Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1-W6VThKcTRRM6qzLwtqNFW4XQIs.roa
File: 1-W6VThKcTRRM6qzLwtqNFW4XQIs.roa (raw, json)
Hash identifier: yC36mufO6Jny2e3mvPOgkcTp4dv23e69OQuVUWaEqWA=
Subject key identifier: F9:6E:95:4E:12:9C:4D:14:4C:EA:AC:CB:C2:DA:8D:15:6E:17:40:8B
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E32545E1F672AF721C6DA5524B8CD
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1-W6VThKcTRRM6qzLwtqNFW4XQIs.roa
Signing time: Tue 02 Jan 2024 08:33:14 +0000
ROA not before: Tue 02 Jan 2024 08:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36268
IP address blocks: 45.86.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:32:54:5e:1f:67:2a:f7:21:c6:da:55:24:b8:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f96e954e129c4d144ceaaccbc2da8d156e17408b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:21:65:b1:3e:b3:62:44:b2:87:7c:55:07:51:
8f:e3:29:50:27:e3:f8:47:e4:69:6d:b5:7b:4f:04:
e7:64:e5:b4:df:de:a3:e9:57:fb:7d:2c:7f:0b:fc:
5f:20:14:66:5e:0a:ae:4b:8b:f3:a5:53:7d:37:88:
60:4f:43:29:86:5a:55:a2:70:f4:9a:d9:64:27:77:
07:13:47:9a:bd:c2:18:23:4b:44:06:5e:6b:dd:2e:
3f:85:0e:6b:fc:7d:eb:3a:e3:8e:58:ff:bd:d9:68:
da:90:c8:70:10:22:6c:d6:b2:f3:fa:0e:22:09:72:
26:14:e3:ae:d6:38:8c:3a:0e:cd:98:00:de:4c:c8:
28:20:94:2d:a6:24:25:d3:e4:36:b8:69:eb:07:95:
b3:df:a3:24:31:2a:0d:5a:a2:94:c6:94:be:24:c2:
44:be:6d:24:4e:d0:09:f2:bd:d3:7b:03:4c:aa:06:
c7:d8:f4:10:c4:f3:5e:b4:d4:18:f6:8e:87:54:7d:
a4:0a:c9:9e:ec:4b:d5:91:ca:39:c3:14:c7:bb:70:
03:34:8f:4b:f6:ea:bb:63:2c:ac:b6:78:0a:02:9c:
3f:f4:fa:73:d6:91:38:84:8f:cb:b0:2d:09:e9:ac:
b2:4f:d9:0f:6a:1d:f4:50:e2:95:51:5c:e4:f9:da:
f2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:6E:95:4E:12:9C:4D:14:4C:EA:AC:CB:C2:DA:8D:15:6E:17:40:8B
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1-W6VThKcTRRM6qzLwtqNFW4XQIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.154.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:cf:16:22:0e:a3:51:65:a0:54:ac:cf:7e:59:8e:5d:e1:03:
a0:18:d9:0c:ba:11:61:e1:96:13:d0:44:00:e5:02:bd:e5:94:
16:bf:98:5e:4b:c2:a4:f7:1f:e3:9d:6d:79:f2:86:c6:d5:b3:
a6:9c:0f:a9:c4:02:8f:aa:03:70:c7:71:af:19:da:14:23:0c:
4c:31:af:a7:ee:5e:b3:ae:39:0f:ac:b6:f1:b7:63:f0:e0:96:
50:e7:70:85:9c:8d:4a:0c:44:15:97:35:5f:9f:f0:99:3b:b0:
e7:6b:71:fc:67:bb:40:ea:3a:ee:7f:cf:c8:5f:f0:df:31:5c:
6b:9e:b8:00:e3:fa:47:24:48:5b:4a:89:dd:a6:ee:9a:d7:d4:
3d:cd:51:64:b4:c2:a3:67:1a:e1:b9:3b:ac:47:84:a2:74:eb:
c6:95:d6:97:8a:9e:3f:e4:23:6c:b9:d8:95:5a:af:f4:18:65:
4f:09:6c:15:9d:a3:a4:03:68:61:50:23:7c:3c:3d:c6:26:ff:
4d:03:e7:28:e4:7f:b9:51:17:3c:9c:0b:6a:32:cf:0c:bd:48:
fd:a1:56:e9:91:a1:25:54:24:c8:c2:ec:22:fc:04:80:cd:33:
d4:71:f1:c9:9f:66:c9:8e:98:15:ff:27:4a:22:0d:1a:a1:6d:
88:08:29:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJTjJUXh9nKvchxtpVJLjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTZlOTU0ZTEyOWM0ZDE0NGNlYWFjY2JjMmRhOGQxNTZlMTc0MDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCFlsT6zYkSyh3xVB1GP4ylQJ+P4
R+RpbbV7TwTnZOW0396j6Vf7fSx/C/xfIBRmXgquS4vzpVN9N4hgT0MphlpVonD0
mtlkJ3cHE0eavcIYI0tEBl5r3S4/hQ5r/H3rOuOOWP+92WjakMhwECJs1rLz+g4i
CXImFOOu1jiMOg7NmADeTMgoIJQtpiQl0+Q2uGnrB5Wz36MkMSoNWqKUxpS+JMJE
vm0kTtAJ8r3TewNMqgbH2PQQxPNetNQY9o6HVH2kCsme7EvVkco5wxTHu3ADNI9L
9uq7YyystngKApw/9Ppz1pE4hI/LsC0J6ayyT9kPah30UOKVUVzk+dry7wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlulU4SnE0UTOqsy8LajRVuF0CLMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMS1XNlZUaEtjVFJSTTZxekx3dHFORlc0WFFJcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvMDk0MDgxLThhZWItNDJiZi1hNTc4LWEzY2EwZGI4MzI1
NC8xL0d3UVZ2OFE3T09uUDBhRXBsU0F1aDJOMUw5NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1WmjAN
BgkqhkiG9w0BAQsFAAOCAQEALs8WIg6jUWWgVKzPflmOXeEDoBjZDLoRYeGWE9BE
AOUCveWUFr+YXkvCpPcf451tefKGxtWzppwPqcQCj6oDcMdxrxnaFCMMTDGvp+5e
s645D6y28bdj8OCWUOdwhZyNSgxEFZc1X5/wmTuw52tx/Ge7QOo67n/PyF/w3zFc
a564AOP6RyRIW0qJ3abumtfUPc1RZLTCo2ca4bk7rEeEonTrxpXWl4qeP+QjbLnY
lVqv9BhlTwlsFZ2jpANoYVAjfDw9xib/TQPnKOR/uVEXPJwLajLPDL1I/aFW6ZGh
JVQkyMLsIvwEgM0z1HHxyZ9myY6YFf8nSiINGqFtiAgpzA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:01:45 2024 by rpki-client on console-ams.rpki-client.org