Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/bH4ncDj1EmgSDtc1Ob51ZmvjYUg.roa
File: bH4ncDj1EmgSDtc1Ob51ZmvjYUg.roa (raw, json)
Hash identifier: q2ZmmD8LzvIKqjMvXWGMal57BABriV0IlUeQz9cbCxI=
Subject key identifier: 6C:7E:27:70:38:F5:12:68:12:0E:D7:35:39:BE:75:66:6B:E3:61:48
Certificate issuer: /CN=7ddf809131ee56531939d05f607271bdf01d19b5
Certificate serial: 018CC26D62738E9EE9F5F330246AEE3DA558
Authority key identifier: 7D:DF:80:91:31:EE:56:53:19:39:D0:5F:60:72:71:BD:F0:1D:19:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fd-AkTHuVlMZOdBfYHJxvfAdGbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/bH4ncDj1EmgSDtc1Ob51ZmvjYUg.roa
Signing time: Mon 01 Jan 2024 00:29:57 +0000
ROA not before: Mon 01 Jan 2024 00:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35360
IP address blocks: 45.66.4.0/22 maxlen: 24
2a09:5fc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/fd-AkTHuVlMZOdBfYHJxvfAdGbU.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/fd-AkTHuVlMZOdBfYHJxvfAdGbU.mft
rsync://rpki.ripe.net/repository/DEFAULT/fd-AkTHuVlMZOdBfYHJxvfAdGbU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:62:73:8e:9e:e9:f5:f3:30:24:6a:ee:3d:a5:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ddf809131ee56531939d05f607271bdf01d19b5
Validity
Not Before: Jan 1 00:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c7e277038f51268120ed73539be75666be36148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:38:b4:8c:ae:58:2f:fe:a5:ce:ef:1a:b8:7c:
77:1a:2f:cf:c5:97:28:72:68:73:2e:15:8d:17:94:
24:70:00:b8:79:03:d4:c0:20:a2:8f:ca:a7:2a:41:
e0:38:58:b4:26:74:41:61:d5:0b:99:92:cb:6d:b0:
e2:f3:b3:cb:78:a5:e6:cd:94:84:bc:95:af:0d:f7:
63:f3:c9:22:d4:cd:35:c3:d6:97:13:dc:f1:51:d8:
cb:e1:04:fa:6c:ce:90:41:b6:3e:33:54:5a:21:30:
a3:fb:b3:cb:45:f7:99:4c:25:49:2b:be:64:1b:48:
69:60:69:8e:15:b5:31:94:03:d4:92:6c:e8:7f:39:
1e:1d:ae:c8:dd:fc:8f:1f:63:0b:b3:c4:ee:d9:aa:
df:fb:b9:03:48:cb:e0:d7:14:77:1a:d4:4d:db:f0:
d6:10:1f:8d:05:d7:24:49:12:b4:37:85:94:ef:29:
86:2a:6a:3f:18:d0:43:30:05:fe:5a:bb:69:79:27:
82:ba:b9:85:78:9c:9f:fe:50:4a:a8:d2:14:b0:90:
99:17:d1:4e:67:5e:42:7c:21:a3:fb:1c:53:b0:b3:
18:4c:e1:07:80:59:0d:2d:68:c2:57:2a:74:68:e1:
00:f0:9d:05:c8:13:bd:3b:65:1b:57:56:88:28:58:
8a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7E:27:70:38:F5:12:68:12:0E:D7:35:39:BE:75:66:6B:E3:61:48
X509v3 Authority Key Identifier:
keyid:7D:DF:80:91:31:EE:56:53:19:39:D0:5F:60:72:71:BD:F0:1D:19:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd-AkTHuVlMZOdBfYHJxvfAdGbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/bH4ncDj1EmgSDtc1Ob51ZmvjYUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e7e635-f256-4001-b071-b94eb9e6b9eb/1/fd-AkTHuVlMZOdBfYHJxvfAdGbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.4.0/22
IPv6:
2a09:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:a4:56:89:c5:21:27:72:42:03:70:dd:f8:8f:7f:bb:b8:ff:
38:82:84:57:12:e1:5c:64:3e:34:be:58:67:9a:ba:63:70:a2:
ba:44:cd:19:86:78:d9:27:03:f1:77:08:4c:c5:e6:0a:16:b2:
1a:ac:d9:18:ed:34:7e:f4:b4:59:d7:68:30:08:bc:ab:b0:b1:
14:cb:fc:a5:b3:4b:7e:68:d6:e6:93:36:48:7b:af:fd:49:e8:
e8:5f:7b:df:6a:ce:7d:de:7c:38:af:34:d0:9d:e9:59:d9:5b:
a8:6b:b1:74:fe:82:b2:1f:d8:e8:4c:2a:87:35:14:28:b3:c6:
12:3d:2e:09:2f:a1:32:92:f1:b2:28:d5:da:2b:fc:c3:2d:57:
1f:7e:77:e4:be:25:8c:0b:ad:46:0e:1c:6f:ab:31:74:be:89:
57:3a:f9:bb:94:48:5a:48:b0:16:07:0a:63:52:d4:db:b9:ec:
89:5f:29:a0:cd:18:e7:d5:18:1d:05:83:43:d1:c8:d5:e8:86:
1b:0b:0b:dd:d9:77:c4:af:e1:88:2e:07:6e:83:de:d8:b4:16:
31:2b:af:f9:77:b1:39:d7:78:a9:8c:fe:dd:de:e7:25:6c:06:
f7:6f:87:4c:18:74:6e:85:be:e3:75:9f:0a:56:77:64:2b:00:
fc:8d:90:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbWJzjp7p9fMwJGruPaVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZGY4MDkxMzFlZTU2NTMxOTM5ZDA1ZjYwNzI3MWJkZjAx
ZDE5YjUwHhcNMjQwMTAxMDAyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdlMjc3MDM4ZjUxMjY4MTIwZWQ3MzUzOWJlNzU2NjZiZTM2MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDi0jK5YL/6lzu8auHx3Gi/PxZco
cmhzLhWNF5QkcAC4eQPUwCCij8qnKkHgOFi0JnRBYdULmZLLbbDi87PLeKXmzZSE
vJWvDfdj88ki1M01w9aXE9zxUdjL4QT6bM6QQbY+M1RaITCj+7PLRfeZTCVJK75k
G0hpYGmOFbUxlAPUkmzofzkeHa7I3fyPH2MLs8Tu2arf+7kDSMvg1xR3GtRN2/DW
EB+NBdckSRK0N4WU7ymGKmo/GNBDMAX+WrtpeSeCurmFeJyf/lBKqNIUsJCZF9FO
Z15CfCGj+xxTsLMYTOEHgFkNLWjCVyp0aOEA8J0FyBO9O2UbV1aIKFiKWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGx+J3A49RJoEg7XNTm+dWZr42FIMB8GA1UdIwQY
MBaAFH3fgJEx7lZTGTnQX2Bycb3wHRm1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmQtQWtUSHVWbE1aT2RCZllISnh2ZkFkR2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lN2U2MzUtZjI1Ni00MDAxLWIwNzEt
Yjk0ZWI5ZTZiOWViLzEvYkg0bmNEajFFbWdTRHRjMU9iNTFabXZqWVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lN2U2MzUtZjI1Ni00MDAxLWIwNzEtYjk0ZWI5ZTZiOWVi
LzEvZmQtQWtUSHVWbE1aT2RCZllISnh2ZkFkR2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUIEMA0E
AgACMAcDBQMqCV/AMA0GCSqGSIb3DQEBCwUAA4IBAQChpFaJxSEnckIDcN34j3+7
uP84goRXEuFcZD40vlhnmrpjcKK6RM0ZhnjZJwPxdwhMxeYKFrIarNkY7TR+9LRZ
12gwCLyrsLEUy/yls0t+aNbmkzZIe6/9SejoX3vfas593nw4rzTQnelZ2Vuoa7F0
/oKyH9joTCqHNRQos8YSPS4JL6EykvGyKNXaK/zDLVcffnfkviWMC61GDhxvqzF0
volXOvm7lEhaSLAWBwpjUtTbueyJXymgzRjn1RgdBYND0cjV6IYbCwvd2XfEr+GI
Lgdug97YtBYxK6/5d7E513ipjP7d3uclbAb3b4dMGHRuhb7jdZ8KVndkKwD8jZAd
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:59:35 2024 by rpki-client on console-ams.rpki-client.org