Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/RE7XdvQuPqbYUtB7QYr6pFOyG_c.roa
File: RE7XdvQuPqbYUtB7QYr6pFOyG_c.roa (raw, json)
Hash identifier: sNg1EV+xqQk4nuPF4TQ412u3Gm1hhoy4MmpPrjuI+UA=
Subject key identifier: 44:4E:D7:76:F4:2E:3E:A6:D8:52:D0:7B:41:8A:FA:A4:53:B2:1B:F7
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0192CA210F1AAF4021903B448459EB9E5C9C
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/RE7XdvQuPqbYUtB7QYr6pFOyG_c.roa
Signing time: Sat 26 Oct 2024 18:40:17 +0000
ROA not before: Sat 26 Oct 2024 18:40:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197071
IP address blocks: 45.86.156.0/23 maxlen: 23
45.86.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ca:21:0f:1a:af:40:21:90:3b:44:84:59:eb:9e:5c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Oct 26 18:40:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=444ed776f42e3ea6d852d07b418afaa453b21bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:20:4f:77:8a:de:ea:4d:5a:9f:f4:8d:39:27:
cc:f6:91:93:3e:87:89:75:3a:eb:f5:18:a8:75:5a:
a5:3a:8f:fd:33:91:c8:53:79:0c:1b:b0:a9:82:92:
3c:d8:2b:a3:4f:5d:a5:1c:19:77:e2:26:56:55:e8:
95:09:cc:b5:7a:d9:c1:fa:33:fb:cd:b7:25:c2:8f:
c6:a9:64:5c:d8:3e:65:c2:16:af:14:2d:29:3d:5b:
2c:22:79:7e:12:ba:e0:46:c5:c9:6d:77:3a:f2:ab:
8d:f6:20:8c:9a:b7:9c:84:d8:16:99:5d:bf:24:4d:
23:f3:19:06:3e:4a:40:2b:e2:16:a6:4f:1e:3e:2e:
09:b2:03:8d:e2:48:9f:a8:3e:35:37:74:82:b0:55:
bd:78:cb:13:53:07:7d:9e:b5:bd:4d:79:2e:4f:f2:
9c:1c:d5:75:ed:21:63:7f:f2:d7:cf:f7:3f:c8:da:
0e:48:56:d4:ec:80:57:cc:13:61:83:16:82:bb:e5:
9b:0e:1c:2b:72:ec:e2:57:ea:af:45:d5:56:d0:45:
07:69:96:00:76:94:65:b6:1f:e3:eb:56:a1:13:c6:
c5:2b:18:cc:97:3d:97:19:28:c1:ed:eb:06:ea:64:
d3:5b:f4:86:be:76:19:b7:f8:9d:00:12:3b:47:3d:
68:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:4E:D7:76:F4:2E:3E:A6:D8:52:D0:7B:41:8A:FA:A4:53:B2:1B:F7
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/RE7XdvQuPqbYUtB7QYr6pFOyG_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/23
Signature Algorithm: sha256WithRSAEncryption
98:29:d5:6e:23:16:0c:98:dc:42:b2:ce:81:c8:dd:89:f8:24:
36:9c:21:53:07:cf:a8:f2:6b:4d:fe:53:5b:f0:bb:00:4f:58:
11:68:03:e7:6c:a8:df:b7:52:b4:63:dc:fa:cd:c9:f3:b0:33:
fa:99:f9:98:72:3f:b1:d5:8c:d2:41:82:29:c0:01:84:00:f1:
26:e6:f7:a6:db:e6:1c:29:e3:34:2d:3e:fa:eb:99:6a:65:3c:
08:58:16:6f:22:6a:0f:23:8d:fb:b0:2d:43:b2:5e:59:f3:47:
c8:8e:a1:26:1a:58:2a:53:d7:b1:4e:50:bb:bb:b3:01:71:8e:
3a:98:bc:99:a0:a8:19:f3:d6:dc:ac:93:df:4e:e6:ad:02:7c:
0a:90:cb:72:92:06:68:1f:c5:5d:54:77:19:8c:d5:a7:be:b2:
81:75:77:18:89:8f:f2:59:a3:03:40:5c:b9:e1:91:75:e8:80:
25:43:1f:c3:49:cc:10:09:2c:bc:97:ac:8c:fa:22:60:bb:c0:
56:a8:08:96:28:7d:8a:29:27:bb:6b:2c:2b:53:26:3d:61:8f:
08:db:5a:b5:7f:76:d5:d7:c5:20:a5:80:b2:ad:80:d7:d6:0e:
c5:eb:b2:8f:12:13:b2:47:1d:a3:37:14:9c:19:1c:a4:27:15:
52:b6:11:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLKIQ8ar0AhkDtEhFnrnlycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQxMDI2MTg0MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDRlZDc3NmY0MmUzZWE2ZDg1MmQwN2I0MThhZmFhNDUzYjIxYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCBPd4re6k1an/SNOSfM9pGTPoeJ
dTrr9RiodVqlOo/9M5HIU3kMG7CpgpI82CujT12lHBl34iZWVeiVCcy1etnB+jP7
zbclwo/GqWRc2D5lwhavFC0pPVssInl+ErrgRsXJbXc68quN9iCMmrechNgWmV2/
JE0j8xkGPkpAK+IWpk8ePi4JsgON4kifqD41N3SCsFW9eMsTUwd9nrW9TXkuT/Kc
HNV17SFjf/LXz/c/yNoOSFbU7IBXzBNhgxaCu+WbDhwrcuziV+qvRdVW0EUHaZYA
dpRlth/j61ahE8bFKxjMlz2XGSjB7esG6mTTW/SGvnYZt/idABI7Rz1ofwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERO13b0Lj6m2FLQe0GK+qRTshv3MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvUkU3WGR2UXVQcWJZVXRCN1FZcjZwRk95R19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVacMA0G
CSqGSIb3DQEBCwUAA4IBAQCYKdVuIxYMmNxCss6ByN2J+CQ2nCFTB8+o8mtN/lNb
8LsAT1gRaAPnbKjft1K0Y9z6zcnzsDP6mfmYcj+x1YzSQYIpwAGEAPEm5vem2+Yc
KeM0LT7665lqZTwIWBZvImoPI437sC1Dsl5Z80fIjqEmGlgqU9exTlC7u7MBcY46
mLyZoKgZ89bcrJPfTuatAnwKkMtykgZoH8VdVHcZjNWnvrKBdXcYiY/yWaMDQFy5
4ZF16IAlQx/DScwQCSy8l6yM+iJgu8BWqAiWKH2KKSe7aywrUyY9YY8I21q1f3bV
18UgpYCyrYDX1g7F67KPEhOyRx2jNxScGRykJxVSthFv
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:33:09 2024 by rpki-client on console-ams.rpki-client.org