Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/50mgL_DE2avMT4OACaL8yK-M0DI.roa
File: 50mgL_DE2avMT4OACaL8yK-M0DI.roa (raw, json)
Hash identifier: dNvZf7DhG9XzQ5f79bRAkZ0AANoA3CAg/4TdgXMcjh8=
Subject key identifier: E7:49:A0:2F:F0:C4:D9:AB:CC:4F:83:80:09:A2:FC:C8:AF:8C:D0:32
Certificate issuer: /CN=56af20a60aefacf39fd56a743d1a99534c4850bc
Certificate serial: 018CC94D2367E7C33D4BB720C4FE0550D948
Authority key identifier: 56:AF:20:A6:0A:EF:AC:F3:9F:D5:6A:74:3D:1A:99:53:4C:48:50:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq8gpgrvrPOf1Wp0PRqZU0xIULw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/50mgL_DE2avMT4OACaL8yK-M0DI.roa
Signing time: Tue 02 Jan 2024 08:32:04 +0000
ROA not before: Tue 02 Jan 2024 08:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208372
IP address blocks: 45.142.56.0/22 maxlen: 22
2a0e:d640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/Vq8gpgrvrPOf1Wp0PRqZU0xIULw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/Vq8gpgrvrPOf1Wp0PRqZU0xIULw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vq8gpgrvrPOf1Wp0PRqZU0xIULw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 14:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:23:67:e7:c3:3d:4b:b7:20:c4:fe:05:50:d9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56af20a60aefacf39fd56a743d1a99534c4850bc
Validity
Not Before: Jan 2 08:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e749a02ff0c4d9abcc4f838009a2fcc8af8cd032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8f:a4:ef:89:81:1e:a6:6c:7e:97:fd:70:a5:
cb:e9:7e:36:9a:a2:70:c2:36:fc:57:8e:50:0b:41:
51:6e:7c:45:3e:72:7f:58:97:3b:b0:bc:b0:6c:e6:
31:bc:eb:35:5d:a8:f2:bc:67:32:57:4f:f9:a6:9e:
dc:e7:d8:de:9b:2c:2a:80:67:44:f1:b7:11:a0:99:
86:ec:53:fc:05:d9:0f:73:47:1a:d1:fd:c2:48:5b:
2b:ef:c8:dd:4e:f8:7e:35:29:4e:8e:23:d2:4d:85:
f9:9b:35:9f:38:7d:ef:31:39:a3:82:8a:13:b0:24:
5b:ff:a0:01:d3:d2:c5:8d:8b:bc:e8:95:37:16:4e:
ed:7d:4a:86:85:f0:86:29:f1:98:22:38:d3:e7:15:
6b:38:a5:7d:fe:d1:e6:7a:f1:df:44:cb:19:3f:60:
8e:b6:e4:b2:53:17:c8:33:47:25:3e:d3:28:db:26:
77:15:99:05:2d:be:c3:c8:ee:08:c9:9e:20:c5:63:
a9:47:62:9b:7d:cc:c0:09:fd:e9:16:bc:83:d9:3b:
e9:8a:8d:7a:92:b7:95:36:ef:1a:c3:80:3d:04:3a:
6a:08:0f:99:72:01:94:e8:f9:68:e8:48:c2:1a:3c:
d1:ab:d8:65:31:f2:de:0b:b0:de:91:2f:67:66:5b:
37:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:49:A0:2F:F0:C4:D9:AB:CC:4F:83:80:09:A2:FC:C8:AF:8C:D0:32
X509v3 Authority Key Identifier:
keyid:56:AF:20:A6:0A:EF:AC:F3:9F:D5:6A:74:3D:1A:99:53:4C:48:50:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq8gpgrvrPOf1Wp0PRqZU0xIULw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/50mgL_DE2avMT4OACaL8yK-M0DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/Vq8gpgrvrPOf1Wp0PRqZU0xIULw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.56.0/22
IPv6:
2a0e:d640::/29
Signature Algorithm: sha256WithRSAEncryption
54:26:f7:bf:47:a0:c7:a3:3e:71:c3:3f:cf:f2:fb:f0:29:f9:
c1:38:21:9d:a4:2d:79:56:6a:4c:0e:03:e2:95:3c:c3:57:36:
67:ee:79:2d:61:73:58:80:d3:fe:2c:4a:5e:6d:fd:03:9d:c5:
81:6b:2f:76:1e:5b:46:fa:70:73:2c:ab:56:c1:63:12:92:16:
ea:f9:d8:94:00:0d:43:fa:fa:fa:7b:10:f4:e9:6e:91:45:b7:
bc:ed:e9:25:95:ab:28:8f:cc:5d:62:f7:83:67:8a:9b:8e:28:
37:01:e2:24:bd:b3:c5:ca:45:36:2f:e4:a6:cf:1f:0a:50:b1:
aa:fe:2b:aa:9f:f7:8f:5f:84:90:75:d1:de:9e:75:74:4d:57:
bb:3d:e0:b5:7b:43:40:a8:ac:6b:f1:54:ac:53:22:eb:7d:d4:
23:d1:af:c6:3f:ca:37:b9:e1:a9:39:45:96:23:cf:6a:e8:9f:
c6:bf:62:e8:6e:e1:2e:f7:79:d8:6c:ab:43:5b:d7:4c:6c:59:
41:2a:d8:68:0b:9a:99:5f:f1:3a:bf:bc:c5:e0:73:6c:e5:f3:
d4:a3:f7:14:e0:a4:70:64:fa:ae:5b:aa:5d:0f:5f:e7:7a:33:
7b:7e:c3:38:e6:22:64:84:22:88:ca:c6:61:de:6c:8d:da:90:
9f:28:cd:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTSNn58M9S7cgxP4FUNlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWYyMGE2MGFlZmFjZjM5ZmQ1NmE3NDNkMWE5OTUzNGM0
ODUwYmMwHhcNMjQwMTAyMDgzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzQ5YTAyZmYwYzRkOWFiY2M0ZjgzODAwOWEyZmNjOGFmOGNkMDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio+k74mBHqZsfpf9cKXL6X42mqJw
wjb8V45QC0FRbnxFPnJ/WJc7sLywbOYxvOs1XajyvGcyV0/5pp7c59jemywqgGdE
8bcRoJmG7FP8BdkPc0ca0f3CSFsr78jdTvh+NSlOjiPSTYX5mzWfOH3vMTmjgooT
sCRb/6AB09LFjYu86JU3Fk7tfUqGhfCGKfGYIjjT5xVrOKV9/tHmevHfRMsZP2CO
tuSyUxfIM0clPtMo2yZ3FZkFLb7DyO4IyZ4gxWOpR2KbfczACf3pFryD2Tvpio16
kreVNu8aw4A9BDpqCA+ZcgGU6Plo6EjCGjzRq9hlMfLeC7DekS9nZls3qwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOdJoC/wxNmrzE+DgAmi/MivjNAyMB8GA1UdIwQY
MBaAFFavIKYK76zzn9VqdD0amVNMSFC8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnE4Z3BncnZyUE9mMVdwMFBScVpVMHhJVUx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kN2M1ZDEtNmMxYy00ZjJjLWIxMjMt
OTNlMmFjOTU5M2RjLzEvNTBtZ0xfREUyYXZNVDRPQUNhTDh5Sy1NMERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kN2M1ZDEtNmMxYy00ZjJjLWIxMjMtOTNlMmFjOTU5M2Rj
LzEvVnE4Z3BncnZyUE9mMVdwMFBScVpVMHhJVUx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY44MA0E
AgACMAcDBQMqDtZAMA0GCSqGSIb3DQEBCwUAA4IBAQBUJve/R6DHoz5xwz/P8vvw
KfnBOCGdpC15VmpMDgPilTzDVzZn7nktYXNYgNP+LEpebf0DncWBay92HltG+nBz
LKtWwWMSkhbq+diUAA1D+vr6exD06W6RRbe87ekllasoj8xdYveDZ4qbjig3AeIk
vbPFykU2L+Smzx8KULGq/iuqn/ePX4SQddHennV0TVe7PeC1e0NAqKxr8VSsUyLr
fdQj0a/GP8o3ueGpOUWWI89q6J/Gv2LobuEu93nYbKtDW9dMbFlBKthoC5qZX/E6
v7zF4HNs5fPUo/cU4KRwZPquW6pdD1/nejN7fsM45iJkhCKIysZh3myN2pCfKM1f
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:28:33 2024 by rpki-client on console-fra.rpki-client.org