Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/A_rNsueOvLhuwuMoN-3OKwhKXn8.roa
File: A_rNsueOvLhuwuMoN-3OKwhKXn8.roa (raw, json)
Hash identifier: i7Qq+FUN+UIgHVj6pUId6xAQyqXWpIcBPLvnK3sOwso=
Subject key identifier: 03:FA:CD:B2:E7:8E:BC:B8:6E:C2:E3:28:37:ED:CE:2B:08:4A:5E:7F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0191BDB72A91EB204B567C6D7F0EB804DBB4
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/A_rNsueOvLhuwuMoN-3OKwhKXn8.roa
Signing time: Wed 04 Sep 2024 15:46:23 +0000
ROA not before: Wed 04 Sep 2024 15:46:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207177
IP address blocks: 45.86.16.0/21 maxlen: 23
45.86.16.0/22 maxlen: 22
45.86.16.0/24 maxlen: 24
45.86.17.0/24 maxlen: 24
45.86.18.0/24 maxlen: 24
91.242.81.0/24 maxlen: 24
171.22.52.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:b7:2a:91:eb:20:4b:56:7c:6d:7f:0e:b8:04:db:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 4 15:46:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03facdb2e78ebcb86ec2e32837edce2b084a5e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d9:b3:d3:1f:d6:bd:5a:83:11:0b:39:50:2a:
f7:08:23:17:da:a9:5f:da:93:84:1d:1a:0d:07:1f:
bc:90:b2:b5:77:15:27:29:cc:fb:f7:73:b0:88:d3:
af:ca:fe:3d:0f:eb:f4:ff:89:9c:e8:aa:6d:29:28:
38:f1:ae:0c:d2:e4:19:ed:91:04:fc:34:ee:08:08:
8d:d8:35:b8:fb:cb:20:69:5a:86:90:a8:4c:3e:b2:
87:a1:c0:51:a7:7b:99:b1:88:55:46:d2:07:5d:20:
0f:c5:72:e6:c0:ed:c7:5c:ed:b2:71:77:ea:cc:e4:
53:f6:c4:f7:77:6b:cb:d8:3d:e6:ab:c8:f5:0d:e8:
8d:78:74:0b:4e:9a:e1:42:48:ce:24:78:6f:a5:4a:
ff:cf:cc:c9:eb:3a:be:5c:06:ff:38:9f:34:9b:80:
03:5c:69:40:3d:3e:e7:4d:0c:3a:12:51:f1:b3:62:
65:23:06:90:b0:7b:e2:48:a3:bb:a1:9f:92:83:5b:
c6:e3:98:bf:6f:d9:1f:72:ac:91:cb:88:37:87:49:
63:92:64:00:b6:1d:65:57:48:92:34:25:d1:0d:62:
e6:46:06:74:a5:2c:ff:0a:bd:2c:f5:66:d5:28:83:
21:71:4b:e3:8d:a0:98:b3:f4:27:fd:2d:dc:21:17:
6d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FA:CD:B2:E7:8E:BC:B8:6E:C2:E3:28:37:ED:CE:2B:08:4A:5E:7F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/A_rNsueOvLhuwuMoN-3OKwhKXn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.16.0/21
91.242.81.0/24
171.22.52.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:f6:f5:c8:85:52:bd:37:ab:81:ff:cb:15:8d:c4:ed:e9:5f:
a4:00:51:93:47:47:d6:cb:fe:85:7b:d0:cd:50:61:08:2f:2d:
4e:c5:3e:59:06:54:71:69:23:e2:60:b0:44:f4:fa:e9:32:8c:
ff:f6:2b:01:b5:71:49:8d:eb:79:23:19:84:f1:20:8b:86:0d:
2c:dc:5e:af:93:bf:6f:d5:3c:c6:f3:79:e1:58:7e:94:9d:b4:
78:9e:a9:fb:d0:2a:e5:a8:24:c7:73:9e:40:7a:16:25:10:67:
00:eb:29:07:3f:d2:2d:39:c5:e3:ad:d4:49:6b:40:52:ce:f1:
47:bf:2d:48:cc:e5:f7:0f:dd:f9:42:25:34:cc:ca:8c:7e:c7:
1d:02:4e:8f:6d:d8:37:bf:7d:22:08:e7:78:89:fe:24:46:f5:
a3:cf:95:94:e0:57:0b:ca:49:08:01:b1:9f:a5:1c:d5:e7:50:
ad:0f:d3:da:a0:a1:7c:3f:fb:ae:ba:ba:91:a1:bf:6d:18:13:
de:26:be:c0:90:b4:18:19:90:99:f5:87:b8:a7:b9:f1:64:24:
24:2f:7a:70:16:de:cb:eb:71:ff:40:95:5b:99:7e:54:d7:d4:
bc:18:93:30:f5:f2:bc:ab:a2:b7:b4:c9:ca:6f:60:f7:83:34:
2d:1e:51:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG9tyqR6yBLVnxtfw64BNu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwOTA0MTU0NjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2ZhY2RiMmU3OGViY2I4NmVjMmUzMjgzN2VkY2UyYjA4NGE1ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtmz0x/WvVqDEQs5UCr3CCMX2qlf
2pOEHRoNBx+8kLK1dxUnKcz793OwiNOvyv49D+v0/4mc6KptKSg48a4M0uQZ7ZEE
/DTuCAiN2DW4+8sgaVqGkKhMPrKHocBRp3uZsYhVRtIHXSAPxXLmwO3HXO2ycXfq
zORT9sT3d2vL2D3mq8j1DeiNeHQLTprhQkjOJHhvpUr/z8zJ6zq+XAb/OJ80m4AD
XGlAPT7nTQw6ElHxs2JlIwaQsHviSKO7oZ+Sg1vG45i/b9kfcqyRy4g3h0ljkmQA
th1lV0iSNCXRDWLmRgZ0pSz/Cr0s9WbVKIMhcUvjjaCYs/Qn/S3cIRdt2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAP6zbLnjry4bsLjKDftzisISl5/MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvQV9yTnN1ZU92TGh1d3VNb04tM09Ld2hLWG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLVYQAwQA
W/JRAwQCqxY0MA0GCSqGSIb3DQEBCwUAA4IBAQAO9vXIhVK9N6uB/8sVjcTt6V+k
AFGTR0fWy/6Fe9DNUGEILy1OxT5ZBlRxaSPiYLBE9PrpMoz/9isBtXFJjet5IxmE
8SCLhg0s3F6vk79v1TzG83nhWH6UnbR4nqn70CrlqCTHc55AehYlEGcA6ykHP9It
OcXjrdRJa0BSzvFHvy1IzOX3D935QiU0zMqMfscdAk6Pbdg3v30iCOd4if4kRvWj
z5WU4FcLykkIAbGfpRzV51CtD9PaoKF8P/uuurqRob9tGBPeJr7AkLQYGZCZ9Ye4
p7nxZCQkL3pwFt7L63H/QJVbmX5U19S8GJMw9fK8q6K3tMnKb2D3gzQtHlEN
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:12 2024 by rpki-client on console-ams.rpki-client.org