Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/sn88rBgp-TMjGSzNWmW7COjiCM8.roa
File: sn88rBgp-TMjGSzNWmW7COjiCM8.roa (raw, json)
Hash identifier: Gy+DcD7QrmQweoZYg0QIfgIgBTBvVzTxlnzP9iPuQxc=
Subject key identifier: B2:7F:3C:AC:18:29:F9:33:23:19:2C:CD:5A:65:BB:08:E8:E2:08:CF
Certificate issuer: /CN=667d377dd4c830c246cb48a934699699e4b37741
Certificate serial: 018CC79338B3BE4A8A76BCB58C8B794528FD
Authority key identifier: 66:7D:37:7D:D4:C8:30:C2:46:CB:48:A9:34:69:96:99:E4:B3:77:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zn03fdTIMMJGy0ipNGmWmeSzd0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/sn88rBgp-TMjGSzNWmW7COjiCM8.roa
Signing time: Tue 02 Jan 2024 00:29:23 +0000
ROA not before: Tue 02 Jan 2024 00:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43619
IP address blocks: 45.66.108.0/22 maxlen: 24
2a09:6842::/32 maxlen: 48
2a09:6841::/32 maxlen: 48
2a09:6843::/32 maxlen: 48
2a09:6840::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/Zn03fdTIMMJGy0ipNGmWmeSzd0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/Zn03fdTIMMJGy0ipNGmWmeSzd0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zn03fdTIMMJGy0ipNGmWmeSzd0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:38:b3:be:4a:8a:76:bc:b5:8c:8b:79:45:28:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=667d377dd4c830c246cb48a934699699e4b37741
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b27f3cac1829f93323192ccd5a65bb08e8e208cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c9:8b:a4:b7:9f:15:5d:5c:ed:53:f9:36:ca:
41:fb:29:b7:bf:52:85:b2:80:63:40:a1:87:e6:97:
83:e2:91:48:45:8f:7a:f3:94:38:81:98:34:3a:f4:
fa:3f:47:53:5c:08:4a:20:d2:1e:9b:82:b2:d5:71:
86:83:54:89:72:ad:f9:cf:3a:48:42:f4:56:55:22:
5b:03:de:bd:4f:e8:69:3f:b0:c2:fa:73:0d:83:ea:
57:5c:4f:5b:af:4d:1c:36:5c:17:e6:95:af:75:5b:
f7:5e:77:d6:ef:85:bb:18:ac:ad:96:99:65:66:53:
e6:6c:16:36:42:40:a0:37:36:e6:7e:8d:3d:35:05:
f9:11:99:c1:d4:a8:e7:59:54:d0:e9:62:ca:44:68:
f2:16:51:55:aa:91:b8:29:be:e3:dd:b8:57:a1:74:
e1:d9:ce:81:d8:ed:88:67:c7:e2:2d:8c:fc:19:f1:
14:1e:7c:d3:86:b9:6f:02:75:75:54:65:de:37:e5:
38:53:19:b2:74:35:67:a4:b0:aa:7d:45:c5:8f:1f:
be:39:0e:98:ab:5c:94:52:ee:27:0b:00:ff:6d:ec:
f0:43:16:6d:77:a0:e3:89:2a:fb:e1:a8:ff:db:f8:
8f:8d:95:e5:89:e2:1e:35:cc:ac:7e:c1:f4:f9:db:
0e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:7F:3C:AC:18:29:F9:33:23:19:2C:CD:5A:65:BB:08:E8:E2:08:CF
X509v3 Authority Key Identifier:
keyid:66:7D:37:7D:D4:C8:30:C2:46:CB:48:A9:34:69:96:99:E4:B3:77:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zn03fdTIMMJGy0ipNGmWmeSzd0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/sn88rBgp-TMjGSzNWmW7COjiCM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/e6812e-96a4-48b4-ab61-121ff46018f3/1/Zn03fdTIMMJGy0ipNGmWmeSzd0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.108.0/22
IPv6:
2a09:6840::/30
Signature Algorithm: sha256WithRSAEncryption
0c:df:5e:1e:14:73:69:f3:c6:84:c8:a8:14:60:83:d0:76:55:
c8:11:c3:52:79:a5:0d:0a:c7:e0:f8:d4:81:6f:15:e1:a3:e2:
1e:6f:6d:56:33:6c:93:68:a3:1c:28:37:01:ef:52:48:ca:21:
33:70:b4:fd:33:b7:fc:58:f4:d3:ca:8c:d0:48:d0:9f:48:c6:
b0:b9:f3:b6:72:b6:c0:98:0b:12:43:21:52:bf:b3:5c:49:f6:
31:69:4e:a2:b2:b7:51:1c:41:7d:0a:5a:a2:0a:d8:37:1c:3c:
69:69:e0:c9:a5:f8:f1:9f:46:9b:46:ab:ca:1b:4e:79:d1:e5:
74:69:22:8d:c7:a7:69:39:5e:e4:21:4d:53:e5:46:af:57:5a:
18:4c:13:30:60:ff:a6:82:9f:41:c2:e7:a1:f2:72:ab:17:6d:
91:0c:e3:54:c5:f9:d5:bf:e9:e9:63:69:1d:95:eb:da:22:c7:
c4:ca:c9:72:25:3c:46:40:41:d6:75:98:72:a6:70:e0:ce:b7:
19:6b:9a:d7:07:f8:39:d8:25:17:ab:59:57:74:91:2e:54:fd:
05:36:14:5a:48:d6:4e:67:44:30:dc:a9:f4:2f:57:fb:66:0f:
f2:e2:45:1e:3c:4a:d7:9e:ac:65:c3:1f:6c:f1:77:96:34:15:
a3:65:1c:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHkzizvkqKdry1jIt5RSj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2N2QzNzdkZDRjODMwYzI0NmNiNDhhOTM0Njk5Njk5ZTRi
Mzc3NDEwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjdmM2NhYzE4MjlmOTMzMjMxOTJjY2Q1YTY1YmIwOGU4ZTIwOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8mLpLefFV1c7VP5NspB+ym3v1KF
soBjQKGH5peD4pFIRY9685Q4gZg0OvT6P0dTXAhKINIem4Ky1XGGg1SJcq35zzpI
QvRWVSJbA969T+hpP7DC+nMNg+pXXE9br00cNlwX5pWvdVv3XnfW74W7GKytlpll
ZlPmbBY2QkCgNzbmfo09NQX5EZnB1KjnWVTQ6WLKRGjyFlFVqpG4Kb7j3bhXoXTh
2c6B2O2IZ8fiLYz8GfEUHnzThrlvAnV1VGXeN+U4UxmydDVnpLCqfUXFjx++OQ6Y
q1yUUu4nCwD/bezwQxZtd6DjiSr74aj/2/iPjZXlieIeNcysfsH0+dsOdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLJ/PKwYKfkzIxkszVpluwjo4gjPMB8GA1UdIwQY
MBaAFGZ9N33UyDDCRstIqTRplpnks3dBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm4wM2ZkVElNTUpHeTBpcE5HbVdtZVN6ZDBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lNjgxMmUtOTZhNC00OGI0LWFiNjEt
MTIxZmY0NjAxOGYzLzEvc244OHJCZ3AtVE1qR1N6TldtVzdDT2ppQ004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lNjgxMmUtOTZhNC00OGI0LWFiNjEtMTIxZmY0NjAxOGYz
LzEvWm4wM2ZkVElNTUpHeTBpcE5HbVdtZVN6ZDBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUJsMA0E
AgACMAcDBQIqCWhAMA0GCSqGSIb3DQEBCwUAA4IBAQAM314eFHNp88aEyKgUYIPQ
dlXIEcNSeaUNCsfg+NSBbxXho+Ieb21WM2yTaKMcKDcB71JIyiEzcLT9M7f8WPTT
yozQSNCfSMawufO2crbAmAsSQyFSv7NcSfYxaU6isrdRHEF9ClqiCtg3HDxpaeDJ
pfjxn0abRqvKG0550eV0aSKNx6dpOV7kIU1T5UavV1oYTBMwYP+mgp9Bwueh8nKr
F22RDONUxfnVv+npY2kdlevaIsfEyslyJTxGQEHWdZhypnDgzrcZa5rXB/g52CUX
q1lXdJEuVP0FNhRaSNZOZ0Qw3Kn0L1f7Zg/y4kUePErXnqxlwx9s8XeWNBWjZRz1
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:03:53 2024 by rpki-client on console-ams.rpki-client.org