Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/8m14GemymqOGC0QdkxXJ5SIo1rE.roa
File: 8m14GemymqOGC0QdkxXJ5SIo1rE.roa (raw, json)
Hash identifier: s9BYHWU3xU8SXQ0aeCTfx6dsFGvyHeZFQG9O4YC9ksk=
Subject key identifier: F2:6D:78:19:E9:B2:9A:A3:86:0B:44:1D:93:15:C9:E5:22:28:D6:B1
Certificate issuer: /CN=239c45e43625522080aec53952989a13a28abd00
Certificate serial: 018CC86FDCFDC7E4B9FE5560A7831658D80C
Authority key identifier: 23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/8m14GemymqOGC0QdkxXJ5SIo1rE.roa
Signing time: Tue 02 Jan 2024 04:30:23 +0000
ROA not before: Tue 02 Jan 2024 04:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205845
IP address blocks: 185.204.120.0/22 maxlen: 24
45.154.168.0/22 maxlen: 24
2a0a:f740::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:dc:fd:c7:e4:b9:fe:55:60:a7:83:16:58:d8:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=239c45e43625522080aec53952989a13a28abd00
Validity
Not Before: Jan 2 04:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f26d7819e9b29aa3860b441d9315c9e52228d6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:86:ff:df:15:c1:c8:58:29:a1:0c:56:3c:3e:
1b:63:a0:48:f6:c6:69:bd:b4:a0:84:5e:c5:f0:74:
b5:b0:59:8f:68:40:da:a8:41:e0:7f:d4:03:f6:d3:
71:2d:72:96:e5:09:89:82:21:8e:29:14:95:9c:61:
73:72:ee:7b:b4:61:a1:a3:40:04:7f:68:c0:a5:01:
00:d3:fa:7e:12:32:1b:f3:2b:d4:59:ac:e4:4e:a9:
8c:b9:f3:70:40:24:c6:15:15:9e:79:97:59:8a:2b:
65:6a:2c:03:b0:90:b9:a1:92:56:b2:08:37:e0:22:
c8:88:e8:50:db:22:39:fa:a8:30:77:01:c0:21:bd:
6e:d4:a7:75:05:cd:ce:6f:23:00:63:a3:75:06:85:
b7:25:71:e5:a1:5b:63:a8:93:1e:d8:7d:06:82:7d:
c9:02:f6:fb:9d:76:9d:3d:1c:ba:91:c4:a8:0f:6a:
bd:ae:df:c4:4e:3d:be:db:01:c5:61:d3:35:d0:cc:
41:95:c5:45:0c:eb:c3:2d:5c:3d:9d:e2:3c:7b:3e:
3c:00:65:0d:31:8c:1b:0d:1d:1e:44:c3:fc:20:37:
50:03:1a:a5:0d:3b:23:07:2a:33:7d:8d:7d:29:e8:
e1:fd:3e:0d:29:5c:23:67:aa:6d:a5:4e:4b:31:5a:
8f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:6D:78:19:E9:B2:9A:A3:86:0B:44:1D:93:15:C9:E5:22:28:D6:B1
X509v3 Authority Key Identifier:
keyid:23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/8m14GemymqOGC0QdkxXJ5SIo1rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.168.0/22
185.204.120.0/22
IPv6:
2a0a:f740::/29
Signature Algorithm: sha256WithRSAEncryption
77:da:b9:b0:0c:e3:35:e8:39:bf:81:71:fb:52:27:64:df:a2:
82:5d:51:29:71:0d:ad:46:cb:0d:0e:82:4e:ec:18:c6:e6:58:
72:18:ed:fb:91:fc:bb:2e:ef:14:36:31:76:ad:99:45:1a:78:
ad:d1:48:dd:b0:c8:df:fe:d9:bf:f7:4a:c2:f2:83:17:c0:2e:
23:7f:f9:a6:34:04:a1:85:7d:5b:f9:72:d2:4a:3d:a8:ac:e4:
e9:93:3f:47:69:eb:2c:75:c5:cf:5b:1c:90:27:2d:7e:36:5d:
a2:9e:0d:8e:93:2b:aa:b5:79:7f:ff:32:6e:48:8d:14:5d:8c:
75:74:57:6b:48:78:e2:85:36:25:9e:2c:29:23:d9:7b:2a:33:
6a:bc:c4:98:a0:18:5e:50:9f:6d:52:02:65:96:34:31:c6:dc:
ba:91:a1:69:59:3e:1b:0f:e0:ea:36:0b:17:b3:1f:f9:94:ff:
5d:79:7e:a3:e0:7f:f6:ea:d4:e2:00:c8:ee:c2:72:e2:cb:4f:
e9:79:4d:e7:07:75:4e:27:14:69:08:34:3a:da:69:b2:29:88:
66:81:34:3c:45:f4:36:01:f2:e3:8f:dd:4d:7a:0c:77:f2:16:
b4:b2:70:b7:06:ed:da:4d:bd:63:eb:3d:05:ab:c3:2c:d8:c7:
1f:a9:ad:5f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIb9z9x+S5/lVgp4MWWNgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOWM0NWU0MzYyNTUyMjA4MGFlYzUzOTUyOTg5YTEzYTI4
YWJkMDAwHhcNMjQwMTAyMDQzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjZkNzgxOWU5YjI5YWEzODYwYjQ0MWQ5MzE1YzllNTIyMjhkNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4b/3xXByFgpoQxWPD4bY6BI9sZp
vbSghF7F8HS1sFmPaEDaqEHgf9QD9tNxLXKW5QmJgiGOKRSVnGFzcu57tGGho0AE
f2jApQEA0/p+EjIb8yvUWazkTqmMufNwQCTGFRWeeZdZiitlaiwDsJC5oZJWsgg3
4CLIiOhQ2yI5+qgwdwHAIb1u1Kd1Bc3ObyMAY6N1BoW3JXHloVtjqJMe2H0Ggn3J
Avb7nXadPRy6kcSoD2q9rt/ETj2+2wHFYdM10MxBlcVFDOvDLVw9neI8ez48AGUN
MYwbDR0eRMP8IDdQAxqlDTsjByozfY19Kejh/T4NKVwjZ6ptpU5LMVqPnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPJteBnpspqjhgtEHZMVyeUiKNaxMB8GA1UdIwQY
MBaAFCOcReQ2JVIggK7FOVKYmhOiir0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2Njgt
OTc1YTIzN2VjZDA2LzEvOG0xNEdlbXltcU9HQzBRZGt4WEo1U0lvMXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2NjgtOTc1YTIzN2VjZDA2
LzEvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZqoAwQC
ucx4MA0EAgACMAcDBQMqCvdAMA0GCSqGSIb3DQEBCwUAA4IBAQB32rmwDOM16Dm/
gXH7Uidk36KCXVEpcQ2tRssNDoJO7BjG5lhyGO37kfy7Lu8UNjF2rZlFGnit0Ujd
sMjf/tm/90rC8oMXwC4jf/mmNAShhX1b+XLSSj2orOTpkz9HaessdcXPWxyQJy1+
Nl2ing2OkyuqtXl//zJuSI0UXYx1dFdrSHjihTYlniwpI9l7KjNqvMSYoBheUJ9t
UgJlljQxxty6kaFpWT4bD+DqNgsXsx/5lP9deX6j4H/26tTiAMjuwnLiy0/peU3n
B3VOJxRpCDQ62mmyKYhmgTQ8RfQ2AfLjj91Negx38ha0snC3Bu3aTb1j6z0Fq8Ms
2Mcfqa1f
-----END CERTIFICATE-----
Generated at Fri May 17 18:04:29 2024 by rpki-client on console-ams.rpki-client.org