Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/P4qi_N5vcPwkFJvVDzS_f_LGpVw.roa
File: P4qi_N5vcPwkFJvVDzS_f_LGpVw.roa (raw, json)
Hash identifier: b6LFTTMQLphxgyZDrSPUZM7EAl8+CrhWMRcCMRLurKQ=
Subject key identifier: 3F:8A:A2:FC:DE:6F:70:FC:24:14:9B:D5:0F:34:BF:7F:F2:C6:A5:5C
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E45EDCB43624D28627D2540F217B8
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/P4qi_N5vcPwkFJvVDzS_f_LGpVw.roa
Signing time: Tue 02 Jan 2024 08:33:19 +0000
ROA not before: Tue 02 Jan 2024 08:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398395
IP address blocks: 2.58.200.0/24 maxlen: 24
45.67.87.0/24 maxlen: 24
45.134.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 10:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:45:ed:cb:43:62:4d:28:62:7d:25:40:f2:17:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f8aa2fcde6f70fc24149bd50f34bf7ff2c6a55c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2b:a7:73:82:24:9a:da:66:72:c0:39:58:6e:
33:f6:5e:93:52:14:75:09:51:b6:53:86:68:00:c6:
6f:2a:24:d5:d0:04:d5:e7:5c:48:fa:89:fb:d9:cf:
2d:ee:94:0e:f1:6b:9e:08:39:c5:92:c8:bf:a4:63:
78:c8:5b:eb:3f:f5:08:01:0e:b0:45:a9:a2:f9:06:
f7:ad:c7:72:e7:7d:3b:85:04:d2:f4:6a:77:54:4a:
1a:40:ce:fb:ab:af:a5:10:3c:15:11:f4:8b:60:c7:
b0:7f:8a:d6:f1:06:f1:fa:7c:27:62:3d:59:92:b3:
2e:4c:f5:bd:d9:2d:05:1c:f1:28:d4:54:c3:0c:ef:
9c:a4:20:43:f5:00:bc:37:7e:20:2d:cd:83:e8:e8:
bd:7f:45:64:d0:b3:66:3b:29:0b:8d:85:e7:ed:7c:
77:f2:05:be:1f:e6:e6:80:fd:6a:62:fa:1e:ba:91:
6a:7e:7e:fd:84:89:0e:a8:4f:4a:01:df:56:1e:26:
c6:5b:57:e9:cc:6f:fe:96:a3:17:26:64:a5:11:61:
79:62:45:f6:1b:ac:2b:7f:0d:c9:36:b1:7d:7a:c2:
b5:a2:64:e8:b2:78:46:f6:31:f1:23:2d:57:fc:e8:
12:75:8a:98:fc:4c:89:90:bc:43:c5:9a:52:82:45:
73:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8A:A2:FC:DE:6F:70:FC:24:14:9B:D5:0F:34:BF:7F:F2:C6:A5:5C
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/P4qi_N5vcPwkFJvVDzS_f_LGpVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.200.0/24
45.67.87.0/24
45.134.110.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:9a:98:d8:20:b4:cf:6f:b7:29:af:60:6b:f0:32:9d:01:71:
b6:2d:3e:86:d7:9c:93:99:15:e3:8e:d3:e2:b5:cd:de:66:e1:
24:4e:49:aa:59:47:b5:a6:f9:e7:ab:10:ab:93:bd:0d:ac:da:
1c:e1:14:40:21:96:c1:8c:c4:2d:6a:e0:67:0c:43:de:db:4e:
c7:f7:67:2e:97:7f:f4:7c:93:30:af:28:6f:bf:09:d8:8c:57:
c6:53:79:c8:c2:e7:1d:4d:73:23:f6:32:14:6a:70:12:3a:07:
fd:82:ff:be:d1:3d:1f:03:cb:24:e7:a7:70:17:5b:c7:88:fc:
69:9c:d3:8d:db:fb:73:51:1b:99:06:3e:55:d9:61:4a:23:23:
9d:10:ff:f1:61:69:90:7a:21:81:61:08:32:3d:c0:5f:be:d7:
bd:7d:fe:45:e9:aa:51:5c:33:08:1f:31:7c:f0:34:b4:a0:14:
80:85:18:00:cf:16:71:14:53:42:61:e9:bf:8e:d9:52:5c:7e:
8a:d6:fe:28:96:b1:79:2c:6a:b2:b7:06:d9:44:ed:d9:c2:15:
2a:35:de:7b:23:82:06:34:5b:0f:0c:33:45:65:f0:17:73:0c:
1a:a2:37:2b:97:03:84:85:4c:9e:23:6e:66:d4:48:d8:44:95:
6e:ca:74:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTkXty0NiTShifSVA8he4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjhhYTJmY2RlNmY3MGZjMjQxNDliZDUwZjM0YmY3ZmYyYzZhNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliunc4IkmtpmcsA5WG4z9l6TUhR1
CVG2U4ZoAMZvKiTV0ATV51xI+on72c8t7pQO8WueCDnFksi/pGN4yFvrP/UIAQ6w
Rami+Qb3rcdy5307hQTS9Gp3VEoaQM77q6+lEDwVEfSLYMewf4rW8Qbx+nwnYj1Z
krMuTPW92S0FHPEo1FTDDO+cpCBD9QC8N34gLc2D6Oi9f0Vk0LNmOykLjYXn7Xx3
8gW+H+bmgP1qYvoeupFqfn79hIkOqE9KAd9WHibGW1fpzG/+lqMXJmSlEWF5YkX2
G6wrfw3JNrF9esK1omTosnhG9jHxIy1X/OgSdYqY/EyJkLxDxZpSgkVzdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD+Kovzeb3D8JBSb1Q80v3/yxqVcMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvUDRxaV9ONXZjUHdrRkp2VkR6U19mX0xHcFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjrIAwQA
LUNXAwQALYZuMA0GCSqGSIb3DQEBCwUAA4IBAQCampjYILTPb7cpr2Br8DKdAXG2
LT6G15yTmRXjjtPitc3eZuEkTkmqWUe1pvnnqxCrk70NrNoc4RRAIZbBjMQtauBn
DEPe207H92cul3/0fJMwryhvvwnYjFfGU3nIwucdTXMj9jIUanASOgf9gv++0T0f
A8sk56dwF1vHiPxpnNON2/tzURuZBj5V2WFKIyOdEP/xYWmQeiGBYQgyPcBfvte9
ff5F6apRXDMIHzF88DS0oBSAhRgAzxZxFFNCYem/jtlSXH6K1v4olrF5LGqytwbZ
RO3ZwhUqNd57I4IGNFsPDDNFZfAXcwwaojcrlwOEhUyeI25m1EjYRJVuynRb
-----END CERTIFICATE-----
Generated at Fri May 3 18:05:12 2024 by rpki-client on console-fra.rpki-client.org