Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DIIw4Sp31MIPSSC9vivY-XrwcCE.roa
File: DIIw4Sp31MIPSSC9vivY-XrwcCE.roa (raw, json)
Hash identifier: KInOLCC09lAHHVO5OJKqp35oAgDm9gx61XpPiUYUjUE=
Subject key identifier: 0C:82:30:E1:2A:77:D4:C2:0F:49:20:BD:BE:2B:D8:F9:7A:F0:70:21
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F06457FC5CC016A5544F04FBFEE3807EA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DIIw4Sp31MIPSSC9vivY-XrwcCE.roa
Signing time: Mon 22 Apr 2024 14:46:09 +0000
ROA not before: Mon 22 Apr 2024 14:46:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203217
IP address blocks: 45.8.72.0/23 maxlen: 24
81.161.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:45:7f:c5:cc:01:6a:55:44:f0:4f:bf:ee:38:07:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 22 14:46:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c8230e12a77d4c20f4920bdbe2bd8f97af07021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c2:06:9a:8e:2f:9b:22:04:f7:4c:fb:4a:60:
2d:1d:7d:2d:5d:4d:88:a5:f1:9b:aa:90:63:6e:ef:
ab:fa:df:06:9f:69:30:ce:1f:87:cd:f3:3f:c4:ba:
89:43:7b:b6:4d:b2:01:c7:21:05:69:50:77:7b:e8:
00:cd:6c:05:91:6a:57:9c:b1:55:14:16:ee:0d:af:
ff:ed:58:5c:91:e8:4f:77:0f:6b:ac:55:d3:dd:ca:
c7:6e:0f:c5:5a:ff:43:00:cd:cd:90:51:ad:1f:3b:
9e:3e:cd:6a:6b:d6:80:ed:7d:fa:7f:bf:0e:a6:6b:
4f:1c:9b:f5:b8:0e:4e:10:17:ca:58:08:0f:48:30:
f7:66:52:3d:30:99:8d:22:98:f8:21:07:51:ea:16:
2b:f3:be:1d:d2:42:36:ec:64:c7:b7:dc:da:e9:96:
52:66:53:fb:c9:ee:bf:3e:c8:ea:6b:2b:b0:7c:aa:
08:5b:92:c5:54:ac:39:b1:ff:9d:4d:07:2c:3d:e2:
ad:b8:ea:99:67:7f:b4:b8:63:90:b3:02:3e:b3:96:
9f:e6:78:c5:26:f5:a1:b2:64:0b:31:a6:52:46:65:
d2:a8:3f:66:d9:fc:6c:2e:4c:88:68:05:f6:3a:4b:
d3:c3:b5:53:df:b9:51:4b:f6:c9:9f:19:2b:7a:07:
70:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:82:30:E1:2A:77:D4:C2:0F:49:20:BD:BE:2B:D8:F9:7A:F0:70:21
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DIIw4Sp31MIPSSC9vivY-XrwcCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.72.0/23
81.161.228.0/24
Signature Algorithm: sha256WithRSAEncryption
99:87:e7:60:22:c4:cc:78:43:d0:1f:1d:6b:ad:22:0a:dc:bb:
9e:94:97:e7:bc:22:14:a9:27:c9:27:54:67:1d:73:61:9b:c3:
4d:76:4b:82:21:a8:82:dc:9a:0b:b4:7a:74:a2:31:48:95:6b:
0a:78:20:58:21:cd:a8:56:1a:96:5f:4f:1a:30:94:8b:67:47:
f8:fe:01:f1:e4:34:18:d2:4a:a2:8e:0b:81:b8:8a:c9:98:76:
d8:78:68:85:0f:17:16:fc:5b:98:17:0e:17:20:f1:f6:a7:73:
05:67:03:05:ed:82:2c:74:fd:66:ad:d6:fb:dc:8a:b1:e4:a3:
78:61:1e:ad:76:eb:8d:71:73:9d:2b:bc:f6:02:39:c6:a9:00:
39:0a:ba:5c:8b:82:0d:e1:52:bf:98:df:71:be:8b:bf:42:94:
e2:17:72:c5:90:a4:46:00:95:5f:09:40:b0:b9:d4:c7:8f:96:
4f:11:fa:94:91:0e:61:9a:05:17:4f:1e:f5:6e:ed:76:b8:2d:
be:c9:f6:45:f3:56:47:45:bc:68:5c:e9:b2:c8:f1:0a:62:57:
0c:7c:8d:bf:9b:eb:89:94:3e:28:87:26:e7:23:bb:45:3d:9b:
f3:d2:cc:d5:2f:d9:0c:dd:01:e3:33:eb:1d:34:b2:2b:e4:39:
9e:ac:3f:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8GRX/FzAFqVUTwT7/uOAfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDIyMTQ0NjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzgyMzBlMTJhNzdkNGMyMGY0OTIwYmRiZTJiZDhmOTdhZjA3MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsIGmo4vmyIE90z7SmAtHX0tXU2I
pfGbqpBjbu+r+t8Gn2kwzh+HzfM/xLqJQ3u2TbIBxyEFaVB3e+gAzWwFkWpXnLFV
FBbuDa//7VhckehPdw9rrFXT3crHbg/FWv9DAM3NkFGtHzuePs1qa9aA7X36f78O
pmtPHJv1uA5OEBfKWAgPSDD3ZlI9MJmNIpj4IQdR6hYr874d0kI27GTHt9za6ZZS
ZlP7ye6/PsjqayuwfKoIW5LFVKw5sf+dTQcsPeKtuOqZZ3+0uGOQswI+s5af5njF
JvWhsmQLMaZSRmXSqD9m2fxsLkyIaAX2OkvTw7VT37lRS/bJnxkregdw0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAyCMOEqd9TCD0kgvb4r2Pl68HAhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRElJdzRTcDMxTUlQU1NDOXZpdlktWHJ3Y0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLQhIAwQA
UaHkMA0GCSqGSIb3DQEBCwUAA4IBAQCZh+dgIsTMeEPQHx1rrSIK3LuelJfnvCIU
qSfJJ1RnHXNhm8NNdkuCIaiC3JoLtHp0ojFIlWsKeCBYIc2oVhqWX08aMJSLZ0f4
/gHx5DQY0kqijguBuIrJmHbYeGiFDxcW/FuYFw4XIPH2p3MFZwMF7YIsdP1mrdb7
3Iqx5KN4YR6tduuNcXOdK7z2AjnGqQA5Crpci4IN4VK/mN9xvou/QpTiF3LFkKRG
AJVfCUCwudTHj5ZPEfqUkQ5hmgUXTx71bu12uC2+yfZF81ZHRbxoXOmyyPEKYlcM
fI2/m+uJlD4ohybnI7tFPZvz0szVL9kM3QHjM+sdNLIr5DmerD+K
-----END CERTIFICATE-----
Generated at Mon May 20 04:54:21 2024 by rpki-client on console-ams.rpki-client.org