Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/80Bt13MOeuRYojh-5RWk4NHesVY.roa
File: 80Bt13MOeuRYojh-5RWk4NHesVY.roa (raw, json)
Hash identifier: pMuSHtiJkaaCtU7Nd8RbHlGDbzCRoF6OtLPr/TjXDL4=
Subject key identifier: F3:40:6D:D7:73:0E:7A:E4:58:A2:38:7E:E5:15:A4:E0:D1:DE:B1:56
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E3F9C2F66C00882466510D9482B49
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/80Bt13MOeuRYojh-5RWk4NHesVY.roa
Signing time: Tue 02 Jan 2024 08:33:17 +0000
ROA not before: Tue 02 Jan 2024 08:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204174
IP address blocks: 45.152.163.0/24 maxlen: 24
45.152.162.0/23 maxlen: 23
45.152.162.0/24 maxlen: 24
45.92.219.0/24 maxlen: 24
45.92.218.0/23 maxlen: 23
45.92.218.0/24 maxlen: 24
45.134.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3f:9c:2f:66:c0:08:82:46:65:10:d9:48:2b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3406dd7730e7ae458a2387ee515a4e0d1deb156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3e:bd:41:b0:97:76:45:2f:41:41:d3:04:44:
a0:81:fc:82:f4:5e:54:b1:f4:c8:4f:2a:ed:70:94:
d1:12:c3:c0:7b:1f:13:1f:b4:e2:62:bd:0f:31:3f:
8b:4a:28:83:8c:96:2d:f1:2b:aa:bc:1b:c9:af:98:
9f:8c:61:b8:6f:c2:6d:07:49:d5:dd:14:54:09:25:
ea:89:48:d3:32:2b:af:5d:c7:f8:95:93:74:7e:b9:
ee:d5:de:cc:24:1b:d6:be:25:c9:22:b9:7d:fb:13:
1a:e5:a7:4c:5b:18:b8:cb:e1:e1:a8:1a:f2:82:93:
01:41:0c:3f:26:21:e0:5e:4d:3a:f0:06:e3:8a:28:
71:a8:a7:3c:58:67:09:9b:8d:48:43:17:e8:56:ad:
1a:7c:0b:67:73:dc:dc:53:76:d5:e8:48:45:13:94:
a6:4a:76:c5:19:65:d9:7f:f0:26:1e:4a:83:28:09:
61:6a:6b:06:07:59:4c:2f:ba:c4:a0:c3:ae:12:21:
3f:41:21:78:f1:08:15:e9:d7:4b:4b:5e:78:b8:c7:
e8:51:2a:a0:3f:48:41:08:6d:69:59:8e:4e:79:be:
74:45:89:ff:f5:aa:6c:b6:84:81:3c:76:b2:2c:d0:
b6:bb:0a:1a:1c:ee:e4:05:29:47:de:67:4e:1c:7b:
6c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:40:6D:D7:73:0E:7A:E4:58:A2:38:7E:E5:15:A4:E0:D1:DE:B1:56
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/80Bt13MOeuRYojh-5RWk4NHesVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.218.0/23
45.134.38.0/24
45.152.162.0/23
Signature Algorithm: sha256WithRSAEncryption
90:cf:a3:03:47:bd:d3:e0:34:94:ca:5a:67:6e:af:95:3c:c0:
18:f3:f3:76:8b:a5:d2:d4:89:a5:9f:f6:a5:e6:93:98:4d:41:
7a:62:2d:1d:ef:8e:49:52:32:a8:2b:f4:63:e3:97:92:8b:54:
2e:6d:07:31:2f:43:7f:6b:ca:32:b8:55:ad:32:24:eb:c4:61:
89:a5:ca:b0:30:1d:83:00:ef:65:63:1c:85:09:c8:42:5b:2a:
da:1b:16:12:04:3c:75:10:60:ed:77:bd:2e:45:cf:6f:67:0b:
96:76:5e:bc:a6:0d:77:ef:db:9a:53:2f:8c:26:bf:4c:a4:41:
78:a5:74:be:db:33:0d:e8:61:f2:5b:6e:1a:d2:cf:1d:79:cb:
3c:0a:56:2e:9e:94:68:bf:b9:df:23:ff:74:6b:e0:9f:39:5a:
d1:6f:ce:d1:42:13:75:74:92:b5:e0:ab:32:fb:46:8b:fa:cf:
69:f7:59:35:d1:93:9f:50:2a:22:e8:9f:62:d5:24:61:26:78:
42:75:85:4d:cf:78:49:f9:ab:2f:b0:d1:67:f0:31:c8:24:51:
da:15:80:e0:64:23:19:d7:d1:24:db:26:81:d6:de:c3:a8:e8:
22:44:cb:33:e3:5a:21:ed:81:4b:d1:73:be:f4:04:c4:b7:bd:
41:0f:b5:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTj+cL2bACIJGZRDZSCtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzQwNmRkNzczMGU3YWU0NThhMjM4N2VlNTE1YTRlMGQxZGViMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD69QbCXdkUvQUHTBESggfyC9F5U
sfTITyrtcJTREsPAex8TH7TiYr0PMT+LSiiDjJYt8SuqvBvJr5ifjGG4b8JtB0nV
3RRUCSXqiUjTMiuvXcf4lZN0frnu1d7MJBvWviXJIrl9+xMa5adMWxi4y+HhqBry
gpMBQQw/JiHgXk068AbjiihxqKc8WGcJm41IQxfoVq0afAtnc9zcU3bV6EhFE5Sm
SnbFGWXZf/AmHkqDKAlhamsGB1lML7rEoMOuEiE/QSF48QgV6ddLS154uMfoUSqg
P0hBCG1pWY5Oeb50RYn/9apstoSBPHayLNC2uwoaHO7kBSlH3mdOHHts0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPNAbddzDnrkWKI4fuUVpODR3rFWMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvODBCdDEzTU9ldVJZb2poLTVSV2s0Tkhlc1ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVzaAwQA
LYYmAwQBLZiiMA0GCSqGSIb3DQEBCwUAA4IBAQCQz6MDR73T4DSUylpnbq+VPMAY
8/N2i6XS1Imln/al5pOYTUF6Yi0d745JUjKoK/Rj45eSi1QubQcxL0N/a8oyuFWt
MiTrxGGJpcqwMB2DAO9lYxyFCchCWyraGxYSBDx1EGDtd70uRc9vZwuWdl68pg13
79uaUy+MJr9MpEF4pXS+2zMN6GHyW24a0s8decs8ClYunpRov7nfI/90a+CfOVrR
b87RQhN1dJK14Ksy+0aL+s9p91k10ZOfUCoi6J9i1SRhJnhCdYVNz3hJ+asvsNFn
8DHIJFHaFYDgZCMZ19Ek2yaB1t7DqOgiRMsz41oh7YFL0XO+9ATEt71BD7Xj
-----END CERTIFICATE-----
Generated at Sun May 19 14:00:34 2024 by rpki-client on console-fra.rpki-client.org