Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0HK39JWZpBWmQ6K0Op_bhqKiFfA.roa
File: 0HK39JWZpBWmQ6K0Op_bhqKiFfA.roa (raw, json)
Hash identifier: jdN8EsHIQ18piThYgx0IfBRt9o8qQvNgx0lBi10f960=
Subject key identifier: D0:72:B7:F4:95:99:A4:15:A6:43:A2:B4:3A:9F:DB:86:A2:A2:15:F0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019229A71689DBF4520FB1448F10A02BBC99
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0HK39JWZpBWmQ6K0Op_bhqKiFfA.roa
Signing time: Wed 25 Sep 2024 14:47:48 +0000
ROA not before: Wed 25 Sep 2024 14:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44547
IP address blocks: 45.149.242.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:a7:16:89:db:f4:52:0f:b1:44:8f:10:a0:2b:bc:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 25 14:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d072b7f49599a415a643a2b43a9fdb86a2a215f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:ce:46:02:45:f2:52:85:f4:1e:9b:ee:15:38:
8f:47:8d:b5:7d:b7:48:ca:b1:e1:ad:54:93:72:4f:
83:4a:52:57:dd:4e:b8:a0:d2:04:9e:4e:23:42:af:
12:48:e1:03:83:29:9a:4f:8b:4b:ef:2d:06:88:36:
68:e7:e9:d2:34:bf:33:4b:c6:90:52:69:3c:50:87:
c2:fe:ec:a5:ac:ff:de:c2:f5:59:b9:8b:f4:b0:3b:
1e:59:7d:a4:39:2e:0e:bd:2b:7a:22:45:d5:93:6a:
a5:20:22:62:fa:af:58:e9:87:f0:85:1a:56:d8:e6:
b9:86:d8:e4:dd:d1:d8:8f:0c:32:03:78:b4:76:8e:
c2:f7:7a:fc:0a:f6:47:c2:23:f4:80:16:16:fc:22:
42:ed:a3:8a:a0:52:f9:e0:d3:e2:8a:1a:f4:a4:64:
98:0f:6f:7d:9f:18:80:0d:04:35:67:33:97:8c:8b:
4a:84:b2:ca:e6:12:d2:e1:33:1d:d2:08:8a:93:7d:
a2:9a:be:1a:34:bc:f4:d1:f4:91:13:02:44:ae:73:
7e:d6:6e:d9:f1:eb:68:b7:30:86:2a:c8:e7:2b:79:
9b:a7:b8:cf:4d:b1:c3:a1:c4:32:23:07:15:55:bd:
1d:b3:1a:55:8e:b0:6e:a4:e6:00:83:64:74:5e:d1:
05:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:72:B7:F4:95:99:A4:15:A6:43:A2:B4:3A:9F:DB:86:A2:A2:15:F0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0HK39JWZpBWmQ6K0Op_bhqKiFfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.242.0/24
87.121.103.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:4a:f5:a1:f0:99:bb:04:24:d5:0a:1b:9e:0c:b5:ca:4b:51:
6a:53:ba:c3:98:49:4d:a3:3e:20:a0:07:f6:a6:7c:f5:2e:14:
b2:e2:09:eb:8a:a4:4a:5b:48:5a:3f:7a:4c:55:01:a3:83:0f:
e3:dc:7b:6b:40:00:97:ac:b5:db:df:05:aa:b9:9e:f4:c6:66:
0c:b9:a1:f3:be:a7:f5:b4:a6:18:f1:bf:ce:64:ad:af:18:e0:
59:a2:80:7e:12:ea:63:6a:07:9c:0c:ba:32:5d:14:54:c6:c7:
7a:73:10:21:81:4e:6d:03:9e:22:7b:83:33:7e:b5:31:65:48:
75:5b:9c:9b:73:9c:5a:72:90:db:69:d6:73:a9:3e:90:5f:c3:
ae:3c:58:6f:ba:ed:f7:59:39:12:2d:e3:73:b9:ff:a1:6f:4f:
70:bb:05:f4:21:fc:69:9b:f9:95:19:34:92:af:be:dc:98:da:
08:ce:dc:f7:eb:03:ab:a7:5b:6c:89:89:99:5f:68:46:9f:8c:
e9:04:d6:37:ce:48:f5:fd:28:07:96:cc:50:7b:d7:a4:07:89:
86:b4:0c:ae:e4:7b:d7:9b:12:e7:cc:0f:d8:cf:ed:ed:38:e7:
ce:67:97:44:9b:46:6e:8d:c7:3e:e4:52:e3:08:68:ba:c7:80:
49:03:0a:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIppxaJ2/RSD7FEjxCgK7yZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTI1MTQ0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDcyYjdmNDk1OTlhNDE1YTY0M2EyYjQzYTlmZGI4NmEyYTIxNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/M5GAkXyUoX0HpvuFTiPR421fbdI
yrHhrVSTck+DSlJX3U64oNIEnk4jQq8SSOEDgymaT4tL7y0GiDZo5+nSNL8zS8aQ
Umk8UIfC/uylrP/ewvVZuYv0sDseWX2kOS4OvSt6IkXVk2qlICJi+q9Y6YfwhRpW
2Oa5htjk3dHYjwwyA3i0do7C93r8CvZHwiP0gBYW/CJC7aOKoFL54NPiihr0pGSY
D299nxiADQQ1ZzOXjItKhLLK5hLS4TMd0giKk32imr4aNLz00fSREwJErnN+1m7Z
8etotzCGKsjnK3mbp7jPTbHDocQyIwcVVb0dsxpVjrBupOYAg2R0XtEF9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNByt/SVmaQVpkOitDqf24aiohXwMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMEhLMzlKV1pwQldtUTZLME9wX2JocUtpRmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZXyAwQA
V3lnMA0GCSqGSIb3DQEBCwUAA4IBAQBKSvWh8Jm7BCTVChueDLXKS1FqU7rDmElN
oz4goAf2pnz1LhSy4gnriqRKW0haP3pMVQGjgw/j3HtrQACXrLXb3wWquZ70xmYM
uaHzvqf1tKYY8b/OZK2vGOBZooB+EupjagecDLoyXRRUxsd6cxAhgU5tA54ie4Mz
frUxZUh1W5ybc5xacpDbadZzqT6QX8OuPFhvuu33WTkSLeNzuf+hb09wuwX0Ifxp
m/mVGTSSr77cmNoIztz36wOrp1tsiYmZX2hGn4zpBNY3zkj1/SgHlsxQe9ekB4mG
tAyu5HvXmxLnzA/Yz+3tOOfOZ5dEm0Zujcc+5FLjCGi6x4BJAwrd
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:05:55 2024 by rpki-client on console-fra.rpki-client.org