Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/I8gT2ozGfRGoAfq3xoWWz2hkzPc.roa
File: I8gT2ozGfRGoAfq3xoWWz2hkzPc.roa (raw, json)
Hash identifier: JuwWXXoUzp/KXgYqvxW04jiRY2U2W4HODovHm1apUSM=
Subject key identifier: 23:C8:13:DA:8C:C6:7D:11:A8:01:FA:B7:C6:85:96:CF:68:64:CC:F7
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 019426D9BFB85BE3D8B4A251A63F698EF8C0
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/I8gT2ozGfRGoAfq3xoWWz2hkzPc.roa
Signing time: Thu 02 Jan 2025 11:49:52 +0000
ROA not before: Thu 02 Jan 2025 11:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 45.151.97.0/24 maxlen: 24
45.151.98.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:bf:b8:5b:e3:d8:b4:a2:51:a6:3f:69:8e:f8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Jan 2 11:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23c813da8cc67d11a801fab7c68596cf6864ccf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:14:0b:96:73:48:6c:8e:ae:b5:44:39:1b:74:
a9:68:13:37:65:20:71:14:8d:df:f0:02:38:f5:62:
b9:62:08:fb:80:f4:9b:01:d9:f2:aa:70:72:c8:93:
47:47:dd:b2:36:45:46:72:0f:c0:b6:f6:66:e8:91:
38:2d:17:84:98:a8:18:23:c4:39:2f:30:4c:e9:26:
3e:8e:5f:32:71:dd:65:c7:87:70:70:cf:db:57:7c:
0f:58:96:93:5a:12:d6:49:4f:5b:f1:85:ea:a4:1c:
22:6d:a2:a2:5b:c7:9c:0d:7e:8a:6e:83:bf:53:2f:
e6:cf:7a:3b:57:9c:02:34:b6:db:9c:4d:ce:05:ca:
9b:4f:fd:55:36:9f:49:d2:d6:c5:49:d6:4c:3e:61:
2f:39:cc:36:22:62:7c:8b:09:2a:c3:b1:90:fe:30:
94:ae:60:88:c3:ec:0e:89:90:96:16:bf:58:4e:2f:
36:57:25:87:45:80:a2:a7:d0:93:bc:86:6c:3c:98:
0b:ab:0b:cd:76:2c:e4:4a:15:70:ed:ea:05:5b:f6:
80:01:fb:11:e0:25:3b:e4:07:44:28:96:a9:07:f8:
96:c8:76:c0:90:d7:d7:05:3c:55:fb:cd:09:83:fa:
b7:81:fb:57:54:47:3a:d4:5b:3c:2d:b4:74:81:f6:
79:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C8:13:DA:8C:C6:7D:11:A8:01:FA:B7:C6:85:96:CF:68:64:CC:F7
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/I8gT2ozGfRGoAfq3xoWWz2hkzPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.97.0-45.151.98.255
94.137.78.0/23
94.137.90.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:94:7e:9d:d6:cd:b0:0b:70:07:32:ac:97:89:2d:da:fc:d8:
5e:16:e9:85:5a:d5:9a:da:d3:de:1b:3d:47:98:ac:13:1a:33:
47:51:9c:e0:3b:81:c9:ca:fb:95:62:e3:05:c8:8a:cb:84:71:
e3:c4:18:06:f1:61:b8:85:d9:a3:f0:ec:d3:9d:46:68:26:04:
82:0d:76:43:4d:e2:fd:7b:20:ed:e4:b3:92:f6:3e:38:c8:7c:
8e:2e:44:38:ac:47:68:cf:a5:85:55:ef:2c:d4:b4:33:90:44:
71:88:71:1e:bf:65:b4:37:d7:e0:3b:9e:e1:6c:0d:8d:ec:c7:
65:ca:b0:c9:3d:33:f8:5c:72:d1:0a:f4:5d:4f:0a:80:45:18:
73:bf:9e:64:dc:d8:39:19:2b:c8:1d:71:ce:37:43:81:4c:47:
ab:ae:98:fd:6e:cb:a6:ba:21:bc:78:94:03:8c:9e:61:e1:33:
41:fb:3b:d1:37:dc:14:a6:6d:e0:a9:11:28:60:a1:1a:3e:d3:
f3:a2:e4:27:cb:fd:06:22:7d:b8:5f:84:52:7b:6f:5f:a6:b0:
d6:1f:20:6b:1d:d2:b9:fa:dc:46:c0:25:ee:a2:7e:d0:4b:c3:
88:41:0d:98:ad:3c:97:dd:4b:a1:ee:64:61:0f:83:22:23:48:
d0:34:1e:a8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQm2b+4W+PYtKJRpj9pjvjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjUwMTAyMTE0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2M4MTNkYThjYzY3ZDExYTgwMWZhYjdjNjg1OTZjZjY4NjRjY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBQLlnNIbI6utUQ5G3SpaBM3ZSBx
FI3f8AI49WK5Ygj7gPSbAdnyqnByyJNHR92yNkVGcg/AtvZm6JE4LReEmKgYI8Q5
LzBM6SY+jl8ycd1lx4dwcM/bV3wPWJaTWhLWSU9b8YXqpBwibaKiW8ecDX6KboO/
Uy/mz3o7V5wCNLbbnE3OBcqbT/1VNp9J0tbFSdZMPmEvOcw2ImJ8iwkqw7GQ/jCU
rmCIw+wOiZCWFr9YTi82VyWHRYCip9CTvIZsPJgLqwvNdizkShVw7eoFW/aAAfsR
4CU75AdEKJapB/iWyHbAkNfXBTxV+80Jg/q3gftXVEc61Fs8LbR0gfZ5owIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCPIE9qMxn0RqAH6t8aFls9oZMz3MB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvSThnVDJvekdmUkdvQWZxM3hvV1d6MmhrelBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtl2ED
BAAtl2IDBAFeiU4DBAFeiVowDQYJKoZIhvcNAQELBQADggEBAKaUfp3WzbALcAcy
rJeJLdr82F4W6YVa1Zra094bPUeYrBMaM0dRnOA7gcnK+5Vi4wXIisuEcePEGAbx
YbiF2aPw7NOdRmgmBIINdkNN4v17IO3ks5L2PjjIfI4uRDisR2jPpYVV7yzUtDOQ
RHGIcR6/ZbQ31+A7nuFsDY3sx2XKsMk9M/hcctEK9F1PCoBFGHO/nmTc2DkZK8gd
cc43Q4FMR6uumP1uy6a6Ibx4lAOMnmHhM0H7O9E33BSmbeCpEShgoRo+0/Oi5CfL
/QYifbhfhFJ7b1+msNYfIGsd0rn63EbAJe6iftBLw4hBDZitPJfdS6HuZGEPgyIj
SNA0Hqg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:28 2025 by rpki-client