Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/7bI6poPDNtqTF5jHatPO7ALtCCs.roa
File: 7bI6poPDNtqTF5jHatPO7ALtCCs.roa (raw, json)
Hash identifier: HUF4tOhgQi4WGgzGImmdT4Dn+Hb1KorR++Sj8TUxrfU=
Subject key identifier: ED:B2:3A:A6:83:C3:36:DA:93:17:98:C7:6A:D3:CE:EC:02:ED:08:2B
Certificate issuer: /CN=f0f27aebf02abc355212afbf1621e3e0d4a76057
Certificate serial: 0190F0B187332BAF3081FCF5E81D6E215E16
Authority key identifier: F0:F2:7A:EB:F0:2A:BC:35:52:12:AF:BF:16:21:E3:E0:D4:A7:60:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PJ66_AqvDVSEq-_FiHj4NSnYFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/7bI6poPDNtqTF5jHatPO7ALtCCs.roa
Signing time: Fri 26 Jul 2024 20:18:04 +0000
ROA not before: Fri 26 Jul 2024 20:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44550
IP address blocks: 45.84.232.0/22 maxlen: 22
45.84.232.0/23 maxlen: 23
45.84.234.0/23 maxlen: 23
2a14:e80::/44 maxlen: 44
2a14:e80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/8PJ66_AqvDVSEq-_FiHj4NSnYFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/8PJ66_AqvDVSEq-_FiHj4NSnYFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/8PJ66_AqvDVSEq-_FiHj4NSnYFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f0:b1:87:33:2b:af:30:81:fc:f5:e8:1d:6e:21:5e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f27aebf02abc355212afbf1621e3e0d4a76057
Validity
Not Before: Jul 26 20:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edb23aa683c336da931798c76ad3ceec02ed082b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:09:68:59:63:3b:65:2b:38:a9:01:7d:e1:b7:
c1:e8:da:5f:1b:98:12:85:ce:1b:98:5e:87:8d:9e:
90:59:13:25:35:1f:e2:6d:e4:9d:75:11:53:3f:3d:
a6:2d:bd:ad:fb:28:a8:51:00:2e:cc:9d:e0:da:d2:
e6:cc:6e:de:93:29:cb:3a:08:a4:e2:6f:9a:25:c3:
2b:d5:30:6a:f7:40:fd:68:e5:63:26:13:0c:5c:9c:
bf:2d:ed:4b:81:ee:2f:61:24:45:d0:22:16:f4:20:
eb:7d:d7:d5:61:84:0e:d9:86:7d:9c:47:27:4e:14:
d4:3a:d4:13:b2:a6:b9:50:e2:ab:71:bb:d5:c4:af:
91:03:60:d9:05:dc:87:e8:b7:dd:2b:c6:b7:1b:80:
f1:76:09:9e:d9:fc:95:f8:9f:cc:2e:80:41:4d:65:
93:d3:40:36:ac:d4:c1:e3:a6:ba:1c:61:2c:14:e2:
92:2d:83:c7:13:03:c0:2c:ba:3f:4b:ce:a8:a7:ab:
1e:29:35:34:32:eb:fa:52:bb:bd:b7:6f:d7:dc:a7:
c3:bb:31:ba:0b:49:cd:a2:bb:cf:3d:f2:3f:2a:d2:
9d:3c:96:48:fd:0a:8f:3b:80:5c:4e:8b:cf:94:da:
f9:ab:43:42:7a:4f:a4:95:89:3e:75:63:1a:3c:60:
c6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B2:3A:A6:83:C3:36:DA:93:17:98:C7:6A:D3:CE:EC:02:ED:08:2B
X509v3 Authority Key Identifier:
keyid:F0:F2:7A:EB:F0:2A:BC:35:52:12:AF:BF:16:21:E3:E0:D4:A7:60:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PJ66_AqvDVSEq-_FiHj4NSnYFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/7bI6poPDNtqTF5jHatPO7ALtCCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/8PJ66_AqvDVSEq-_FiHj4NSnYFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.232.0/22
IPv6:
2a14:e80::/44
Signature Algorithm: sha256WithRSAEncryption
8c:2b:52:ee:99:79:61:a5:f3:11:cb:4c:37:e3:3a:9a:3a:e9:
4a:fc:c3:b8:85:0a:67:f1:83:a7:af:79:e8:cc:65:f1:98:91:
f1:50:c9:8a:15:88:b7:27:0b:84:37:ab:af:7f:10:ca:0b:49:
12:c8:75:c7:4f:f9:dc:96:04:59:1a:15:48:1e:c5:53:2a:5e:
3b:8a:b5:47:57:66:4c:72:07:e9:9c:f6:d3:29:60:3d:8d:c9:
c7:06:f9:8f:e5:c6:d3:30:4d:17:38:db:99:f9:d4:3b:3f:dd:
de:95:3c:da:1b:5c:04:2b:e9:4b:86:26:a2:b0:cf:8d:26:78:
79:9d:61:32:f3:06:5f:27:3f:b6:11:25:b5:0b:cb:73:6f:4a:
47:60:18:d4:e1:eb:00:90:62:b9:90:c1:41:cb:75:6a:bf:a4:
28:f2:0f:88:67:40:9f:6b:d7:06:44:a8:62:86:b1:fe:f2:df:
5e:16:4c:8f:59:ca:9a:8c:ca:89:ab:ce:c2:db:7c:8a:f8:67:
d7:23:16:78:28:20:f0:1a:9e:f5:5d:c0:0b:d4:65:d6:4f:d0:
21:8f:d0:84:39:f5:79:70:33:77:77:39:60:4f:c2:cc:93:dd:
43:23:0c:5e:33:cf:e8:96:31:fe:b6:9c:71:f6:9f:64:f6:ec:
e2:81:06:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZDwsYczK68wgfz16B1uIV4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjI3YWViZjAyYWJjMzU1MjEyYWZiZjE2MjFlM2UwZDRh
NzYwNTcwHhcNMjQwNzI2MjAxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGIyM2FhNjgzYzMzNmRhOTMxNzk4Yzc2YWQzY2VlYzAyZWQwODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwloWWM7ZSs4qQF94bfB6NpfG5gS
hc4bmF6HjZ6QWRMlNR/ibeSddRFTPz2mLb2t+yioUQAuzJ3g2tLmzG7ekynLOgik
4m+aJcMr1TBq90D9aOVjJhMMXJy/Le1Lge4vYSRF0CIW9CDrfdfVYYQO2YZ9nEcn
ThTUOtQTsqa5UOKrcbvVxK+RA2DZBdyH6LfdK8a3G4Dxdgme2fyV+J/MLoBBTWWT
00A2rNTB46a6HGEsFOKSLYPHEwPALLo/S86op6seKTU0Muv6Uru9t2/X3KfDuzG6
C0nNorvPPfI/KtKdPJZI/QqPO4BcTovPlNr5q0NCek+klYk+dWMaPGDG7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO2yOqaDwzbakxeYx2rTzuwC7QgrMB8GA1UdIwQY
MBaAFPDyeuvwKrw1UhKvvxYh4+DUp2BXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBKNjZfQXF2RFZTRXEtX0ZpSGo0TlNuWUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83OTEyYzYtYzlkNC00M2MyLTk2ODgt
YzQ1ZjhlMjUxMjQ4LzEvN2JJNnBvUEROdHFURjVqSGF0UE83QUx0Q0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83OTEyYzYtYzlkNC00M2MyLTk2ODgtYzQ1ZjhlMjUxMjQ4
LzEvOFBKNjZfQXF2RFZTRXEtX0ZpSGo0TlNuWUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLVToMA8E
AgACMAkDBwQqFA6AAAAwDQYJKoZIhvcNAQELBQADggEBAIwrUu6ZeWGl8xHLTDfj
Opo66Ur8w7iFCmfxg6eveejMZfGYkfFQyYoViLcnC4Q3q69/EMoLSRLIdcdP+dyW
BFkaFUgexVMqXjuKtUdXZkxyB+mc9tMpYD2NyccG+Y/lxtMwTRc425n51Ds/3d6V
PNobXAQr6UuGJqKwz40meHmdYTLzBl8nP7YRJbULy3NvSkdgGNTh6wCQYrmQwUHL
dWq/pCjyD4hnQJ9r1wZEqGKGsf7y314WTI9ZypqMyomrzsLbfIr4Z9cjFngoIPAa
nvVdwAvUZdZP0CGP0IQ59XlwM3d3OWBPwsyT3UMjDF4zz+iWMf62nHH2n2T27OKB
Bvo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:46 2024 by rpki-client on console-fra.rpki-client.org