Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JhcmmziwnOUAiM7PMmUfXnrnlA8.roa
File: JhcmmziwnOUAiM7PMmUfXnrnlA8.roa (raw, json)
Hash identifier: BZyGnA3FIBbkR6gmpb649WXqpCbeKH/KW4bFoSxGFF8=
Subject key identifier: 26:17:26:9B:38:B0:9C:E5:00:88:CE:CF:32:65:1F:5E:7A:E7:94:0F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018EF5196518010F7DC4147A91C706219C68
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JhcmmziwnOUAiM7PMmUfXnrnlA8.roa
Signing time: Fri 19 Apr 2024 06:44:25 +0000
ROA not before: Fri 19 Apr 2024 06:44:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39690
IP address blocks: 45.86.16.0/21 maxlen: 23
45.143.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:19:65:18:01:0f:7d:c4:14:7a:91:c7:06:21:9c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 19 06:44:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2617269b38b09ce50088cecf32651f5e7ae7940f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a9:80:25:84:da:dc:c0:5e:35:e0:73:be:98:
98:14:81:d2:b4:48:64:5f:6b:7f:23:b2:7b:a5:5f:
ce:8e:01:fa:1a:21:b8:f0:b8:74:58:fb:f1:01:32:
84:07:aa:31:09:c7:8d:0f:90:82:ec:e9:8c:95:4c:
72:eb:04:5e:77:f0:52:16:50:31:fc:32:7a:a3:a1:
09:b3:b3:24:d0:be:62:e9:e4:8c:82:38:99:55:51:
23:b4:f7:a3:ba:23:ed:0c:d2:c2:af:4b:c1:dd:bc:
fc:82:d5:75:8c:b9:bb:9f:e5:81:2b:b6:fa:8a:dc:
c7:55:d6:86:a8:15:20:a1:60:82:71:48:61:47:8b:
81:06:6b:f4:1c:c2:3a:25:ea:4d:12:da:63:ca:b0:
e1:4e:50:46:1c:85:d5:c5:ea:07:b5:be:66:8e:a5:
88:42:2d:03:aa:60:f9:f5:18:2e:84:60:31:48:06:
fb:f4:a8:1a:82:9c:e7:be:ee:a7:e8:58:62:c6:7b:
23:b1:f3:52:f0:5a:b0:d3:7e:1f:75:2c:74:67:f1:
8d:ac:38:8f:9c:95:7b:ca:a8:b8:0f:a1:eb:1f:19:
23:a6:b1:43:23:07:1d:39:ea:50:b1:7b:ae:7f:00:
56:e3:22:56:0a:0b:5f:78:79:41:74:27:3c:b4:bb:
88:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:17:26:9B:38:B0:9C:E5:00:88:CE:CF:32:65:1F:5E:7A:E7:94:0F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JhcmmziwnOUAiM7PMmUfXnrnlA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.16.0/21
45.143.44.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:29:d1:56:69:13:ff:b8:f1:c4:97:58:8c:db:ba:79:62:74:
ff:3a:fc:f7:0a:c5:68:52:0d:11:dd:b7:5e:f6:b9:86:a4:5d:
31:6e:8b:b4:16:b1:9c:3f:35:a4:ea:f0:12:bd:ba:66:17:a4:
39:1f:9b:6a:68:eb:c0:d9:02:e8:dd:59:fb:70:5d:9d:db:e6:
76:6b:a8:cf:eb:fd:97:cc:fb:86:2b:d9:77:22:67:b8:6c:60:
c3:78:a1:b0:0c:19:41:ad:11:15:59:63:32:43:87:b8:74:c1:
62:83:95:0a:44:b9:72:f9:74:1d:95:6f:b8:2a:12:28:b5:be:
4f:42:48:6a:ee:3a:75:9f:c5:43:23:30:ab:0e:e4:37:c0:63:
95:30:d8:22:82:5a:0c:fc:7d:43:d6:9c:2b:22:75:40:b3:46:
e9:5d:93:89:9d:be:7c:ce:80:73:c2:eb:01:2f:d9:bf:d8:00:
9f:48:d2:0d:5d:c5:04:a4:79:4a:ac:43:bc:78:d8:71:fa:c3:
46:ee:b0:56:56:12:88:62:8c:8f:c8:80:93:83:26:d0:7b:c5:
5f:4c:0e:58:46:ab:1d:97:9f:fe:41:7d:9e:c2:2a:1b:5a:a5:
81:aa:b2:79:2e:9c:d9:06:8a:76:25:f5:c6:36:77:f1:da:e0:
0e:f1:c5:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY71GWUYAQ99xBR6kccGIZxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNDE5MDY0NDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjE3MjY5YjM4YjA5Y2U1MDA4OGNlY2YzMjY1MWY1ZTdhZTc5NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKmAJYTa3MBeNeBzvpiYFIHStEhk
X2t/I7J7pV/OjgH6GiG48Lh0WPvxATKEB6oxCceND5CC7OmMlUxy6wRed/BSFlAx
/DJ6o6EJs7Mk0L5i6eSMgjiZVVEjtPejuiPtDNLCr0vB3bz8gtV1jLm7n+WBK7b6
itzHVdaGqBUgoWCCcUhhR4uBBmv0HMI6JepNEtpjyrDhTlBGHIXVxeoHtb5mjqWI
Qi0DqmD59RguhGAxSAb79Kgagpznvu6n6FhixnsjsfNS8Fqw034fdSx0Z/GNrDiP
nJV7yqi4D6HrHxkjprFDIwcdOepQsXuufwBW4yJWCgtfeHlBdCc8tLuI9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCYXJps4sJzlAIjOzzJlH15655QPMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSmhjbW16aXduT1VBaU03UE1tVWZYbnJubEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLVYQAwQC
LY8sMA0GCSqGSIb3DQEBCwUAA4IBAQBqKdFWaRP/uPHEl1iM27p5YnT/Ovz3CsVo
Ug0R3bde9rmGpF0xbou0FrGcPzWk6vASvbpmF6Q5H5tqaOvA2QLo3Vn7cF2d2+Z2
a6jP6/2XzPuGK9l3Ime4bGDDeKGwDBlBrREVWWMyQ4e4dMFig5UKRLly+XQdlW+4
KhIotb5PQkhq7jp1n8VDIzCrDuQ3wGOVMNgigloM/H1D1pwrInVAs0bpXZOJnb58
zoBzwusBL9m/2ACfSNINXcUEpHlKrEO8eNhx+sNG7rBWVhKIYoyPyICTgybQe8Vf
TA5YRqsdl5/+QX2ewiobWqWBqrJ5LpzZBop2JfXGNnfx2uAO8cUJ
-----END CERTIFICATE-----
Generated at Sat May 4 09:03:51 2024 by rpki-client on console-ams.rpki-client.org