Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/_ugq4K177Y9HJkTpyJYUub5p6OY.roa
File: _ugq4K177Y9HJkTpyJYUub5p6OY.roa (raw, json)
Hash identifier: FEVR2O86Iku2J8AKHIoawPwgt2ucSupEXZueKpz3IiM=
Subject key identifier: FE:E8:2A:E0:AD:7B:ED:8F:47:26:44:E9:C8:96:14:B9:BE:69:E8:E6
Certificate issuer: /CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Certificate serial: 018D16ADEE4D0A452B800307E430BF77779E
Authority key identifier: E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/_ugq4K177Y9HJkTpyJYUub5p6OY.roa
Signing time: Wed 17 Jan 2024 09:08:33 +0000
ROA not before: Wed 17 Jan 2024 09:08:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204860
IP address blocks: 45.156.44.0/22 maxlen: 22
45.158.88.0/22 maxlen: 22
194.180.110.0/24 maxlen: 24
194.180.115.0/24 maxlen: 24
194.180.150.0/24 maxlen: 24
194.180.154.0/24 maxlen: 24
2a0f:2a80::/29 maxlen: 48
2a0f:5880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 06:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:16:ad:ee:4d:0a:45:2b:80:03:07:e4:30:bf:77:77:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Validity
Not Before: Jan 17 09:08:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fee82ae0ad7bed8f472644e9c89614b9be69e8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3d:2b:9c:fa:1b:4c:15:d4:c4:c8:5a:d9:11:
ed:ca:26:a3:17:8a:2c:fb:a9:c9:2b:b2:e4:cf:99:
fc:bc:27:1e:0d:74:86:fb:98:22:93:1a:e8:db:90:
9c:16:9a:e4:4b:7e:83:e4:6d:40:e6:cd:1d:bd:34:
94:4f:1c:53:8f:0d:98:cf:19:eb:f4:81:d4:5d:da:
79:6b:53:7a:5e:5e:20:cd:a7:6a:79:cf:21:30:e2:
f9:9a:bd:02:9b:10:0f:a9:04:10:6b:61:5c:be:1c:
5a:8f:6a:34:fd:6f:78:80:66:e7:4f:a3:9f:2b:95:
fe:31:24:3e:74:76:3c:59:84:c9:1e:34:5e:51:d7:
b0:ce:f7:c8:37:24:0a:94:89:fc:f2:4d:87:22:55:
fc:bc:4f:fc:ef:00:05:57:3f:4e:b2:76:ae:6e:4a:
9d:c6:88:a7:6e:e2:2e:a8:ae:11:e0:77:10:c9:22:
f6:88:f1:20:77:be:6c:32:e7:62:be:62:6a:7a:e1:
75:e9:89:75:72:71:e3:5c:b9:75:06:3e:82:8e:2e:
84:7f:75:2b:bc:21:2e:3c:cb:91:0f:c3:47:9d:ba:
48:4f:12:7c:9a:7a:ce:8d:25:cc:ce:11:78:07:75:
22:a4:68:9e:e5:50:a5:ab:99:ae:64:d3:3b:71:1e:
4e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E8:2A:E0:AD:7B:ED:8F:47:26:44:E9:C8:96:14:B9:BE:69:E8:E6
X509v3 Authority Key Identifier:
keyid:E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/_ugq4K177Y9HJkTpyJYUub5p6OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.44.0/22
45.158.88.0/22
194.180.110.0/24
194.180.115.0/24
194.180.150.0/24
194.180.154.0/24
IPv6:
2a0f:2a80::/29
2a0f:5880::/29
Signature Algorithm: sha256WithRSAEncryption
72:b2:53:c4:31:f0:eb:6f:9a:85:86:55:7b:eb:ac:74:f8:5b:
79:6a:85:d4:33:55:b2:a2:ca:dd:ec:c8:b5:25:2a:9f:ca:05:
a0:0a:24:3b:0f:d2:94:84:3f:2e:08:d9:6b:e1:4f:3e:34:c4:
5c:ff:38:38:31:86:32:f2:e3:f9:9b:e9:50:0f:67:98:c8:c3:
d5:3b:b4:c0:05:b5:90:a5:74:bb:92:d2:e3:27:31:ab:64:21:
e2:b6:e8:00:76:19:37:72:25:92:d8:38:12:66:2e:d3:20:12:
f8:30:2e:bb:e7:43:0d:3b:ef:ce:bf:14:d7:b9:08:6b:16:2e:
d7:29:32:2e:17:9d:eb:5f:21:c4:b5:7c:52:c3:29:65:ae:2c:
62:97:f8:9c:e4:59:c8:e5:60:75:69:3f:47:f1:32:ad:54:f4:
4c:b0:b7:fa:d6:12:37:eb:47:16:f7:1e:e0:f4:cb:35:ad:23:
a2:f1:42:1a:2b:1a:94:44:0b:1d:fb:4f:51:af:6d:51:f2:ff:
6f:00:d5:fa:f2:79:0c:8b:23:68:ba:c2:05:35:fe:3b:55:7c:
d7:ff:22:16:e1:9f:7e:07:1e:37:1e:c0:2c:8d:b7:00:9f:1c:
4c:71:21:2b:ba:fe:90:6a:7e:2d:12:3b:e0:20:94:2b:14:47:
2d:db:88:c3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY0Wre5NCkUrgAMH5DC/d3eeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTgwOGYzZjkyMWJjOGMzZWVhODdjNzU4NGM1ODRjMTAw
MGIwNTEwHhcNMjQwMTE3MDkwODMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWU4MmFlMGFkN2JlZDhmNDcyNjQ0ZTljODk2MTRiOWJlNjllOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT0rnPobTBXUxMha2RHtyiajF4os
+6nJK7Lkz5n8vCceDXSG+5gikxro25CcFprkS36D5G1A5s0dvTSUTxxTjw2Yzxnr
9IHUXdp5a1N6Xl4gzadqec8hMOL5mr0CmxAPqQQQa2Fcvhxaj2o0/W94gGbnT6Of
K5X+MSQ+dHY8WYTJHjReUdewzvfINyQKlIn88k2HIlX8vE/87wAFVz9Osnaubkqd
xoinbuIuqK4R4HcQySL2iPEgd75sMudivmJqeuF16Yl1cnHjXLl1Bj6Cji6Ef3Ur
vCEuPMuRD8NHnbpITxJ8mnrOjSXMzhF4B3UipGie5VClq5muZNM7cR5ObQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFP7oKuCte+2PRyZE6ciWFLm+aejmMB8GA1UdIwQY
MBaAFOFYCPP5IbyMPuqHx1hMWEwQALBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAt
YWIxOWZjYjBjZTY0LzEvX3VncTRLMTc3WTlISmtUcHlKWVV1YjVwNk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAtYWIxOWZjYjBjZTY0
LzEvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLZwsAwQC
LZ5YAwQAwrRuAwQAwrRzAwQAwrSWAwQAwrSaMBQEAgACMA4DBQMqDyqAAwUDKg9Y
gDANBgkqhkiG9w0BAQsFAAOCAQEAcrJTxDHw62+ahYZVe+usdPhbeWqF1DNVsqLK
3ezItSUqn8oFoAokOw/SlIQ/LgjZa+FPPjTEXP84ODGGMvLj+ZvpUA9nmMjD1Tu0
wAW1kKV0u5LS4ycxq2Qh4rboAHYZN3Ilktg4EmYu0yAS+DAuu+dDDTvvzr8U17kI
axYu1ykyLhed618hxLV8UsMpZa4sYpf4nORZyOVgdWk/R/EyrVT0TLC3+tYSN+tH
Fvce4PTLNa0jovFCGisalEQLHftPUa9tUfL/bwDV+vJ5DIsjaLrCBTX+O1V81/8i
FuGffgceNx7ALI23AJ8cTHEhK7r+kGp+LRI74CCUKxRHLduIww==
-----END CERTIFICATE-----
Generated at Thu May 2 10:29:38 2024 by rpki-client on console-fra.rpki-client.org