:4e:ce:76:9d:55:a3:a5:a2:4b:f6:ac:81:21:ca:
f4:ae:ea:2a:1d:5d:ce:da:2b:73:45:88:98:dd:db:
ef:18:73:38:cc:17:3f:ef:57:1a:55:39:75:f4:ca:
b1:dc:f8:fc:46:08:69:c0:ad:15:3e:13:90:af:0a:
0d:c8:81:d0:ef:6d:54:c5:11:44:5f:2e:36:65:53:
fc:13:8a:0f:41:0e:8b:ab:25:28:21:2b:e0:93:4e:
e1:ac:91:53:d3:62:03:41:ff:79:bf:ef:eb:7e:59:
e8:1d:37:7c:b8:31:37:e7:05:18:ee:f7:3a:ad:63:
36:2a:f7:ae:1d:d7:9e:15:bf:bb:6c:37:36:4f:bc:
fc:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E9:9F:22:A7:99:32:4C:58:7F:7E:D6:C2:D5:9B:87:9A:C6:0A:60
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/2umfIqeZMkxYf37WwtWbh5rGCmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.45.0/24
45.8.194.0/24
45.9.6.0/24
45.66.152.0/24
45.66.154.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c1:57:4d:26:d4:95:a2:25:1b:1a:d2:c6:53:15:07:ac:f6:
d1:23:fb:a1:59:53:4f:9f:95:6a:64:b7:94:58:3a:f6:e4:b3:
c4:df:2b:dc:ff:3f:b8:62:e5:af:24:57:2c:63:52:3c:eb:32:
97:0a:a1:6f:a5:6e:b1:41:bd:60:f0:ef:2e:9f:05:81:a3:c4:
b9:9c:98:9b:d3:04:e5:0d:8c:1c:a5:af:c4:7f:d3:3b:8e:18:
85:20:f1:31:fc:f4:cf:c5:58:8f:8f:da:2b:d9:b3:fe:84:54:
be:c3:dd:75:13:21:3a:bc:df:79:20:9d:ae:a0:00:7e:aa:f5:
7b:89:3b:92:a4:30:b8:8b:7e:f1:c9:7b:8a:5d:47:79:92:c6:
bc:a1:0d:71:b9:34:16:57:25:ba:91:28:81:be:ee:ee:90:22:
5f:d2:22:ec:a8:e7:c9:d4:27:ea:b4:20:12:1b:3a:02:ec:2d:
15:2c:12:f3:5b:0f:8e:5d:4c:dd:51:f2:f4:1b:67:89:09:4a:
60:35:b1:bd:95:9b:32:de:b8:97:4a:8c:4a:91:cd:de:34:2f:
a9:dd:b7:04:d0:db:77:0c:05:8d:ea:15:a1:80:48:b9:15:4e:
84:26:bd:2f:8e:0e:7a:6a:01:3a:35:fc:55:14:f3:80:01:18:
9b:ce:1c:70
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY/yDdXMYAzkupM9OWLGTOAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwNjA3MDkzNTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWU5OWYyMmE3OTkzMjRjNTg3ZjdlZDZjMmQ1OWI4NzlhYzYwYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8OSJcrTNz1sIlpGPlc0FiBoCj4l
58gLAZG0JXSC9t9byXwprFHnfXe+Z4fWeFdK7NM3IGTIIHTFnaiFBRS1d1uQJY9S
97vB6tuK5xuAmVFl0+Osgbs6tiBTLOw2Un5mvIU4dbaismg079WizieSW4q1XJ8K
rUmwTs52nVWjpaJL9qyBIcr0ruoqHV3O2itzRYiY3dvvGHM4zBc/71caVTl19Mqx
3Pj8RghpwK0VPhOQrwoNyIHQ721UxRFEXy42ZVP8E4oPQQ6LqyUoISvgk07hrJFT
02IDQf95v+/rflnoHTd8uDE35wUY7vc6rWM2KveuHdeeFb+7bDc2T7z88QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNrpnyKnmTJMWH9+1sLVm4eaxgpgMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMnVtZklxZVpNa3hZZjM3V3d0V2JoNXJHQ21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABf0tAwQA
LQjCAwQALQkGAwQALUKYAwQALUKaMA0GCSqGSIb3DQEBCwUAA4IBAQAwwVdNJtSV
oiUbGtLGUxUHrPbRI/uhWVNPn5VqZLeUWDr25LPE3yvc/z+4YuWvJFcsY1I86zKX
CqFvpW6xQb1g8O8unwWBo8S5nJib0wTlDYwcpa/Ef9M7jhiFIPEx/PTPxViPj9or
2bP+hFS+w911EyE6vN95IJ2uoAB+qvV7iTuSpDC4i37xyXuKXUd5ksa8oQ1xuTQW
VyW6kSiBvu7ukCJf0iLsqOfJ1CfqtCASGzoC7C0VLBLzWw+OXUzdUfL0G2eJCUpg
NbG9lZsy3riXSoxKkc3eNC+p3bcE0Nt3DAWN6hWhgEi5FU6EJr0vjg56agE6NfxV
FPOAARibzhxw
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:28:19 2024 by rpki-client on console-ams.rpki-client.org