Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/PJNIUQIKrumIJs8hoDVlDPA_Dqg.roa
File: PJNIUQIKrumIJs8hoDVlDPA_Dqg.roa (raw, json)
Hash identifier: WlDHCt+y+75Z9RkhjzZ/WlJhSYz+RkTOCEObBp0h+mY=
Subject key identifier: 3C:93:48:51:02:0A:AE:E9:88:26:CF:21:A0:35:65:0C:F0:3F:0E:A8
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018EA8B2DB00BC1BD78ACB7262E718FAB4CB
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/PJNIUQIKrumIJs8hoDVlDPA_Dqg.roa
Signing time: Thu 04 Apr 2024 10:41:17 +0000
ROA not before: Thu 04 Apr 2024 10:41:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 45.82.14.0/24 maxlen: 24
45.82.15.0/24 maxlen: 24
45.91.67.0/24 maxlen: 24
91.200.148.0/24 maxlen: 24
91.200.150.0/24 maxlen: 24
91.200.151.0/24 maxlen: 24
194.187.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:b2:db:00:bc:1b:d7:8a:cb:72:62:e7:18:fa:b4:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Apr 4 10:41:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c934851020aaee98826cf21a035650cf03f0ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:56:42:40:5d:76:db:24:81:6c:44:03:87:46:
b4:96:ed:22:c8:06:de:8d:4c:28:3b:6d:d8:4b:09:
5d:28:be:ab:ff:ce:94:07:ce:69:dd:68:2a:41:26:
b8:d5:33:54:4f:8f:9a:be:cd:80:f3:96:1f:68:fb:
8b:28:c4:20:48:a1:f5:b8:f5:8b:ea:a6:f4:88:a9:
02:b1:86:d3:7a:9b:6e:98:4a:d9:15:08:9a:71:65:
fc:f7:c1:80:e8:65:b3:c7:a5:5b:42:d3:aa:85:0d:
0a:67:c8:42:17:fd:2d:4f:40:85:8a:fd:dd:d6:e0:
fb:2b:1d:e0:ad:0e:de:87:b5:46:7f:4d:49:a0:84:
39:81:f9:34:5d:7b:08:18:e0:72:0e:9b:c5:2a:07:
a1:94:37:e6:7c:2d:30:93:c3:9d:a2:b7:f3:5a:b8:
5d:18:50:55:90:e8:2d:96:81:5a:b5:3c:84:81:3b:
45:e1:0e:10:b2:9c:cc:a1:e7:28:2f:2f:c9:48:6e:
c0:f9:a3:83:87:4e:61:09:f8:d3:d1:40:26:4a:e4:
de:56:8c:21:dd:70:d3:3e:79:be:36:0e:c8:99:d8:
8f:02:0b:b9:b8:31:b3:51:d1:46:0f:3f:de:a6:3d:
fa:19:29:a1:ee:0d:c1:cb:47:2b:96:f0:e9:65:87:
49:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:93:48:51:02:0A:AE:E9:88:26:CF:21:A0:35:65:0C:F0:3F:0E:A8
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/PJNIUQIKrumIJs8hoDVlDPA_Dqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
45.91.67.0/24
91.200.148.0/24
91.200.150.0/23
194.187.122.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:34:5b:da:41:0e:b4:7c:df:44:f1:11:a8:91:f6:2d:15:20:
8d:d1:51:e6:9e:9f:47:30:eb:66:41:48:df:a8:15:6c:0f:ea:
63:d1:7f:23:76:6b:64:91:36:96:d7:8f:01:46:ae:8e:2e:20:
89:fe:13:7c:7d:5b:f5:4a:5f:bf:e1:0c:32:7b:37:2d:e1:7c:
46:c3:d0:b4:41:30:a3:07:98:b1:c6:68:54:24:85:66:b2:ed:
af:03:63:ca:7d:45:fa:63:a5:b4:1b:99:c7:8f:e1:49:26:c7:
c6:ed:9f:98:7a:d2:99:e0:d3:d4:8d:ba:db:e1:41:19:f8:48:
99:5f:48:2e:57:1a:ed:55:44:e5:ce:84:bb:86:f7:37:80:9b:
23:96:0a:fb:eb:30:71:4d:4a:c6:e9:7e:1c:6c:13:5d:e0:58:
fe:20:e5:70:70:62:25:2b:bb:66:28:60:63:61:12:65:d3:69:
f6:a1:34:db:7c:bf:a4:7b:33:ed:37:30:7a:9a:9e:1c:b1:12:
37:de:07:95:8e:be:a4:6f:7d:9b:31:30:1e:dc:88:b9:0b:99:
25:6c:8d:60:27:15:3a:36:7d:ac:b8:45:38:1b:d1:ea:a0:59:
ab:89:a6:e0:8b:b2:3b:8e:42:08:e4:32:b7:ed:ef:eb:ba:3e:
a7:46:2c:64
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6ostsAvBvXistyYucY+rTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjQwNDA0MTA0MTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzkzNDg1MTAyMGFhZWU5ODgyNmNmMjFhMDM1NjUwY2YwM2YwZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFZCQF122ySBbEQDh0a0lu0iyAbe
jUwoO23YSwldKL6r/86UB85p3WgqQSa41TNUT4+avs2A85YfaPuLKMQgSKH1uPWL
6qb0iKkCsYbTeptumErZFQiacWX898GA6GWzx6VbQtOqhQ0KZ8hCF/0tT0CFiv3d
1uD7Kx3grQ7eh7VGf01JoIQ5gfk0XXsIGOByDpvFKgehlDfmfC0wk8OdorfzWrhd
GFBVkOgtloFatTyEgTtF4Q4QspzMoecoLy/JSG7A+aODh05hCfjT0UAmSuTeVowh
3XDTPnm+Ng7ImdiPAgu5uDGzUdFGDz/epj36GSmh7g3By0crlvDpZYdJwQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDyTSFECCq7piCbPIaA1ZQzwPw6oMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvUEpOSVVRSUtydW1JSnM4aG9EVmxEUEFfRHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLVIOAwQA
LVtDAwQAW8iUAwQBW8iWAwQAwrt6MA0GCSqGSIb3DQEBCwUAA4IBAQAKNFvaQQ60
fN9E8RGokfYtFSCN0VHmnp9HMOtmQUjfqBVsD+pj0X8jdmtkkTaW148BRq6OLiCJ
/hN8fVv1Sl+/4Qwyezct4XxGw9C0QTCjB5ixxmhUJIVmsu2vA2PKfUX6Y6W0G5nH
j+FJJsfG7Z+YetKZ4NPUjbrb4UEZ+EiZX0guVxrtVUTlzoS7hvc3gJsjlgr76zBx
TUrG6X4cbBNd4Fj+IOVwcGIlK7tmKGBjYRJl02n2oTTbfL+kezPtNzB6mp4csRI3
3geVjr6kb32bMTAe3Ii5C5klbI1gJxU6Nn2suEU4G9HqoFmriabgi7I7jkII5DK3
7e/ruj6nRixk
-----END CERTIFICATE-----
Generated at Sat May 11 22:45:06 2024 by rpki-client on console-ams.rpki-client.org