Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/p7SRsEz8fkKDHhsiO2nPvaz0_3g.roa
File: p7SRsEz8fkKDHhsiO2nPvaz0_3g.roa (raw, json)
Hash identifier: FU6/FxVWtFIwcAcOKeFEeewcGgt6pwz/huaix0U5lqI=
Subject key identifier: A7:B4:91:B0:4C:FC:7E:42:83:1E:1B:22:3B:69:CF:BD:AC:F4:FF:78
Certificate issuer: /CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Certificate serial: 019073D5F03E17888F118AE9087877B0FB44
Authority key identifier: A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/p7SRsEz8fkKDHhsiO2nPvaz0_3g.roa
Signing time: Tue 02 Jul 2024 14:25:18 +0000
ROA not before: Tue 02 Jul 2024 14:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201301
IP address blocks: 185.45.98.0/23 maxlen: 23
185.45.98.0/24 maxlen: 24
185.45.99.0/24 maxlen: 24
2a04:a182::/32 maxlen: 32
2a04:a183::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:d5:f0:3e:17:88:8f:11:8a:e9:08:78:77:b0:fb:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Validity
Not Before: Jul 2 14:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7b491b04cfc7e42831e1b223b69cfbdacf4ff78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f3:77:c2:ba:82:18:04:50:4e:a4:02:5e:b4:
cf:cc:b2:8f:89:84:28:a0:56:b7:e1:05:bb:cc:03:
53:cf:9e:86:96:66:45:75:0d:bc:79:af:8d:58:13:
7d:9f:45:e7:a8:8c:e7:2f:76:e8:d2:ba:ba:70:5a:
ef:12:55:7f:b0:39:a9:61:31:9b:07:37:cb:89:7f:
c9:ca:2d:e6:85:18:e9:a7:93:98:3e:81:4f:8d:71:
ac:d6:5a:3b:28:ce:56:a5:3d:0c:78:8a:60:22:5a:
02:ba:a0:f2:48:67:a8:a7:c0:3d:d6:8f:bc:88:10:
32:d9:75:da:38:1b:fe:d2:6f:26:93:a7:05:d5:20:
45:b6:d7:74:21:4e:04:da:2c:7c:ad:94:e8:45:aa:
3f:7b:21:d6:fd:dc:a2:bb:0f:c7:e2:cc:5f:1a:7e:
ee:cc:0f:2a:42:29:fc:30:cb:b3:f9:3e:73:7f:d1:
16:28:6e:0f:be:10:69:14:ba:24:41:dc:70:a3:61:
b2:f6:db:08:7c:3b:b3:b0:fd:a2:6e:39:e8:88:f5:
6c:a2:3f:3d:c3:15:1c:85:43:dc:40:24:2d:89:45:
3e:7f:57:cd:45:cd:de:8a:ca:92:81:3a:7a:cb:0f:
26:f9:78:b9:36:37:4d:11:01:06:45:30:68:7c:a1:
e0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:B4:91:B0:4C:FC:7E:42:83:1E:1B:22:3B:69:CF:BD:AC:F4:FF:78
X509v3 Authority Key Identifier:
keyid:A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/p7SRsEz8fkKDHhsiO2nPvaz0_3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.98.0/23
IPv6:
2a04:a182::/31
Signature Algorithm: sha256WithRSAEncryption
b6:05:a1:b3:e4:d0:9e:81:87:f3:8a:bc:75:63:38:83:88:d6:
77:64:27:10:b6:24:2a:dc:fe:18:08:5d:dc:d1:9c:02:7d:21:
02:1b:b0:81:97:14:15:4f:f8:c0:b8:94:87:da:3f:1a:cc:32:
76:19:3d:fb:59:ca:21:6e:0b:34:30:33:66:de:05:c2:35:a9:
87:a4:a6:9a:52:7e:f9:12:4e:03:34:ae:2f:00:76:14:d0:6c:
83:33:47:fd:1e:d7:28:3f:3c:fd:f6:02:3a:1b:a0:de:df:03:
05:3c:06:9e:0b:4f:8c:7a:40:07:44:c7:f7:fc:f6:25:6d:3d:
f4:b4:09:9e:ee:9f:10:47:7b:83:a1:7b:04:9a:d7:06:a3:31:
57:60:72:95:ce:e3:35:84:1e:ec:01:dc:6f:88:04:0d:cf:d3:
c5:a2:7b:94:ea:5a:4c:01:02:da:e0:ff:7b:06:5a:b6:99:ff:
a4:c3:0e:d8:4a:04:5d:ae:f0:ac:be:42:bc:d6:b7:d8:b1:75:
82:ec:98:7b:32:87:2c:96:b5:59:9a:65:88:90:c1:c2:17:7e:
12:34:48:b2:5d:49:52:2b:1f:0b:e0:23:80:3f:05:ff:65:89:
08:bf:f0:70:df:0b:b9:5c:0d:13:7b:bf:4e:31:69:4f:d9:42:
c5:c3:ed:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZBz1fA+F4iPEYrpCHh3sPtEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2EzN2RlZDFiNzBjODFiNzRhNDMwZjliNGQ3YWNjNjI4
MDVlZDgwHhcNMjQwNzAyMTQyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2I0OTFiMDRjZmM3ZTQyODMxZTFiMjIzYjY5Y2ZiZGFjZjRmZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPN3wrqCGARQTqQCXrTPzLKPiYQo
oFa34QW7zANTz56GlmZFdQ28ea+NWBN9n0XnqIznL3bo0rq6cFrvElV/sDmpYTGb
BzfLiX/Jyi3mhRjpp5OYPoFPjXGs1lo7KM5WpT0MeIpgIloCuqDySGeop8A91o+8
iBAy2XXaOBv+0m8mk6cF1SBFttd0IU4E2ix8rZToRao/eyHW/dyiuw/H4sxfGn7u
zA8qQin8MMuz+T5zf9EWKG4PvhBpFLokQdxwo2Gy9tsIfDuzsP2ibjnoiPVsoj89
wxUchUPcQCQtiUU+f1fNRc3eisqSgTp6yw8m+Xi5NjdNEQEGRTBofKHgWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKe0kbBM/H5Cgx4bIjtpz72s9P94MB8GA1UdIwQY
MBaAFKLKN97RtwyBt0pDD5tNesxigF7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2Yt
MzA2MTg5ZDVjMDQ5LzEvcDdTUnNFejhma0tESGhzaU8yblB2YXowXzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2YtMzA2MTg5ZDVjMDQ5
LzEvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuS1iMA0E
AgACMAcDBQEqBKGCMA0GCSqGSIb3DQEBCwUAA4IBAQC2BaGz5NCegYfzirx1YziD
iNZ3ZCcQtiQq3P4YCF3c0ZwCfSECG7CBlxQVT/jAuJSH2j8azDJ2GT37Wcohbgs0
MDNm3gXCNamHpKaaUn75Ek4DNK4vAHYU0GyDM0f9HtcoPzz99gI6G6De3wMFPAae
C0+MekAHRMf3/PYlbT30tAme7p8QR3uDoXsEmtcGozFXYHKVzuM1hB7sAdxviAQN
z9PFonuU6lpMAQLa4P97Blq2mf+kww7YSgRdrvCsvkK81rfYsXWC7Jh7MocslrVZ
mmWIkMHCF34SNEiyXUlSKx8L4COAPwX/ZYkIv/Bw3wu5XA0Te79OMWlP2ULFw+16
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:54:00 2024 by rpki-client on console-fra.rpki-client.org