Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/aVzGtQGYVc4ZXWOCm2swTDLW1F8.roa
File: aVzGtQGYVc4ZXWOCm2swTDLW1F8.roa (raw, json)
Hash identifier: 15I0mlPsdLeavCn3ISKQdWHIDk3VGOAB/GYkA1uTrk4=
Subject key identifier: 69:5C:C6:B5:01:98:55:CE:19:5D:63:82:9B:6B:30:4C:32:D6:D4:5F
Certificate issuer: /CN=7c8e7097990e5a67178e297875a0d9f4605892a6
Certificate serial: 018CC726D55549C881641AE1EE1720EE7B30
Authority key identifier: 7C:8E:70:97:99:0E:5A:67:17:8E:29:78:75:A0:D9:F4:60:58:92:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fI5wl5kOWmcXjil4daDZ9GBYkqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/aVzGtQGYVc4ZXWOCm2swTDLW1F8.roa
Signing time: Mon 01 Jan 2024 22:31:00 +0000
ROA not before: Mon 01 Jan 2024 22:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208315
IP address blocks: 45.142.240.0/22 maxlen: 22
2a0e:dc40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/fI5wl5kOWmcXjil4daDZ9GBYkqY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/fI5wl5kOWmcXjil4daDZ9GBYkqY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fI5wl5kOWmcXjil4daDZ9GBYkqY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 01:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:d5:55:49:c8:81:64:1a:e1:ee:17:20:ee:7b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c8e7097990e5a67178e297875a0d9f4605892a6
Validity
Not Before: Jan 1 22:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=695cc6b5019855ce195d63829b6b304c32d6d45f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c9:bc:ae:25:2b:4e:e3:30:12:7c:5c:ad:c5:
7a:81:0e:58:07:da:5c:7e:42:74:ff:4a:85:b6:fe:
53:78:44:4c:72:0d:58:c7:3b:23:0f:1c:83:0f:16:
e2:85:49:c0:46:1b:04:24:e1:02:0a:74:71:13:ba:
83:10:a9:47:ff:3e:e2:fe:69:27:6e:4b:89:ca:61:
fe:87:44:fd:0e:17:7f:d2:8a:30:d5:45:87:9f:c2:
f7:f2:1c:d2:ec:80:ff:28:f8:41:b7:7c:55:75:c5:
63:f0:ed:81:9b:60:8b:87:b2:9d:5f:c3:7c:fe:00:
f7:c7:29:ad:43:72:e6:31:da:55:b7:0d:85:10:42:
9e:fa:be:6d:e6:37:d7:6c:99:a6:2e:b5:d0:67:8e:
75:53:69:23:d2:c2:e3:6c:14:f2:f6:0f:77:de:e2:
2d:bb:da:80:76:d2:28:ca:10:56:b4:8f:f1:6f:cd:
81:c2:b4:aa:78:b9:b0:ca:36:49:21:20:43:a1:74:
af:18:0a:86:ab:39:11:22:8d:f6:6a:1e:b1:ba:f7:
c3:f9:9e:c2:60:ce:97:6e:3c:af:6f:cf:0b:80:ea:
64:de:2f:91:d3:35:22:2a:ac:5d:31:06:f1:fa:f6:
fe:1f:b0:42:b7:bd:14:41:37:9f:cc:0e:0e:4b:ad:
d8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:5C:C6:B5:01:98:55:CE:19:5D:63:82:9B:6B:30:4C:32:D6:D4:5F
X509v3 Authority Key Identifier:
keyid:7C:8E:70:97:99:0E:5A:67:17:8E:29:78:75:A0:D9:F4:60:58:92:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fI5wl5kOWmcXjil4daDZ9GBYkqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/aVzGtQGYVc4ZXWOCm2swTDLW1F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8acaf7-e0ca-4344-9dfd-a8ac41809f5f/1/fI5wl5kOWmcXjil4daDZ9GBYkqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.240.0/22
IPv6:
2a0e:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
3b:34:70:70:8e:8f:9b:bb:7c:b8:00:c5:4b:8e:42:e5:c8:6d:
b2:fe:9d:e8:6b:1a:fe:9f:47:40:14:25:a2:ce:52:82:4f:25:
df:cf:9d:76:20:c1:80:7b:2a:40:ff:c0:6a:c1:f6:f5:66:b2:
30:53:59:31:28:06:65:da:0f:55:17:1f:e8:0d:4b:54:9f:ab:
eb:44:52:ff:01:ea:8f:a2:d2:8b:89:58:5f:cb:2f:90:b6:93:
19:96:23:66:11:1c:ad:d7:54:48:57:f5:66:1e:29:1f:11:55:
bf:db:6b:25:92:bc:56:81:61:be:1b:1f:69:85:87:dd:a1:80:
6c:9c:f2:97:c5:0c:35:94:d0:43:4f:74:cd:19:10:eb:df:28:
17:5b:55:a0:fc:bb:95:d4:6d:0b:13:65:73:93:12:e7:f1:72:
57:f5:c7:ef:a5:e4:41:4e:1b:ea:55:e1:ec:8d:a2:ef:6e:ac:
cf:c6:ff:51:7d:a8:72:66:15:8f:66:f8:ae:96:b9:b6:8a:38:
eb:1a:80:e9:4a:bf:65:2c:9a:eb:02:7a:ee:db:3d:41:d7:07:
4b:79:b5:44:b1:11:1f:87:b9:05:65:44:c6:7f:cf:53:11:19:
68:b1:0d:5b:e8:d9:2f:52:49:a8:da:ee:fc:78:ae:5c:b9:13:
8d:c6:7f:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJtVVSciBZBrh7hcg7nswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjOGU3MDk3OTkwZTVhNjcxNzhlMjk3ODc1YTBkOWY0NjA1
ODkyYTYwHhcNMjQwMTAxMjIzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTVjYzZiNTAxOTg1NWNlMTk1ZDYzODI5YjZiMzA0YzMyZDZkNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksm8riUrTuMwEnxcrcV6gQ5YB9pc
fkJ0/0qFtv5TeERMcg1YxzsjDxyDDxbihUnARhsEJOECCnRxE7qDEKlH/z7i/mkn
bkuJymH+h0T9Dhd/0oow1UWHn8L38hzS7ID/KPhBt3xVdcVj8O2Bm2CLh7KdX8N8
/gD3xymtQ3LmMdpVtw2FEEKe+r5t5jfXbJmmLrXQZ451U2kj0sLjbBTy9g933uIt
u9qAdtIoyhBWtI/xb82BwrSqeLmwyjZJISBDoXSvGAqGqzkRIo32ah6xuvfD+Z7C
YM6Xbjyvb88LgOpk3i+R0zUiKqxdMQbx+vb+H7BCt70UQTefzA4OS63YEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGlcxrUBmFXOGV1jgptrMEwy1tRfMB8GA1UdIwQY
MBaAFHyOcJeZDlpnF44peHWg2fRgWJKmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkk1d2w1a09XbWNYamlsNGRhRFo5R0JZa3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84YWNhZjctZTBjYS00MzQ0LTlkZmQt
YThhYzQxODA5ZjVmLzEvYVZ6R3RRR1lWYzRaWFdPQ20yc3dURExXMUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84YWNhZjctZTBjYS00MzQ0LTlkZmQtYThhYzQxODA5ZjVm
LzEvZkk1d2w1a09XbWNYamlsNGRhRFo5R0JZa3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY7wMA0E
AgACMAcDBQMqDtxAMA0GCSqGSIb3DQEBCwUAA4IBAQA7NHBwjo+bu3y4AMVLjkLl
yG2y/p3oaxr+n0dAFCWizlKCTyXfz512IMGAeypA/8Bqwfb1ZrIwU1kxKAZl2g9V
Fx/oDUtUn6vrRFL/AeqPotKLiVhfyy+QtpMZliNmERyt11RIV/VmHikfEVW/22sl
krxWgWG+Gx9phYfdoYBsnPKXxQw1lNBDT3TNGRDr3ygXW1Wg/LuV1G0LE2VzkxLn
8XJX9cfvpeRBThvqVeHsjaLvbqzPxv9RfahyZhWPZviulrm2ijjrGoDpSr9lLJrr
Anru2z1B1wdLebVEsREfh7kFZUTGf89TERlosQ1b6NkvUkmo2u78eK5cuRONxn+S
-----END CERTIFICATE-----
Generated at Mon Nov 25 07:46:57 2024 by rpki-client on console-ams.rpki-client.org