Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/itnsoHzVMxfL0enxP0BERVPgpJQ.roa
File: itnsoHzVMxfL0enxP0BERVPgpJQ.roa (raw, json)
Hash identifier: pU3lnNTytNlcH8ADkkrR5rYj36pNRkSs3ZAPE6cfMnw=
Subject key identifier: 8A:D9:EC:A0:7C:D5:33:17:CB:D1:E9:F1:3F:40:44:45:53:E0:A4:94
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018F24FD2D6741014577D129232CF2409ED1
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/itnsoHzVMxfL0enxP0BERVPgpJQ.roa
Signing time: Sun 28 Apr 2024 13:55:23 +0000
ROA not before: Sun 28 Apr 2024 13:55:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215826
IP address blocks: 147.45.45.0/24 maxlen: 24
193.233.112.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:24:fd:2d:67:41:01:45:77:d1:29:23:2c:f2:40:9e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 28 13:55:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ad9eca07cd53317cbd1e9f13f40444553e0a494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:52:aa:9f:51:c9:72:fd:04:0e:0f:e2:0a:6e:
bb:03:41:94:e1:ec:87:fd:78:e8:1f:74:0f:27:33:
16:32:ce:2c:98:15:84:f5:2b:63:c1:03:4b:1f:08:
b0:28:1a:a4:bd:e5:c9:03:2b:5a:67:72:ce:28:26:
a9:25:c9:19:96:fd:7d:d4:c1:ee:4b:5e:2c:c3:3c:
17:46:f6:a4:c0:19:78:78:a2:8a:b4:34:66:df:6c:
a0:7e:20:6a:90:d2:d3:dd:49:de:12:5b:fb:8e:c2:
a6:68:f4:83:80:6f:70:29:9c:1e:20:db:b2:8c:d5:
2d:88:41:fa:6b:9f:8f:ef:01:39:27:9a:4b:65:2b:
96:96:42:b6:04:51:f7:35:63:26:4b:16:47:7a:c2:
45:23:59:7a:20:3c:db:2c:92:99:61:79:66:f4:a4:
e2:9c:63:a2:63:6d:75:4c:e2:83:ff:d2:73:ef:9b:
15:de:c3:7f:86:f9:1f:89:b9:08:6e:99:b4:5f:68:
3f:58:e9:c8:a7:eb:9f:e6:2f:8a:39:4b:84:0a:d8:
4e:6c:2d:7a:88:51:93:0b:63:0e:9e:2d:18:30:f4:
00:8e:49:f9:ec:c0:1b:7d:05:80:b4:f6:ef:b4:76:
ca:bc:30:e1:13:c3:1d:62:be:1f:2a:1d:2d:52:9d:
6e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D9:EC:A0:7C:D5:33:17:CB:D1:E9:F1:3F:40:44:45:53:E0:A4:94
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/itnsoHzVMxfL0enxP0BERVPgpJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.45.0/24
193.233.112.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:e9:60:94:92:e5:00:a6:b5:b6:46:8c:0f:19:c2:68:00:96:
90:a3:b8:d8:3d:3a:c5:f0:f1:f7:05:76:8b:66:23:27:71:1d:
22:a1:f2:0c:7a:9f:0e:7b:7f:c6:60:1a:a4:76:12:e3:1a:1f:
2b:69:ae:fc:d1:db:0a:a3:35:22:3a:bc:40:3a:fe:6c:1a:09:
51:2b:c7:bd:8a:5a:6d:a4:6e:88:de:89:13:02:43:46:3b:ae:
87:73:c3:df:23:76:d4:5c:ea:c7:a1:94:3a:ea:a2:e9:a7:96:
9a:45:7e:f7:ff:18:34:ee:03:e9:33:3c:9d:4d:8f:1e:44:7d:
3e:75:f3:d0:3d:8d:2a:2e:4d:d4:27:35:6f:da:1e:f8:a9:7e:
87:f8:b1:14:97:48:45:87:d4:8b:37:d9:c8:02:41:ff:2a:43:
a8:90:ad:d7:44:4c:77:d3:c8:dd:92:f2:c7:1c:8f:33:95:f0:
79:78:aa:8d:04:c6:94:d2:65:a3:aa:82:b3:07:7e:e5:4c:e0:
bc:cd:35:4b:b9:6d:78:2b:2e:a6:ae:ea:77:77:a5:b6:5f:1b:
a2:b5:95:51:03:39:90:f7:27:b6:b3:ef:f6:34:5c:b4:44:36:
10:f1:f3:07:63:b9:51:b0:ca:93:07:b9:a7:a9:c2:fe:09:96:
02:d4:bf:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8k/S1nQQFFd9EpIyzyQJ7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNDI4MTM1NTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQ5ZWNhMDdjZDUzMzE3Y2JkMWU5ZjEzZjQwNDQ0NTUzZTBhNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1Kqn1HJcv0EDg/iCm67A0GU4eyH
/XjoH3QPJzMWMs4smBWE9StjwQNLHwiwKBqkveXJAytaZ3LOKCapJckZlv191MHu
S14swzwXRvakwBl4eKKKtDRm32ygfiBqkNLT3UneElv7jsKmaPSDgG9wKZweINuy
jNUtiEH6a5+P7wE5J5pLZSuWlkK2BFH3NWMmSxZHesJFI1l6IDzbLJKZYXlm9KTi
nGOiY211TOKD/9Jz75sV3sN/hvkfibkIbpm0X2g/WOnIp+uf5i+KOUuECthObC16
iFGTC2MOni0YMPQAjkn57MAbfQWAtPbvtHbKvDDhE8MdYr4fKh0tUp1uRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIrZ7KB81TMXy9Hp8T9AREVT4KSUMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaXRuc29IelZNeGZMMGVueFAwQkVSVlBncEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAky0tAwQB
welwMA0GCSqGSIb3DQEBCwUAA4IBAQBa6WCUkuUAprW2RowPGcJoAJaQo7jYPTrF
8PH3BXaLZiMncR0iofIMep8Oe3/GYBqkdhLjGh8raa780dsKozUiOrxAOv5sGglR
K8e9ilptpG6I3okTAkNGO66Hc8PfI3bUXOrHoZQ66qLpp5aaRX73/xg07gPpMzyd
TY8eRH0+dfPQPY0qLk3UJzVv2h74qX6H+LEUl0hFh9SLN9nIAkH/KkOokK3XREx3
08jdkvLHHI8zlfB5eKqNBMaU0mWjqoKzB37lTOC8zTVLuW14Ky6mrup3d6W2Xxui
tZVRAzmQ9ye2s+/2NFy0RDYQ8fMHY7lRsMqTB7mnqcL+CZYC1L/V
-----END CERTIFICATE-----
Generated at Sun May 19 05:51:18 2024 by rpki-client on console-fra.rpki-client.org