Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/PR2rKTBzxfbRIoJBaa4XTMgXalM.roa
File: PR2rKTBzxfbRIoJBaa4XTMgXalM.roa (raw, json)
Hash identifier: AoqjQKtaQCo34L1vkJU0AkgxVELMFX0tBxmn8lZ/CyE=
Subject key identifier: 3D:1D:AB:29:30:73:C5:F6:D1:22:82:41:69:AE:17:4C:C8:17:6A:53
Certificate issuer: /CN=8ad37a9933b052c2f12ef1b8f14d74f05fddb611
Certificate serial: 018EAE4E0BDD5CCA2342EB97DB957E17E44B
Authority key identifier: 8A:D3:7A:99:33:B0:52:C2:F1:2E:F1:B8:F1:4D:74:F0:5F:DD:B6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itN6mTOwUsLxLvG48U108F_dthE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/PR2rKTBzxfbRIoJBaa4XTMgXalM.roa
Signing time: Fri 05 Apr 2024 12:48:54 +0000
ROA not before: Fri 05 Apr 2024 12:48:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34939
IP address blocks: 45.90.28.0/23 maxlen: 24
45.90.30.0/23 maxlen: 24
146.19.14.0/24 maxlen: 24
2a07:a8c0::/32 maxlen: 33
2a07:a8c1::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/itN6mTOwUsLxLvG48U108F_dthE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/itN6mTOwUsLxLvG48U108F_dthE.mft
rsync://rpki.ripe.net/repository/DEFAULT/itN6mTOwUsLxLvG48U108F_dthE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:4e:0b:dd:5c:ca:23:42:eb:97:db:95:7e:17:e4:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad37a9933b052c2f12ef1b8f14d74f05fddb611
Validity
Not Before: Apr 5 12:48:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d1dab293073c5f6d122824169ae174cc8176a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:92:25:06:ef:e8:73:87:c7:e7:ec:b9:f9:69:
5f:51:b3:a1:91:41:63:b7:6b:f2:e3:57:be:ea:95:
45:21:bf:eb:c4:36:16:98:35:8e:9d:60:4f:90:9e:
ed:36:78:9e:1c:f4:78:b6:d3:d0:2a:93:74:3d:9f:
6b:43:37:8a:e9:90:89:05:ff:15:35:43:6c:b5:27:
94:fe:f4:f2:07:59:76:b5:b4:66:99:28:aa:0f:ac:
d6:6f:40:23:53:89:66:0f:6d:15:67:b9:3a:2a:9c:
40:7b:1d:b7:5b:1c:83:06:57:55:f5:0a:f8:a7:8a:
de:a1:39:f1:7f:16:02:5d:54:03:46:7d:e2:3c:d7:
19:ee:2a:fe:42:28:a3:2b:74:4d:cd:0f:2b:b9:d3:
d3:e0:50:6d:0c:5d:35:e0:d4:5c:4e:1c:1f:8b:0c:
c4:b1:dd:66:ba:31:6b:21:6c:db:6f:c2:e2:8b:af:
e0:59:0b:e0:29:1d:b0:c8:60:5e:b3:fd:c3:c5:73:
06:c7:4d:1b:a7:03:ad:cc:92:17:77:5f:85:7c:13:
ed:16:11:92:dc:00:94:55:9b:95:31:82:e0:b4:78:
60:89:e1:e5:7b:28:ba:53:40:0b:2a:00:0a:0f:cf:
12:e5:78:4a:33:e7:50:10:61:78:cd:3b:16:43:40:
e4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1D:AB:29:30:73:C5:F6:D1:22:82:41:69:AE:17:4C:C8:17:6A:53
X509v3 Authority Key Identifier:
keyid:8A:D3:7A:99:33:B0:52:C2:F1:2E:F1:B8:F1:4D:74:F0:5F:DD:B6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itN6mTOwUsLxLvG48U108F_dthE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/PR2rKTBzxfbRIoJBaa4XTMgXalM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/itN6mTOwUsLxLvG48U108F_dthE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.28.0/22
146.19.14.0/24
IPv6:
2a07:a8c0::/31
Signature Algorithm: sha256WithRSAEncryption
60:9a:4e:a1:28:67:7f:0e:bd:aa:51:13:b4:e0:f9:cd:88:16:
1b:c0:29:cd:e8:6a:f0:59:5b:69:53:ec:ba:ff:c3:37:e6:1b:
f3:c1:82:49:94:3e:27:c9:1f:3a:cf:5a:63:d3:ed:b2:79:bf:
91:5b:ab:f8:9b:e2:24:73:7d:0d:0a:99:f1:9a:fd:8f:0a:96:
3d:57:a6:36:75:05:d1:f5:93:7a:21:d4:4d:79:cb:69:29:19:
a2:20:f5:cd:6c:b1:71:07:68:6d:97:32:7f:b8:2d:2e:e7:39:
db:44:73:79:bd:b1:7a:93:10:a4:73:5e:f1:f2:02:14:a2:44:
78:45:59:80:e3:cb:0f:5a:a8:dc:29:ec:3f:bb:e2:3d:39:2b:
87:88:07:21:c8:ea:33:07:d6:45:45:3a:11:7c:e4:c6:2b:6a:
b8:a7:0a:6d:ed:51:77:45:dd:75:c0:96:07:c4:70:d6:fe:e3:
80:4a:91:13:8b:54:f5:c5:b0:f1:f7:c2:de:cd:1c:75:33:50:
70:e7:8c:8b:4d:9b:a3:81:25:d1:32:c7:84:b3:9d:2f:c9:b2:
b7:5e:f0:0a:05:29:0c:1e:97:09:c6:15:2b:0b:04:74:42:a1:
f0:14:00:fb:33:58:fa:cb:5d:4b:a1:4d:15:0c:ca:c6:1c:25:
82:d9:92:2d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY6uTgvdXMojQuuX25V+F+RLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDM3YTk5MzNiMDUyYzJmMTJlZjFiOGYxNGQ3NGYwNWZk
ZGI2MTEwHhcNMjQwNDA1MTI0ODU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDFkYWIyOTMwNzNjNWY2ZDEyMjgyNDE2OWFlMTc0Y2M4MTc2YTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZIlBu/oc4fH5+y5+WlfUbOhkUFj
t2vy41e+6pVFIb/rxDYWmDWOnWBPkJ7tNnieHPR4ttPQKpN0PZ9rQzeK6ZCJBf8V
NUNstSeU/vTyB1l2tbRmmSiqD6zWb0AjU4lmD20VZ7k6KpxAex23WxyDBldV9Qr4
p4reoTnxfxYCXVQDRn3iPNcZ7ir+QiijK3RNzQ8rudPT4FBtDF014NRcThwfiwzE
sd1mujFrIWzbb8Lii6/gWQvgKR2wyGBes/3DxXMGx00bpwOtzJIXd1+FfBPtFhGS
3ACUVZuVMYLgtHhgieHleyi6U0ALKgAKD88S5XhKM+dQEGF4zTsWQ0Dk6QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD0dqykwc8X20SKCQWmuF0zIF2pTMB8GA1UdIwQY
MBaAFIrTepkzsFLC8S7xuPFNdPBf3bYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRONm1UT3dVc0x4THZHNDhVMTA4Rl9kdGhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zZTMxMjYtM2Y0Zi00OGU5LWFiZWYt
NWNiMTFhMzY4ZDEwLzEvUFIycktUQnp4ZmJSSW9KQmFhNFhUTWdYYWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zZTMxMjYtM2Y0Zi00OGU5LWFiZWYtNWNiMTFhMzY4ZDEw
LzEvaXRONm1UT3dVc0x4THZHNDhVMTA4Rl9kdGhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVocAwQA
khMOMA0EAgACMAcDBQEqB6jAMA0GCSqGSIb3DQEBCwUAA4IBAQBgmk6hKGd/Dr2q
URO04PnNiBYbwCnN6GrwWVtpU+y6/8M35hvzwYJJlD4nyR86z1pj0+2yeb+RW6v4
m+Ikc30NCpnxmv2PCpY9V6Y2dQXR9ZN6IdRNectpKRmiIPXNbLFxB2htlzJ/uC0u
5znbRHN5vbF6kxCkc17x8gIUokR4RVmA48sPWqjcKew/u+I9OSuHiAchyOozB9ZF
RToRfOTGK2q4pwpt7VF3Rd11wJYHxHDW/uOASpETi1T1xbDx98LezRx1M1Bw54yL
TZujgSXRMseEs50vybK3XvAKBSkMHpcJxhUrCwR0QqHwFAD7M1j6y11LoU0VDMrG
HCWC2ZIt
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:48:02 2024 by rpki-client on console-fra.rpki-client.org