Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/e79b87-d51b-4f15-8a32-99e780bf3b98/1/iAJOs3yB11epAJPEHYO-QXRFr3I.roa
File: iAJOs3yB11epAJPEHYO-QXRFr3I.roa (raw, json)
Hash identifier: 0xp0N2Bdb8KdxT+Z0BJKkfOY9LkQ1R8p8dyzXTc2iQ8=
Subject key identifier: 88:02:4E:B3:7C:81:D7:57:A9:00:93:C4:1D:83:BE:41:74:45:AF:72
Certificate issuer: /CN=899241a00348315c02c0e2a9150b863087d1c857
Certificate serial: 01907CD910F5DE738ECEC6CF082710D68F09
Authority key identifier: 89:92:41:A0:03:48:31:5C:02:C0:E2:A9:15:0B:86:30:87:D1:C8:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iZJBoANIMVwCwOKpFQuGMIfRyFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/e79b87-d51b-4f15-8a32-99e780bf3b98/1/iAJOs3yB11epAJPEHYO-QXRFr3I.roa
Signing time: Thu 04 Jul 2024 08:25:18 +0000
ROA not before: Thu 04 Jul 2024 08:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 5.45.16.0/23 maxlen: 23
5.45.18.0/24 maxlen: 24
2a01:6c8:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/e79b87-d51b-4f15-8a32-99e780bf3b98/1/iZJBoANIMVwCwOKpFQuGMIfRyFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/e79b87-d51b-4f15-8a32-99e780bf3b98/1/iZJBoANIMVwCwOKpFQuGMIfRyFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/iZJBoANIMVwCwOKpFQuGMIfRyFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7c:d9:10:f5:de:73:8e:ce:c6:cf:08:27:10:d6:8f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=899241a00348315c02c0e2a9150b863087d1c857
Validity
Not Before: Jul 4 08:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88024eb37c81d757a90093c41d83be417445af72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:01:f8:40:04:34:a9:3a:e4:6b:e4:e0:2f:43:
49:bb:fa:58:20:47:88:aa:fd:8e:ff:9e:e4:85:91:
34:f7:5b:b6:dd:e5:07:bb:9b:15:69:c2:f8:0b:21:
98:5e:bc:81:60:cb:3a:05:5a:34:91:4a:d9:d2:86:
bc:5e:08:34:71:6b:95:ed:c1:66:97:ab:a7:38:4e:
f8:bc:c6:f7:38:0e:66:6a:c7:4f:d9:08:54:b6:02:
16:74:33:c6:f1:4d:41:2d:bd:55:82:38:24:2f:e8:
37:1c:16:8d:b0:51:0c:e1:9a:f1:66:2f:4a:e0:44:
1b:c3:cc:04:d8:75:28:8f:cc:40:28:ed:32:c8:87:
85:af:09:e0:d5:d0:74:b7:0b:2e:61:c5:03:14:b3:
08:7a:45:cc:28:80:b3:d2:3d:fb:c7:ce:0c:42:b6:
44:bf:ec:77:d7:f2:25:55:f3:d9:7f:d9:27:e1:98:
6f:9e:8e:54:a1:9f:db:f9:57:51:44:cc:99:e1:ab:
2b:0a:bc:19:7b:29:9f:33:af:40:07:0d:07:d1:f9:
d1:e2:4a:2b:0a:e1:6d:cc:7d:3a:42:f2:0b:2e:01:
2a:fb:96:0b:6c:23:1c:19:71:be:62:8b:44:a2:f5:
df:5f:28:d2:4a:cf:46:45:16:c7:38:60:01:12:97:
15:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:02:4E:B3:7C:81:D7:57:A9:00:93:C4:1D:83:BE:41:74:45:AF:72
X509v3 Authority Key Identifier:
keyid:89:92:41:A0:03:48:31:5C:02:C0:E2:A9:15:0B:86:30:87:D1:C8:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZJBoANIMVwCwOKpFQuGMIfRyFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/e79b87-d51b-4f15-8a32-99e780bf3b98/1/iAJOs3yB11epAJPEHYO-QXRFr3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/e79b87-d51b-4f15-8a32-99e780bf3b98/1/iZJBoANIMVwCwOKpFQuGMIfRyFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.16.0-5.45.18.255
IPv6:
2a01:6c8:2000::/36
Signature Algorithm: sha256WithRSAEncryption
25:1d:60:87:2c:1b:e5:63:66:ec:93:0a:0f:28:64:fd:73:78:
88:20:e4:e1:2e:58:1c:c9:f2:ab:3e:b5:c6:c8:5d:a8:ec:30:
6d:ad:20:17:a7:04:aa:e0:a7:5e:6a:b6:1d:aa:ca:fc:ab:af:
dd:9a:c6:5c:e8:58:d7:5d:e5:cf:a3:ac:bc:d1:ba:54:1f:ab:
c1:fe:71:b1:c1:ac:43:6d:94:37:a4:6a:6d:1e:78:0e:56:ce:
a6:a8:64:33:cc:df:ac:72:6e:ba:cf:89:e9:8c:f6:df:10:d7:
0f:89:77:4c:9b:6e:52:a6:00:da:ec:49:2b:67:38:0e:df:c7:
fe:e9:3c:f7:83:2f:62:2c:11:a1:fd:78:9d:79:0d:cd:51:1a:
06:5a:79:e7:5c:64:29:79:47:b5:81:5d:2a:b1:4a:54:e0:1b:
0c:ca:56:c2:a2:22:9a:f3:eb:56:e9:6c:fa:2f:f4:0c:69:95:
12:74:bd:3b:2b:61:40:9f:cb:4d:32:f2:41:e5:d6:02:66:cc:
d4:39:c5:6c:21:92:60:6d:6c:15:f7:94:75:63:aa:18:66:d8:
e0:4c:ff:54:66:3a:39:e5:71:51:a6:e3:c0:81:4c:bb:10:49:
f3:48:56:4b:6d:52:a7:dc:4e:b0:36:64:23:2b:2f:ae:39:cd:
9a:b5:57:fa
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZB82RD13nOOzsbPCCcQ1o8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OTI0MWEwMDM0ODMxNWMwMmMwZTJhOTE1MGI4NjMwODdk
MWM4NTcwHhcNMjQwNzA0MDgyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODAyNGViMzdjODFkNzU3YTkwMDkzYzQxZDgzYmU0MTc0NDVhZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgH4QAQ0qTrka+TgL0NJu/pYIEeI
qv2O/57khZE091u23eUHu5sVacL4CyGYXryBYMs6BVo0kUrZ0oa8Xgg0cWuV7cFm
l6unOE74vMb3OA5masdP2QhUtgIWdDPG8U1BLb1VgjgkL+g3HBaNsFEM4ZrxZi9K
4EQbw8wE2HUoj8xAKO0yyIeFrwng1dB0twsuYcUDFLMIekXMKICz0j37x84MQrZE
v+x31/IlVfPZf9kn4Zhvno5UoZ/b+VdRRMyZ4asrCrwZeymfM69ABw0H0fnR4kor
CuFtzH06QvILLgEq+5YLbCMcGXG+YotEovXfXyjSSs9GRRbHOGABEpcVGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIgCTrN8gddXqQCTxB2DvkF0Ra9yMB8GA1UdIwQY
MBaAFImSQaADSDFcAsDiqRULhjCH0chXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVpKQm9BTklNVndDd09LcEZRdUdNSWZSeUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9lNzliODctZDUxYi00ZjE1LThhMzIt
OTllNzgwYmYzYjk4LzEvaUFKT3MzeUIxMWVwQUpQRUhZTy1RWFJGcjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9lNzliODctZDUxYi00ZjE1LThhMzItOTllNzgwYmYzYjk4
LzEvaVpKQm9BTklNVndDd09LcEZRdUdNSWZSeUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAQFLRAD
BAAFLRIwDgQCAAIwCAMGBCoBBsggMA0GCSqGSIb3DQEBCwUAA4IBAQAlHWCHLBvl
Y2bskwoPKGT9c3iIIOThLlgcyfKrPrXGyF2o7DBtrSAXpwSq4KdearYdqsr8q6/d
msZc6FjXXeXPo6y80bpUH6vB/nGxwaxDbZQ3pGptHngOVs6mqGQzzN+scm66z4np
jPbfENcPiXdMm25SpgDa7EkrZzgO38f+6Tz3gy9iLBGh/XideQ3NURoGWnnnXGQp
eUe1gV0qsUpU4BsMylbCoiKa8+tW6Wz6L/QMaZUSdL07K2FAn8tNMvJB5dYCZszU
OcVsIZJgbWwV95R1Y6oYZtjgTP9UZjo55XFRpuPAgUy7EEnzSFZLbVKn3E6wNmQj
Ky+uOc2atVf6
-----END CERTIFICATE-----
Generated at Fri Sep 20 19:05:41 2024 by rpki-client on console-fra.rpki-client.org