Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/sgzvL4q6NZGvlojuIFR4MQ-eSF8.roa
File: sgzvL4q6NZGvlojuIFR4MQ-eSF8.roa (raw, json)
Hash identifier: R1r5pfmmuIv1+uqKgsbWqBsb8999xGO6svxHRKXkqCY=
Subject key identifier: B2:0C:EF:2F:8A:BA:35:91:AF:96:88:EE:20:54:78:31:0F:9E:48:5F
Certificate issuer: /CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Certificate serial: 018F5896EB7FE50CB09BDB62B504157F6EF0
Authority key identifier: B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/sgzvL4q6NZGvlojuIFR4MQ-eSF8.roa
Signing time: Wed 08 May 2024 14:23:56 +0000
ROA not before: Wed 08 May 2024 14:23:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39679
IP address blocks: 45.67.156.0/24 maxlen: 24
45.67.157.0/24 maxlen: 24
45.67.158.0/24 maxlen: 24
45.67.159.0/24 maxlen: 24
2a09:7ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:96:eb:7f:e5:0c:b0:9b:db:62:b5:04:15:7f:6e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Validity
Not Before: May 8 14:23:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b20cef2f8aba3591af9688ee205478310f9e485f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:58:12:4a:4c:04:72:dd:27:f7:d2:23:f5:be:
cd:82:a2:17:54:45:4e:d8:ee:1f:30:33:de:1a:ea:
bb:82:72:11:e7:9f:43:89:69:48:1a:47:91:78:e2:
0a:d9:e2:52:c2:da:b3:47:cc:47:b1:3a:fe:b1:5f:
3c:e7:ae:2a:10:b2:a2:5e:d5:f5:12:db:1d:71:57:
3d:a5:9a:34:5f:e1:35:4a:07:03:ae:52:66:a9:35:
35:77:cc:9c:7d:84:ce:74:9e:86:1f:19:68:4f:3f:
ad:b8:b6:d9:3f:16:ab:54:77:69:5e:dc:57:4e:1f:
39:a9:ba:a8:33:e0:54:92:f5:a2:02:dd:23:f0:90:
30:fd:e4:4c:ae:8e:e7:da:12:5e:65:05:84:8b:14:
e0:a9:00:1e:9f:28:97:a9:14:c9:5a:58:4b:1f:20:
c3:4b:dc:42:e7:da:01:e4:b5:49:9a:ee:c3:fe:e5:
7c:4c:28:00:a5:d7:11:73:a1:4b:86:a1:f4:11:d4:
3c:36:ed:a4:a6:92:84:16:38:f2:a0:1d:14:04:3b:
88:c2:44:86:ec:7a:fa:13:23:13:b1:f4:d6:46:ef:
c0:8f:e4:08:08:25:57:4e:b4:70:61:5e:bc:a3:9e:
5c:6a:70:6a:71:98:8c:ed:c8:99:77:d8:57:b7:88:
13:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0C:EF:2F:8A:BA:35:91:AF:96:88:EE:20:54:78:31:0F:9E:48:5F
X509v3 Authority Key Identifier:
keyid:B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/sgzvL4q6NZGvlojuIFR4MQ-eSF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.156.0/22
IPv6:
2a09:7ac0::/32
Signature Algorithm: sha256WithRSAEncryption
9e:10:e3:1a:fe:5f:f1:d1:22:d5:e8:68:21:84:b0:16:62:ca:
ef:4d:79:f0:f1:48:c1:1e:f4:6c:1e:23:32:e9:b3:af:ff:af:
0b:7e:09:25:75:e9:8b:cb:b7:e6:ec:37:bd:89:ad:0c:fa:03:
16:fe:54:37:c6:10:ef:2d:85:71:57:68:69:09:32:7d:f5:e2:
34:2d:11:27:7a:58:b1:b0:4f:6f:83:c1:49:3a:a1:8b:82:c2:
62:cb:04:48:a3:9b:ee:d1:75:e1:a2:51:70:65:97:d9:de:6e:
99:3a:3c:c0:53:04:23:1e:c0:c7:07:ff:70:94:19:82:ee:10:
b9:57:3c:07:a0:87:24:2a:2c:0c:d6:fc:89:85:8a:d8:3d:6c:
7d:17:0c:c2:bb:3c:80:54:3a:36:e7:15:44:d7:d4:51:76:16:
b8:4f:9a:52:c3:35:d3:21:58:0b:4f:cf:a5:d2:08:8f:52:fb:
a8:fe:fd:22:94:c5:d1:d1:f1:50:58:60:41:3b:a1:05:b5:20:
15:d9:ab:d1:d0:bf:ac:cf:2b:71:50:14:2b:78:44:ba:41:68:
6e:c3:e5:33:f5:1d:2d:1f:3f:3c:48:66:b6:ef:0f:33:eb:1c:
81:6b:b4:79:aa:a0:c8:d2:96:65:de:9a:3f:93:fd:0e:53:06:
2c:e5:8c:83
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY9Ylut/5Qywm9titQQVf27wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDI3ZWE0OWY5NzJkMTljNTYzOTNhNjg5ZTdjYmViOTkw
ZDVkN2EwHhcNMjQwNTA4MTQyMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBjZWYyZjhhYmEzNTkxYWY5Njg4ZWUyMDU0NzgzMTBmOWU0ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlgSSkwEct0n99Ij9b7NgqIXVEVO
2O4fMDPeGuq7gnIR559DiWlIGkeReOIK2eJSwtqzR8xHsTr+sV88564qELKiXtX1
EtsdcVc9pZo0X+E1SgcDrlJmqTU1d8ycfYTOdJ6GHxloTz+tuLbZPxarVHdpXtxX
Th85qbqoM+BUkvWiAt0j8JAw/eRMro7n2hJeZQWEixTgqQAenyiXqRTJWlhLHyDD
S9xC59oB5LVJmu7D/uV8TCgApdcRc6FLhqH0EdQ8Nu2kppKEFjjyoB0UBDuIwkSG
7Hr6EyMTsfTWRu/Aj+QICCVXTrRwYV68o55canBqcZiM7ciZd9hXt4gTVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLIM7y+KujWRr5aI7iBUeDEPnkhfMB8GA1UdIwQY
MBaAFLVCfqSfly0ZxWOTponny+uZDV16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1Mjgt
MGM0OTU0NzdjYTEwLzEvc2d6dkw0cTZOWkd2bG9qdUlGUjRNUS1lU0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1MjgtMGM0OTU0NzdjYTEw
LzEvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUOcMA0E
AgACMAcDBQAqCXrAMA0GCSqGSIb3DQEBCwUAA4IBAQCeEOMa/l/x0SLV6GghhLAW
YsrvTXnw8UjBHvRsHiMy6bOv/68LfgkldemLy7fm7De9ia0M+gMW/lQ3xhDvLYVx
V2hpCTJ99eI0LREnelixsE9vg8FJOqGLgsJiywRIo5vu0XXholFwZZfZ3m6ZOjzA
UwQjHsDHB/9wlBmC7hC5VzwHoIckKiwM1vyJhYrYPWx9FwzCuzyAVDo25xVE19RR
dha4T5pSwzXTIVgLT8+l0giPUvuo/v0ilMXR0fFQWGBBO6EFtSAV2avR0L+szytx
UBQreES6QWhuw+Uz9R0tHz88SGa27w8z6xyBa7R5qqDI0pZl3po/k/0OUwYs5YyD
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:18:32 2024 by rpki-client on console-fra.rpki-client.org