Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/AibbCwcaidmAQqAZZdAvrmwGPWI.roa
File: AibbCwcaidmAQqAZZdAvrmwGPWI.roa (raw, json)
Hash identifier: YVhndJvvCgxhlSslXdbSRXroP14gwCrxojjKUFmyBlc=
Subject key identifier: 02:26:DB:0B:07:1A:89:D9:80:42:A0:19:65:D0:2F:AE:6C:06:3D:62
Certificate issuer: /CN=1b68656126198373d07886bf4ab8fb06b9006780
Certificate serial: 0191EBA7805535318D181434412EA39B0A9E
Authority key identifier: 1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/AibbCwcaidmAQqAZZdAvrmwGPWI.roa
Signing time: Fri 13 Sep 2024 13:51:48 +0000
ROA not before: Fri 13 Sep 2024 13:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208621
IP address blocks: 45.92.36.0/24 maxlen: 24
45.92.37.0/24 maxlen: 24
45.92.38.0/24 maxlen: 24
45.92.39.0/24 maxlen: 24
2a0e:1bc0::/35 maxlen: 35
2a0e:1bc0:2000::/35 maxlen: 35
2a0e:1bc0:4000::/35 maxlen: 35
2a0e:1bc0:6000::/35 maxlen: 35
2a0e:1bc1::/35 maxlen: 35
2a0e:1bc1:2000::/35 maxlen: 35
2a0e:1bc1:4000::/35 maxlen: 35
2a0e:1bc1:6000::/35 maxlen: 35
2a0e:1bc4::/35 maxlen: 35
2a0e:1bc5::/35 maxlen: 35
2a0e:1bc7::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:a7:80:55:35:31:8d:18:14:34:41:2e:a3:9b:0a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b68656126198373d07886bf4ab8fb06b9006780
Validity
Not Before: Sep 13 13:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0226db0b071a89d98042a01965d02fae6c063d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:b6:14:53:fe:16:b7:59:89:ef:98:14:81:
f7:cd:1f:75:1a:a0:2c:dd:33:92:6e:00:e9:62:2b:
31:83:5e:b4:4a:c5:fd:0c:64:21:40:1d:34:07:b7:
8e:f1:5d:80:23:9e:73:92:cc:58:8f:49:cc:39:e4:
50:f5:04:2c:84:c3:cd:ac:d0:b6:3f:87:f8:71:1a:
da:af:af:a7:2d:54:d3:b1:de:9e:2c:db:ce:69:04:
6d:33:24:1a:a4:18:8c:37:ac:1a:08:29:6e:90:15:
69:c5:dc:db:da:1a:5c:ca:b2:30:19:dd:5e:c1:cd:
d7:15:a4:d4:64:42:ad:2b:d9:fc:06:b0:3e:eb:ca:
cf:d8:e6:c5:48:d3:b7:e4:fe:0f:89:b4:de:e2:fd:
cd:6f:d7:de:72:42:61:80:6f:69:1b:b6:58:c5:13:
2f:fc:84:a9:28:b6:01:65:32:f1:b8:2c:0d:29:91:
55:11:35:fc:af:94:d5:c7:e0:f2:ce:1c:25:f3:89:
a2:58:aa:fb:70:21:88:ca:69:ff:19:38:b9:7a:1c:
06:99:79:00:29:2a:f4:a1:b0:7e:6e:7f:64:11:f5:
56:6b:6b:87:86:b9:b7:84:e7:ca:31:41:24:92:63:
4a:e6:80:7f:67:1a:46:f4:95:88:a4:cf:1b:63:83:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:26:DB:0B:07:1A:89:D9:80:42:A0:19:65:D0:2F:AE:6C:06:3D:62
X509v3 Authority Key Identifier:
keyid:1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/AibbCwcaidmAQqAZZdAvrmwGPWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.36.0/22
IPv6:
2a0e:1bc0::/33
2a0e:1bc1::/33
2a0e:1bc4::/35
2a0e:1bc5::/35
2a0e:1bc7::/35
Signature Algorithm: sha256WithRSAEncryption
5c:39:d1:dc:d4:f6:fc:6f:b5:a9:13:6e:d9:15:38:43:e5:ec:
16:bb:45:89:5f:ce:e5:f2:22:c6:82:ce:70:62:a4:74:70:d4:
89:e1:58:39:11:4e:f4:7e:41:e9:48:00:90:98:ed:41:a6:b0:
eb:30:ec:4c:fa:5b:ef:07:44:62:57:2b:37:12:1a:fd:d1:0a:
9b:18:10:37:ad:c0:1e:e8:7f:15:c2:1c:b4:b9:ae:80:b3:f3:
4d:b4:8c:26:10:7c:18:91:de:cc:3a:96:92:0a:49:a4:cb:3f:
51:e2:23:22:eb:68:be:2e:9b:e0:3b:d1:75:0e:78:dc:90:ef:
e9:27:91:a9:4d:1d:ef:68:17:09:31:4f:05:f5:49:31:ea:38:
f3:40:b3:a3:95:71:09:c9:7f:91:98:a6:f0:7d:0a:82:22:f7:
1f:ed:b6:0a:71:cf:c0:5f:7e:d8:b8:a5:d6:45:b7:8e:62:0a:
ae:1e:67:a4:bc:1a:d5:a8:b6:96:bd:4e:dc:51:97:a1:d9:6b:
7b:c4:4d:bc:66:f0:15:55:b6:56:24:07:76:4d:6c:3b:79:cf:
a6:35:5a:56:3a:98:d7:51:7a:f0:c4:f6:f2:f3:ed:4c:18:f0:
1f:f5:4c:2e:6a:47:f4:d0:1a:90:d5:ef:0e:44:65:9c:ff:20:
c2:01:2c:45
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZHrp4BVNTGNGBQ0QS6jmwqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjg2NTYxMjYxOTgzNzNkMDc4ODZiZjRhYjhmYjA2Yjkw
MDY3ODAwHhcNMjQwOTEzMTM1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjI2ZGIwYjA3MWE4OWQ5ODA0MmEwMTk2NWQwMmZhZTZjMDYzZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUK2FFP+FrdZie+YFIH3zR91GqAs
3TOSbgDpYisxg160SsX9DGQhQB00B7eO8V2AI55zksxYj0nMOeRQ9QQshMPNrNC2
P4f4cRrar6+nLVTTsd6eLNvOaQRtMyQapBiMN6waCClukBVpxdzb2hpcyrIwGd1e
wc3XFaTUZEKtK9n8BrA+68rP2ObFSNO35P4PibTe4v3Nb9feckJhgG9pG7ZYxRMv
/ISpKLYBZTLxuCwNKZFVETX8r5TVx+Dyzhwl84miWKr7cCGIymn/GTi5ehwGmXkA
KSr0obB+bn9kEfVWa2uHhrm3hOfKMUEkkmNK5oB/ZxpG9JWIpM8bY4Nb4QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAIm2wsHGonZgEKgGWXQL65sBj1iMB8GA1UdIwQY
MBaAFBtoZWEmGYNz0HiGv0q4+wa5AGeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODIt
MjM5ODcwNGFiNTBjLzEvQWliYkN3Y2FpZG1BUXFBWlpkQXZybXdHUFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODItMjM5ODcwNGFiNTBj
LzEvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAMBAIAATAGAwQCLVwkMC4E
AgACMCgDBgcqDhvAAAMGByoOG8EAAwYFKg4bxAADBgUqDhvFAAMGBSoOG8cAMA0G
CSqGSIb3DQEBCwUAA4IBAQBcOdHc1Pb8b7WpE27ZFThD5ewWu0WJX87l8iLGgs5w
YqR0cNSJ4Vg5EU70fkHpSACQmO1BprDrMOxM+lvvB0RiVys3Ehr90QqbGBA3rcAe
6H8Vwhy0ua6As/NNtIwmEHwYkd7MOpaSCkmkyz9R4iMi62i+LpvgO9F1DnjckO/p
J5GpTR3vaBcJMU8F9Ukx6jjzQLOjlXEJyX+RmKbwfQqCIvcf7bYKcc/AX37YuKXW
RbeOYgquHmekvBrVqLaWvU7cUZeh2Wt7xE28ZvAVVbZWJAd2TWw7ec+mNVpWOpjX
UXrwxPby8+1MGPAf9Uwuakf00BqQ1e8ORGWc/yDCASxF
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:27 2024 by rpki-client on console-ams.rpki-client.org