Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/KoEHWh4EstDd2WPAEllIa8fPoHo.roa
File: KoEHWh4EstDd2WPAEllIa8fPoHo.roa (raw, json)
Hash identifier: Uo8oyiFBUKuibz+1ZvSXU4nOA3R0B86QEbE3/epupCI=
Subject key identifier: 2A:81:07:5A:1E:04:B2:D0:DD:D9:63:C0:12:59:48:6B:C7:CF:A0:7A
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 018CC725A15B5EC9455C357262B1CEFC79C7
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/KoEHWh4EstDd2WPAEllIa8fPoHo.roa
Signing time: Mon 01 Jan 2024 22:29:41 +0000
ROA not before: Mon 01 Jan 2024 22:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 45.151.98.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a1:5b:5e:c9:45:5c:35:72:62:b1:ce:fc:79:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Jan 1 22:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a81075a1e04b2d0ddd963c01259486bc7cfa07a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:29:e4:28:7d:28:5f:3d:2b:f0:b6:8f:72:47:
6b:7d:59:d1:53:25:9e:01:f0:cd:83:7b:0c:fb:3d:
b0:fe:68:9f:bf:0c:8b:2a:f1:10:00:ae:65:12:bc:
26:ad:fa:ea:6d:e6:d8:d9:97:d4:d5:b4:2c:66:d4:
ae:82:f6:12:b1:3d:d7:4f:36:9d:0d:cd:ae:ee:7b:
af:4c:d1:80:c4:88:ce:32:1a:f6:6e:3d:f6:b4:cf:
77:a0:8f:e6:5e:cf:68:28:c9:bd:78:91:ea:af:03:
0b:17:33:a6:06:89:78:3d:4c:f4:0e:21:9c:bc:cd:
3a:aa:f8:e4:6f:bd:89:07:40:86:a2:14:c2:f0:d4:
5c:7f:b3:82:b9:d4:52:31:7f:9b:e2:2c:a7:41:a5:
7d:45:f7:15:e5:39:0e:6e:c6:8a:77:e8:32:b1:cf:
59:be:ab:af:c6:6e:17:de:fa:94:0f:b7:3f:28:b3:
1e:28:cd:26:37:79:3d:cc:3c:ee:da:d9:1d:b5:c4:
9b:b8:12:01:0c:ea:5d:60:91:7f:a9:d8:6d:a6:8b:
72:6f:9d:2c:6e:22:2f:d3:7c:9c:76:b7:be:18:de:
5f:f9:6f:19:7c:06:27:7b:64:dc:35:a1:ad:af:e3:
de:c2:d9:ac:43:bb:fa:0c:4e:43:8b:43:8f:f5:d5:
98:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:81:07:5A:1E:04:B2:D0:DD:D9:63:C0:12:59:48:6B:C7:CF:A0:7A
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/KoEHWh4EstDd2WPAEllIa8fPoHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.98.0/24
94.137.78.0/23
94.137.90.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:41:10:c4:4f:53:86:1f:85:79:ea:e0:4a:3d:1c:8e:cb:a2:
12:c9:81:3f:ca:35:39:b7:89:1c:c3:32:dd:91:9f:22:d3:26:
9e:9d:12:a4:f3:2e:e3:24:7a:2e:07:6f:b9:11:a1:b7:8f:5d:
17:bf:a5:aa:15:9c:c8:50:80:ba:80:fa:5a:a5:d1:10:be:dc:
ca:54:08:da:01:09:e8:e9:8c:43:29:cb:37:04:14:fa:47:99:
ed:38:73:6b:af:9a:8a:77:9d:38:fb:9f:59:45:80:a4:55:29:
14:c5:57:ee:e3:c9:91:c1:81:1e:07:7d:2c:ef:22:16:e3:92:
fe:ca:55:6e:76:ba:d6:65:74:db:64:3a:11:75:3e:0b:b9:36:
41:84:ea:0b:d2:fc:ce:79:14:ce:ea:f9:43:a9:31:78:7f:6d:
bf:1a:8d:b9:0c:5f:9b:84:e0:cc:76:ce:74:43:47:ce:bf:f9:
61:7e:de:25:0a:4c:e4:c8:d9:ec:df:57:62:81:81:87:f9:df:
4a:8d:f4:63:3d:b4:74:a2:30:a3:4a:fa:b1:49:6d:14:f9:06:
33:8e:1c:71:d2:1e:68:ac:26:d6:5c:6c:bc:e3:91:ec:6e:59:
b0:ca:70:0a:e6:e8:7b:dd:db:f9:a6:60:d3:1d:38:de:3b:c7:
05:0a:e3:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJaFbXslFXDVyYrHO/HnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjQwMTAxMjIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTgxMDc1YTFlMDRiMmQwZGRkOTYzYzAxMjU5NDg2YmM3Y2ZhMDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiinkKH0oXz0r8LaPckdrfVnRUyWe
AfDNg3sM+z2w/mifvwyLKvEQAK5lErwmrfrqbebY2ZfU1bQsZtSugvYSsT3XTzad
Dc2u7nuvTNGAxIjOMhr2bj32tM93oI/mXs9oKMm9eJHqrwMLFzOmBol4PUz0DiGc
vM06qvjkb72JB0CGohTC8NRcf7OCudRSMX+b4iynQaV9RfcV5TkObsaKd+gysc9Z
vquvxm4X3vqUD7c/KLMeKM0mN3k9zDzu2tkdtcSbuBIBDOpdYJF/qdhtpotyb50s
biIv03ycdre+GN5f+W8ZfAYne2TcNaGtr+PewtmsQ7v6DE5Di0OP9dWYCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCqBB1oeBLLQ3dljwBJZSGvHz6B6MB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvS29FSFdoNEVzdERkMldQQUVsbElhOGZQb0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZdiAwQB
XolOAwQBXolaMA0GCSqGSIb3DQEBCwUAA4IBAQANQRDET1OGH4V56uBKPRyOy6IS
yYE/yjU5t4kcwzLdkZ8i0yaenRKk8y7jJHouB2+5EaG3j10Xv6WqFZzIUIC6gPpa
pdEQvtzKVAjaAQno6YxDKcs3BBT6R5ntOHNrr5qKd504+59ZRYCkVSkUxVfu48mR
wYEeB30s7yIW45L+ylVudrrWZXTbZDoRdT4LuTZBhOoL0vzOeRTO6vlDqTF4f22/
Go25DF+bhODMds50Q0fOv/lhft4lCkzkyNns31digYGH+d9KjfRjPbR0ojCjSvqx
SW0U+QYzjhxx0h5orCbWXGy845HsblmwynAK5uh73dv5pmDTHTjeO8cFCuOw
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:47:36 2024 by rpki-client on console-fra.rpki-client.org