Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/wR-JG8BbcylwwAu-O5IYVuoYG70.roa
File: wR-JG8BbcylwwAu-O5IYVuoYG70.roa (raw, json)
Hash identifier: M5NeyGOTdVIKjfunNQFXHDLKLTLUefIS2EcU0OLg4M0=
Subject key identifier: C1:1F:89:1B:C0:5B:73:29:70:C0:0B:BE:3B:92:18:56:EA:18:1B:BD
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018F8859E7E8BEA602B81BA3603109D6C559
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/wR-JG8BbcylwwAu-O5IYVuoYG70.roa
Signing time: Fri 17 May 2024 20:59:04 +0000
ROA not before: Fri 17 May 2024 20:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.158.0/24 maxlen: 24
85.117.240.0/24 maxlen: 24
2a09:ff00:8000::/37 maxlen: 48
2a09:ff00:8800::/37 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:88:59:e7:e8:be:a6:02:b8:1b:a3:60:31:09:d6:c5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: May 17 20:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c11f891bc05b732970c00bbe3b921856ea181bbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b6:48:1e:c9:95:7c:cf:fc:0b:3d:fa:4b:e2:
c3:3e:b7:e8:06:25:89:0f:3e:67:98:33:be:6e:ba:
80:41:2b:3c:19:42:0e:d6:1f:37:ff:aa:f9:95:32:
55:7e:cf:3c:87:78:d3:4f:55:f1:cf:c1:3f:cf:f5:
4c:ab:78:e1:64:fc:42:72:2a:4f:c6:8c:c9:f4:75:
20:73:08:b5:ee:45:45:9b:c3:73:65:5d:7d:f7:49:
eb:92:81:9a:c9:be:78:79:32:15:da:cb:da:6e:57:
f5:b7:27:a4:9b:ca:8d:a3:49:82:59:43:48:34:e0:
65:73:bf:0e:8d:07:3a:a5:ef:0b:9e:94:78:aa:34:
ac:0e:51:c4:50:44:f3:34:5f:2c:31:25:4f:13:f4:
ac:86:f3:c6:92:5b:0b:92:6d:6c:4c:ef:7c:37:f9:
a4:65:51:e1:18:46:1f:01:76:af:2e:12:02:e8:d6:
85:93:a0:9f:aa:4b:de:05:84:ea:65:27:e8:0b:e4:
21:a3:a1:ea:b8:4a:40:6d:0d:e2:66:d8:f6:ad:96:
8c:cf:5a:fa:2a:b6:e5:ac:cf:68:b9:8b:de:aa:68:
d7:62:7c:88:a2:53:d1:11:d5:68:b3:44:6e:b3:fb:
b8:ee:c4:4b:37:c5:5a:b7:1b:da:48:1e:b0:8d:3d:
cf:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:1F:89:1B:C0:5B:73:29:70:C0:0B:BE:3B:92:18:56:EA:18:1B:BD
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/wR-JG8BbcylwwAu-O5IYVuoYG70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.158.0/24
85.117.240.0/24
IPv6:
2a09:ff00:8000::/36
Signature Algorithm: sha256WithRSAEncryption
18:29:cc:fd:6a:a4:5e:4d:2d:2a:f6:3b:96:94:3f:fd:9c:a1:
f8:50:73:b4:79:fa:49:ed:83:ad:da:e6:87:90:c1:c3:cc:af:
c8:9f:c7:1d:9f:66:52:9c:54:ce:c4:02:88:48:64:77:7c:12:
b7:a1:90:ed:93:58:31:e7:01:31:81:b1:5b:94:c8:7b:a2:84:
c3:51:ef:27:85:4d:c1:08:1e:70:eb:95:d2:e9:07:3b:40:db:
82:cd:b0:46:36:bd:12:40:ab:52:4c:b2:ae:53:61:fd:51:4b:
d3:69:c4:0e:a1:9d:48:68:b6:e7:95:89:80:4a:b7:f1:fd:9c:
6e:40:de:76:20:f7:9d:9d:90:01:67:7e:53:5c:ac:b0:80:91:
a7:51:16:70:e2:09:5a:78:b9:6b:88:4c:12:b0:f2:d4:2a:f5:
9e:13:c6:22:65:ab:55:18:a7:51:c4:b4:33:f8:7f:60:04:c3:
ff:49:a6:5a:c3:10:82:09:0e:9f:d2:66:b5:ca:8f:aa:22:a0:
ec:a0:94:b4:3f:1b:b2:47:b8:54:cc:49:16:54:d5:07:ff:4d:
72:31:aa:a4:42:82:cd:5f:13:35:28:52:bf:83:f0:3d:d2:fe:
a2:71:6f:e9:9c:be:2b:7d:ea:ae:0e:51:c0:7f:98:2e:85:e7:
36:cd:d1:ce
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY+IWefovqYCuBujYDEJ1sVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNTE3MjA1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTFmODkxYmMwNWI3MzI5NzBjMDBiYmUzYjkyMTg1NmVhMTgxYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrZIHsmVfM/8Cz36S+LDPrfoBiWJ
Dz5nmDO+brqAQSs8GUIO1h83/6r5lTJVfs88h3jTT1Xxz8E/z/VMq3jhZPxCcipP
xozJ9HUgcwi17kVFm8NzZV1990nrkoGayb54eTIV2svablf1tyekm8qNo0mCWUNI
NOBlc78OjQc6pe8LnpR4qjSsDlHEUETzNF8sMSVPE/SshvPGklsLkm1sTO98N/mk
ZVHhGEYfAXavLhIC6NaFk6CfqkveBYTqZSfoC+Qho6HquEpAbQ3iZtj2rZaMz1r6
KrblrM9ouYveqmjXYnyIolPREdVos0Rus/u47sRLN8VatxvaSB6wjT3PGQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMEfiRvAW3MpcMALvjuSGFbqGBu9MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvd1ItSkc4QmJjeWx3d0F1LU81SVlWdW9ZRzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQALVaeAwQA
VXXwMA4EAgACMAgDBgQqCf8AgDANBgkqhkiG9w0BAQsFAAOCAQEAGCnM/WqkXk0t
KvY7lpQ//Zyh+FBztHn6Se2Drdrmh5DBw8yvyJ/HHZ9mUpxUzsQCiEhkd3wSt6GQ
7ZNYMecBMYGxW5TIe6KEw1HvJ4VNwQgecOuV0ukHO0Dbgs2wRja9EkCrUkyyrlNh
/VFL02nEDqGdSGi255WJgEq38f2cbkDediD3nZ2QAWd+U1yssICRp1EWcOIJWni5
a4hMErDy1Cr1nhPGImWrVRinUcS0M/h/YATD/0mmWsMQggkOn9JmtcqPqiKg7KCU
tD8bske4VMxJFlTVB/9NcjGqpEKCzV8TNShSv4PwPdL+onFv6Zy+K33qrg5RwH+Y
LoXnNs3Rzg==
-----END CERTIFICATE-----
Generated at Sat Sep 7 21:18:58 2024 by rpki-client on console-ams.rpki-client.org