Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/uNEwSESXchQDBwMR2BT3BRCtkGM.roa
File: uNEwSESXchQDBwMR2BT3BRCtkGM.roa (raw, json)
Hash identifier: 4V8uX59vr66ou0i42HfX9VvwrfhCnScGVEmBUYmHc9M=
Subject key identifier: B8:D1:30:48:44:97:72:14:03:07:03:11:D8:14:F7:05:10:AD:90:63
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 018CC8015A2E0ED9C84AB81C57BD29D8CC20
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/uNEwSESXchQDBwMR2BT3BRCtkGM.roa
Signing time: Tue 02 Jan 2024 02:29:41 +0000
ROA not before: Tue 02 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138195
IP address blocks: 45.94.68.0/22 maxlen: 24
45.154.12.0/22 maxlen: 24
45.141.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 04:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5a:2e:0e:d9:c8:4a:b8:1c:57:bd:29:d8:cc:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 2 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8d130484497721403070311d814f70510ad9063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6b:5e:22:7b:5c:41:56:76:19:b4:ea:d2:54:
17:06:8c:cd:6a:12:63:60:3b:b6:92:0f:26:0c:3d:
d8:fd:ed:64:7e:f5:c8:52:bd:fb:6a:d5:d3:00:c7:
6a:38:54:66:a8:d4:13:9d:66:cf:59:0d:6a:d2:b7:
c6:d9:a7:33:d9:e0:16:c6:57:a0:ed:98:e2:fb:7b:
87:b0:09:bb:4f:bc:3b:bd:44:2a:4e:2c:89:23:09:
50:7f:3a:65:d6:0c:b2:8f:84:ba:a2:4a:75:f1:7d:
76:a9:c8:ee:64:53:af:41:02:c7:5f:75:d1:b7:a7:
1b:c8:37:ad:e5:bb:7d:6b:e6:f2:b0:0e:14:67:fc:
ce:50:ea:8e:6d:20:bb:e0:5f:c2:ef:80:97:8f:98:
7c:9f:87:86:20:f7:64:91:b5:23:f4:1f:3c:90:46:
46:59:68:21:4e:e5:9a:7a:f0:bb:67:2a:ec:c9:6d:
3b:04:91:05:d3:c0:5f:fe:fe:ae:29:ea:63:98:ec:
82:56:32:12:34:fb:69:10:0d:cc:c6:b7:cf:71:fc:
79:b9:dd:36:22:55:d1:d6:94:a3:ef:3f:d6:e4:96:
9d:ec:2b:d6:5f:d7:ff:e9:a4:8d:6b:ca:1d:ef:c1:
29:0e:e3:fa:70:ce:aa:a8:26:c1:22:dd:5b:5e:c2:
ac:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D1:30:48:44:97:72:14:03:07:03:11:D8:14:F7:05:10:AD:90:63
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/uNEwSESXchQDBwMR2BT3BRCtkGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.68.0/22
45.141.136.0/22
45.154.12.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:70:8d:50:f0:a9:df:76:5a:a4:27:78:94:36:bb:6f:24:d4:
f6:e8:20:8b:0a:c5:d1:18:cb:d9:34:6a:ec:3c:90:06:8b:4e:
25:51:69:3e:1b:8d:f5:7f:4c:31:6b:16:9a:16:27:b8:88:1e:
1f:21:54:aa:4b:fc:3a:51:56:d0:12:24:2b:fd:24:1f:80:ab:
c5:1c:0e:5c:87:57:a2:b6:18:04:f0:5c:17:b2:f2:40:2c:db:
dc:5b:a3:e6:69:89:bb:02:15:f6:5e:15:4a:68:92:f7:ab:a8:
b3:dc:14:a3:66:b6:fe:ab:0b:88:03:dc:02:99:5f:98:bc:43:
aa:8e:13:0d:d4:9b:b5:a4:2a:1e:dc:a1:49:fd:66:10:3e:69:
e5:35:b7:61:3d:6f:b3:de:c2:cf:6f:b4:fe:74:b5:6e:f9:c5:
b3:58:6a:9c:78:78:f7:66:0b:3b:cb:08:7d:15:1a:0c:51:c2:
1d:83:86:71:d6:4f:03:9a:a2:bd:aa:e4:a7:74:bc:c3:e4:65:
cf:7c:f8:77:93:da:15:23:0e:b2:69:f7:e4:51:5a:91:53:2d:
ef:ec:4b:de:f0:69:72:d5:a1:23:71:f0:16:38:48:7c:5a:87:
e7:30:97:75:1e:3c:b5:93:0c:df:a1:08:2f:0a:42:c7:e8:f1:
f1:50:1b:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAVouDtnISrgcV70p2MwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQxMzA0ODQ0OTc3MjE0MDMwNzAzMTFkODE0ZjcwNTEwYWQ5MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmteIntcQVZ2GbTq0lQXBozNahJj
YDu2kg8mDD3Y/e1kfvXIUr37atXTAMdqOFRmqNQTnWbPWQ1q0rfG2acz2eAWxleg
7Zji+3uHsAm7T7w7vUQqTiyJIwlQfzpl1gyyj4S6okp18X12qcjuZFOvQQLHX3XR
t6cbyDet5bt9a+bysA4UZ/zOUOqObSC74F/C74CXj5h8n4eGIPdkkbUj9B88kEZG
WWghTuWaevC7ZyrsyW07BJEF08Bf/v6uKepjmOyCVjISNPtpEA3MxrfPcfx5ud02
IlXR1pSj7z/W5Jad7CvWX9f/6aSNa8od78EpDuP6cM6qqCbBIt1bXsKs5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLjRMEhEl3IUAwcDEdgU9wUQrZBjMB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvdU5Fd1NFU1hjaFFEQndNUjJCVDNCUkN0a0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEtMGQ3YjU1MWY4Mjhj
LzEvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLV5EAwQC
LY2IAwQCLZoMMA0GCSqGSIb3DQEBCwUAA4IBAQCLcI1Q8KnfdlqkJ3iUNrtvJNT2
6CCLCsXRGMvZNGrsPJAGi04lUWk+G431f0wxaxaaFie4iB4fIVSqS/w6UVbQEiQr
/SQfgKvFHA5ch1eithgE8FwXsvJALNvcW6PmaYm7AhX2XhVKaJL3q6iz3BSjZrb+
qwuIA9wCmV+YvEOqjhMN1Ju1pCoe3KFJ/WYQPmnlNbdhPW+z3sLPb7T+dLVu+cWz
WGqceHj3Zgs7ywh9FRoMUcIdg4Zx1k8DmqK9quSndLzD5GXPfPh3k9oVIw6yaffk
UVqRUy3v7Eve8Gly1aEjcfAWOEh8WofnMJd1Hjy1kwzfoQgvCkLH6PHxUBt+
-----END CERTIFICATE-----
Generated at Tue May 7 08:34:44 2024 by rpki-client on console-fra.rpki-client.org