Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gMqVA778mMKaIzbk_18KeF_rV0w.roa
File: gMqVA778mMKaIzbk_18KeF_rV0w.roa (raw, json)
Hash identifier: +qaVkOtbzZYHTzpPlTRkfBgQMOTUH5NsoF9Jw4e8Rn4=
Subject key identifier: 80:CA:95:03:BE:FC:98:C2:9A:23:36:E4:FF:5F:0A:78:5F:EB:57:4C
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018E426B31B85E4C70FED9AA581B59FC2CE2
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gMqVA778mMKaIzbk_18KeF_rV0w.roa
Signing time: Fri 15 Mar 2024 14:01:45 +0000
ROA not before: Fri 15 Mar 2024 14:01:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211849
IP address blocks: 147.45.124.0/24 maxlen: 24
147.45.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:6b:31:b8:5e:4c:70:fe:d9:aa:58:1b:59:fc:2c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 15 14:01:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80ca9503befc98c29a2336e4ff5f0a785feb574c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:37:75:06:3f:ca:3b:3e:12:57:d1:12:dd:db:
d7:5a:87:27:60:f2:17:27:a3:c8:a8:94:a2:8a:3e:
08:a0:64:4e:f7:d0:4d:03:45:27:97:dd:77:73:91:
f3:8e:7c:3d:31:45:13:aa:51:df:3f:ef:3a:9c:ae:
e2:49:b8:da:10:82:e8:12:4a:8e:54:49:2f:82:34:
17:a2:5b:84:6f:58:82:cb:df:50:a2:7a:3c:23:66:
2c:c0:7d:08:a1:5f:b5:e9:89:cc:f6:54:68:18:cc:
c7:7c:3a:e5:90:2f:6b:35:b5:25:8e:51:9e:a6:0e:
59:c9:6b:23:0d:f3:40:77:63:b8:bf:76:00:a8:8c:
02:50:c2:53:a4:e7:fb:28:0d:1a:cc:fc:f3:ab:c7:
76:0c:23:66:39:3e:06:6f:2f:a5:6d:8e:8f:e3:cb:
dd:3b:9f:31:a4:22:78:1d:3f:a9:fd:c5:16:29:a5:
49:3e:cd:7d:87:07:b1:09:9a:30:88:54:14:1c:09:
44:8f:0a:55:f3:e4:b5:3f:c1:de:d8:62:1a:f7:21:
4c:1c:2e:a7:58:8b:9c:67:57:f7:9b:a9:96:eb:fb:
e2:9a:33:59:9e:b3:a6:76:a4:a4:73:7c:48:e8:96:
4c:76:72:71:f3:e6:a3:c7:9b:05:4c:03:55:62:f7:
ce:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:CA:95:03:BE:FC:98:C2:9A:23:36:E4:FF:5F:0A:78:5F:EB:57:4C
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gMqVA778mMKaIzbk_18KeF_rV0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.124.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:49:ea:de:4a:55:cf:d9:3e:80:98:14:59:80:72:71:d0:27:
2f:48:3c:e7:a6:48:46:e2:4c:09:18:a4:89:e3:cc:7d:9c:38:
64:75:44:1b:0a:3a:f3:d8:c9:3c:04:5e:97:52:72:f9:9d:98:
c6:3d:7c:e1:93:4a:9c:c4:70:47:79:fe:7d:a2:a6:14:22:95:
93:73:be:61:56:c0:f1:27:fe:8c:d0:8e:da:06:59:14:4c:dd:
70:a8:0e:72:95:e6:ed:ff:a0:e6:47:38:49:3a:91:b1:53:3c:
25:44:83:35:d4:db:20:fd:c8:00:8c:da:a3:11:a5:ad:bd:02:
1d:6d:65:a2:00:d0:c6:b2:ec:7a:7f:96:44:cd:82:1c:14:bb:
1b:7a:e4:06:59:34:03:9c:d3:e6:25:4e:83:ae:21:08:40:9b:
bf:62:1e:e5:b0:b7:c3:ae:03:ba:ea:73:f0:6c:46:69:51:c5:
67:e6:24:24:c5:66:f9:1e:40:c5:1c:65:8d:66:48:1e:c7:bd:
dd:b6:df:ba:d9:ab:88:e4:53:cd:f4:b7:3b:2e:1d:2f:0d:43:
81:26:b5:7a:af:0a:56:f3:e6:44:6f:4b:29:d4:c8:31:5f:47:
7b:cb:4f:2c:ca:1c:ce:f8:70:e8:cb:c7:00:5a:64:f2:68:d0:
8e:34:e1:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5CazG4Xkxw/tmqWBtZ/CziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMzE1MTQwMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGNhOTUwM2JlZmM5OGMyOWEyMzM2ZTRmZjVmMGE3ODVmZWI1NzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzd1Bj/KOz4SV9ES3dvXWocnYPIX
J6PIqJSiij4IoGRO99BNA0Unl913c5Hzjnw9MUUTqlHfP+86nK7iSbjaEILoEkqO
VEkvgjQXoluEb1iCy99Qono8I2YswH0IoV+16YnM9lRoGMzHfDrlkC9rNbUljlGe
pg5ZyWsjDfNAd2O4v3YAqIwCUMJTpOf7KA0azPzzq8d2DCNmOT4Gby+lbY6P48vd
O58xpCJ4HT+p/cUWKaVJPs19hwexCZowiFQUHAlEjwpV8+S1P8He2GIa9yFMHC6n
WIucZ1f3m6mW6/vimjNZnrOmdqSkc3xI6JZMdnJx8+ajx5sFTANVYvfOMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDKlQO+/JjCmiM25P9fCnhf61dMMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZ01xVkE3NzhtTUthSXpia18xOEtlRl9yVjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBky18MA0G
CSqGSIb3DQEBCwUAA4IBAQAPSereSlXP2T6AmBRZgHJx0CcvSDznpkhG4kwJGKSJ
48x9nDhkdUQbCjrz2Mk8BF6XUnL5nZjGPXzhk0qcxHBHef59oqYUIpWTc75hVsDx
J/6M0I7aBlkUTN1wqA5ylebt/6DmRzhJOpGxUzwlRIM11Nsg/cgAjNqjEaWtvQId
bWWiANDGsux6f5ZEzYIcFLsbeuQGWTQDnNPmJU6DriEIQJu/Yh7lsLfDrgO66nPw
bEZpUcVn5iQkxWb5HkDFHGWNZkgex73dtt+62auI5FPN9Lc7Lh0vDUOBJrV6rwpW
8+ZEb0sp1MgxX0d7y08syhzO+HDoy8cAWmTyaNCONOE4
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:09 2024 by rpki-client on console-ams.rpki-client.org