Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/4UUtxcHrSw14AlMJzejGYj9ZusU.roa
File: 4UUtxcHrSw14AlMJzejGYj9ZusU.roa (raw, json)
Hash identifier: R3ewCFTzU6JgbAHhy/gO3M1EXj0Xrz431nmHMEM+Z8U=
Subject key identifier: E1:45:2D:C5:C1:EB:4B:0D:78:02:53:09:CD:E8:C6:62:3F:59:BA:C5
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 019349D583ADA7319743CC62184406F433C8
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/4UUtxcHrSw14AlMJzejGYj9ZusU.roa
Signing time: Wed 20 Nov 2024 13:49:09 +0000
ROA not before: Wed 20 Nov 2024 13:49:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61060
IP address blocks: 45.158.204.0/23 maxlen: 23
185.132.236.0/22 maxlen: 22
194.120.124.0/23 maxlen: 23
194.120.190.0/23 maxlen: 23
194.122.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 07:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:d5:83:ad:a7:31:97:43:cc:62:18:44:06:f4:33:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Nov 20 13:49:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1452dc5c1eb4b0d78025309cde8c6623f59bac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b9:0c:20:14:2c:da:92:38:0f:7f:83:86:3e:
f9:31:da:df:71:ff:e0:7e:e8:19:c7:f6:9a:18:ec:
90:e3:b7:c8:a8:3f:69:95:91:a5:d3:8f:a7:50:7d:
34:fe:b7:50:5d:38:14:89:db:4c:1d:5c:3d:36:5b:
4b:53:30:d2:e4:8d:41:17:c9:be:66:6c:52:a0:f7:
e1:21:18:ab:68:68:fb:93:e7:95:00:22:1b:15:e7:
97:ea:bb:a9:2f:b7:68:ae:0e:5e:f3:7b:82:e6:e0:
83:b7:03:7b:0a:68:dd:77:09:92:d7:58:da:53:fe:
ef:03:9a:da:86:c4:47:19:3e:98:d1:f0:e3:52:e3:
11:b6:5d:35:d2:16:64:8f:ad:32:07:66:bf:a2:cd:
f6:6f:e9:bd:15:f8:92:3d:eb:0d:02:68:b5:03:1e:
1d:44:0d:43:75:1a:95:2e:b8:e8:1a:f5:ee:77:12:
3f:b7:91:83:f0:f2:39:94:b4:c8:52:54:2c:00:11:
66:13:c7:22:bf:4b:d2:45:ee:6d:19:8e:d2:65:1b:
86:f4:55:d9:38:d5:5e:38:23:53:41:a8:60:71:18:
b9:2b:86:d4:12:6d:f7:c9:2a:ff:ec:ef:c0:f5:07:
a3:71:dc:b7:23:53:a0:62:ba:30:39:03:da:0d:a3:
6c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:45:2D:C5:C1:EB:4B:0D:78:02:53:09:CD:E8:C6:62:3F:59:BA:C5
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/4UUtxcHrSw14AlMJzejGYj9ZusU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.204.0/23
185.132.236.0/22
194.120.124.0/23
194.120.190.0/23
194.122.240.0/22
Signature Algorithm: sha256WithRSAEncryption
57:c4:a1:e7:fc:dd:42:85:23:cc:cb:86:c0:de:97:b5:de:74:
6e:9e:ce:fe:95:e5:44:fc:1c:84:40:5f:72:49:6f:d4:df:6c:
7e:91:4f:54:56:43:02:ee:55:63:8c:3e:fb:b4:9b:ee:1c:94:
65:d2:6b:60:d2:c1:33:0c:51:2f:0a:a9:36:02:ce:69:8d:cf:
c7:78:9d:ef:9c:84:ff:97:6a:eb:4e:10:ed:7c:0b:04:a7:ef:
5b:52:4b:5c:bd:23:71:ea:8d:b5:21:11:7c:1b:dd:70:68:25:
24:37:fc:05:93:96:f2:8f:f6:d3:4e:12:51:f2:34:fb:9c:ab:
47:ca:97:49:8b:57:df:f9:4c:68:63:48:f2:bb:39:ed:90:44:
e4:a7:53:ae:64:8b:df:b1:a6:5b:41:09:cc:b8:62:10:45:d1:
73:74:da:dd:6e:e2:44:93:1d:48:b0:5c:82:b2:d6:b0:c9:5e:
e3:68:a0:14:c2:06:ee:ec:04:71:1d:e3:8c:be:0c:ac:48:06:
15:ec:a7:4d:91:28:72:65:6c:f7:96:74:34:32:b3:21:6e:a1:
32:23:45:a3:2e:d8:4e:f3:9e:a4:be:c8:0d:83:c0:23:76:99:
ef:90:a6:49:5c:c8:03:49:ae:6a:3b:a6:8f:8c:74:2c:60:09:
86:77:b4:32
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNJ1YOtpzGXQ8xiGEQG9DPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjQxMTIwMTM0OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ1MmRjNWMxZWI0YjBkNzgwMjUzMDljZGU4YzY2MjNmNTliYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rkMIBQs2pI4D3+Dhj75Mdrfcf/g
fugZx/aaGOyQ47fIqD9plZGl04+nUH00/rdQXTgUidtMHVw9NltLUzDS5I1BF8m+
ZmxSoPfhIRiraGj7k+eVACIbFeeX6rupL7dorg5e83uC5uCDtwN7CmjddwmS11ja
U/7vA5rahsRHGT6Y0fDjUuMRtl010hZkj60yB2a/os32b+m9FfiSPesNAmi1Ax4d
RA1DdRqVLrjoGvXudxI/t5GD8PI5lLTIUlQsABFmE8civ0vSRe5tGY7SZRuG9FXZ
ONVeOCNTQahgcRi5K4bUEm33ySr/7O/A9Qejcdy3I1OgYrowOQPaDaNs+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOFFLcXB60sNeAJTCc3oxmI/WbrFMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvNFVVdHhjSHJTdzE0QWxNSnplakdZajladXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLZ7MAwQC
uYTsAwQBwnh8AwQBwni+AwQCwnrwMA0GCSqGSIb3DQEBCwUAA4IBAQBXxKHn/N1C
hSPMy4bA3pe13nRuns7+leVE/ByEQF9ySW/U32x+kU9UVkMC7lVjjD77tJvuHJRl
0mtg0sEzDFEvCqk2As5pjc/HeJ3vnIT/l2rrThDtfAsEp+9bUktcvSNx6o21IRF8
G91waCUkN/wFk5byj/bTThJR8jT7nKtHypdJi1ff+UxoY0jyuzntkETkp1OuZIvf
saZbQQnMuGIQRdFzdNrdbuJEkx1IsFyCstawyV7jaKAUwgbu7ARxHeOMvgysSAYV
7KdNkShyZWz3lnQ0MrMhbqEyI0WjLthO856kvsgNg8AjdpnvkKZJXMgDSa5qO6aP
jHQsYAmGd7Qy
-----END CERTIFICATE-----
Generated at Tue Dec 3 18:28:02 2024 by rpki-client on console-fra.rpki-client.org