Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/Avoa6VqtY8ZPHAQrnZ181dkNF4g.roa
File: Avoa6VqtY8ZPHAQrnZ181dkNF4g.roa (raw, json)
Hash identifier: yMkryawTVJ5kKJyWzQTyG/5W80zP4uNi8vAL+NzkWH4=
Subject key identifier: 02:FA:1A:E9:5A:AD:63:C6:4F:1C:04:2B:9D:9D:7C:D5:D9:0D:17:88
Certificate issuer: /CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Certificate serial: 018CC5DC05432F2BC6607A3D32DD7821B1C1
Authority key identifier: B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/Avoa6VqtY8ZPHAQrnZ181dkNF4g.roa
Signing time: Mon 01 Jan 2024 16:29:39 +0000
ROA not before: Mon 01 Jan 2024 16:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12555
IP address blocks: 45.135.92.0/22 maxlen: 22
81.29.128.0/20 maxlen: 20
93.189.144.0/21 maxlen: 21
185.37.63.0/24 maxlen: 24
2a0e:8f40::/29 maxlen: 29
2a00:f2a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:05:43:2f:2b:c6:60:7a:3d:32:dd:78:21:b1:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Validity
Not Before: Jan 1 16:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02fa1ae95aad63c64f1c042b9d9d7cd5d90d1788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5b:e4:94:5a:69:a5:78:02:64:3b:c8:f0:ff:
94:64:07:4e:ce:f6:9c:59:0a:5e:df:57:41:c7:a4:
0c:01:e7:99:c2:5c:8a:38:80:70:09:f6:04:88:5d:
26:cb:30:4d:9a:53:f4:d8:45:19:15:42:c2:c9:a0:
4d:c4:90:a3:44:ef:59:ec:27:96:b6:b0:8c:e5:57:
59:b9:81:fc:8d:5b:cb:8c:fa:f9:51:f7:2f:e9:66:
b1:a6:2a:7d:84:29:6c:80:75:ee:d2:68:b7:38:d5:
75:96:4f:8e:a9:bd:7a:65:46:c0:a8:87:44:16:8e:
f8:61:e8:b1:ad:00:8d:6a:1b:30:c0:fa:6b:84:68:
eb:d8:91:01:13:36:e8:7b:00:53:b4:ee:fc:4c:cf:
74:4a:c9:62:89:ff:32:2f:18:34:66:0c:3a:64:f2:
86:67:2a:ea:f3:c9:71:c6:ef:b0:81:36:2b:db:f0:
dc:ba:33:12:bd:9a:fb:f0:fe:58:21:66:1c:47:dd:
2b:61:bf:78:49:a7:4b:c9:ab:aa:b6:7b:98:2e:98:
22:c4:ad:21:a3:9a:98:ae:72:65:97:10:0e:18:9a:
77:6d:20:62:19:d5:e5:91:2b:2f:f3:ed:ae:5b:ef:
97:b5:87:fe:3d:8b:6a:b9:90:a0:c5:f6:ab:22:32:
33:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FA:1A:E9:5A:AD:63:C6:4F:1C:04:2B:9D:9D:7C:D5:D9:0D:17:88
X509v3 Authority Key Identifier:
keyid:B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/Avoa6VqtY8ZPHAQrnZ181dkNF4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.92.0/22
81.29.128.0/20
93.189.144.0/21
185.37.63.0/24
IPv6:
2a00:f2a0::/32
2a0e:8f40::/29
Signature Algorithm: sha256WithRSAEncryption
30:2f:1f:a9:4f:8b:7b:ff:a9:35:9e:0a:1d:39:44:c1:49:2c:
14:f9:f5:8a:35:33:32:b2:24:af:fe:2e:af:cd:18:75:5c:07:
93:93:70:67:db:d6:1e:e5:c8:49:70:47:a1:a5:74:9b:e3:d6:
46:b7:30:f5:7a:c4:3f:7f:1a:c4:47:d9:8e:23:7d:98:61:c9:
ba:f6:3f:32:a6:f8:42:95:69:fb:7f:13:ea:40:7e:fd:64:30:
d6:75:3d:f4:6e:cd:ca:43:a9:e0:64:81:53:27:3a:72:a1:13:
d3:ae:7d:a6:d0:12:39:7a:93:f8:fa:ba:e2:50:2d:a8:8d:97:
66:78:bf:3c:93:0d:d7:46:a9:e2:2d:ef:8e:13:72:36:06:cf:
11:a6:16:ec:56:61:6f:a3:60:f0:12:2d:24:9d:b0:fc:e9:a1:
b7:1b:ca:cc:8b:ca:cc:45:fe:09:ac:c3:0e:40:86:5a:2a:10:
a1:d5:9d:e5:49:6c:12:d6:c4:3f:24:fe:98:1d:1c:7d:12:8d:
9f:df:7b:a2:5c:6b:35:2a:74:36:c8:d4:71:7b:c4:ba:03:10:
f5:ae:ac:54:d3:ab:2e:59:a7:17:69:6f:be:68:ae:87:11:3f:
6b:c6:07:a4:42:ff:ac:0a:f8:6a:56:b3:b1:10:2b:c8:f6:b5:
fa:d9:b4:03
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzF3AVDLyvGYHo9Mt14IbHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNDM1MTQ2MzBkYzE3ZjNmZTliNTFkZDQzNDE4NGQwYjYy
YjAzYzAwHhcNMjQwMTAxMTYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmZhMWFlOTVhYWQ2M2M2NGYxYzA0MmI5ZDlkN2NkNWQ5MGQxNzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1vklFpppXgCZDvI8P+UZAdOzvac
WQpe31dBx6QMAeeZwlyKOIBwCfYEiF0myzBNmlP02EUZFULCyaBNxJCjRO9Z7CeW
trCM5VdZuYH8jVvLjPr5Ufcv6Waxpip9hClsgHXu0mi3ONV1lk+Oqb16ZUbAqIdE
Fo74YeixrQCNahswwPprhGjr2JEBEzboewBTtO78TM90Ssliif8yLxg0Zgw6ZPKG
Zyrq88lxxu+wgTYr2/DcujMSvZr78P5YIWYcR90rYb94SadLyauqtnuYLpgixK0h
o5qYrnJllxAOGJp3bSBiGdXlkSsv8+2uW++XtYf+PYtquZCgxfarIjIz7wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAL6GularWPGTxwEK52dfNXZDReIMB8GA1UdIwQY
MBaAFLNDUUYw3Bfz/ptR3UNBhNC2KwPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGIt
YTcyNDdlOWQ1ZjNhLzEvQXZvYTZWcXRZOFpQSEFRcm5aMTgxZGtORjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGItYTcyNDdlOWQ1ZjNh
LzEvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLYdcAwQE
UR2AAwQDXb2QAwQAuSU/MBQEAgACMA4DBQAqAPKgAwUDKg6PQDANBgkqhkiG9w0B
AQsFAAOCAQEAMC8fqU+Le/+pNZ4KHTlEwUksFPn1ijUzMrIkr/4ur80YdVwHk5Nw
Z9vWHuXISXBHoaV0m+PWRrcw9XrEP38axEfZjiN9mGHJuvY/Mqb4QpVp+38T6kB+
/WQw1nU99G7NykOp4GSBUyc6cqET0659ptASOXqT+Pq64lAtqI2XZni/PJMN10ap
4i3vjhNyNgbPEaYW7FZhb6Ng8BItJJ2w/OmhtxvKzIvKzEX+CazDDkCGWioQodWd
5UlsEtbEPyT+mB0cfRKNn997olxrNSp0NsjUcXvEugMQ9a6sVNOrLlmnF2lvvmiu
hxE/a8YHpEL/rAr4alazsRAryPa1+tm0Aw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:14:14 2024 by rpki-client on console-fra.rpki-client.org