Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/ACIE5-S0IVTYqBW7HaEiA8_6VbE.roa
File: ACIE5-S0IVTYqBW7HaEiA8_6VbE.roa (raw, json)
Hash identifier: XSEQkfSzfWNOVeBK8Lbyeh18nfKhCH/I2oaYBQ80Tz0=
Subject key identifier: 00:22:04:E7:E4:B4:21:54:D8:A8:15:BB:1D:A1:22:03:CF:FA:55:B1
Certificate issuer: /CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Certificate serial: 018CC86EF1073CCD2E666C1CBA0E4EC035E2
Authority key identifier: 78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/ACIE5-S0IVTYqBW7HaEiA8_6VbE.roa
Signing time: Tue 02 Jan 2024 04:29:23 +0000
ROA not before: Tue 02 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41281
IP address blocks: 193.189.100.0/24 maxlen: 24
193.189.101.0/24 maxlen: 24
45.154.252.0/24 maxlen: 24
45.154.255.0/24 maxlen: 24
45.154.254.0/24 maxlen: 24
2001:67c:130c::/48 maxlen: 48
2a0f:df00:dead::/48 maxlen: 48
2a0f:df00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f1:07:3c:cd:2e:66:6c:1c:ba:0e:4e:c0:35:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Validity
Not Before: Jan 2 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=002204e7e4b42154d8a815bb1da12203cffa55b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:62:a4:a6:17:77:93:6a:b9:bf:2a:c0:b4:73:
ca:01:13:ee:15:06:e1:86:46:c5:7c:2f:68:fb:1c:
7c:e0:cc:34:6f:4c:b0:5c:22:07:0f:cc:66:2c:70:
5a:d5:d0:79:d9:5c:a9:8d:5c:9b:a0:b3:3e:05:c2:
ec:39:19:bb:ca:42:e2:38:75:17:ec:c1:44:56:e0:
af:95:41:cd:40:ef:94:ca:9f:87:61:3d:f8:2b:c5:
20:94:4c:22:34:25:a1:c4:6b:c8:55:96:a4:52:d7:
92:7c:9f:04:57:14:1b:1a:4e:69:a5:2e:ea:77:03:
a3:f2:7c:ba:d5:07:76:39:cf:2a:33:0c:aa:b1:54:
73:17:6e:60:86:c8:f9:19:d4:57:e8:a1:f5:04:75:
cb:d1:0d:63:7e:8c:90:48:2e:a8:63:5f:15:89:4c:
42:12:6c:64:1e:12:b6:84:76:a6:f6:60:dc:84:e1:
06:41:87:fb:e2:80:64:d8:e9:36:b7:cf:97:33:ad:
4c:cc:84:f4:28:02:c4:80:42:65:7a:32:63:6d:cc:
99:4a:d2:e8:87:43:ed:dd:c6:70:6a:44:7e:6b:64:
c9:bf:6a:19:ed:e7:7d:5f:c4:de:4b:6e:6b:c1:f2:
83:ca:b7:ce:98:a5:86:2f:d9:68:c0:9f:ef:94:2a:
a7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:22:04:E7:E4:B4:21:54:D8:A8:15:BB:1D:A1:22:03:CF:FA:55:B1
X509v3 Authority Key Identifier:
keyid:78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/ACIE5-S0IVTYqBW7HaEiA8_6VbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.252.0/24
45.154.254.0/23
193.189.100.0/23
IPv6:
2001:67c:130c::/48
2a0f:df00::/48
2a0f:df00:dead::/48
Signature Algorithm: sha256WithRSAEncryption
78:58:84:46:6d:2f:9d:10:4f:00:dc:7d:2a:7e:ad:a6:2c:b9:
7c:c1:1c:7e:d2:8d:fd:e2:f0:08:9a:c4:84:f4:b8:b1:e2:60:
d8:bd:d8:a8:c8:c0:b3:33:91:2d:24:8a:08:a0:3d:47:c4:a1:
11:7b:52:b4:04:b5:fb:e7:e5:cf:7d:15:d0:79:21:c8:1f:54:
69:ca:98:c1:fd:ef:2c:b4:6a:bf:a9:b4:87:03:c5:17:09:40:
3a:9e:69:84:f6:84:30:b6:01:96:b3:9b:c3:94:fa:27:97:6c:
0a:ec:83:33:ce:14:09:0f:56:79:ae:b2:08:0a:fe:3b:f9:08:
ee:ba:2c:26:35:a4:32:61:e0:83:ff:b2:b0:8d:b0:2e:b0:41:
41:f2:ee:66:96:28:17:fc:13:a8:9e:5e:26:08:a8:32:8f:a7:
d2:56:01:f5:49:1a:e0:be:08:3a:a7:4b:6d:90:f0:6b:bc:d5:
8d:7e:00:fa:8d:65:7c:35:6c:cc:4e:9d:97:20:03:ef:98:37:
a8:34:22:87:e1:48:04:ec:6a:63:bb:8a:c1:ad:fb:ef:6f:d0:
c9:e6:c2:75:e9:49:d5:89:b5:ac:62:8f:c5:a1:e1:7b:c4:46:
b5:de:a4:b5:d0:df:35:c9:ec:9e:95:37:52:fe:4b:40:06:37:
38:60:89:5a
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzIbvEHPM0uZmwcug5OwDXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2UzMWNlNWQ1MDFkMWE5NGFmZGFiYmQ0ZTAyNGNjMmE3
ODhlZjUwHhcNMjQwMTAyMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDIyMDRlN2U0YjQyMTU0ZDhhODE1YmIxZGExMjIwM2NmZmE1NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42Kkphd3k2q5vyrAtHPKARPuFQbh
hkbFfC9o+xx84Mw0b0ywXCIHD8xmLHBa1dB52VypjVyboLM+BcLsORm7ykLiOHUX
7MFEVuCvlUHNQO+Uyp+HYT34K8UglEwiNCWhxGvIVZakUteSfJ8EVxQbGk5ppS7q
dwOj8ny61Qd2Oc8qMwyqsVRzF25ghsj5GdRX6KH1BHXL0Q1jfoyQSC6oY18ViUxC
EmxkHhK2hHam9mDchOEGQYf74oBk2Ok2t8+XM61MzIT0KALEgEJlejJjbcyZStLo
h0Pt3cZwakR+a2TJv2oZ7ed9X8TeS25rwfKDyrfOmKWGL9lowJ/vlCqnEwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFAAiBOfktCFU2KgVux2hIgPP+lWxMB8GA1UdIwQY
MBaAFHh+Mc5dUB0alK/au9TgJMwqeI71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUt
MjMwN2JiNTkyMjVmLzEvQUNJRTUtUzBJVlRZcUJXN0hhRWlBOF82VmJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUtMjMwN2JiNTkyMjVm
LzEvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQALZr8AwQB
LZr+AwQBwb1kMCEEAgACMBsDBwAgAQZ8EwwDBwAqD98AAAADBwAqD98A3q0wDQYJ
KoZIhvcNAQELBQADggEBAHhYhEZtL50QTwDcfSp+raYsuXzBHH7Sjf3i8AiaxIT0
uLHiYNi92KjIwLMzkS0kigigPUfEoRF7UrQEtfvn5c99FdB5IcgfVGnKmMH97yy0
ar+ptIcDxRcJQDqeaYT2hDC2AZazm8OU+ieXbArsgzPOFAkPVnmusggK/jv5CO66
LCY1pDJh4IP/srCNsC6wQUHy7maWKBf8E6ieXiYIqDKPp9JWAfVJGuC+CDqnS22Q
8Gu81Y1+APqNZXw1bMxOnZcgA++YN6g0IofhSATsamO7isGt++9v0MnmwnXpSdWJ
taxij8Wh4XvERrXepLXQ3zXJ7J6VN1L+S0AGNzhgiVo=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:45:04 2024 by rpki-client on console-fra.rpki-client.org