Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jCCnj-qGryV4PB4AIb-4_O1u894.roa
File: jCCnj-qGryV4PB4AIb-4_O1u894.roa (raw, json)
Hash identifier: LbNVTsJcb1jUJ6/lUogza48lmnlM6CJn/CWqa/sPM/w=
Subject key identifier: 8C:20:A7:8F:EA:86:AF:25:78:3C:1E:00:21:BF:B8:FC:ED:6E:F3:DE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E79ED1B66B8898B92D91227A01A2A898C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jCCnj-qGryV4PB4AIb-4_O1u894.roa
Signing time: Tue 26 Mar 2024 08:42:45 +0000
ROA not before: Tue 26 Mar 2024 08:42:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215998
IP address blocks: 45.84.89.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:ed:1b:66:b8:89:8b:92:d9:12:27:a0:1a:2a:89:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 26 08:42:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c20a78fea86af25783c1e0021bfb8fced6ef3de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:af:d2:ac:db:ee:83:5a:c8:ad:d6:f2:58:8c:
be:fb:f5:2d:f2:ae:13:14:bd:a1:3b:10:28:2c:65:
1f:ae:84:cd:bb:75:cb:e0:ab:44:2e:7e:46:4c:9d:
a0:ff:bd:f6:da:52:94:cc:e2:72:33:8e:50:6b:b6:
16:0e:85:a9:84:a6:9b:c0:18:7b:86:eb:1c:41:60:
6b:1c:7c:a3:62:f1:51:d3:b1:7f:ec:3e:22:c8:6a:
bc:ad:60:d4:a7:47:81:fe:b4:ff:ba:d2:34:c7:91:
80:f1:aa:85:3b:3e:ad:1e:26:f8:d3:31:c3:4f:68:
33:53:17:bb:25:16:a3:17:65:16:a8:fb:0e:50:76:
3a:82:de:52:0d:d0:16:ce:53:6e:bd:3f:e3:96:66:
d4:3b:29:64:dc:c9:ff:26:ed:36:89:c4:a4:c7:7e:
b1:e7:07:a5:b1:48:c8:04:bc:05:34:ab:82:d3:90:
75:1c:b5:70:43:41:5f:68:de:86:12:6e:c0:6e:c5:
e1:f0:77:6b:d8:b0:3d:9c:a1:16:06:ce:a2:f2:b1:
d7:4c:56:fc:4a:ac:34:a6:6a:b4:d4:58:11:05:d4:
8e:0e:2f:f6:86:dd:f4:7b:34:7e:e3:e0:4c:32:59:
2c:41:19:c3:3e:53:f2:26:5f:e4:f5:f4:fb:b1:02:
00:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:20:A7:8F:EA:86:AF:25:78:3C:1E:00:21:BF:B8:FC:ED:6E:F3:DE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jCCnj-qGryV4PB4AIb-4_O1u894.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.89.0/24
194.169.172.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:72:56:77:4a:6c:08:d9:27:da:5f:ea:60:80:28:49:12:e5:
52:7f:8d:2b:be:7f:3c:f6:ae:3f:06:a3:5b:96:de:41:aa:aa:
45:61:a7:7d:37:67:8b:d6:2c:9a:ee:a1:1e:d0:b9:f7:dc:c5:
b4:15:ef:a1:b6:69:ae:02:c3:49:02:e7:f9:4c:f3:57:19:c2:
d7:9d:e4:bd:fd:f1:c5:82:83:2b:0d:65:6b:f4:cc:11:50:42:
0a:60:a8:8a:30:ef:51:0f:84:83:5a:5f:3c:c2:d8:fe:8c:64:
3d:2e:8b:ad:56:e5:52:a2:f4:d7:be:1f:e3:06:05:99:f3:63:
98:40:65:19:b2:27:1f:02:78:ff:ad:09:57:f5:8f:b8:f9:c7:
0c:b3:1f:30:ba:36:e3:06:7e:98:ae:29:52:79:b6:42:a4:32:
75:90:80:a1:b0:39:04:7c:e9:bd:2d:f7:d7:31:98:52:fc:e8:
6a:80:02:18:fd:8e:9e:de:22:e3:f2:77:96:c6:06:8c:b5:bd:
32:2c:85:be:18:7c:28:69:62:fd:a0:ce:a6:54:93:fc:91:a1:
7e:cb:92:16:26:a2:82:16:58:6c:28:1a:04:e5:14:ad:d4:c4:
0d:f4:68:38:71:fc:c5:a2:42:b8:0d:f6:87:3a:4d:78:16:79:
0d:5d:f9:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY557RtmuImLktkSJ6AaKomMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzI2MDg0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzIwYTc4ZmVhODZhZjI1NzgzYzFlMDAyMWJmYjhmY2VkNmVmM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5a/SrNvug1rIrdbyWIy++/Ut8q4T
FL2hOxAoLGUfroTNu3XL4KtELn5GTJ2g/7322lKUzOJyM45Qa7YWDoWphKabwBh7
huscQWBrHHyjYvFR07F/7D4iyGq8rWDUp0eB/rT/utI0x5GA8aqFOz6tHib40zHD
T2gzUxe7JRajF2UWqPsOUHY6gt5SDdAWzlNuvT/jlmbUOylk3Mn/Ju02icSkx36x
5welsUjIBLwFNKuC05B1HLVwQ0FfaN6GEm7AbsXh8Hdr2LA9nKEWBs6i8rHXTFb8
Sqw0pmq01FgRBdSODi/2ht30ezR+4+BMMlksQRnDPlPyJl/k9fT7sQIAgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIwgp4/qhq8leDweACG/uPztbvPeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvakNDbmotcUdyeVY0UEI0QUliLTRfTzF1ODk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVRZAwQA
wqmsMA0GCSqGSIb3DQEBCwUAA4IBAQCsclZ3SmwI2SfaX+pggChJEuVSf40rvn88
9q4/BqNblt5BqqpFYad9N2eL1iya7qEe0Ln33MW0Fe+htmmuAsNJAuf5TPNXGcLX
neS9/fHFgoMrDWVr9MwRUEIKYKiKMO9RD4SDWl88wtj+jGQ9LoutVuVSovTXvh/j
BgWZ82OYQGUZsicfAnj/rQlX9Y+4+ccMsx8wujbjBn6YrilSebZCpDJ1kIChsDkE
fOm9LffXMZhS/OhqgAIY/Y6e3iLj8neWxgaMtb0yLIW+GHwoaWL9oM6mVJP8kaF+
y5IWJqKCFlhsKBoE5RSt1MQN9Gg4cfzFokK4DfaHOk14FnkNXfkM
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:28:45 2024 by rpki-client on console-ams.rpki-client.org