Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/o3vU9mR-5ZVT3UJTw_odD4nSGD8.roa
File: o3vU9mR-5ZVT3UJTw_odD4nSGD8.roa (raw, json)
Hash identifier: /rnltCM4Daqd7aWSdIcD36X+DpNxfEoBA5hbDYshIH0=
Subject key identifier: A3:7B:D4:F6:64:7E:E5:95:53:DD:42:53:C3:FA:1D:0F:89:D2:18:3F
Certificate issuer: /CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Certificate serial: 01926FE0BB9DF2DC30BB1695358FCE6C60DE
Authority key identifier: B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/o3vU9mR-5ZVT3UJTw_odD4nSGD8.roa
Signing time: Wed 09 Oct 2024 06:04:12 +0000
ROA not before: Wed 09 Oct 2024 06:04:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204457
IP address blocks: 45.94.5.0/24 maxlen: 24
45.94.7.0/24 maxlen: 24
45.156.29.0/24 maxlen: 24
45.156.30.0/24 maxlen: 24
45.156.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6f:e0:bb:9d:f2:dc:30:bb:16:95:35:8f:ce:6c:60:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Validity
Not Before: Oct 9 06:04:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a37bd4f6647ee59553dd4253c3fa1d0f89d2183f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:ac:b5:b5:7e:2e:e9:18:9d:47:f2:97:f3:0b:
bc:af:ce:b0:56:c5:b5:8b:8a:9b:db:49:f3:50:75:
fe:0a:f8:df:b6:d8:8c:cd:db:ce:57:59:be:3e:44:
c4:94:6a:b3:e6:06:17:9b:54:2f:56:2f:57:fe:2e:
9e:59:e0:40:3e:1d:0c:2a:23:bd:19:3b:fb:0a:5b:
3b:53:d7:ff:47:c5:33:46:9a:74:c6:a5:30:20:4b:
50:7c:40:f0:f0:e8:31:f8:26:89:b8:80:06:a8:17:
87:0f:66:83:7c:34:04:00:8e:75:26:2a:e8:67:ad:
77:e3:78:9b:e0:9a:8d:23:61:93:f8:cf:e6:bc:c8:
93:47:73:8b:2a:69:d0:2f:52:a0:ca:c2:d0:a4:22:
49:b2:c1:bf:cf:7f:91:55:50:3e:37:f0:f7:eb:c2:
ac:5d:c4:03:be:a1:cb:8c:84:88:86:90:de:e6:51:
50:e9:62:4c:33:5d:b6:30:2c:3b:f4:fd:4d:51:19:
7a:16:4c:43:3a:3a:a8:65:7e:ca:2f:89:5b:bf:7f:
c4:c2:60:2b:75:c2:b2:81:3f:d4:c4:14:b2:7e:34:
0e:4a:8e:74:50:05:f7:56:37:4c:ad:24:22:f1:53:
ff:68:a6:a7:0f:6d:35:bb:4a:bf:b8:b5:af:dc:ed:
fc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:7B:D4:F6:64:7E:E5:95:53:DD:42:53:C3:FA:1D:0F:89:D2:18:3F
X509v3 Authority Key Identifier:
keyid:B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/o3vU9mR-5ZVT3UJTw_odD4nSGD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.5.0/24
45.94.7.0/24
45.156.29.0-45.156.31.255
Signature Algorithm: sha256WithRSAEncryption
3a:9a:5f:be:ab:1c:e4:b7:ca:8e:8e:3f:9b:c9:bc:c0:ca:3b:
4c:2f:76:4e:b8:e1:5e:f2:5e:31:59:7f:b0:42:7a:7e:e4:7e:
c0:f8:76:33:73:c3:52:83:0d:39:3f:0e:b4:a5:29:73:3c:d8:
91:a6:c4:af:8c:1e:81:27:9d:01:8e:af:ce:0d:0d:14:27:c5:
b0:7e:2f:0a:84:5a:51:4c:a1:3f:96:10:f8:52:c1:92:16:5e:
b9:03:dd:55:bc:f4:7a:7a:8c:df:da:2b:54:fb:ef:51:f4:f5:
0b:29:f8:e6:ad:5f:41:aa:6f:d0:36:c9:bc:3e:16:fb:41:b1:
55:03:e5:ea:1e:6f:c1:54:16:74:26:c9:3a:50:12:8c:07:cd:
e7:e1:56:23:8e:25:c1:a1:07:7d:ea:5d:3e:6c:43:84:a4:89:
26:45:08:3a:60:b6:4b:cb:7e:a8:a2:da:4d:5c:08:07:69:1c:
0f:2b:83:63:6b:2a:ac:16:5f:90:f1:fb:fb:b7:34:1f:e4:f6:
81:df:f0:c1:6b:aa:6b:2b:1f:e3:f9:c6:cc:51:7b:5c:df:03:
9b:09:a1:a3:77:79:4e:03:fc:19:30:62:eb:44:93:bf:43:8c:
0e:c6:9d:9e:b2:2c:7d:1f:c9:a6:48:d0:63:c9:ea:a8:32:08:
6a:0d:b2:ff
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZJv4Lud8twwuxaVNY/ObGDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYzBiZGFmYWRlYTc4ZGNlMzEyZjg2MmRkZjQyYjFiZDRj
NGY2NDUwHhcNMjQxMDA5MDYwNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzdiZDRmNjY0N2VlNTk1NTNkZDQyNTNjM2ZhMWQwZjg5ZDIxODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ay1tX4u6RidR/KX8wu8r86wVsW1
i4qb20nzUHX+CvjfttiMzdvOV1m+PkTElGqz5gYXm1QvVi9X/i6eWeBAPh0MKiO9
GTv7Cls7U9f/R8UzRpp0xqUwIEtQfEDw8Ogx+CaJuIAGqBeHD2aDfDQEAI51Jiro
Z61343ib4JqNI2GT+M/mvMiTR3OLKmnQL1KgysLQpCJJssG/z3+RVVA+N/D368Ks
XcQDvqHLjISIhpDe5lFQ6WJMM122MCw79P1NURl6FkxDOjqoZX7KL4lbv3/EwmAr
dcKygT/UxBSyfjQOSo50UAX3VjdMrSQi8VP/aKanD201u0q/uLWv3O38RwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKN71PZkfuWVU91CU8P6HQ+J0hg/MB8GA1UdIwQY
MBaAFLLAva+t6njc4xL4Yt30KxvUxPZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMt
ZmNjMzM2ZWVkOGQ3LzEvbzN2VTltUi01WlZUM1VKVHdfb2RENG5TR0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMtZmNjMzM2ZWVkOGQ3
LzEvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALV4FAwQA
LV4HMAwDBAAtnB0DBAUtnAAwDQYJKoZIhvcNAQELBQADggEBADqaX76rHOS3yo6O
P5vJvMDKO0wvdk644V7yXjFZf7BCen7kfsD4djNzw1KDDTk/DrSlKXM82JGmxK+M
HoEnnQGOr84NDRQnxbB+LwqEWlFMoT+WEPhSwZIWXrkD3VW89Hp6jN/aK1T771H0
9Qsp+OatX0Gqb9A2ybw+FvtBsVUD5eoeb8FUFnQmyTpQEowHzefhViOOJcGhB33q
XT5sQ4SkiSZFCDpgtkvLfqii2k1cCAdpHA8rg2NrKqwWX5Dx+/u3NB/k9oHf8MFr
qmsrH+P5xsxRe1zfA5sJoaN3eU4D/BkwYutEk79DjA7GnZ6yLH0fyaZI0GPJ6qgy
CGoNsv8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:02:25 2024 by rpki-client on console-fra.rpki-client.org