Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/63d394-42bd-40b1-a2a1-74d5901a8c56/1/JI5BsNXHahWy4QexKMedtWYzOAc.roa
File: JI5BsNXHahWy4QexKMedtWYzOAc.roa (raw, json)
Hash identifier: 3hcHDeIGOIXdjeNZw6+oIBE6iv91gdqUqHMfveUmLYM=
Subject key identifier: 24:8E:41:B0:D5:C7:6A:15:B2:E1:07:B1:28:C7:9D:B5:66:33:38:07
Certificate issuer: /CN=046587901f13079bed8982f629e9dd15468cfef1
Certificate serial: 018CC4931EB0752267F32FA79A2E33CE88FD
Authority key identifier: 04:65:87:90:1F:13:07:9B:ED:89:82:F6:29:E9:DD:15:46:8C:FE:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGWHkB8TB5vtiYL2KendFUaM_vE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/63d394-42bd-40b1-a2a1-74d5901a8c56/1/JI5BsNXHahWy4QexKMedtWYzOAc.roa
Signing time: Mon 01 Jan 2024 10:30:25 +0000
ROA not before: Mon 01 Jan 2024 10:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208645
IP address blocks: 45.91.244.0/22 maxlen: 22
185.91.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/63d394-42bd-40b1-a2a1-74d5901a8c56/1/BGWHkB8TB5vtiYL2KendFUaM_vE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/63d394-42bd-40b1-a2a1-74d5901a8c56/1/BGWHkB8TB5vtiYL2KendFUaM_vE.mft
rsync://rpki.ripe.net/repository/DEFAULT/BGWHkB8TB5vtiYL2KendFUaM_vE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1e:b0:75:22:67:f3:2f:a7:9a:2e:33:ce:88:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046587901f13079bed8982f629e9dd15468cfef1
Validity
Not Before: Jan 1 10:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=248e41b0d5c76a15b2e107b128c79db566333807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:23:e5:26:22:a3:55:89:d0:c7:13:12:79:c6:
93:be:9c:1d:21:94:27:f3:ac:cb:3c:5c:02:2e:82:
d1:a4:4f:f7:90:f2:67:53:cb:8f:d3:dc:55:11:3b:
df:0d:cf:f4:45:7f:c0:da:7c:66:84:63:0d:f5:30:
a0:53:a2:c5:70:b2:8d:5c:ba:1b:c6:17:08:3e:07:
ac:4f:c2:0d:32:69:65:ae:ce:e2:f1:ab:76:f5:a1:
07:41:ed:ec:3f:61:ea:b0:d2:0c:b6:c1:e1:f6:18:
fb:c5:e3:f9:c7:9f:5e:90:dc:8c:c2:1e:d2:4c:e9:
43:07:ea:9b:2b:37:2f:89:56:ad:05:0d:8d:e9:1e:
18:81:8e:8d:14:2a:49:a9:aa:10:e8:4f:f6:23:d0:
78:ad:c3:77:4a:1a:fe:31:68:ea:40:2d:67:bd:d7:
31:fa:a9:95:7c:dd:99:d5:65:ea:55:1b:62:e2:c9:
48:f7:12:fc:98:ba:f7:7e:c0:be:9c:8a:60:58:37:
88:d6:03:65:d8:40:81:2d:6c:de:25:78:77:0b:50:
7f:17:92:51:86:4f:da:f6:1d:b9:8e:6b:e4:3e:a9:
7b:df:4e:2b:d7:4a:04:38:56:dd:1f:4d:66:5f:e0:
24:84:cb:50:f1:0a:cd:15:4a:9f:6e:08:b2:87:10:
e2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8E:41:B0:D5:C7:6A:15:B2:E1:07:B1:28:C7:9D:B5:66:33:38:07
X509v3 Authority Key Identifier:
keyid:04:65:87:90:1F:13:07:9B:ED:89:82:F6:29:E9:DD:15:46:8C:FE:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGWHkB8TB5vtiYL2KendFUaM_vE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/63d394-42bd-40b1-a2a1-74d5901a8c56/1/JI5BsNXHahWy4QexKMedtWYzOAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/63d394-42bd-40b1-a2a1-74d5901a8c56/1/BGWHkB8TB5vtiYL2KendFUaM_vE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.244.0/22
185.91.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:c4:a0:87:15:5c:6a:4a:ab:45:2f:0b:22:00:85:21:02:da:
e9:bf:92:ad:49:9a:b3:6f:b2:7d:05:c3:93:71:20:78:f0:fc:
ea:67:b7:d7:5e:e9:57:08:36:85:74:51:c7:d4:eb:1a:7d:6a:
8e:66:22:9e:53:ed:c5:df:49:6b:bd:c1:16:db:88:5b:43:e8:
87:18:67:35:0d:68:6b:2d:52:52:89:45:20:e1:e0:47:cf:ad:
dd:c7:14:a4:6e:6d:a9:08:ba:6b:60:10:d3:fe:13:4f:3b:4d:
65:0f:80:48:f6:c4:0e:b8:7d:85:77:d4:b7:4d:c4:a9:ed:23:
78:e6:91:9c:ca:db:32:44:61:47:d2:4f:59:5d:23:24:0c:45:
29:3b:68:cb:a7:6f:b4:50:07:9b:c3:48:bf:b3:c6:67:20:02:
f9:c9:35:ba:64:e6:91:54:6f:ba:22:11:0d:7e:3e:4a:b7:a7:
56:4d:e4:70:d1:a5:60:df:96:25:90:c7:c4:c4:a0:cd:09:2f:
99:9b:81:6e:10:80:68:d9:88:5e:6e:b6:56:4f:64:74:eb:f8:
ae:fb:23:ed:03:29:47:65:50:e7:5e:25:71:76:52:16:24:31:
4d:65:b6:b9:3b:94:16:d5:b9:60:fb:a2:91:0f:a1:f3:09:a8:
f4:05:03:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkx6wdSJn8y+nmi4zzoj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NjU4NzkwMWYxMzA3OWJlZDg5ODJmNjI5ZTlkZDE1NDY4
Y2ZlZjEwHhcNMjQwMTAxMTAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDhlNDFiMGQ1Yzc2YTE1YjJlMTA3YjEyOGM3OWRiNTY2MzMzODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyPlJiKjVYnQxxMSecaTvpwdIZQn
86zLPFwCLoLRpE/3kPJnU8uP09xVETvfDc/0RX/A2nxmhGMN9TCgU6LFcLKNXLob
xhcIPgesT8INMmllrs7i8at29aEHQe3sP2HqsNIMtsHh9hj7xeP5x59ekNyMwh7S
TOlDB+qbKzcviVatBQ2N6R4YgY6NFCpJqaoQ6E/2I9B4rcN3Shr+MWjqQC1nvdcx
+qmVfN2Z1WXqVRti4slI9xL8mLr3fsC+nIpgWDeI1gNl2ECBLWzeJXh3C1B/F5JR
hk/a9h25jmvkPql7304r10oEOFbdH01mX+AkhMtQ8QrNFUqfbgiyhxDiiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCSOQbDVx2oVsuEHsSjHnbVmMzgHMB8GA1UdIwQY
MBaAFARlh5AfEweb7YmC9inp3RVGjP7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdXSGtCOFRCNXZ0aVlMMktlbmRGVWFNX3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82M2QzOTQtNDJiZC00MGIxLWEyYTEt
NzRkNTkwMWE4YzU2LzEvSkk1QnNOWEhhaFd5NFFleEtNZWR0V1l6T0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82M2QzOTQtNDJiZC00MGIxLWEyYTEtNzRkNTkwMWE4YzU2
LzEvQkdXSGtCOFRCNXZ0aVlMMktlbmRGVWFNX3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVv0AwQC
uVsgMA0GCSqGSIb3DQEBCwUAA4IBAQChxKCHFVxqSqtFLwsiAIUhAtrpv5KtSZqz
b7J9BcOTcSB48PzqZ7fXXulXCDaFdFHH1OsafWqOZiKeU+3F30lrvcEW24hbQ+iH
GGc1DWhrLVJSiUUg4eBHz63dxxSkbm2pCLprYBDT/hNPO01lD4BI9sQOuH2Fd9S3
TcSp7SN45pGcytsyRGFH0k9ZXSMkDEUpO2jLp2+0UAebw0i/s8ZnIAL5yTW6ZOaR
VG+6IhENfj5Kt6dWTeRw0aVg35YlkMfExKDNCS+Zm4FuEIBo2YhebrZWT2R06/iu
+yPtAylHZVDnXiVxdlIWJDFNZba5O5QW1blg+6KRD6HzCaj0BQMy
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:05:55 2024 by rpki-client on console-ams.rpki-client.org