Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/0iEI9GwQfQwrkIqO7GvDgX2ScHI.roa
File: 0iEI9GwQfQwrkIqO7GvDgX2ScHI.roa (raw, json)
Hash identifier: jA9JKUaAEwBJ87rRIEGzxzEQEk6iZwbjBymm4o7Y+Yo=
Subject key identifier: D2:21:08:F4:6C:10:7D:0C:2B:90:8A:8E:EC:6B:C3:81:7D:92:70:72
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E390D4D614B94D50A45C79A19AA03
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/0iEI9GwQfQwrkIqO7GvDgX2ScHI.roa
Signing time: Tue 02 Jan 2024 08:33:15 +0000
ROA not before: Tue 02 Jan 2024 08:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133219
IP address blocks: 194.15.39.0/24 maxlen: 24
45.147.6.0/24 maxlen: 24
45.67.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:39:0d:4d:61:4b:94:d5:0a:45:c7:9a:19:aa:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d22108f46c107d0c2b908a8eec6bc3817d927072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c2:77:64:55:80:e3:b1:c4:2e:9d:0c:f4:58:
08:44:b4:90:bd:cf:68:79:6b:1c:5c:0d:97:bc:45:
33:24:5b:5f:81:10:5b:72:c7:77:6f:66:df:5e:a9:
ca:b7:d4:f9:7f:10:e9:ea:76:20:30:a0:bd:51:15:
70:aa:64:c1:50:b8:30:46:4c:fc:60:ff:d3:b7:ab:
e2:3c:2a:b2:92:2e:d5:04:e3:a3:9b:cb:fe:ff:17:
f2:6f:4e:ed:dc:10:92:e9:79:f4:73:39:7f:96:d4:
2d:72:58:93:44:d6:75:42:be:16:f3:82:a9:59:47:
c5:a1:94:ee:f5:be:9e:df:91:4a:82:d9:f2:f9:fc:
9b:37:fd:75:a6:23:56:e9:92:de:93:0a:24:60:67:
75:29:6d:2a:51:9d:89:f4:36:e0:9d:db:74:00:44:
4a:ba:d7:90:53:35:12:79:8d:d0:ad:4c:15:36:32:
d9:33:d0:f0:89:dc:27:ea:d4:93:15:3a:4e:8f:55:
ff:f8:ad:bc:9c:fa:e9:ae:4c:8a:67:14:b9:e8:c2:
3c:a0:da:43:ac:13:66:ea:7e:08:71:8c:42:a4:aa:
ed:7b:18:69:36:84:17:e6:6b:95:33:78:68:92:c9:
14:59:c2:c5:22:6d:a1:1b:0d:2b:df:70:af:d1:21:
77:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:21:08:F4:6C:10:7D:0C:2B:90:8A:8E:EC:6B:C3:81:7D:92:70:72
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/0iEI9GwQfQwrkIqO7GvDgX2ScHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.138.0/24
45.147.6.0/24
194.15.39.0/24
Signature Algorithm: sha256WithRSAEncryption
00:06:84:e4:70:ee:d9:b3:7b:1f:fc:58:1a:7c:d6:11:5d:34:
91:57:86:33:03:12:de:12:9a:91:14:25:58:db:bc:c8:9c:81:
62:31:9e:d0:19:bb:68:34:05:c0:1c:4d:77:1c:e0:6f:0c:af:
62:55:0a:b6:5e:6b:f8:e6:02:2a:82:5c:6f:f4:94:be:1e:c7:
07:68:8f:53:1c:1d:c3:26:bf:cf:e4:5d:1d:6b:6e:ca:e0:b2:
a2:a8:5c:8f:2b:8d:78:e6:1f:4b:bb:e9:76:c3:86:a3:2a:54:
5a:fe:3c:aa:04:99:0f:15:16:85:d3:57:43:0d:42:48:f9:be:
6c:b7:a6:55:4e:2d:24:e4:24:60:58:75:63:62:2a:a0:05:19:
95:1b:3a:3f:57:5b:3c:eb:9a:d6:04:95:e3:5e:3c:15:df:40:
a7:08:ca:a7:41:59:93:7a:66:d5:f3:1a:5d:2b:d0:fa:b5:17:
1a:e3:6c:6b:6f:fc:97:2c:c1:7b:0d:02:92:49:cd:a7:b2:a4:
56:12:be:3b:d5:c5:57:c2:84:89:92:42:42:86:63:2a:17:f7:
23:b3:7f:c4:36:1f:29:50:9e:73:0f:f1:fc:ad:ae:7b:ed:4b:
af:f9:52:76:60:a4:79:30:a0:2a:30:3f:aa:97:6a:66:59:93:
7c:14:62:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTjkNTWFLlNUKRceaGaoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIxMDhmNDZjMTA3ZDBjMmI5MDhhOGVlYzZiYzM4MTdkOTI3MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMJ3ZFWA47HELp0M9FgIRLSQvc9o
eWscXA2XvEUzJFtfgRBbcsd3b2bfXqnKt9T5fxDp6nYgMKC9URVwqmTBULgwRkz8
YP/Tt6viPCqyki7VBOOjm8v+/xfyb07t3BCS6Xn0czl/ltQtcliTRNZ1Qr4W84Kp
WUfFoZTu9b6e35FKgtny+fybN/11piNW6ZLekwokYGd1KW0qUZ2J9Dbgndt0AERK
uteQUzUSeY3QrUwVNjLZM9Dwidwn6tSTFTpOj1X/+K28nPrprkyKZxS56MI8oNpD
rBNm6n4IcYxCpKrtexhpNoQX5muVM3hokskUWcLFIm2hGw0r33Cv0SF3VQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNIhCPRsEH0MK5CKjuxrw4F9knByMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMGlFSTlHd1FmUXdya0lxTzdHdkRnWDJTY0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUOKAwQA
LZMGAwQAwg8nMA0GCSqGSIb3DQEBCwUAA4IBAQAABoTkcO7Zs3sf/FgafNYRXTSR
V4YzAxLeEpqRFCVY27zInIFiMZ7QGbtoNAXAHE13HOBvDK9iVQq2Xmv45gIqglxv
9JS+HscHaI9THB3DJr/P5F0da27K4LKiqFyPK4145h9Lu+l2w4ajKlRa/jyqBJkP
FRaF01dDDUJI+b5st6ZVTi0k5CRgWHVjYiqgBRmVGzo/V1s865rWBJXjXjwV30Cn
CMqnQVmTembV8xpdK9D6tRca42xrb/yXLMF7DQKSSc2nsqRWEr471cVXwoSJkkJC
hmMqF/cjs3/ENh8pUJ5zD/H8ra577Uuv+VJ2YKR5MKAqMD+ql2pmWZN8FGK4
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:01:45 2024 by rpki-client on console-ams.rpki-client.org