Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Cj7CfyWAWAWTW3ieETvwEzLMOYU.roa
File: Cj7CfyWAWAWTW3ieETvwEzLMOYU.roa (raw, json)
Hash identifier: Hi9ZVVoMetTtmTbhUS3Cly6BXwksjOrF3scMManOkiU=
Subject key identifier: 0A:3E:C2:7F:25:80:58:05:93:5B:78:9E:11:3B:F0:13:32:CC:39:85
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018DEB3E5A0AF409549EA3E66083C98489E9
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Cj7CfyWAWAWTW3ieETvwEzLMOYU.roa
Signing time: Tue 27 Feb 2024 15:45:48 +0000
ROA not before: Tue 27 Feb 2024 15:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197071
IP address blocks: 45.13.226.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.90.97.0/24 maxlen: 24
45.145.226.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:3e:5a:0a:f4:09:54:9e:a3:e6:60:83:c9:84:89:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Feb 27 15:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a3ec27f25805805935b789e113bf01332cc3985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:92:a6:b4:16:d9:cc:91:f8:a3:8d:0d:86:20:
f0:01:e0:ef:b8:bd:26:52:e6:e9:c0:e6:eb:38:72:
ff:3a:b7:a5:a4:94:41:34:e3:3d:92:7f:08:19:26:
be:db:41:71:d0:cf:79:64:a3:58:f1:31:b7:9d:4d:
ed:59:aa:2a:5b:d1:9d:00:9e:c3:ea:7e:32:d0:0e:
d2:dc:c1:0e:6c:08:5d:9a:30:17:d7:ef:0e:6c:b6:
23:e3:66:82:bd:ba:85:b9:57:97:e8:63:1e:7e:66:
2c:66:ea:1d:c9:7d:2a:cb:64:fb:9a:7f:a6:e5:23:
5c:e4:21:bb:ab:88:34:88:eb:99:d7:71:1d:47:3f:
b5:f7:48:7f:86:09:d2:e4:47:2a:7f:14:da:26:3a:
af:aa:2a:73:94:d9:f3:d7:90:67:46:24:7d:d9:1f:
3e:20:a0:95:16:20:f9:03:53:df:2f:d7:c7:7e:fa:
cd:c1:6a:de:69:86:cf:bb:b9:e7:03:49:49:ef:80:
05:22:b5:4f:37:fa:e0:1d:ee:14:0f:68:86:e6:46:
1e:54:b4:56:9a:b6:e3:98:f3:ac:e3:4f:83:18:6c:
8e:66:16:03:e6:9a:65:1b:fe:e4:ca:e7:73:bd:b2:
ee:27:23:57:c2:32:5b:e3:50:5a:70:f7:aa:a5:ee:
59:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:3E:C2:7F:25:80:58:05:93:5B:78:9E:11:3B:F0:13:32:CC:39:85
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Cj7CfyWAWAWTW3ieETvwEzLMOYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.67.139.0/24
45.90.97.0/24
45.145.226.0/24
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
25:2f:1d:b6:f5:c8:a8:e9:e2:bd:1e:58:89:bd:e2:5d:31:a8:
7a:8e:ee:4c:a7:05:4a:34:77:67:49:46:34:62:17:79:b8:ee:
3c:6b:b9:21:68:3f:1d:94:4b:b3:c8:ae:e8:fe:18:3d:6b:aa:
73:03:33:c3:39:54:75:48:3e:94:11:df:16:5e:48:66:98:10:
c8:61:e5:57:b3:df:5d:28:10:57:43:18:a0:19:91:1d:19:45:
00:7d:ea:f5:15:9f:50:c5:5e:e8:97:24:ce:ae:06:91:97:85:
52:11:ba:58:c2:4d:41:de:e7:32:78:5c:4a:f8:b3:b8:2c:49:
1d:c9:89:1e:c9:34:36:37:1a:23:b7:7a:4e:b1:f4:78:6f:c6:
93:d5:0f:66:76:ea:9b:4d:21:75:7d:6b:93:fa:d8:48:04:0a:
da:0b:f6:61:90:6c:ee:75:5a:43:93:b0:c5:d9:74:c6:c0:62:
1c:bb:d0:31:d8:23:02:64:bd:0f:f9:74:cf:3c:2c:fe:09:c4:
ad:45:43:cc:3e:3a:99:16:96:34:df:20:6d:aa:74:b2:2c:65:
65:c0:02:b6:f9:43:1a:2e:bf:c9:3e:38:02:7b:23:54:91:7d:
fe:da:ed:11:d6:c9:50:e4:6e:02:9a:08:3e:9b:47:40:91:cf:
09:65:53:e5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3rPloK9AlUnqPmYIPJhInpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMjI3MTU0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTNlYzI3ZjI1ODA1ODA1OTM1Yjc4OWUxMTNiZjAxMzMyY2MzOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZKmtBbZzJH4o40NhiDwAeDvuL0m
UubpwObrOHL/OrelpJRBNOM9kn8IGSa+20Fx0M95ZKNY8TG3nU3tWaoqW9GdAJ7D
6n4y0A7S3MEObAhdmjAX1+8ObLYj42aCvbqFuVeX6GMefmYsZuodyX0qy2T7mn+m
5SNc5CG7q4g0iOuZ13EdRz+190h/hgnS5EcqfxTaJjqvqipzlNnz15BnRiR92R8+
IKCVFiD5A1PfL9fHfvrNwWreaYbPu7nnA0lJ74AFIrVPN/rgHe4UD2iG5kYeVLRW
mrbjmPOs40+DGGyOZhYD5pplG/7kyudzvbLuJyNXwjJb41BacPeqpe5ZywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAo+wn8lgFgFk1t4nhE78BMyzDmFMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvQ2o3Q2Z5V0FXQVdUVzNpZUVUdndFekxNT1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ3iAwQA
LUOLAwQALVphAwQALZHiAwQAuXUAMA0GCSqGSIb3DQEBCwUAA4IBAQAlLx229cio
6eK9HliJveJdMah6ju5MpwVKNHdnSUY0Yhd5uO48a7khaD8dlEuzyK7o/hg9a6pz
AzPDOVR1SD6UEd8WXkhmmBDIYeVXs99dKBBXQxigGZEdGUUAfer1FZ9QxV7olyTO
rgaRl4VSEbpYwk1B3ucyeFxK+LO4LEkdyYkeyTQ2Nxojt3pOsfR4b8aT1Q9mduqb
TSF1fWuT+thIBAraC/ZhkGzudVpDk7DF2XTGwGIcu9Ax2CMCZL0P+XTPPCz+CcSt
RUPMPjqZFpY03yBtqnSyLGVlwAK2+UMaLr/JPjgCeyNUkX3+2u0R1slQ5G4Cmgg+
m0dAkc8JZVPl
-----END CERTIFICATE-----
Generated at Fri May 10 03:40:48 2024 by rpki-client on console-fra.rpki-client.org