Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/ePVmukbUOzwmxyyVm5H20Via1fw.roa
File: ePVmukbUOzwmxyyVm5H20Via1fw.roa (raw, json)
Hash identifier: vJQk+gAZ6WQzTda/ofKWEYfW4iOsF6E/xJtNrCeY8Cc=
Subject key identifier: 78:F5:66:BA:46:D4:3B:3C:26:C7:2C:95:9B:91:F6:D1:58:9A:D5:FC
Certificate issuer: /CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Certificate serial: 018CC94D96567642FD5E558799190A3BEF27
Authority key identifier: 3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/ePVmukbUOzwmxyyVm5H20Via1fw.roa
Signing time: Tue 02 Jan 2024 08:32:34 +0000
ROA not before: Tue 02 Jan 2024 08:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42692
IP address blocks: 45.148.20.0/24 maxlen: 24
45.148.22.0/24 maxlen: 24
45.148.23.0/24 maxlen: 24
2a0f:2a04::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PytPzqS3IvKm9scFxVie4avGIK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PytPzqS3IvKm9scFxVie4avGIK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:96:56:76:42:fd:5e:55:87:99:19:0a:3b:ef:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Validity
Not Before: Jan 2 08:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78f566ba46d43b3c26c72c959b91f6d1589ad5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:65:86:09:a7:01:26:5e:dc:e9:9b:39:b7:7b:
70:05:05:4c:cd:3c:90:29:72:3b:51:7f:7e:6d:dc:
24:8e:b8:dd:ba:27:18:b3:53:af:c7:f2:f6:5f:c3:
e1:84:f0:4f:a0:44:be:5c:2a:0b:f5:c6:5c:81:b0:
e5:57:ea:6c:7f:c4:ba:23:2d:dc:d9:de:49:6f:b0:
82:a9:f3:da:ee:93:02:ee:21:39:d6:ad:a3:5e:c4:
c0:cd:3e:e7:cb:ea:3a:4d:cb:60:5b:e7:47:f8:6d:
24:4b:29:26:68:ad:c4:dc:9c:fb:ee:96:c1:9c:34:
73:74:b0:c4:a6:6a:4b:19:2f:92:c1:be:c3:1c:68:
76:07:81:34:a5:39:3c:dc:d6:28:82:34:23:b2:39:
19:90:c2:15:c9:bc:d5:6e:8f:8d:dd:fe:96:fd:71:
5c:55:07:6a:cf:20:f6:d1:40:20:64:4a:9a:d9:5b:
56:49:c0:81:28:7e:89:48:03:4d:df:3f:a2:6d:a3:
1e:7d:a2:41:96:8b:0d:26:a5:4b:4d:11:28:77:9a:
27:e9:2c:5a:2e:2b:11:6e:0e:1e:0f:12:95:8f:b4:
86:52:88:bc:b9:5b:17:2a:e1:28:65:ff:01:99:f2:
c1:a5:9e:82:ea:2d:55:b1:d6:10:7f:33:66:77:ed:
ec:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F5:66:BA:46:D4:3B:3C:26:C7:2C:95:9B:91:F6:D1:58:9A:D5:FC
X509v3 Authority Key Identifier:
keyid:3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/ePVmukbUOzwmxyyVm5H20Via1fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PytPzqS3IvKm9scFxVie4avGIK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.20.0/24
45.148.22.0/23
IPv6:
2a0f:2a04::/32
Signature Algorithm: sha256WithRSAEncryption
98:e6:08:d0:c1:2d:05:41:36:88:70:88:ee:4a:79:a0:6a:03:
a0:8e:4d:7e:58:53:46:7d:8d:af:f7:db:36:dc:7f:64:a2:3e:
2b:d9:18:be:47:72:7b:2f:e2:ce:e1:0b:27:da:e2:54:0a:31:
31:e9:4b:d7:60:7f:6b:aa:0e:ea:cf:84:18:d8:8e:71:fc:3e:
23:4f:16:7e:68:15:5d:cc:88:09:eb:0b:be:6f:e0:ab:75:36:
ac:33:08:4f:11:d4:77:8d:bb:4c:c6:18:8b:eb:5c:9b:10:79:
83:20:c4:db:5a:53:f7:e0:f0:f7:1d:6a:20:17:d2:81:fa:30:
72:6f:c8:cc:76:21:cb:5d:7d:8b:60:1c:a2:49:3c:e4:8e:6e:
a1:99:bd:3b:d4:ba:83:77:a5:d7:16:4b:8a:6a:81:d9:ec:e1:
a0:68:13:b0:ff:2a:d1:5f:98:6f:0e:34:a8:1f:e0:62:20:1d:
98:ee:0f:39:50:8c:08:53:69:2d:c7:d3:73:73:00:66:31:6a:
45:e3:b5:fc:10:a2:f6:d4:93:29:83:25:87:be:b2:26:ea:a9:
ba:ce:78:9d:6b:c1:ca:ed:b1:be:e3:c6:aa:93:ca:10:42:c3:
a5:71:85:af:a4:94:d7:35:1b:9b:13:17:9c:6f:35:84:40:a8:
64:54:29:77
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJTZZWdkL9XlWHmRkKO+8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMmI0ZmNlYTRiNzIyZjJhNmY2YzcwNWM1NTg5ZWUxYWJj
NjIwYWUwHhcNMjQwMTAyMDgzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGY1NjZiYTQ2ZDQzYjNjMjZjNzJjOTU5YjkxZjZkMTU4OWFkNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGWGCacBJl7c6Zs5t3twBQVMzTyQ
KXI7UX9+bdwkjrjduicYs1Ovx/L2X8PhhPBPoES+XCoL9cZcgbDlV+psf8S6Iy3c
2d5Jb7CCqfPa7pMC7iE51q2jXsTAzT7ny+o6TctgW+dH+G0kSykmaK3E3Jz77pbB
nDRzdLDEpmpLGS+Swb7DHGh2B4E0pTk83NYogjQjsjkZkMIVybzVbo+N3f6W/XFc
VQdqzyD20UAgZEqa2VtWScCBKH6JSANN3z+ibaMefaJBlosNJqVLTREod5on6Sxa
LisRbg4eDxKVj7SGUoi8uVsXKuEoZf8BmfLBpZ6C6i1VsdYQfzNmd+3spwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHj1ZrpG1Ds8JscslZuR9tFYmtX8MB8GA1UdIwQY
MBaAFD8rT86ktyLypvbHBcVYnuGrxiCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHl0UHpxUzNJdkttOXNjRnhWaWU0YXZHSUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NWIyMzctZDA0MS00NDk3LWE3Mjkt
NjI1M2FkMDhmODU4LzEvZVBWbXVrYlVPendteHl5Vm01SDIwVmlhMWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NWIyMzctZDA0MS00NDk3LWE3MjktNjI1M2FkMDhmODU4
LzEvUHl0UHpxUzNJdkttOXNjRnhWaWU0YXZHSUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALZQUAwQB
LZQWMA0EAgACMAcDBQAqDyoEMA0GCSqGSIb3DQEBCwUAA4IBAQCY5gjQwS0FQTaI
cIjuSnmgagOgjk1+WFNGfY2v99s23H9koj4r2Ri+R3J7L+LO4Qsn2uJUCjEx6UvX
YH9rqg7qz4QY2I5x/D4jTxZ+aBVdzIgJ6wu+b+CrdTasMwhPEdR3jbtMxhiL61yb
EHmDIMTbWlP34PD3HWogF9KB+jByb8jMdiHLXX2LYByiSTzkjm6hmb071LqDd6XX
FkuKaoHZ7OGgaBOw/yrRX5hvDjSoH+BiIB2Y7g85UIwIU2ktx9NzcwBmMWpF47X8
EKL21JMpgyWHvrIm6qm6znida8HK7bG+48aqk8oQQsOlcYWvpJTXNRubExecbzWE
QKhkVCl3
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:35 2024 by rpki-client on console-fra.rpki-client.org