Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/siqb94aykLJfX1gKynIqBWfHJts.roa
File: siqb94aykLJfX1gKynIqBWfHJts.roa (raw, json)
Hash identifier: OrvHN/sVMFpWrXOW8MT0gEflMPMEOSL4r5B535UYyJs=
Subject key identifier: B2:2A:9B:F7:86:B2:90:B2:5F:5F:58:0A:CA:72:2A:05:67:C7:26:DB
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B682DF3F6E52A069BC5BC12F71368
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/siqb94aykLJfX1gKynIqBWfHJts.roa
Signing time: Tue 02 Jan 2024 12:34:51 +0000
ROA not before: Tue 02 Jan 2024 12:34:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212396
IP address blocks: 45.85.194.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:68:2d:f3:f6:e5:2a:06:9b:c5:bc:12:f7:13:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b22a9bf786b290b25f5f580aca722a0567c726db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7d:01:bb:b0:29:fc:18:78:61:13:11:f9:98:
41:3e:dc:03:f0:f2:c9:7e:79:ad:5c:c0:88:a6:97:
2b:10:1b:5f:12:a3:d7:3d:0d:50:12:2e:3a:03:c6:
59:c7:b7:a9:2e:66:da:a9:c9:70:2a:b8:98:e4:cc:
3f:b5:5a:24:c5:ff:2a:a9:74:d4:56:e3:13:ea:df:
80:a7:4b:b0:19:80:e1:46:71:b1:be:d1:1f:07:c5:
2a:e5:3c:20:e8:de:4c:70:5f:c5:23:6b:fa:0f:fb:
8a:ef:ad:f9:dc:1b:2f:f3:e9:3e:ec:88:5a:db:20:
8c:ac:da:fb:ac:03:73:b1:fe:19:75:1e:6d:69:e9:
be:cf:53:61:ed:9d:ef:1c:42:cd:d4:24:95:db:6c:
fe:d2:bd:c4:7e:6a:6f:25:02:21:70:e9:1c:24:19:
f6:86:fc:6f:4c:1c:4b:35:7c:8b:7d:6b:20:27:2c:
d4:f2:a2:a8:91:42:a2:8e:16:69:28:15:3b:a2:d9:
79:aa:b9:69:b0:54:9e:b9:7d:1d:e5:f9:78:a3:1c:
4e:4c:09:6d:5f:2d:f5:23:ba:a9:d2:3f:96:0b:94:
81:4c:bb:e1:f8:50:97:74:f1:6e:47:3b:ae:e2:26:
fe:f8:0d:72:65:98:83:f9:73:b7:f9:ef:a2:a9:38:
68:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2A:9B:F7:86:B2:90:B2:5F:5F:58:0A:CA:72:2A:05:67:C7:26:DB
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/siqb94aykLJfX1gKynIqBWfHJts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.194.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:57:5a:64:41:d7:94:94:af:fe:88:d4:92:71:9a:15:3f:41:
22:78:15:35:4b:09:63:98:79:48:0f:a3:37:b2:62:f4:50:ec:
bd:b4:f7:93:bf:d3:8a:a1:11:c7:d6:90:4e:01:7e:81:5f:e2:
97:18:f7:a5:2b:3a:cb:bd:06:eb:f5:2f:d4:d6:6a:2b:94:8d:
f3:bc:ac:09:86:77:f4:e0:a0:82:4c:70:58:2b:f0:75:d5:0a:
cf:bd:91:0c:9d:93:6c:11:23:05:6d:68:4a:91:c8:bb:93:d6:
37:6c:6b:29:ac:2d:5e:ff:40:98:2b:ee:dd:25:7e:af:af:04:
0f:3e:28:ab:e9:cf:32:58:ef:71:34:5d:a7:38:4a:a2:20:aa:
13:ac:b8:4f:1d:fa:6c:fe:88:9b:88:7e:4a:1a:23:8c:5c:6d:
da:93:8a:a6:9b:2a:9e:a4:81:1c:be:00:fc:df:bc:d8:63:97:
2c:97:a1:53:5e:92:b9:64:84:3b:05:a4:cd:3f:fd:d7:68:6d:
eb:7b:c2:1b:de:cb:7a:1b:fd:48:0d:20:b1:d5:05:3d:ab:34:
4e:1e:5e:21:5f:28:2c:8c:88:87:f7:c4:f2:ba:37:0a:89:2f:
96:90:74:30:01:31:47:4f:c7:3d:f4:cc:fa:e0:ee:51:b4:e1:
f6:d9:3c:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK2gt8/blKgabxbwS9xNoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjJhOWJmNzg2YjI5MGIyNWY1ZjU4MGFjYTcyMmEwNTY3YzcyNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX0Bu7Ap/Bh4YRMR+ZhBPtwD8PLJ
fnmtXMCIppcrEBtfEqPXPQ1QEi46A8ZZx7epLmbaqclwKriY5Mw/tVokxf8qqXTU
VuMT6t+Ap0uwGYDhRnGxvtEfB8Uq5Twg6N5McF/FI2v6D/uK76353Bsv8+k+7Iha
2yCMrNr7rANzsf4ZdR5taem+z1Nh7Z3vHELN1CSV22z+0r3EfmpvJQIhcOkcJBn2
hvxvTBxLNXyLfWsgJyzU8qKokUKijhZpKBU7otl5qrlpsFSeuX0d5fl4oxxOTAlt
Xy31I7qp0j+WC5SBTLvh+FCXdPFuRzuu4ib++A1yZZiD+XO3+e+iqThomwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIqm/eGspCyX19YCspyKgVnxybbMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvc2lxYjk0YXlrTEpmWDFnS3luSXFCV2ZISnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVXCMA0G
CSqGSIb3DQEBCwUAA4IBAQCfV1pkQdeUlK/+iNSScZoVP0EieBU1SwljmHlID6M3
smL0UOy9tPeTv9OKoRHH1pBOAX6BX+KXGPelKzrLvQbr9S/U1morlI3zvKwJhnf0
4KCCTHBYK/B11QrPvZEMnZNsESMFbWhKkci7k9Y3bGsprC1e/0CYK+7dJX6vrwQP
Piir6c8yWO9xNF2nOEqiIKoTrLhPHfps/oibiH5KGiOMXG3ak4qmmyqepIEcvgD8
37zYY5csl6FTXpK5ZIQ7BaTNP/3XaG3re8Ib3st6G/1IDSCx1QU9qzROHl4hXygs
jIiH98TyujcKiS+WkHQwATFHT8c99Mz64O5RtOH22TxD
-----END CERTIFICATE-----
Generated at Thu May 2 15:59:21 2024 by rpki-client on console-ams.rpki-client.org