Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/eoXnmAOzAb1FeGwIiNL33io49P8.roa
File: eoXnmAOzAb1FeGwIiNL33io49P8.roa (raw, json)
Hash identifier: ZNWgbFFx2/BTuds7Zp6w0Qk1uq1njKw4Fr1C2l//jRU=
Subject key identifier: 7A:85:E7:98:03:B3:01:BD:45:78:6C:08:88:D2:F7:DE:2A:38:F4:FF
Certificate issuer: /CN=049d4f66598668079353721c21935a00319f6759
Certificate serial: 018CC424B36AD0B5262FC427635F31E93FE3
Authority key identifier: 04:9D:4F:66:59:86:68:07:93:53:72:1C:21:93:5A:00:31:9F:67:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/eoXnmAOzAb1FeGwIiNL33io49P8.roa
Signing time: Mon 01 Jan 2024 08:29:48 +0000
ROA not before: Mon 01 Jan 2024 08:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50518
IP address blocks: 45.94.248.0/22 maxlen: 24
2a11:7400::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:b3:6a:d0:b5:26:2f:c4:27:63:5f:31:e9:3f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=049d4f66598668079353721c21935a00319f6759
Validity
Not Before: Jan 1 08:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a85e79803b301bd45786c0888d2f7de2a38f4ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e9:fd:bb:8d:c8:36:d3:6d:7e:84:5d:fd:9c:
df:59:e8:b6:68:d6:e7:4d:8c:86:c5:42:bb:f5:f6:
07:de:6c:7f:42:ca:55:96:df:23:34:ab:ce:f4:f6:
f6:a4:02:5a:7b:3d:25:2a:45:df:0d:bb:79:5a:c6:
fc:a5:e9:01:c4:3b:69:bf:55:6a:0a:ee:17:13:36:
b7:42:7b:b2:f5:07:89:4a:c0:1c:86:ae:24:a9:ab:
84:5e:10:8c:fa:53:a2:09:2a:31:09:72:81:9b:3e:
cd:b1:10:8b:89:a4:cd:d5:17:aa:77:d3:b4:8a:73:
9f:81:f7:be:8a:db:bd:09:22:51:9c:b2:1b:5b:45:
b2:3d:f4:ab:f9:26:27:17:c8:8b:00:59:a2:cd:33:
c7:8f:38:95:45:ee:1c:ac:d5:32:d2:e7:8f:62:cf:
bf:f4:8b:2a:be:dd:8b:af:a9:a1:2d:2e:7a:0a:a8:
3c:ac:9c:c4:ed:b2:45:8d:36:2a:fe:f9:e9:19:ac:
f7:74:cc:7e:a5:66:77:c6:70:a7:58:8b:28:e4:98:
f9:8f:25:cf:44:9c:94:d1:25:b0:b1:90:fd:4d:bb:
15:07:39:06:fd:9f:d2:bc:c2:60:54:72:6a:b9:4b:
eb:fb:8c:b9:78:c4:d5:9d:80:89:c6:7a:ee:80:2e:
dd:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:85:E7:98:03:B3:01:BD:45:78:6C:08:88:D2:F7:DE:2A:38:F4:FF
X509v3 Authority Key Identifier:
keyid:04:9D:4F:66:59:86:68:07:93:53:72:1C:21:93:5A:00:31:9F:67:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/eoXnmAOzAb1FeGwIiNL33io49P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.248.0/22
IPv6:
2a11:7400::/29
Signature Algorithm: sha256WithRSAEncryption
44:12:ba:4b:17:1d:fc:17:bf:ef:25:ce:c6:22:de:59:59:71:
e6:98:d1:a5:55:7a:79:9d:3a:b8:2c:46:15:c6:d8:e1:30:40:
a6:56:ec:76:0e:2a:3a:61:e7:d7:d2:19:f3:58:1a:78:f7:4a:
5b:55:b6:32:48:df:02:80:61:c2:89:17:13:64:fc:76:a0:7b:
bb:3b:18:ec:b6:da:da:cb:3e:e9:9b:55:8a:39:b5:4d:e9:1a:
2b:ad:52:e6:80:e5:36:80:12:a6:2d:98:c2:62:3f:9e:2c:aa:
ac:ec:45:7a:cd:2f:64:f1:10:8e:ca:22:fa:59:40:72:c8:64:
63:89:a1:41:47:25:21:8e:9d:c5:dd:63:e0:69:99:71:b5:23:
08:6d:b1:44:18:b3:0e:8f:3e:64:d3:10:f1:ee:b4:d8:d7:d7:
23:3e:6a:e7:7e:df:2f:2f:b6:2b:ae:bc:7f:39:8d:91:0e:0a:
c3:5e:6a:3c:0e:65:02:a9:ce:1d:27:46:0a:5e:0f:a1:3b:11:
05:4a:b1:c1:7c:b5:74:fa:40:f5:84:51:8a:f4:16:4d:bf:10:
da:5b:e9:ac:92:de:fb:e5:be:ce:53:c4:c4:48:75:7b:2f:dd:
fc:08:54:65:bd:50:85:bd:4e:50:1b:99:9a:14:4c:73:40:6b:
ba:85:83:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJLNq0LUmL8QnY18x6T/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OWQ0ZjY2NTk4NjY4MDc5MzUzNzIxYzIxOTM1YTAwMzE5
ZjY3NTkwHhcNMjQwMTAxMDgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTg1ZTc5ODAzYjMwMWJkNDU3ODZjMDg4OGQyZjdkZTJhMzhmNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiun9u43INtNtfoRd/ZzfWei2aNbn
TYyGxUK79fYH3mx/QspVlt8jNKvO9Pb2pAJaez0lKkXfDbt5Wsb8pekBxDtpv1Vq
Cu4XEza3Qnuy9QeJSsAchq4kqauEXhCM+lOiCSoxCXKBmz7NsRCLiaTN1Reqd9O0
inOfgfe+itu9CSJRnLIbW0WyPfSr+SYnF8iLAFmizTPHjziVRe4crNUy0uePYs+/
9Isqvt2Lr6mhLS56Cqg8rJzE7bJFjTYq/vnpGaz3dMx+pWZ3xnCnWIso5Jj5jyXP
RJyU0SWwsZD9TbsVBzkG/Z/SvMJgVHJquUvr+4y5eMTVnYCJxnrugC7dCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHqF55gDswG9RXhsCIjS994qOPT/MB8GA1UdIwQY
MBaAFASdT2ZZhmgHk1NyHCGTWgAxn2dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkoxUFpsbUdhQWVUVTNJY0laTmFBREdmWjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mMjNmYjYtMzIyOS00ZThiLTkzNmEt
OTI3OTU0N2VjYTU1LzEvZW9Ybm1BT3pBYjFGZUd3SWlOTDMzaW80OVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mMjNmYjYtMzIyOS00ZThiLTkzNmEtOTI3OTU0N2VjYTU1
LzEvQkoxUFpsbUdhQWVUVTNJY0laTmFBREdmWjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV74MA0E
AgACMAcDBQMqEXQAMA0GCSqGSIb3DQEBCwUAA4IBAQBEErpLFx38F7/vJc7GIt5Z
WXHmmNGlVXp5nTq4LEYVxtjhMECmVux2Dio6YefX0hnzWBp490pbVbYySN8CgGHC
iRcTZPx2oHu7Oxjsttrayz7pm1WKObVN6RorrVLmgOU2gBKmLZjCYj+eLKqs7EV6
zS9k8RCOyiL6WUByyGRjiaFBRyUhjp3F3WPgaZlxtSMIbbFEGLMOjz5k0xDx7rTY
19cjPmrnft8vL7Yrrrx/OY2RDgrDXmo8DmUCqc4dJ0YKXg+hOxEFSrHBfLV0+kD1
hFGK9BZNvxDaW+mskt775b7OU8TESHV7L938CFRlvVCFvU5QG5maFExzQGu6hYNf
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:01 2024 by rpki-client on console-fra.rpki-client.org