Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/9wkeXjc_OkwzJNASBRs-P6qPMkQ.roa
File: 9wkeXjc_OkwzJNASBRs-P6qPMkQ.roa (raw, json)
Hash identifier: fmpvo542/M0fE7tnMFQKjET5nsM4x733l8Ua871QisI=
Subject key identifier: F7:09:1E:5E:37:3F:3A:4C:33:24:D0:12:05:1B:3E:3F:AA:8F:32:44
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018CC5012C8B060008723A1341E412884EEB
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/9wkeXjc_OkwzJNASBRs-P6qPMkQ.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46261
IP address blocks: 45.94.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2c:8b:06:00:08:72:3a:13:41:e4:12:88:4e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7091e5e373f3a4c3324d012051b3e3faa8f3244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ef:30:44:58:36:cb:21:b0:1a:ab:e5:20:cb:
e0:c3:43:25:b9:eb:4a:1b:2e:93:04:98:73:dc:06:
12:9e:d1:f1:d3:60:a5:48:c7:9b:e6:2e:ae:bf:3f:
40:e6:82:43:24:33:7c:15:41:eb:fb:18:0e:b9:e1:
e9:99:ec:d3:4a:6d:bc:2d:66:02:93:54:8b:47:f7:
0c:82:95:81:a2:2e:9b:19:2d:de:ec:39:7d:95:62:
ed:24:3b:76:e0:fc:b4:53:ab:dd:30:11:fb:80:ce:
dc:28:d0:2d:57:02:c5:c1:3d:9e:d7:cc:5e:6c:f4:
12:fa:39:3d:1e:15:9a:2b:c7:e1:ae:1e:69:bd:41:
f9:d9:3c:48:2e:83:53:77:cb:2a:b5:0a:d8:ad:2b:
52:59:9f:e5:f6:04:fa:89:7d:43:52:a4:3c:3c:bf:
51:bc:31:72:09:3f:97:f5:a8:b5:c7:b4:9c:ff:ae:
7d:a5:1a:24:63:b0:64:18:e2:88:94:63:c8:c6:d6:
6d:24:4b:6c:5d:c5:2c:88:4e:c7:b2:3d:31:1a:f4:
54:5e:0d:ea:a0:07:70:88:57:5e:0a:f3:24:ae:e4:
9a:f0:c4:73:35:16:82:3b:9a:b9:8e:85:71:7c:19:
aa:a9:32:e5:7b:0c:0f:e7:04:d3:37:25:f6:84:f7:
dc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:09:1E:5E:37:3F:3A:4C:33:24:D0:12:05:1B:3E:3F:AA:8F:32:44
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/9wkeXjc_OkwzJNASBRs-P6qPMkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.137.0/24
Signature Algorithm: sha256WithRSAEncryption
31:41:c7:22:4f:e5:46:d6:ce:06:52:69:1d:38:cc:61:46:ca:
ee:ba:30:70:aa:f5:42:68:64:e4:7a:d9:6c:3d:f6:d9:49:f1:
12:87:49:75:7c:ed:65:05:a3:9d:55:2e:9b:ef:61:5a:a5:82:
48:49:b4:f0:dc:5c:4e:75:35:61:db:fe:2d:22:28:ba:1f:96:
8b:6f:d1:82:18:c5:39:14:36:9d:74:99:ba:2f:8c:7d:da:e3:
6c:63:db:dc:f6:5f:16:09:2e:6e:ec:2d:1c:55:5e:a6:49:c0:
ba:a9:77:b1:1f:f1:f8:5a:cd:f0:15:62:4c:82:6e:5a:8c:85:
b2:c4:1c:f9:55:6c:ca:89:ad:70:93:fa:0c:7f:74:78:a3:46:
07:48:82:7d:0d:1b:1f:e0:be:34:3a:42:f9:6a:6f:a2:68:4e:
07:fc:fa:59:d0:9d:19:21:ce:aa:73:e1:64:bd:c4:27:fc:91:
89:d5:68:89:80:96:66:25:b8:b1:f7:30:fb:63:d2:b2:cb:8a:
75:9c:a8:be:76:77:7e:25:fb:63:2e:d1:11:55:0f:98:5c:ab:
bc:50:8e:2b:aa:2b:af:de:13:09:ee:6a:61:09:75:47:a7:43:
66:18:2e:e1:4f:dc:de:3e:f6:46:c9:ae:ca:e6:3b:67:7a:7a:
b2:35:b0:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASyLBgAIcjoTQeQSiE7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzA5MWU1ZTM3M2YzYTRjMzMyNGQwMTIwNTFiM2UzZmFhOGYzMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO8wRFg2yyGwGqvlIMvgw0MluetK
Gy6TBJhz3AYSntHx02ClSMeb5i6uvz9A5oJDJDN8FUHr+xgOueHpmezTSm28LWYC
k1SLR/cMgpWBoi6bGS3e7Dl9lWLtJDt24Py0U6vdMBH7gM7cKNAtVwLFwT2e18xe
bPQS+jk9HhWaK8fhrh5pvUH52TxILoNTd8sqtQrYrStSWZ/l9gT6iX1DUqQ8PL9R
vDFyCT+X9ai1x7Sc/659pRokY7BkGOKIlGPIxtZtJEtsXcUsiE7Hsj0xGvRUXg3q
oAdwiFdeCvMkruSa8MRzNRaCO5q5joVxfBmqqTLlewwP5wTTNyX2hPfclQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPcJHl43PzpMMyTQEgUbPj+qjzJEMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvOXdrZVhqY19Pa3d6Sk5BU0JScy1QNnFQTWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV6JMA0G
CSqGSIb3DQEBCwUAA4IBAQAxQcciT+VG1s4GUmkdOMxhRsruujBwqvVCaGTketls
PfbZSfESh0l1fO1lBaOdVS6b72FapYJISbTw3FxOdTVh2/4tIii6H5aLb9GCGMU5
FDaddJm6L4x92uNsY9vc9l8WCS5u7C0cVV6mScC6qXexH/H4Ws3wFWJMgm5ajIWy
xBz5VWzKia1wk/oMf3R4o0YHSIJ9DRsf4L40OkL5am+iaE4H/PpZ0J0ZIc6qc+Fk
vcQn/JGJ1WiJgJZmJbix9zD7Y9Kyy4p1nKi+dnd+JftjLtERVQ+YXKu8UI4rqiuv
3hMJ7mphCXVHp0NmGC7hT9zePvZGya7K5jtnenqyNbBY
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:47:44 2024 by rpki-client on console-fra.rpki-client.org