Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/dbf104-1e2c-42e8-b28b-ebd3145422ea/1/18jTG6POx-muFSHxnkh_nNQZvmw.roa
File: 18jTG6POx-muFSHxnkh_nNQZvmw.roa (raw, json)
Hash identifier: WV0Kc+r5uAs87GMdDWPkE2QfvJFqKsqYFQvbkPiMCKg=
Subject key identifier: D7:C8:D3:1B:A3:CE:C7:E9:AE:15:21:F1:9E:48:7F:9C:D4:19:BE:6C
Certificate issuer: /CN=45e2a9fb777010296f9b8e215ee0db4467174d2d
Certificate serial: 018CC8712CBE7BB38F0D47A5818FED9CF5BB
Authority key identifier: 45:E2:A9:FB:77:70:10:29:6F:9B:8E:21:5E:E0:DB:44:67:17:4D:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ReKp-3dwEClvm44hXuDbRGcXTS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/dbf104-1e2c-42e8-b28b-ebd3145422ea/1/18jTG6POx-muFSHxnkh_nNQZvmw.roa
Signing time: Tue 02 Jan 2024 04:31:49 +0000
ROA not before: Tue 02 Jan 2024 04:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15542
IP address blocks: 91.230.33.0/24 maxlen: 24
91.230.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/dbf104-1e2c-42e8-b28b-ebd3145422ea/1/ReKp-3dwEClvm44hXuDbRGcXTS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/dbf104-1e2c-42e8-b28b-ebd3145422ea/1/ReKp-3dwEClvm44hXuDbRGcXTS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ReKp-3dwEClvm44hXuDbRGcXTS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:2c:be:7b:b3:8f:0d:47:a5:81:8f:ed:9c:f5:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e2a9fb777010296f9b8e215ee0db4467174d2d
Validity
Not Before: Jan 2 04:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7c8d31ba3cec7e9ae1521f19e487f9cd419be6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5b:e5:e7:f4:a5:2d:b8:ba:80:35:b1:62:43:
89:86:a1:6b:b9:72:3e:24:87:de:63:b8:be:4d:89:
c1:8d:2c:15:9b:85:ac:d4:65:df:c0:49:13:c9:bf:
95:2d:c3:f8:e4:c3:df:b8:88:e9:71:0f:84:b2:c5:
53:7f:67:d4:1d:3d:e7:49:96:0c:29:e5:8e:18:09:
eb:cf:74:65:26:e8:1d:01:21:1f:6c:5e:cf:1c:5c:
e1:f4:be:45:83:26:8b:16:ef:93:42:10:f1:08:f6:
8a:15:66:2c:fa:f1:01:95:89:cd:50:5c:d0:6b:3e:
8d:54:79:31:e8:bf:c3:49:0e:6c:42:12:f6:fc:a5:
db:66:96:cb:69:9e:75:0e:86:75:ec:3f:46:2f:82:
78:0b:4d:7f:74:47:d7:31:a1:61:5b:f8:4e:eb:25:
e1:ba:96:b9:f6:ee:a1:97:6f:26:f6:da:b8:b7:eb:
cc:d4:fd:7c:c8:e3:01:0c:d4:d8:d5:d0:e2:1b:d6:
ad:4d:b1:79:7b:06:ad:ea:27:37:74:03:b1:b5:3c:
96:69:88:f9:7d:67:90:16:49:28:e2:ee:c8:d3:32:
be:27:c1:8c:ef:db:af:9c:a6:a1:c0:c0:b2:ac:59:
86:8a:73:78:00:96:71:b2:56:0c:b0:e1:06:d4:d3:
87:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C8:D3:1B:A3:CE:C7:E9:AE:15:21:F1:9E:48:7F:9C:D4:19:BE:6C
X509v3 Authority Key Identifier:
keyid:45:E2:A9:FB:77:70:10:29:6F:9B:8E:21:5E:E0:DB:44:67:17:4D:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ReKp-3dwEClvm44hXuDbRGcXTS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/dbf104-1e2c-42e8-b28b-ebd3145422ea/1/18jTG6POx-muFSHxnkh_nNQZvmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/dbf104-1e2c-42e8-b28b-ebd3145422ea/1/ReKp-3dwEClvm44hXuDbRGcXTS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.33.0-91.230.35.255
Signature Algorithm: sha256WithRSAEncryption
39:46:50:dd:dc:df:b0:19:01:d5:d3:bf:4c:09:50:23:27:c7:
13:f7:9c:15:d2:00:b5:d0:e2:50:96:47:7c:21:fc:54:cb:f3:
01:d7:f7:72:b0:a6:32:bc:ce:99:79:f6:c0:99:cc:87:0e:ef:
3c:ac:b8:f0:a1:a2:59:ed:0a:af:cd:10:da:64:c8:c4:c0:0e:
58:44:a5:44:32:3a:f8:8a:3f:6b:47:1a:8a:9f:6e:4c:82:dc:
65:ee:da:1f:0f:6d:41:cc:d4:48:6e:e3:9d:88:8a:c9:d0:09:
81:aa:c7:3c:b7:f8:83:08:8a:e2:e4:1f:b4:86:f3:77:0a:e2:
cb:a0:83:44:66:03:2d:d4:75:2c:0e:9e:30:33:48:76:4a:11:
75:ce:6a:9c:a4:b1:19:1f:02:e4:1a:44:9c:7f:45:51:17:fd:
12:90:ea:3f:fe:dc:b2:15:53:25:25:89:89:27:cc:a4:17:61:
1a:5a:e7:d4:8a:ad:b0:38:a6:01:c8:67:3b:bd:2b:9e:d9:0c:
2b:23:0d:e5:78:b5:fd:68:fd:02:37:16:e1:fa:7d:1e:1a:67:
a5:5f:d9:1b:c3:11:c2:dc:0a:50:f4:93:bd:5a:a1:56:f2:d7:
bf:78:c1:98:f7:fc:45:9c:b8:30:61:9a:9e:e8:50:2a:02:0b:
4f:3b:86:06
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIcSy+e7OPDUelgY/tnPW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZTJhOWZiNzc3MDEwMjk2ZjliOGUyMTVlZTBkYjQ0Njcx
NzRkMmQwHhcNMjQwMTAyMDQzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2M4ZDMxYmEzY2VjN2U5YWUxNTIxZjE5ZTQ4N2Y5Y2Q0MTliZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFvl5/SlLbi6gDWxYkOJhqFruXI+
JIfeY7i+TYnBjSwVm4Ws1GXfwEkTyb+VLcP45MPfuIjpcQ+EssVTf2fUHT3nSZYM
KeWOGAnrz3RlJugdASEfbF7PHFzh9L5FgyaLFu+TQhDxCPaKFWYs+vEBlYnNUFzQ
az6NVHkx6L/DSQ5sQhL2/KXbZpbLaZ51DoZ17D9GL4J4C01/dEfXMaFhW/hO6yXh
upa59u6hl28m9tq4t+vM1P18yOMBDNTY1dDiG9atTbF5ewat6ic3dAOxtTyWaYj5
fWeQFkko4u7I0zK+J8GM79uvnKahwMCyrFmGinN4AJZxslYMsOEG1NOHyQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNfI0xujzsfprhUh8Z5If5zUGb5sMB8GA1UdIwQY
MBaAFEXiqft3cBApb5uOIV7g20RnF00tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmVLcC0zZHdFQ2x2bTQ0aFh1RGJSR2NYVFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kYmYxMDQtMWUyYy00MmU4LWIyOGIt
ZWJkMzE0NTQyMmVhLzEvMThqVEc2UE94LW11RlNIeG5raF9uTlFadm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kYmYxMDQtMWUyYy00MmU4LWIyOGItZWJkMzE0NTQyMmVh
LzEvUmVLcC0zZHdFQ2x2bTQ0aFh1RGJSR2NYVFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABb5iED
BAJb5iAwDQYJKoZIhvcNAQELBQADggEBADlGUN3c37AZAdXTv0wJUCMnxxP3nBXS
ALXQ4lCWR3wh/FTL8wHX93KwpjK8zpl59sCZzIcO7zysuPCholntCq/NENpkyMTA
DlhEpUQyOviKP2tHGoqfbkyC3GXu2h8PbUHM1Ehu452IisnQCYGqxzy3+IMIiuLk
H7SG83cK4sugg0RmAy3UdSwOnjAzSHZKEXXOapyksRkfAuQaRJx/RVEX/RKQ6j/+
3LIVUyUliYknzKQXYRpa59SKrbA4pgHIZzu9K57ZDCsjDeV4tf1o/QI3FuH6fR4a
Z6Vf2RvDEcLcClD0k71aoVby1794wZj3/EWcuDBhmp7oUCoCC087hgY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:14:38 2024 by rpki-client on console-fra.rpki-client.org