Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/OtqqhpwOm0_gUoATqovwWr-2FYc.roa
File: OtqqhpwOm0_gUoATqovwWr-2FYc.roa (raw, json)
Hash identifier: gRcL2QHwhcXIVQA7WDmr99h/PRypP47hd3z7QYcrjQk=
Subject key identifier: 3A:DA:AA:86:9C:0E:9B:4F:E0:52:80:13:AA:8B:F0:5A:BF:B6:15:87
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018EFA94A25283E2646991AC7F87EC96B98C
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/OtqqhpwOm0_gUoATqovwWr-2FYc.roa
Signing time: Sat 20 Apr 2024 08:17:08 +0000
ROA not before: Sat 20 Apr 2024 08:17:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149440
IP address blocks: 45.134.36.0/24 maxlen: 24
185.132.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fa:94:a2:52:83:e2:64:69:91:ac:7f:87:ec:96:b9:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Apr 20 08:17:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3adaaa869c0e9b4fe0528013aa8bf05abfb61587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a6:2c:53:ea:eb:e0:f2:1d:54:3c:f6:21:0e:
8a:ab:0e:a2:ab:dc:ad:5d:35:d2:cf:50:a0:df:fc:
1c:58:2b:94:f7:b5:68:53:d0:d9:63:17:5c:11:6d:
fd:ca:c9:03:bb:63:59:66:00:a3:cf:59:79:8a:28:
23:53:6d:d8:e5:d2:e8:ce:26:cd:43:7f:8b:5d:99:
47:46:7c:c1:77:58:81:24:1e:15:7d:12:9c:f8:e1:
8e:ed:54:12:39:bc:97:92:fe:67:cf:99:ad:f6:ad:
9e:df:df:5f:3b:97:fe:ce:43:63:1d:ce:d7:b9:1e:
d2:04:fe:19:cd:fe:1b:24:31:bb:76:fe:2b:72:30:
fd:71:60:8a:fe:0a:5c:0b:26:ce:e7:92:c1:58:ee:
9b:19:31:b1:b4:7b:35:d3:4b:a1:38:ba:91:14:ef:
89:d9:f4:86:27:f1:c1:46:33:fc:f9:1f:0f:b1:f3:
61:d6:d0:5e:55:00:13:0f:34:53:bf:7f:03:db:de:
49:6d:00:7d:2d:b2:11:44:1b:db:d6:64:35:9c:f7:
ab:75:63:ac:39:d8:7f:ab:47:8a:ac:7c:7c:a9:27:
40:10:6f:7c:11:08:07:40:bb:a6:0f:38:5b:83:ff:
08:f3:01:16:05:2b:fa:88:b9:dc:5c:ae:c6:1d:25:
97:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:DA:AA:86:9C:0E:9B:4F:E0:52:80:13:AA:8B:F0:5A:BF:B6:15:87
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/OtqqhpwOm0_gUoATqovwWr-2FYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.36.0/24
185.132.54.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:53:08:15:bb:68:01:ff:59:c3:90:14:01:2b:a2:60:4b:9b:
0c:36:74:47:cd:f8:92:65:d9:9d:7c:7f:16:75:a3:78:07:c9:
63:40:4e:2e:91:23:9c:c7:15:1d:f1:d6:c1:c3:5f:81:71:4a:
a9:47:6f:ef:38:24:1f:5f:55:28:db:c1:84:52:8f:9c:b3:04:
59:12:2d:ff:74:7a:f6:33:2c:93:ef:55:66:cb:23:11:e6:56:
e8:de:2a:fc:36:03:f3:9d:9b:07:42:5c:88:84:93:5c:64:25:
79:16:1e:92:95:4c:de:2c:b7:16:3f:b4:87:c2:73:49:85:5e:
e2:38:97:4b:d8:9f:30:d3:a0:12:bf:af:77:45:86:e9:02:da:
4b:6e:41:4b:76:ba:07:32:82:f8:c8:f4:fc:62:e7:2f:29:1d:
1a:9f:6f:38:1e:5f:d7:60:0a:44:a0:a8:7d:97:9c:97:0a:13:
a9:35:d0:a8:7f:54:6e:b9:c3:e6:56:15:b0:11:1e:ad:7b:cd:
83:22:a1:30:9b:b6:f4:73:f2:da:87:48:72:3c:53:c6:36:7f:
c8:df:bd:74:49:28:4b:4a:b3:3a:96:93:fe:78:5e:95:4d:a2:
dc:c2:74:8b:95:db:dc:84:d9:44:68:25:78:5d:05:b1:98:69:
5b:06:ca:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY76lKJSg+JkaZGsf4fslrmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwNDIwMDgxNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWRhYWE4NjljMGU5YjRmZTA1MjgwMTNhYThiZjA1YWJmYjYxNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6YsU+rr4PIdVDz2IQ6Kqw6iq9yt
XTXSz1Cg3/wcWCuU97VoU9DZYxdcEW39yskDu2NZZgCjz1l5iigjU23Y5dLozibN
Q3+LXZlHRnzBd1iBJB4VfRKc+OGO7VQSObyXkv5nz5mt9q2e399fO5f+zkNjHc7X
uR7SBP4Zzf4bJDG7dv4rcjD9cWCK/gpcCybO55LBWO6bGTGxtHs100uhOLqRFO+J
2fSGJ/HBRjP8+R8PsfNh1tBeVQATDzRTv38D295JbQB9LbIRRBvb1mQ1nPerdWOs
Odh/q0eKrHx8qSdAEG98EQgHQLumDzhbg/8I8wEWBSv6iLncXK7GHSWXAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDraqoacDptP4FKAE6qL8Fq/thWHMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvT3RxcWhwd09tMF9nVW9BVHFvdndXci0yRlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYYkAwQA
uYQ2MA0GCSqGSIb3DQEBCwUAA4IBAQBbUwgVu2gB/1nDkBQBK6JgS5sMNnRHzfiS
ZdmdfH8WdaN4B8ljQE4ukSOcxxUd8dbBw1+BcUqpR2/vOCQfX1Uo28GEUo+cswRZ
Ei3/dHr2MyyT71VmyyMR5lbo3ir8NgPznZsHQlyIhJNcZCV5Fh6SlUzeLLcWP7SH
wnNJhV7iOJdL2J8w06ASv693RYbpAtpLbkFLdroHMoL4yPT8YucvKR0an284Hl/X
YApEoKh9l5yXChOpNdCof1RuucPmVhWwER6te82DIqEwm7b0c/Lah0hyPFPGNn/I
3710SShLSrM6lpP+eF6VTaLcwnSLldvchNlEaCV4XQWxmGlbBsq2
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:43:05 2024 by rpki-client on console-fra.rpki-client.org