Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/Lo-aCgxopWAs1RsQTF5jFKHMoxk.roa
File: Lo-aCgxopWAs1RsQTF5jFKHMoxk.roa (raw, json)
Hash identifier: BDvWchK2ZUb51SyOeZ1Jp928bOet/PiuBUX9xN5LWsU=
Subject key identifier: 2E:8F:9A:0A:0C:68:A5:60:2C:D5:1B:10:4C:5E:63:14:A1:CC:A3:19
Certificate issuer: /CN=48559018adff16eadf5551b2cb74d8f6860cd044
Certificate serial: 018CC7947D001FACED2B12A1A57BA251133B
Authority key identifier: 48:55:90:18:AD:FF:16:EA:DF:55:51:B2:CB:74:D8:F6:86:0C:D0:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SFWQGK3_FurfVVGyy3TY9oYM0EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/Lo-aCgxopWAs1RsQTF5jFKHMoxk.roa
Signing time: Tue 02 Jan 2024 00:30:46 +0000
ROA not before: Tue 02 Jan 2024 00:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 91.202.188.0/22 maxlen: 24
45.10.4.0/22 maxlen: 24
45.141.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/SFWQGK3_FurfVVGyy3TY9oYM0EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/SFWQGK3_FurfVVGyy3TY9oYM0EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SFWQGK3_FurfVVGyy3TY9oYM0EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:7d:00:1f:ac:ed:2b:12:a1:a5:7b:a2:51:13:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48559018adff16eadf5551b2cb74d8f6860cd044
Validity
Not Before: Jan 2 00:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e8f9a0a0c68a5602cd51b104c5e6314a1cca319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8d:2b:4e:1b:a6:1d:2b:b4:45:25:13:70:19:
0d:82:02:ec:22:bb:e7:8c:b0:a7:42:b7:f5:f1:ee:
54:0c:4c:b3:57:76:ba:d1:13:f0:ce:4c:6b:9d:30:
4a:ca:90:c2:21:3d:d6:f7:47:b2:83:82:3e:84:2a:
8d:ac:b6:e6:97:cf:4d:cf:0f:6e:bb:9c:12:c1:12:
ac:4e:a5:1d:fa:10:7e:a0:56:c3:b1:90:d6:4b:6c:
ca:33:e2:22:10:0f:c6:34:61:19:a4:86:2a:c1:8d:
4f:ac:f5:d6:a3:72:ee:37:0a:15:ae:2b:46:d8:01:
3a:32:cc:a9:6e:97:05:8d:17:8b:01:c9:3f:d4:26:
b9:30:32:4d:73:20:00:bd:4e:c2:ee:4f:5f:72:88:
6c:1d:c9:22:bd:3c:e2:0f:c0:37:45:67:42:17:e7:
8a:f8:2a:cd:8a:71:a3:e3:38:95:e0:ca:e1:66:15:
fc:5e:4e:b7:5c:15:8c:24:2d:db:3a:1b:ab:29:53:
24:cb:cc:25:d4:32:da:fc:70:58:4c:13:54:f4:ec:
43:14:ab:4e:bd:f4:7b:5d:04:36:95:82:4c:2a:4a:
1b:69:b1:b2:6c:6c:c1:14:08:72:f9:a7:43:03:c3:
d3:5f:b9:50:46:3f:66:53:4f:77:7c:50:bb:cb:df:
23:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:8F:9A:0A:0C:68:A5:60:2C:D5:1B:10:4C:5E:63:14:A1:CC:A3:19
X509v3 Authority Key Identifier:
keyid:48:55:90:18:AD:FF:16:EA:DF:55:51:B2:CB:74:D8:F6:86:0C:D0:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFWQGK3_FurfVVGyy3TY9oYM0EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/Lo-aCgxopWAs1RsQTF5jFKHMoxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/SFWQGK3_FurfVVGyy3TY9oYM0EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.4.0/22
45.141.64.0/22
91.202.188.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:fe:65:c7:c4:ef:7d:f2:4e:b6:12:d3:01:29:40:35:b0:bb:
81:90:ac:9d:a8:2b:6c:03:a4:50:65:66:76:17:b8:2b:dc:20:
60:88:db:8a:97:27:84:b1:9b:44:51:2a:05:7c:42:5c:d6:cb:
ba:81:d1:c8:c9:11:e9:63:5e:f4:03:17:2d:e3:79:d5:c1:4f:
0d:56:ac:cb:e0:68:5f:c7:f6:b4:33:c4:ea:66:13:48:49:7b:
e8:93:0a:b6:02:7b:dd:73:0f:84:1a:88:1b:d5:10:76:ce:29:
28:64:70:6a:b2:1c:d7:93:37:f7:6b:6b:5a:86:71:f4:91:47:
f3:b6:01:de:7f:24:c5:d3:7b:10:64:d2:63:15:9d:e2:24:a6:
5d:6a:65:91:4c:67:c5:2f:7e:33:bb:a3:31:c9:89:3f:e2:a3:
53:7a:b8:12:83:f7:5e:2c:2a:32:ae:0f:dd:bd:21:cd:d9:77:
ff:7d:1c:fb:66:5c:3a:7c:ef:f8:b5:1f:c1:25:a5:09:6a:e3:
28:d7:b1:5c:29:dd:d8:8d:f2:d1:a3:a2:c4:5d:cb:8c:bd:14:
89:85:c7:3f:e6:d8:33:04:fc:23:94:14:33:22:2b:41:44:6c:
0f:0e:3e:9e:5b:05:41:e9:80:9e:e1:e3:72:d6:d8:87:b7:27:
d8:90:ee:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlH0AH6ztKxKhpXuiURM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTU5MDE4YWRmZjE2ZWFkZjU1NTFiMmNiNzRkOGY2ODYw
Y2QwNDQwHhcNMjQwMTAyMDAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZThmOWEwYTBjNjhhNTYwMmNkNTFiMTA0YzVlNjMxNGExY2NhMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY0rThumHSu0RSUTcBkNggLsIrvn
jLCnQrf18e5UDEyzV3a60RPwzkxrnTBKypDCIT3W90eyg4I+hCqNrLbml89Nzw9u
u5wSwRKsTqUd+hB+oFbDsZDWS2zKM+IiEA/GNGEZpIYqwY1PrPXWo3LuNwoVritG
2AE6MsypbpcFjReLAck/1Ca5MDJNcyAAvU7C7k9fcohsHckivTziD8A3RWdCF+eK
+CrNinGj4ziV4MrhZhX8Xk63XBWMJC3bOhurKVMky8wl1DLa/HBYTBNU9OxDFKtO
vfR7XQQ2lYJMKkobabGybGzBFAhy+adDA8PTX7lQRj9mU093fFC7y98jqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC6PmgoMaKVgLNUbEExeYxShzKMZMB8GA1UdIwQY
MBaAFEhVkBit/xbq31VRsst02PaGDNBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZXUUdLM19GdXJmVlZHeXkzVFk5b1lNMEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lZjU2ZDItNjMyZS00ODE2LWE5Y2Et
YWI0NWU2MDA3MWUyLzEvTG8tYUNneG9wV0FzMVJzUVRGNWpGS0hNb3hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lZjU2ZDItNjMyZS00ODE2LWE5Y2EtYWI0NWU2MDA3MWUy
LzEvU0ZXUUdLM19GdXJmVlZHeXkzVFk5b1lNMEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQoEAwQC
LY1AAwQCW8q8MA0GCSqGSIb3DQEBCwUAA4IBAQDO/mXHxO998k62EtMBKUA1sLuB
kKydqCtsA6RQZWZ2F7gr3CBgiNuKlyeEsZtEUSoFfEJc1su6gdHIyRHpY170Axct
43nVwU8NVqzL4Ghfx/a0M8TqZhNISXvokwq2Anvdcw+EGogb1RB2zikoZHBqshzX
kzf3a2tahnH0kUfztgHefyTF03sQZNJjFZ3iJKZdamWRTGfFL34zu6MxyYk/4qNT
ergSg/deLCoyrg/dvSHN2Xf/fRz7Zlw6fO/4tR/BJaUJauMo17FcKd3YjfLRo6LE
XcuMvRSJhcc/5tgzBPwjlBQzIitBRGwPDj6eWwVB6YCe4eNy1tiHtyfYkO7G
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:58:10 2024 by rpki-client on console-fra.rpki-client.org