Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/gPbXB6lqjCMwxTsvJA05HsmSyX8.roa
File: gPbXB6lqjCMwxTsvJA05HsmSyX8.roa (raw, json)
Hash identifier: zwZaNg+M7Np4w7VhmYnzzNqPlFmtCfKMNkesczgi52Y=
Subject key identifier: 80:F6:D7:07:A9:6A:8C:23:30:C5:3B:2F:24:0D:39:1E:C9:92:C9:7F
Certificate issuer: /CN=da980a45fe487366e386b6064c2c652519f9fc93
Certificate serial: 018CC5012ED0CD5E7D94630F3745A2C2352C
Authority key identifier: DA:98:0A:45:FE:48:73:66:E3:86:B6:06:4C:2C:65:25:19:F9:FC:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pgKRf5Ic2bjhrYGTCxlJRn5_JM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/gPbXB6lqjCMwxTsvJA05HsmSyX8.roa
Signing time: Mon 01 Jan 2024 12:30:38 +0000
ROA not before: Mon 01 Jan 2024 12:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206313
IP address blocks: 45.154.110.0/24 maxlen: 24
45.154.108.0/24 maxlen: 24
45.154.108.0/22 maxlen: 24
45.154.109.0/24 maxlen: 24
2a0f:b500::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/2pgKRf5Ic2bjhrYGTCxlJRn5_JM.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/2pgKRf5Ic2bjhrYGTCxlJRn5_JM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pgKRf5Ic2bjhrYGTCxlJRn5_JM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2e:d0:cd:5e:7d:94:63:0f:37:45:a2:c2:35:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da980a45fe487366e386b6064c2c652519f9fc93
Validity
Not Before: Jan 1 12:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80f6d707a96a8c2330c53b2f240d391ec992c97f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:53:90:c4:ff:7b:44:b0:48:f0:f2:9a:42:86:
9c:4e:2f:06:df:f1:74:39:55:96:09:d7:3d:d0:0d:
81:e9:6c:57:9e:dc:a3:1e:7c:e4:75:67:1c:d9:72:
29:cb:a1:a4:1a:ca:48:3e:f0:0f:bd:e0:3f:45:65:
3c:81:3b:f5:9c:29:b2:cb:4f:aa:77:6e:e6:8a:da:
4e:c7:59:a8:f6:c6:9d:a2:eb:55:68:28:61:9b:df:
39:b0:09:13:42:47:99:4a:a2:b6:10:70:e0:72:ab:
75:c0:a7:95:00:27:5e:e0:5d:63:5a:e1:38:58:1b:
f2:a2:15:54:47:de:c8:44:10:df:da:7e:3d:a4:9a:
88:87:6a:ad:3c:e2:22:25:d2:db:63:e8:3b:98:6f:
1b:2c:79:4c:bd:bd:60:b9:c7:0e:b8:b6:a8:18:38:
e7:7d:d6:78:60:a2:16:a9:f6:42:6d:ef:ec:e6:62:
b8:f0:1e:09:7f:14:d3:14:85:c2:fc:8e:8d:a3:92:
02:a5:a9:c9:37:f6:bd:fc:f5:c5:21:00:51:5c:34:
5d:ba:d7:e1:cd:2a:92:da:72:3c:d7:cf:39:7a:ae:
2b:ab:50:31:9b:ff:25:75:d5:ad:d7:de:13:61:c1:
66:a7:91:b0:34:77:a9:97:ad:f1:b0:7b:43:15:88:
86:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F6:D7:07:A9:6A:8C:23:30:C5:3B:2F:24:0D:39:1E:C9:92:C9:7F
X509v3 Authority Key Identifier:
keyid:DA:98:0A:45:FE:48:73:66:E3:86:B6:06:4C:2C:65:25:19:F9:FC:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pgKRf5Ic2bjhrYGTCxlJRn5_JM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/gPbXB6lqjCMwxTsvJA05HsmSyX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/2pgKRf5Ic2bjhrYGTCxlJRn5_JM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.108.0/22
IPv6:
2a0f:b500::/29
Signature Algorithm: sha256WithRSAEncryption
58:a6:fc:e5:e4:5e:1f:1b:62:c3:33:18:37:b3:2a:45:2c:81:
4b:6e:16:d3:13:9f:ed:33:c6:c3:d5:2f:c0:3b:aa:95:01:f0:
3b:43:92:86:92:db:2f:be:76:5b:f6:99:c2:28:ad:f5:92:a7:
f8:c5:37:37:cd:eb:50:e0:76:af:4a:d2:5f:1c:8f:b6:5d:6f:
57:ed:a9:2e:67:c6:32:fc:ae:cd:38:13:43:8c:66:80:f8:9d:
9d:7c:cd:39:88:7a:78:d8:ee:97:c5:44:96:06:d8:83:3a:be:
93:e8:11:32:99:c2:5a:78:dc:2b:1a:5d:47:7d:00:d2:e8:3f:
7e:22:7e:15:47:b3:5f:d7:a2:b6:a3:0e:96:f6:bb:e1:41:9a:
11:bb:e9:cc:06:39:02:b3:eb:36:dc:ef:d5:1a:58:4b:0c:02:
83:4d:7a:1f:4c:8d:09:d4:a7:01:f9:84:96:51:39:38:bf:5c:
53:fa:27:c6:69:be:23:ec:14:d0:d1:fc:52:e5:34:3c:69:79:
cd:2d:b1:eb:a3:ce:57:c7:9b:ef:6c:c9:d0:6c:61:1c:8d:a8:
86:45:f3:f0:e8:c6:44:08:7d:96:df:cd:fa:cc:59:31:bf:36:
0f:04:fa:4a:67:92:c6:d6:0f:87:a5:c0:98:4b:98:da:55:6f:
0d:2f:d9:1c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAS7QzV59lGMPN0WiwjUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTgwYTQ1ZmU0ODczNjZlMzg2YjYwNjRjMmM2NTI1MTlm
OWZjOTMwHhcNMjQwMTAxMTIzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGY2ZDcwN2E5NmE4YzIzMzBjNTNiMmYyNDBkMzkxZWM5OTJjOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1OQxP97RLBI8PKaQoacTi8G3/F0
OVWWCdc90A2B6WxXntyjHnzkdWcc2XIpy6GkGspIPvAPveA/RWU8gTv1nCmyy0+q
d27mitpOx1mo9sadoutVaChhm985sAkTQkeZSqK2EHDgcqt1wKeVACde4F1jWuE4
WBvyohVUR97IRBDf2n49pJqIh2qtPOIiJdLbY+g7mG8bLHlMvb1guccOuLaoGDjn
fdZ4YKIWqfZCbe/s5mK48B4JfxTTFIXC/I6No5ICpanJN/a9/PXFIQBRXDRdutfh
zSqS2nI81885eq4rq1Axm/8lddWt194TYcFmp5GwNHepl63xsHtDFYiG0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFID21wepaowjMMU7LyQNOR7Jksl/MB8GA1UdIwQY
MBaAFNqYCkX+SHNm44a2BkwsZSUZ+fyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBnS1JmNUljMmJqaHJZR1RDeGxKUm41X0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80MTBlMzktYjhhNi00NmNhLWFjZGMt
M2YxMmFmZjI3NGRhLzEvZ1BiWEI2bHFqQ013eFRzdkpBMDVIc21TeVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80MTBlMzktYjhhNi00NmNhLWFjZGMtM2YxMmFmZjI3NGRh
LzEvMnBnS1JmNUljMmJqaHJZR1RDeGxKUm41X0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZpsMA0E
AgACMAcDBQMqD7UAMA0GCSqGSIb3DQEBCwUAA4IBAQBYpvzl5F4fG2LDMxg3sypF
LIFLbhbTE5/tM8bD1S/AO6qVAfA7Q5KGktsvvnZb9pnCKK31kqf4xTc3zetQ4Hav
StJfHI+2XW9X7akuZ8Yy/K7NOBNDjGaA+J2dfM05iHp42O6XxUSWBtiDOr6T6BEy
mcJaeNwrGl1HfQDS6D9+In4VR7Nf16K2ow6W9rvhQZoRu+nMBjkCs+s23O/VGlhL
DAKDTXofTI0J1KcB+YSWUTk4v1xT+ifGab4j7BTQ0fxS5TQ8aXnNLbHro85Xx5vv
bMnQbGEcjaiGRfPw6MZECH2W3836zFkxvzYPBPpKZ5LG1g+HpcCYS5jaVW8NL9kc
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:04:26 2024 by rpki-client on console-ams.rpki-client.org