Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/s0jD-lyrl_b8RcwtO_TDzF_1XQc.roa
File: s0jD-lyrl_b8RcwtO_TDzF_1XQc.roa (raw, json)
Hash identifier: f8fmQyY+pDuRj88UFDoHM0YI2V2u4uib384j3RN1fw0=
Subject key identifier: B3:48:C3:FA:5C:AB:97:F6:FC:45:CC:2D:3B:F4:C3:CC:5F:F5:5D:07
Certificate issuer: /CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Certificate serial: 018CC3B6FFBD5B25A5626929E67682A04D8E
Authority key identifier: 8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/s0jD-lyrl_b8RcwtO_TDzF_1XQc.roa
Signing time: Mon 01 Jan 2024 06:29:59 +0000
ROA not before: Mon 01 Jan 2024 06:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35489
IP address blocks: 45.133.100.0/24 maxlen: 24
45.133.101.0/24 maxlen: 24
193.8.4.0/24 maxlen: 24
193.8.4.0/23 maxlen: 23
193.8.5.0/24 maxlen: 24
193.8.6.0/24 maxlen: 24
193.8.7.0/24 maxlen: 24
2a0c:7cc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ff:bd:5b:25:a5:62:69:29:e6:76:82:a0:4d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Validity
Not Before: Jan 1 06:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b348c3fa5cab97f6fc45cc2d3bf4c3cc5ff55d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:18:f1:51:56:7c:bf:28:26:df:0d:a2:a7:5d:
27:38:53:7a:4c:a0:5f:48:88:a9:95:24:0c:ec:a7:
94:64:89:36:6b:9e:19:9d:2f:32:bf:60:d3:e9:36:
d1:54:98:80:0f:de:73:cb:65:14:b0:3f:aa:a5:fa:
5c:fc:16:22:5f:95:a6:61:ad:35:3f:01:f5:37:23:
77:6f:5f:83:61:d7:8f:ae:f1:da:2b:89:38:95:ba:
af:89:3c:c5:8e:51:b7:2d:aa:9b:cb:c0:a4:d4:1c:
8d:94:38:6a:73:3a:0b:58:15:8b:e6:91:70:1d:96:
02:6b:fb:ef:f8:c3:eb:61:77:49:0f:e6:21:ee:8d:
0b:53:49:d5:a8:73:1f:04:ce:99:5a:4e:9f:43:1a:
ea:3f:cb:7a:41:af:48:84:cb:b8:cb:10:08:4d:ed:
fe:60:cc:3f:02:d5:72:19:15:12:af:5e:81:fe:af:
e0:2a:07:ec:12:a2:34:7a:3d:07:45:fb:28:5e:a1:
ca:1a:ad:0e:7d:aa:41:2b:67:54:7d:25:e5:14:5c:
31:05:04:a6:7a:03:9d:df:c6:8c:4c:92:b7:48:ba:
b5:f2:63:c3:df:97:f9:e5:a2:98:17:e9:e6:60:c4:
9a:b1:ec:5a:ca:3e:1b:10:be:bf:d8:a3:c0:ad:54:
87:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:48:C3:FA:5C:AB:97:F6:FC:45:CC:2D:3B:F4:C3:CC:5F:F5:5D:07
X509v3 Authority Key Identifier:
keyid:8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/s0jD-lyrl_b8RcwtO_TDzF_1XQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.100.0/23
193.8.4.0/22
IPv6:
2a0c:7cc0::/48
Signature Algorithm: sha256WithRSAEncryption
67:bd:53:10:8b:b3:ad:95:31:3a:3e:45:f2:b0:08:e1:04:0a:
5c:c0:1b:18:64:3c:bb:15:c3:ee:bb:86:e7:c5:cc:c0:bd:d5:
c8:89:22:53:4e:92:a6:9f:19:e1:29:29:ba:78:98:cb:68:b3:
f0:e1:01:6a:c8:62:19:7e:12:80:c4:82:e1:49:c3:d7:85:59:
74:ed:e3:c3:04:74:76:ef:89:41:4b:d5:25:cc:32:70:94:f8:
b9:d7:b5:47:67:ad:2e:cc:48:15:a1:25:8e:c7:93:90:ed:86:
3e:36:8b:ef:3e:44:5f:f2:f2:b8:26:95:37:06:f4:df:f7:52:
fe:f6:97:a1:b3:08:dc:6d:c6:7a:5d:ac:4c:bb:6f:41:92:64:
c6:16:9c:b1:82:f0:0d:15:3e:f5:14:f0:5f:6b:3f:c2:06:13:
51:40:a8:cf:9a:c6:6d:b0:30:d6:c7:1d:85:c0:b6:fd:92:56:
d5:d5:25:b1:84:10:fe:c5:c5:e2:a5:9d:80:4b:41:59:01:1d:
9c:e1:28:80:56:db:d9:ab:bf:89:20:b4:bc:41:93:54:c8:3f:
93:e0:40:a9:0e:43:dd:c0:16:7f:15:32:5e:5a:10:db:6e:68:
8c:87:38:3a:59:6b:d0:1e:4b:c0:98:e0:5d:17:c8:68:7d:6d:
4d:e5:d7:27
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDtv+9WyWlYmkp5naCoE2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNlMWQxMzViZjJjZjhlOGMxM2YzM2VjMTFjODUyMzcw
M2RjNzUwHhcNMjQwMTAxMDYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQ4YzNmYTVjYWI5N2Y2ZmM0NWNjMmQzYmY0YzNjYzVmZjU1ZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixjxUVZ8vygm3w2ip10nOFN6TKBf
SIiplSQM7KeUZIk2a54ZnS8yv2DT6TbRVJiAD95zy2UUsD+qpfpc/BYiX5WmYa01
PwH1NyN3b1+DYdePrvHaK4k4lbqviTzFjlG3Laqby8Ck1ByNlDhqczoLWBWL5pFw
HZYCa/vv+MPrYXdJD+Yh7o0LU0nVqHMfBM6ZWk6fQxrqP8t6Qa9IhMu4yxAITe3+
YMw/AtVyGRUSr16B/q/gKgfsEqI0ej0HRfsoXqHKGq0OfapBK2dUfSXlFFwxBQSm
egOd38aMTJK3SLq18mPD35f55aKYF+nmYMSasexayj4bEL6/2KPArVSHAQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLNIw/pcq5f2/EXMLTv0w8xf9V0HMB8GA1UdIwQY
MBaAFIoc4dE1vyz46ME/M+wRyFI3A9x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDIt
ZGVlMjkyZWE4N2EzLzEvczBqRC1seXJsX2I4UmN3dE9fVER6Rl8xWFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDItZGVlMjkyZWE4N2Ez
LzEvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBLYVkAwQC
wQgEMA8EAgACMAkDBwAqDHzAAAAwDQYJKoZIhvcNAQELBQADggEBAGe9UxCLs62V
MTo+RfKwCOEEClzAGxhkPLsVw+67hufFzMC91ciJIlNOkqafGeEpKbp4mMtos/Dh
AWrIYhl+EoDEguFJw9eFWXTt48MEdHbviUFL1SXMMnCU+LnXtUdnrS7MSBWhJY7H
k5Dthj42i+8+RF/y8rgmlTcG9N/3Uv72l6GzCNxtxnpdrEy7b0GSZMYWnLGC8A0V
PvUU8F9rP8IGE1FAqM+axm2wMNbHHYXAtv2SVtXVJbGEEP7FxeKlnYBLQVkBHZzh
KIBW29mrv4kgtLxBk1TIP5PgQKkOQ93AFn8VMl5aENtuaIyHODpZa9AeS8CY4F0X
yGh9bU3l1yc=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:47:25 2024 by rpki-client on console-fra.rpki-client.org