Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/n42EvcIBiuSq__FmQqfSSIiH3SY.roa
File: n42EvcIBiuSq__FmQqfSSIiH3SY.roa (raw, json)
Hash identifier: cMmVAV0LHAr5hFbR2JsPhslXGv8V8wqVRIwicle7vuA=
Subject key identifier: 9F:8D:84:BD:C2:01:8A:E4:AA:FF:F1:66:42:A7:D2:48:88:87:DD:26
Certificate issuer: /CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Certificate serial: 018CC2DB46499228CB2A475F503E6C7EC526
Authority key identifier: 51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/n42EvcIBiuSq__FmQqfSSIiH3SY.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.156.96.0/24 maxlen: 24
45.156.98.0/24 maxlen: 24
45.156.97.0/24 maxlen: 24
45.156.99.0/24 maxlen: 24
2a0f:1c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.mft
rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:46:49:92:28:cb:2a:47:5f:50:3e:6c:7e:c5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f8d84bdc2018ae4aafff16642a7d2488887dd26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f0:f3:a1:7c:21:68:10:3f:f5:91:71:1f:c4:
25:a9:60:ec:94:97:c8:71:14:5b:67:84:74:62:30:
fa:e4:aa:14:9c:e8:38:31:5d:2c:d5:3d:4a:fe:37:
3c:96:12:4d:b9:a0:dc:2b:a7:b3:cb:a9:e1:1e:4e:
ee:fc:9f:85:b6:b4:29:4e:79:d9:08:2e:44:ac:91:
76:28:55:1b:89:90:13:c2:93:f6:96:7d:b5:5c:10:
c2:c3:1b:00:54:51:bd:a3:1e:91:67:d7:26:ff:5e:
55:25:a8:b2:6d:67:1b:6f:12:3b:5a:d6:3c:6d:95:
09:a1:2e:60:ad:3b:b1:ac:18:e4:dc:39:a2:00:ad:
b9:b1:02:85:8f:8e:a0:c0:ab:bb:05:40:4c:80:cd:
82:d5:e4:5b:08:f1:72:c3:c8:e1:1d:5a:85:d2:11:
c1:45:8c:b1:47:2b:83:8c:ef:cb:71:9f:70:9a:29:
f9:0c:ea:5f:da:f6:2b:8e:1e:b6:7c:46:bd:e7:6b:
92:e4:23:3c:22:c4:ce:a1:76:81:b7:97:c8:44:bb:
99:88:5c:bd:04:ce:78:0b:7b:d9:cc:a8:59:c8:93:
68:26:b8:64:47:52:ae:90:1e:fe:49:44:49:20:ee:
aa:07:5e:a3:44:57:ed:39:e5:ef:20:d0:50:16:1d:
59:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:8D:84:BD:C2:01:8A:E4:AA:FF:F1:66:42:A7:D2:48:88:87:DD:26
X509v3 Authority Key Identifier:
keyid:51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/n42EvcIBiuSq__FmQqfSSIiH3SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.96.0/22
IPv6:
2a0f:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
41:11:84:e5:c2:38:92:5b:83:15:03:cd:60:33:49:c0:af:c1:
1b:d5:7b:9f:bf:e9:9c:ec:df:2a:d8:1f:41:43:86:d5:d1:42:
a3:ef:d8:e0:74:84:7d:3d:4a:bc:a8:16:4b:67:9b:91:88:76:
f5:dd:60:58:3d:b1:6c:6e:e9:7e:98:12:66:0a:1d:f0:e3:80:
84:45:76:5e:2d:f2:0c:b7:a4:07:5b:41:ed:c2:32:6e:1e:e6:
6b:c1:40:ba:12:42:9c:e8:64:cf:85:53:56:9f:2e:a3:1c:1f:
b8:03:5d:58:58:da:5e:ae:e6:8e:56:b6:53:a5:f9:ab:ea:9d:
d2:78:a1:72:f4:fb:52:d9:be:74:e6:16:a1:27:ab:b1:f5:2c:
a2:e3:52:23:d8:ac:0c:13:53:ab:41:0a:37:88:a0:db:2b:9d:
13:d8:38:bb:0e:cc:b9:f7:df:5b:3d:5c:4a:60:29:38:f3:fb:
89:2b:21:35:e9:31:28:8c:e5:08:0d:81:4f:cc:86:d8:50:18:
dc:e0:10:bc:6c:d0:09:07:fe:e6:6e:6e:83:e3:ea:df:73:43:
46:55:e0:e5:3f:e9:ce:35:4d:e8:8f:3a:59:90:49:f5:22:c5:
a3:49:22:45:1a:f7:6b:92:a3:77:7a:66:4a:7f:07:33:81:8c:
a0:f0:c5:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC20ZJkijLKkdfUD5sfsUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYTBkOTgyNTEwM2Q5ZGE0NzYxZWZhOTFhNjBlYTJjYTc1
OGQwMDMwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjhkODRiZGMyMDE4YWU0YWFmZmYxNjY0MmE3ZDI0ODg4ODdkZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivDzoXwhaBA/9ZFxH8QlqWDslJfI
cRRbZ4R0YjD65KoUnOg4MV0s1T1K/jc8lhJNuaDcK6ezy6nhHk7u/J+FtrQpTnnZ
CC5ErJF2KFUbiZATwpP2ln21XBDCwxsAVFG9ox6RZ9cm/15VJaiybWcbbxI7WtY8
bZUJoS5grTuxrBjk3DmiAK25sQKFj46gwKu7BUBMgM2C1eRbCPFyw8jhHVqF0hHB
RYyxRyuDjO/LcZ9wmin5DOpf2vYrjh62fEa952uS5CM8IsTOoXaBt5fIRLuZiFy9
BM54C3vZzKhZyJNoJrhkR1KukB7+SURJIO6qB16jRFftOeXvINBQFh1ZUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ+NhL3CAYrkqv/xZkKn0kiIh90mMB8GA1UdIwQY
MBaAFFGg2YJRA9naR2HvqRpg6iynWNADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUt
NmEzZGYwMWEzMjM2LzEvbjQyRXZjSUJpdVNxX19GbVFxZlNTSWlIM1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUtNmEzZGYwMWEzMjM2
LzEvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZxgMA0E
AgACMAcDBQMqDxyAMA0GCSqGSIb3DQEBCwUAA4IBAQBBEYTlwjiSW4MVA81gM0nA
r8Eb1Xufv+mc7N8q2B9BQ4bV0UKj79jgdIR9PUq8qBZLZ5uRiHb13WBYPbFsbul+
mBJmCh3w44CERXZeLfIMt6QHW0HtwjJuHuZrwUC6EkKc6GTPhVNWny6jHB+4A11Y
WNperuaOVrZTpfmr6p3SeKFy9PtS2b505hahJ6ux9Syi41Ij2KwME1OrQQo3iKDb
K50T2Di7Dsy5999bPVxKYCk48/uJKyE16TEojOUIDYFPzIbYUBjc4BC8bNAJB/7m
bm6D4+rfc0NGVeDlP+nONU3ojzpZkEn1IsWjSSJFGvdrkqN3emZKfwczgYyg8MVm
-----END CERTIFICATE-----
Generated at Thu May 2 13:25:53 2024 by rpki-client on console-fra.rpki-client.org