Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/Jod32hKY00G0R3Z5X16smGWcP7c.roa
File: Jod32hKY00G0R3Z5X16smGWcP7c.roa (raw, json)
Hash identifier: WqDUzWhQ0pxhJa2NkfEFJr1BRh5G0PlEVUnckBiwY1c=
Subject key identifier: 26:87:77:DA:12:98:D3:41:B4:47:76:79:5F:5E:AC:98:65:9C:3F:B7
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 01931AC184A4704492968FD4168E72B03829
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/Jod32hKY00G0R3Z5X16smGWcP7c.roa
Signing time: Mon 11 Nov 2024 10:25:09 +0000
ROA not before: Mon 11 Nov 2024 10:25:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204958
IP address blocks: 45.156.113.0/24 maxlen: 24
152.89.168.0/24 maxlen: 24
152.89.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:c1:84:a4:70:44:92:96:8f:d4:16:8e:72:b0:38:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Nov 11 10:25:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=268777da1298d341b44776795f5eac98659c3fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:27:8a:4e:39:53:a8:16:2f:20:ba:74:50:a6:
ab:be:d8:2f:ea:2c:3d:e5:12:d2:07:b9:f5:93:20:
35:7c:36:80:3a:eb:d2:8e:af:08:80:99:ee:42:da:
7b:a5:94:83:bf:f7:d4:40:2a:6f:15:ab:fe:8d:f9:
8e:93:bc:0b:23:77:ed:42:d9:16:3d:e0:db:05:6a:
74:f6:40:f7:0c:48:21:36:f1:0e:12:8f:d4:69:2d:
d6:e1:d6:9d:ff:be:74:7c:3a:a7:a7:1f:81:e8:db:
41:8b:09:fe:5b:88:9c:bc:a1:64:32:64:4c:04:08:
7e:b1:2a:41:0e:34:f7:e9:78:75:e4:3c:07:89:aa:
13:87:92:c0:3a:d9:a9:d6:df:ba:93:35:5b:cb:77:
6d:b4:87:b7:0f:f7:05:35:8d:3b:b0:45:20:0a:9b:
00:8b:3d:6c:a2:9d:96:57:e7:b6:71:84:3c:64:d3:
cf:24:6c:bb:b2:04:c0:66:30:90:15:85:88:dd:7f:
42:e5:0a:cc:c0:e3:03:c9:41:d1:8f:98:41:7f:de:
4e:e3:16:ae:a0:dc:72:52:9a:25:90:01:41:95:ac:
98:40:e3:98:60:ee:3b:03:36:c1:df:52:74:6a:f3:
36:85:2d:a4:87:01:fe:e0:5e:b2:51:14:c9:c9:7e:
bd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:87:77:DA:12:98:D3:41:B4:47:76:79:5F:5E:AC:98:65:9C:3F:B7
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/Jod32hKY00G0R3Z5X16smGWcP7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.113.0/24
152.89.168.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:46:8c:34:24:57:f0:26:68:70:ee:f0:85:6f:ed:32:aa:65:
46:0e:97:44:56:10:27:9c:b8:f0:bf:47:ba:0f:9d:06:9b:01:
29:fa:7c:eb:d7:27:5b:00:68:73:f6:3f:ed:8d:cd:19:a2:72:
86:c4:7a:89:9b:cc:9f:78:0e:f1:42:04:58:d4:06:66:b6:16:
f9:eb:75:db:ba:df:ca:64:2d:bc:b3:ee:6b:43:40:b3:19:13:
b4:22:6e:aa:71:70:2e:e9:57:14:3e:fe:a9:24:0f:b5:66:54:
10:d3:97:fe:4d:8d:6d:aa:64:1b:53:40:18:8a:9a:75:90:8a:
b8:44:0a:14:91:8c:40:97:1f:7b:5d:e3:63:ea:46:1f:0c:91:
9b:cf:ad:4f:16:37:c9:95:51:e3:9e:dc:d2:c1:73:f7:a2:36:
27:94:bc:4e:11:a5:9d:89:b0:67:92:09:b5:ab:61:01:b5:8c:
25:53:8d:74:e3:ee:f5:42:99:65:96:85:f2:a5:17:b1:2b:e5:
73:25:cd:48:1b:6b:35:d2:5d:4e:f8:1a:6f:44:ad:58:11:05:
3d:fb:f4:63:aa:7f:d6:98:a3:87:c5:89:0d:58:94:c9:26:92:
17:9b:e1:d7:96:2d:4d:08:6e:ea:92:63:12:e5:b4:a9:f3:a4:
2e:b0:2a:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMawYSkcESSlo/UFo5ysDgpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQxMTExMTAyNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjg3NzdkYTEyOThkMzQxYjQ0Nzc2Nzk1ZjVlYWM5ODY1OWMzZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiieKTjlTqBYvILp0UKarvtgv6iw9
5RLSB7n1kyA1fDaAOuvSjq8IgJnuQtp7pZSDv/fUQCpvFav+jfmOk7wLI3ftQtkW
PeDbBWp09kD3DEghNvEOEo/UaS3W4dad/750fDqnpx+B6NtBiwn+W4icvKFkMmRM
BAh+sSpBDjT36Xh15DwHiaoTh5LAOtmp1t+6kzVby3dttIe3D/cFNY07sEUgCpsA
iz1sop2WV+e2cYQ8ZNPPJGy7sgTAZjCQFYWI3X9C5QrMwOMDyUHRj5hBf95O4xau
oNxyUpolkAFBlayYQOOYYO47AzbB31J0avM2hS2khwH+4F6yURTJyX69YQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCaHd9oSmNNBtEd2eV9erJhlnD+3MB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvSm9kMzJoS1kwMEcwUjNaNVgxNnNtR1djUDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZxxAwQB
mFmoMA0GCSqGSIb3DQEBCwUAA4IBAQCaRow0JFfwJmhw7vCFb+0yqmVGDpdEVhAn
nLjwv0e6D50GmwEp+nzr1ydbAGhz9j/tjc0ZonKGxHqJm8yfeA7xQgRY1AZmthb5
63Xbut/KZC28s+5rQ0CzGRO0Im6qcXAu6VcUPv6pJA+1ZlQQ05f+TY1tqmQbU0AY
ipp1kIq4RAoUkYxAlx97XeNj6kYfDJGbz61PFjfJlVHjntzSwXP3ojYnlLxOEaWd
ibBnkgm1q2EBtYwlU4104+71QpllloXypRexK+VzJc1IG2s10l1O+BpvRK1YEQU9
+/Rjqn/WmKOHxYkNWJTJJpIXm+HXli1NCG7qkmMS5bSp86QusCrn
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:58:38 2024 by rpki-client on console-ams.rpki-client.org