Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/J04ZRIGJ7eag6XPHLDgIPD5LGxU.roa
File: J04ZRIGJ7eag6XPHLDgIPD5LGxU.roa (raw, json)
Hash identifier: Cht6tXwP66ZFEXysDMX8fgQRqZWO1doacXfGxX8v3DY=
Subject key identifier: 27:4E:19:44:81:89:ED:E6:A0:E9:73:C7:2C:38:08:3C:3E:4B:1B:15
Certificate issuer: /CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Certificate serial: 018D3583CF5ADD809F413106F4C8F2819CE6
Authority key identifier: E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/J04ZRIGJ7eag6XPHLDgIPD5LGxU.roa
Signing time: Tue 23 Jan 2024 08:50:47 +0000
ROA not before: Tue 23 Jan 2024 08:50:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207944
IP address blocks: 45.151.176.0/22 maxlen: 22
45.151.176.0/24 maxlen: 24
45.151.177.0/24 maxlen: 24
45.151.178.0/24 maxlen: 24
45.151.179.0/24 maxlen: 24
185.230.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.mft
rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:83:cf:5a:dd:80:9f:41:31:06:f4:c8:f2:81:9c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Validity
Not Before: Jan 23 08:50:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=274e19448189ede6a0e973c72c38083c3e4b1b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:69:26:11:6b:ce:86:fc:07:42:f3:7f:6c:8c:
7b:cc:5b:48:14:13:93:49:06:62:00:a2:67:a1:e9:
31:07:c3:c4:82:b5:1b:00:ae:3a:4c:37:b7:2d:eb:
25:e2:eb:1e:63:9e:3e:49:3c:07:16:12:7d:2c:de:
40:ee:f1:7e:04:13:cf:84:bd:e6:b3:ae:16:5d:a2:
0d:41:cc:85:1c:d1:2b:45:3a:fc:4e:a4:70:d5:3e:
1f:7f:e1:d0:59:8d:73:a2:f3:a3:aa:b3:46:b5:11:
23:b1:a5:50:ef:b7:82:b1:75:36:db:64:b7:d0:78:
9a:15:30:e5:3a:6b:1d:e9:8c:ca:57:c4:2d:ee:40:
7a:e3:5a:8b:f5:86:e7:31:2c:4e:4a:00:85:54:05:
98:4e:3c:cb:37:47:a0:95:3a:6d:9d:1e:4a:61:ef:
18:c9:0e:ac:da:86:8b:b1:dd:ff:bf:77:bf:39:c3:
f1:fb:58:73:2c:e1:5b:55:74:74:b8:fc:ad:09:f6:
43:09:26:30:79:a3:e7:8d:ce:2d:c6:a8:b7:13:ed:
59:52:ed:21:dd:91:c9:73:1f:ac:7a:ce:2d:7c:9f:
61:65:c3:0b:79:05:e8:ec:d5:6d:56:be:68:05:9e:
ff:a6:cb:a3:bf:19:d6:1c:be:f6:e5:a0:98:14:0a:
05:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:4E:19:44:81:89:ED:E6:A0:E9:73:C7:2C:38:08:3C:3E:4B:1B:15
X509v3 Authority Key Identifier:
keyid:E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/J04ZRIGJ7eag6XPHLDgIPD5LGxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.176.0/22
185.230.145.0/24
Signature Algorithm: sha256WithRSAEncryption
91:ea:6d:3f:b5:a1:bd:d6:d4:81:4d:ba:6a:fc:90:56:c4:a1:
06:9b:76:ab:40:15:ca:f8:7e:80:3c:d3:40:85:58:93:e3:ec:
64:c3:37:dd:30:21:58:67:e1:3e:fb:65:df:41:d5:6d:38:e1:
de:d2:82:27:6c:43:0f:87:3d:14:64:4a:a8:ce:c8:6e:6f:96:
87:5b:f2:10:00:d0:3d:c2:3a:a6:69:5e:01:dc:2e:36:9a:c2:
63:6a:5a:e2:ce:45:3d:ee:5a:f0:ed:11:3d:4f:39:50:63:9a:
5a:0f:92:3e:a9:fd:ab:88:a6:c5:57:78:bd:d5:f6:d5:24:20:
e6:68:42:71:59:03:ca:30:16:35:9c:02:73:c1:f3:2e:b3:12:
3e:01:64:43:e9:26:ce:51:55:55:e5:40:ea:bc:a7:5a:6f:c1:
d9:e1:46:c6:68:3c:a1:94:c6:03:35:3d:19:a6:51:43:1c:dd:
1e:7a:a4:c0:7a:04:a2:3c:74:19:e6:37:c9:6b:f4:c4:0b:2c:
ea:09:4a:53:b0:be:98:13:9b:6b:84:48:8b:bf:5a:98:62:21:
a9:61:4b:1e:f4:15:f0:b3:99:b1:bd:dc:f6:38:68:be:57:75:
be:e5:63:95:f9:8a:70:a9:ee:59:e1:e3:1d:fb:d9:8f:4c:95:
db:79:1f:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY01g89a3YCfQTEG9MjygZzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZTcyNzExMzZiMjFhMTU4YWVmNDA5ZDMwZTJjNjAwMWQ1
YjBkYTkwHhcNMjQwMTIzMDg1MDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzRlMTk0NDgxODllZGU2YTBlOTczYzcyYzM4MDgzYzNlNGIxYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymkmEWvOhvwHQvN/bIx7zFtIFBOT
SQZiAKJnoekxB8PEgrUbAK46TDe3Lesl4useY54+STwHFhJ9LN5A7vF+BBPPhL3m
s64WXaINQcyFHNErRTr8TqRw1T4ff+HQWY1zovOjqrNGtREjsaVQ77eCsXU222S3
0HiaFTDlOmsd6YzKV8Qt7kB641qL9YbnMSxOSgCFVAWYTjzLN0eglTptnR5KYe8Y
yQ6s2oaLsd3/v3e/OcPx+1hzLOFbVXR0uPytCfZDCSYweaPnjc4txqi3E+1ZUu0h
3ZHJcx+ses4tfJ9hZcMLeQXo7NVtVr5oBZ7/psujvxnWHL725aCYFAoFdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCdOGUSBie3moOlzxyw4CDw+SxsVMB8GA1UdIwQY
MBaAFOjnJxE2shoViu9AnTDixgAdWw2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYt
ODM1NmQyZDQyNzcxLzEvSjA0WlJJR0o3ZWFnNlhQSExEZ0lQRDVMR3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYtODM1NmQyZDQyNzcx
LzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZewAwQA
ueaRMA0GCSqGSIb3DQEBCwUAA4IBAQCR6m0/taG91tSBTbpq/JBWxKEGm3arQBXK
+H6APNNAhViT4+xkwzfdMCFYZ+E++2XfQdVtOOHe0oInbEMPhz0UZEqozshub5aH
W/IQANA9wjqmaV4B3C42msJjalrizkU97lrw7RE9TzlQY5paD5I+qf2riKbFV3i9
1fbVJCDmaEJxWQPKMBY1nAJzwfMusxI+AWRD6SbOUVVV5UDqvKdab8HZ4UbGaDyh
lMYDNT0ZplFDHN0eeqTAegSiPHQZ5jfJa/TECyzqCUpTsL6YE5trhEiLv1qYYiGp
YUse9BXws5mxvdz2OGi+V3W+5WOV+Ypwqe5Z4eMd+9mPTJXbeR+L
-----END CERTIFICATE-----
Generated at Sat Nov 23 16:19:58 2024 by rpki-client on console-fra.rpki-client.org