Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/23W6wAXO0MMW_8FwWviGo1aVp3w.roa
File: 23W6wAXO0MMW_8FwWviGo1aVp3w.roa (raw, json)
Hash identifier: O5nPkNsSUKDgqc8mm9OE1LOVUE1jjtCbfULYNR6YOhM=
Subject key identifier: DB:75:BA:C0:05:CE:D0:C3:16:FF:C1:70:5A:F8:86:A3:56:95:A7:7C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018ECBE8FB48894F093860B2BA2B2B6BC6EB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/23W6wAXO0MMW_8FwWviGo1aVp3w.roa
Signing time: Thu 11 Apr 2024 06:47:07 +0000
ROA not before: Thu 11 Apr 2024 06:47:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399989
IP address blocks: 45.128.26.0/24 maxlen: 24
45.129.127.0/24 maxlen: 24
93.190.246.0/23 maxlen: 23
2a07:f300::/29 maxlen: 29
2a13:18c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 22:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cb:e8:fb:48:89:4f:09:38:60:b2:ba:2b:2b:6b:c6:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 11 06:47:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db75bac005ced0c316ffc1705af886a35695a77c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d3:34:07:28:68:ce:aa:b6:4e:3c:cd:90:1e:
fa:31:48:f2:5e:ca:62:0b:10:56:5c:aa:59:a6:ad:
9c:7e:56:d2:36:44:ea:67:c5:ea:3e:da:4a:2e:30:
bd:02:d5:65:07:ff:c5:16:a3:db:93:99:84:67:d2:
f3:73:f5:5c:a3:41:f3:05:c5:23:f1:3c:42:8c:e5:
6d:54:f5:c7:46:5e:9d:c8:db:dd:0c:10:e1:6b:7a:
28:41:d6:30:8e:db:70:c2:72:98:91:dd:57:b1:b2:
70:8c:ee:2e:e0:3a:9f:d5:a7:c4:08:35:a6:78:a1:
23:9f:cf:ae:69:98:43:e0:b3:88:d3:44:88:e2:31:
c5:0c:da:0b:8c:a2:b6:e1:3e:93:82:fc:07:1f:b3:
4d:16:8a:96:40:70:7a:2a:07:e3:7e:1e:dd:51:c6:
c5:8b:73:c2:59:00:13:51:50:b3:fc:7a:35:77:42:
e3:36:cd:f1:7b:f0:41:ae:a2:e9:e1:e0:7b:60:90:
a1:23:c3:a4:3f:63:35:aa:59:b0:f4:e9:81:fc:9a:
ff:6f:6d:5a:cc:61:23:5c:62:32:71:66:79:06:7f:
68:86:41:2d:55:cb:c1:e7:04:0c:11:72:a3:85:fc:
b4:11:6b:aa:8e:a8:c7:21:52:77:12:51:c2:11:5a:
35:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:75:BA:C0:05:CE:D0:C3:16:FF:C1:70:5A:F8:86:A3:56:95:A7:7C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/23W6wAXO0MMW_8FwWviGo1aVp3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
45.129.127.0/24
93.190.246.0/23
IPv6:
2a07:f300::/29
2a13:18c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
9d:da:c5:17:2b:3e:c9:18:3e:71:84:3b:34:90:f8:29:4b:e3:
38:5d:3d:c1:70:c9:3e:19:87:68:5f:ca:f1:41:b9:bb:7f:03:
17:d5:0c:a8:38:bf:84:84:68:ad:6d:80:cf:2a:c7:55:f8:3e:
20:70:eb:25:74:0c:2d:fb:73:c5:c7:80:e1:43:70:10:a8:d7:
b3:16:e9:2a:9d:fd:e9:32:ad:1a:a5:60:bb:92:04:a8:71:7a:
31:5b:c3:ca:8d:97:af:36:ad:13:50:1c:e2:7d:92:98:d2:ff:
f0:5b:ae:e3:1e:db:30:ad:33:32:8e:58:b0:72:97:2e:60:a9:
1b:09:00:10:c3:01:ef:c4:bc:c2:96:80:c8:29:a5:64:47:85:
59:72:c8:33:73:a4:2c:b7:40:a6:84:d6:f5:51:3f:0f:37:9b:
03:76:8a:73:79:43:09:76:5e:4f:4a:1a:60:c9:dd:fc:ab:f8:
1e:73:2b:56:cc:f5:c1:03:54:23:00:19:ec:62:ab:96:db:2c:
ae:cd:04:2f:21:f3:cd:32:96:e8:7d:14:0b:7a:d1:ea:77:86:
25:38:2e:ee:9f:95:6b:09:83:7c:b0:89:0a:9e:b5:4a:2e:16:
34:09:64:21:22:ee:bc:20:e1:d3:84:9a:1c:34:8b:cd:67:60:
ec:07:2d:b9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY7L6PtIiU8JOGCyuisra8brMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNDExMDY0NzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc1YmFjMDA1Y2VkMGMzMTZmZmMxNzA1YWY4ODZhMzU2OTVhNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dM0Byhozqq2TjzNkB76MUjyXspi
CxBWXKpZpq2cflbSNkTqZ8XqPtpKLjC9AtVlB//FFqPbk5mEZ9Lzc/Vco0HzBcUj
8TxCjOVtVPXHRl6dyNvdDBDha3ooQdYwjttwwnKYkd1XsbJwjO4u4Dqf1afECDWm
eKEjn8+uaZhD4LOI00SI4jHFDNoLjKK24T6TgvwHH7NNFoqWQHB6Kgfjfh7dUcbF
i3PCWQATUVCz/Ho1d0LjNs3xe/BBrqLp4eB7YJChI8OkP2M1qlmw9OmB/Jr/b21a
zGEjXGIycWZ5Bn9ohkEtVcvB5wQMEXKjhfy0EWuqjqjHIVJ3ElHCEVo1oQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNt1usAFztDDFv/BcFr4hqNWlad8MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMjNXNndBWE8wTU1XXzhGd1d2aUdvMWFWcDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQALYAaAwQA
LYF/AwQBXb72MBYEAgACMBADBQMqB/MAAwcAKhMYwAACMA0GCSqGSIb3DQEBCwUA
A4IBAQCd2sUXKz7JGD5xhDs0kPgpS+M4XT3BcMk+GYdoX8rxQbm7fwMX1QyoOL+E
hGitbYDPKsdV+D4gcOsldAwt+3PFx4DhQ3AQqNezFukqnf3pMq0apWC7kgSocXox
W8PKjZevNq0TUBzifZKY0v/wW67jHtswrTMyjliwcpcuYKkbCQAQwwHvxLzCloDI
KaVkR4VZcsgzc6Qst0CmhNb1UT8PN5sDdopzeUMJdl5PShpgyd38q/gecytWzPXB
A1QjABnsYquW2yyuzQQvIfPNMpbofRQLetHqd4YlOC7un5VrCYN8sIkKnrVKLhY0
CWQhIu68IOHThJocNIvNZ2DsBy25
-----END CERTIFICATE-----
Generated at Mon Apr 29 06:38:55 2024 by rpki-client on console-ams.rpki-client.org