Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/I4Y4phDIPhq969RWWogpT6wlRQo.roa
File: I4Y4phDIPhq969RWWogpT6wlRQo.roa (raw, json)
Hash identifier: kJQcpl+yjke5r4eTDg90cyWgUImEifbWnrJhl+KYMF4=
Subject key identifier: 23:86:38:A6:10:C8:3E:1A:BD:EB:D4:56:5A:88:29:4F:AC:25:45:0A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA20286F0224A1C16D050332E2281
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/I4Y4phDIPhq969RWWogpT6wlRQo.roa
Signing time: Tue 02 Jan 2024 04:30:08 +0000
ROA not before: Tue 02 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9335
IP address blocks: 45.144.164.0/22 maxlen: 24
45.91.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a2:02:86:f0:22:4a:1c:16:d0:50:33:2e:22:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=238638a610c83e1abdebd4565a88294fac25450a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1b:70:c1:6a:24:57:c7:28:57:4a:9c:7b:5c:
bd:f3:dc:b5:8a:b5:e6:4d:03:57:3e:09:a0:e9:5c:
e2:19:b6:9b:d7:ba:22:a7:c5:d3:c6:aa:f6:24:18:
3b:18:6d:71:f3:8d:e8:30:0a:45:89:68:09:c4:55:
e2:1c:11:06:74:5c:ab:43:c8:42:c0:89:a7:fd:ce:
51:5b:21:0c:02:6b:62:f2:53:a3:cd:d1:f2:a0:10:
76:cd:1f:cf:eb:53:f7:20:92:17:c4:df:7d:fd:39:
fa:5e:61:02:01:bf:e5:8b:ef:29:fd:9c:24:5c:a6:
61:a0:ce:b6:73:48:90:8b:74:89:b6:32:e1:3b:7c:
99:78:8d:a9:5b:f4:c5:74:9d:21:b4:71:91:4c:e0:
26:dc:98:03:7e:e7:7d:a4:b5:d0:01:94:5d:3a:73:
49:77:ee:59:1f:b7:bb:f1:e3:e6:24:36:d6:89:77:
0d:39:33:36:a1:78:03:0e:94:59:0b:2e:8c:b9:4b:
a8:b2:dc:c2:41:a4:2e:f0:92:7d:5e:1b:09:e9:cf:
cc:aa:de:76:ef:ad:d4:c5:39:cb:fd:ea:e8:a3:7e:
a0:df:9d:1f:d7:04:c2:32:d3:c6:20:7e:17:88:05:
ce:05:b6:d5:f8:7c:3b:c7:7d:2d:b9:46:f1:e3:e6:
56:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:86:38:A6:10:C8:3E:1A:BD:EB:D4:56:5A:88:29:4F:AC:25:45:0A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/I4Y4phDIPhq969RWWogpT6wlRQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.132.0/24
45.144.164.0/22
Signature Algorithm: sha256WithRSAEncryption
86:7f:07:cc:9e:39:14:11:18:a2:99:30:6c:6a:76:a0:8c:6d:
ec:34:54:53:0a:a0:70:eb:cd:e3:57:7d:22:93:40:08:84:0f:
f0:0d:5f:31:2d:1f:18:98:fc:ff:00:04:10:60:45:28:2b:1f:
15:29:30:20:6b:fd:7d:25:b1:3f:b1:ae:d8:a0:e5:d7:80:af:
ad:89:43:c8:19:3b:80:e7:97:d3:bd:76:3d:3b:5f:83:36:0b:
18:73:60:cf:8f:6e:c3:9c:e0:82:6d:5b:3f:e5:16:32:11:22:
bc:31:b8:70:a8:1b:22:46:95:ca:1f:ee:65:8a:a5:20:39:e2:
1d:ae:67:e1:7d:e9:a6:0b:ab:0a:50:c9:cf:d7:30:be:82:4f:
05:0b:17:95:41:fc:dd:19:5a:6f:44:80:b6:70:64:7f:e1:a0:
3e:cb:9e:e0:ba:a4:65:b2:a5:e1:1e:39:f5:7f:26:91:d1:d7:
f3:3e:56:a7:59:de:fa:73:4b:02:31:4e:7e:bb:98:5c:bb:a3:
97:86:77:96:af:8c:e5:01:f9:32:31:54:ea:b3:f9:ee:0e:1c:
37:79:e9:5c:0e:fb:1e:1d:53:3b:d7:e1:c6:06:8f:fb:22:37:
bb:15:f2:d1:18:c7:86:9b:24:2b:9c:f1:bb:ba:4d:8d:59:d1:
0e:83:ce:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb6IChvAiShwW0FAzLiKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzg2MzhhNjEwYzgzZTFhYmRlYmQ0NTY1YTg4Mjk0ZmFjMjU0NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghtwwWokV8coV0qce1y989y1irXm
TQNXPgmg6VziGbab17oip8XTxqr2JBg7GG1x843oMApFiWgJxFXiHBEGdFyrQ8hC
wImn/c5RWyEMAmti8lOjzdHyoBB2zR/P61P3IJIXxN99/Tn6XmECAb/li+8p/Zwk
XKZhoM62c0iQi3SJtjLhO3yZeI2pW/TFdJ0htHGRTOAm3JgDfud9pLXQAZRdOnNJ
d+5ZH7e78ePmJDbWiXcNOTM2oXgDDpRZCy6MuUuostzCQaQu8JJ9XhsJ6c/Mqt52
763UxTnL/eroo36g350f1wTCMtPGIH4XiAXOBbbV+Hw7x30tuUbx4+ZWvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCOGOKYQyD4avevUVlqIKU+sJUUKMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvSTRZNHBoRElQaHE5NjlSV1dvZ3BUNndsUlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVuEAwQC
LZCkMA0GCSqGSIb3DQEBCwUAA4IBAQCGfwfMnjkUERiimTBsanagjG3sNFRTCqBw
683jV30ik0AIhA/wDV8xLR8YmPz/AAQQYEUoKx8VKTAga/19JbE/sa7YoOXXgK+t
iUPIGTuA55fTvXY9O1+DNgsYc2DPj27DnOCCbVs/5RYyESK8MbhwqBsiRpXKH+5l
iqUgOeIdrmfhfemmC6sKUMnP1zC+gk8FCxeVQfzdGVpvRIC2cGR/4aA+y57guqRl
sqXhHjn1fyaR0dfzPlanWd76c0sCMU5+u5hcu6OXhneWr4zlAfkyMVTqs/nuDhw3
eelcDvseHVM71+HGBo/7Ije7FfLRGMeGmyQrnPG7uk2NWdEOg87A
-----END CERTIFICATE-----
Generated at Fri May 17 07:38:34 2024 by rpki-client on console-ams.rpki-client.org