Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/ecdibGJShL7ELVK1rsFwqUWgwVc.roa
File: ecdibGJShL7ELVK1rsFwqUWgwVc.roa (raw, json)
Hash identifier: RaMPeuhcoD4oFjkIqnxCD6kqRvUkLrJ0duWHjVupI4E=
Subject key identifier: 79:C7:62:6C:62:52:84:BE:C4:2D:52:B5:AE:C1:70:A9:45:A0:C1:57
Certificate issuer: /CN=de5e36f159f576988fb4e51d4101bb85d0d0c983
Certificate serial: 018CC9BC0755ED64DD7D7176FAFC4E944BEA
Authority key identifier: DE:5E:36:F1:59:F5:76:98:8F:B4:E5:1D:41:01:BB:85:D0:D0:C9:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3l428Vn1dpiPtOUdQQG7hdDQyYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/ecdibGJShL7ELVK1rsFwqUWgwVc.roa
Signing time: Tue 02 Jan 2024 10:33:12 +0000
ROA not before: Tue 02 Jan 2024 10:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39421
IP address blocks: 45.90.163.0/24 maxlen: 24
45.90.162.0/24 maxlen: 24
45.90.160.0/22 maxlen: 22
45.90.161.0/24 maxlen: 24
45.90.160.0/24 maxlen: 24
2a0c:8880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/3l428Vn1dpiPtOUdQQG7hdDQyYM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/3l428Vn1dpiPtOUdQQG7hdDQyYM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3l428Vn1dpiPtOUdQQG7hdDQyYM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:07:55:ed:64:dd:7d:71:76:fa:fc:4e:94:4b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de5e36f159f576988fb4e51d4101bb85d0d0c983
Validity
Not Before: Jan 2 10:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79c7626c625284bec42d52b5aec170a945a0c157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:09:33:d8:8c:03:c8:b1:aa:c5:9d:95:4d:7f:
98:d5:54:79:70:c6:bd:71:a5:ce:29:0b:be:e2:25:
38:3e:08:ef:03:33:39:6c:70:94:dc:dc:e2:dd:ab:
fe:df:8b:f7:e0:88:bd:33:5e:ca:c3:42:74:dd:9f:
16:48:de:e4:8a:dd:e6:7c:8a:c2:7b:b5:b7:21:78:
70:61:e3:4c:a8:f3:72:a0:00:c7:b9:07:14:de:bf:
ff:62:c9:c1:7a:a2:16:d1:75:a2:22:b6:14:6e:17:
84:10:09:6d:da:7c:4b:89:57:22:ee:b5:7b:c7:e0:
8b:68:0d:5f:3c:bf:88:c8:62:19:e1:7d:b9:47:92:
12:9c:a8:19:0f:b6:1c:4b:37:20:9c:1b:d3:87:ce:
a0:ca:cf:ab:b6:07:60:6d:ab:7b:53:37:61:ec:4a:
e8:78:ac:3c:6c:1d:a9:86:4d:fb:fa:c5:c2:a5:04:
59:6d:cc:e7:e1:f0:22:3d:ea:95:d0:19:3e:d4:f1:
5d:a6:a4:67:17:2f:3c:40:b3:90:db:57:0a:1c:b1:
de:1c:c6:22:d6:b0:be:48:36:e0:aa:9b:6c:2a:42:
f8:cf:82:9b:29:58:13:9f:d6:92:fb:15:1b:48:83:
4b:16:51:39:c4:27:6b:f6:c0:81:a2:3b:ef:f9:92:
f3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:C7:62:6C:62:52:84:BE:C4:2D:52:B5:AE:C1:70:A9:45:A0:C1:57
X509v3 Authority Key Identifier:
keyid:DE:5E:36:F1:59:F5:76:98:8F:B4:E5:1D:41:01:BB:85:D0:D0:C9:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3l428Vn1dpiPtOUdQQG7hdDQyYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/ecdibGJShL7ELVK1rsFwqUWgwVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/3l428Vn1dpiPtOUdQQG7hdDQyYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.160.0/22
IPv6:
2a0c:8880::/29
Signature Algorithm: sha256WithRSAEncryption
7e:06:4e:80:27:32:d7:80:25:0c:ac:cc:83:17:4b:26:22:41:
c3:e1:51:65:00:be:8c:40:92:7e:42:9c:29:de:96:ba:bd:e9:
f4:5c:f1:b7:60:c3:05:94:05:9e:47:b5:86:f7:f7:5a:b2:33:
18:bc:ed:1d:14:b5:33:b1:66:fc:2d:0f:68:7d:a2:ce:aa:ed:
ff:2c:3c:ab:24:7b:ac:60:03:b9:f4:d0:dd:9b:7c:bd:97:0f:
8d:c1:a5:63:ba:c9:28:df:c3:64:7c:20:8d:75:68:03:8c:08:
15:c9:6b:fc:a1:10:2d:f9:99:87:08:fd:48:ce:f8:06:eb:4f:
6d:1a:9b:0d:14:74:94:1e:5a:53:52:bd:ff:23:a8:0b:34:5e:
4d:0c:20:73:a5:1c:0d:12:fc:3b:1d:3d:7a:f4:79:56:2f:34:
b5:f2:e0:7e:9f:5b:2b:e6:82:ab:ac:71:e5:66:5d:67:19:37:
31:bd:3c:f3:e4:6c:39:32:fb:24:c1:54:4b:dd:fd:43:c9:86:
94:20:f7:a2:d8:79:ad:46:96:82:e5:14:86:24:94:1e:7d:88:
d7:4b:9e:d5:4f:5a:77:32:ae:ce:a8:46:ec:f5:9f:88:1c:1d:
29:78:48:6d:bd:7b:5c:f8:4d:9d:d6:63:46:b9:1e:f6:6b:8d:
95:7f:06:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvAdV7WTdfXF2+vxOlEvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNWUzNmYxNTlmNTc2OTg4ZmI0ZTUxZDQxMDFiYjg1ZDBk
MGM5ODMwHhcNMjQwMTAyMTAzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWM3NjI2YzYyNTI4NGJlYzQyZDUyYjVhZWMxNzBhOTQ1YTBjMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowkz2IwDyLGqxZ2VTX+Y1VR5cMa9
caXOKQu+4iU4PgjvAzM5bHCU3Nzi3av+34v34Ii9M17Kw0J03Z8WSN7kit3mfIrC
e7W3IXhwYeNMqPNyoADHuQcU3r//YsnBeqIW0XWiIrYUbheEEAlt2nxLiVci7rV7
x+CLaA1fPL+IyGIZ4X25R5ISnKgZD7YcSzcgnBvTh86gys+rtgdgbat7Uzdh7Ero
eKw8bB2phk37+sXCpQRZbczn4fAiPeqV0Bk+1PFdpqRnFy88QLOQ21cKHLHeHMYi
1rC+SDbgqptsKkL4z4KbKVgTn9aS+xUbSINLFlE5xCdr9sCBojvv+ZLz8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHnHYmxiUoS+xC1Sta7BcKlFoMFXMB8GA1UdIwQY
MBaAFN5eNvFZ9XaYj7TlHUEBu4XQ0MmDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2w0MjhWbjFkcGlQdE9VZFFRRzdoZERReVlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8xY2NiZmQtYTY1MS00YzhlLTlkNjAt
ZWJiYmI0NDQyODZlLzEvZWNkaWJHSlNoTDdFTFZLMXJzRndxVVdnd1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8xY2NiZmQtYTY1MS00YzhlLTlkNjAtZWJiYmI0NDQyODZl
LzEvM2w0MjhWbjFkcGlQdE9VZFFRRzdoZERReVlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVqgMA0E
AgACMAcDBQMqDIiAMA0GCSqGSIb3DQEBCwUAA4IBAQB+Bk6AJzLXgCUMrMyDF0sm
IkHD4VFlAL6MQJJ+Qpwp3pa6ven0XPG3YMMFlAWeR7WG9/dasjMYvO0dFLUzsWb8
LQ9ofaLOqu3/LDyrJHusYAO59NDdm3y9lw+NwaVjusko38NkfCCNdWgDjAgVyWv8
oRAt+ZmHCP1IzvgG609tGpsNFHSUHlpTUr3/I6gLNF5NDCBzpRwNEvw7HT169HlW
LzS18uB+n1sr5oKrrHHlZl1nGTcxvTzz5Gw5MvskwVRL3f1DyYaUIPei2HmtRpaC
5RSGJJQefYjXS57VT1p3Mq7OqEbs9Z+IHB0peEhtvXtc+E2d1mNGuR72a42Vfwbe
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:19:40 2024 by rpki-client on console-ams.rpki-client.org