Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/2yZp5XlEISMxcm5xswb0DPgo77M.roa
File: 2yZp5XlEISMxcm5xswb0DPgo77M.roa (raw, json)
Hash identifier: iwY79yfvc6N8fnv3JIyg7PwXy+PYty9UVxlTMf1LTOI=
Subject key identifier: DB:26:69:E5:79:44:21:23:31:72:6E:71:B3:06:F4:0C:F8:28:EF:B3
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018E8E81F52D265BE9210C0F2EF3273D34D0
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/2yZp5XlEISMxcm5xswb0DPgo77M.roa
Signing time: Sat 30 Mar 2024 08:37:45 +0000
ROA not before: Sat 30 Mar 2024 08:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 45.142.106.0/24 maxlen: 24
92.118.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8e:81:f5:2d:26:5b:e9:21:0c:0f:2e:f3:27:3d:34:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Mar 30 08:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db2669e57944212331726e71b306f40cf828efb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:af:7c:79:a5:b6:b3:41:f2:b2:1e:76:4f:9a:
ca:dc:a6:fe:3a:5f:3e:09:14:fb:83:18:6c:bc:0b:
1c:0a:c4:ce:0e:2f:69:c2:22:83:ba:b9:fe:27:ee:
74:2f:9e:e6:04:31:28:18:e4:07:ee:a2:b9:3d:11:
86:85:aa:bc:98:0d:aa:73:fc:b3:81:6f:8c:82:48:
36:ad:fd:21:03:b9:83:4f:c6:6a:66:74:5e:bc:ab:
e0:72:21:25:14:70:e9:5e:b6:7b:e6:70:2e:c1:a3:
be:9f:f6:53:9b:4f:d0:b3:a1:82:68:4c:0e:54:cb:
2d:10:68:f0:08:a9:19:47:e4:02:56:22:8e:1a:43:
b7:95:ee:1e:50:10:24:74:20:2d:ed:db:30:17:13:
ea:96:9b:c3:9a:f8:07:06:24:58:30:81:3c:a5:4f:
ce:52:34:07:1e:0a:f9:d2:f6:b9:ea:ee:6c:12:2e:
a6:75:4f:6b:1f:91:37:54:b2:53:00:b1:0a:06:57:
63:2f:94:0e:2f:8a:76:03:42:69:0b:d0:aa:19:8f:
e8:ae:cb:89:5e:0a:be:67:ca:fe:8e:4f:12:c9:eb:
a5:3b:98:1c:0d:9a:e5:d7:bf:74:c9:86:d7:e0:49:
bf:da:9a:03:7d:8d:2a:40:3a:5d:a0:4b:fd:b1:ba:
29:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:26:69:E5:79:44:21:23:31:72:6E:71:B3:06:F4:0C:F8:28:EF:B3
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/2yZp5XlEISMxcm5xswb0DPgo77M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.106.0/24
92.118.206.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e5:8b:81:27:2c:5d:42:0e:3c:ae:97:91:2b:7c:df:93:64:
55:a3:5b:17:15:3a:df:08:44:c4:71:17:0b:a3:0a:7c:c5:c9:
bb:16:15:83:2f:ef:36:ee:44:3f:f3:0a:ec:7e:0f:3e:a7:69:
a4:2d:9c:c4:49:c6:36:80:24:94:ad:19:5f:3f:20:08:e2:80:
f6:38:85:54:d7:94:69:91:13:c8:f8:92:c7:72:a1:f3:58:ca:
0b:74:12:10:4f:2e:a0:06:90:c7:26:3d:23:3f:64:d4:39:1b:
44:0b:7d:98:b0:97:4f:6f:05:75:91:c6:8b:6b:52:a6:17:76:
e6:01:01:4e:d9:b9:21:fc:df:69:c5:c3:aa:ed:06:84:d0:71:
65:2c:2c:ab:56:d8:06:3a:86:fa:d3:19:c1:a8:7e:79:18:ef:
77:a3:c2:5f:30:03:16:e0:d4:8e:61:8b:94:ef:4d:e8:fc:c9:
00:e2:6a:e0:1a:84:b0:52:58:12:9e:14:6c:77:88:fe:91:97:
43:47:96:e8:73:d1:e2:53:2e:a8:ec:44:02:8f:8f:66:df:08:
ee:08:ad:7c:1a:e5:fc:11:69:73:2b:55:0a:b4:13:fa:2c:b4:
86:9e:f3:fa:0a:47:86:5d:86:a7:0f:ce:89:c2:da:e3:4b:6b:
d9:91:41:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6OgfUtJlvpIQwPLvMnPTTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMzMwMDgzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjI2NjllNTc5NDQyMTIzMzE3MjZlNzFiMzA2ZjQwY2Y4MjhlZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK98eaW2s0Hysh52T5rK3Kb+Ol8+
CRT7gxhsvAscCsTODi9pwiKDurn+J+50L57mBDEoGOQH7qK5PRGGhaq8mA2qc/yz
gW+Mgkg2rf0hA7mDT8ZqZnRevKvgciElFHDpXrZ75nAuwaO+n/ZTm0/Qs6GCaEwO
VMstEGjwCKkZR+QCViKOGkO3le4eUBAkdCAt7dswFxPqlpvDmvgHBiRYMIE8pU/O
UjQHHgr50va56u5sEi6mdU9rH5E3VLJTALEKBldjL5QOL4p2A0JpC9CqGY/orsuJ
Xgq+Z8r+jk8SyeulO5gcDZrl1790yYbX4Em/2poDfY0qQDpdoEv9sbopnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNsmaeV5RCEjMXJucbMG9Az4KO+zMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMnlacDVYbEVJU014Y201eHN3YjBEUGdvNzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY5qAwQA
XHbOMA0GCSqGSIb3DQEBCwUAA4IBAQAP5YuBJyxdQg48rpeRK3zfk2RVo1sXFTrf
CETEcRcLowp8xcm7FhWDL+827kQ/8wrsfg8+p2mkLZzEScY2gCSUrRlfPyAI4oD2
OIVU15RpkRPI+JLHcqHzWMoLdBIQTy6gBpDHJj0jP2TUORtEC32YsJdPbwV1kcaL
a1KmF3bmAQFO2bkh/N9pxcOq7QaE0HFlLCyrVtgGOob60xnBqH55GO93o8JfMAMW
4NSOYYuU703o/MkA4mrgGoSwUlgSnhRsd4j+kZdDR5boc9HiUy6o7EQCj49m3wju
CK18GuX8EWlzK1UKtBP6LLSGnvP6CkeGXYanD86JwtrjS2vZkUHg
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:01:45 2024 by rpki-client on console-ams.rpki-client.org