Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/PN45jNTHs3b0DEAjhakCjN9ijG0.roa
File: PN45jNTHs3b0DEAjhakCjN9ijG0.roa (raw, json)
Hash identifier: Jx7TMsvLTzxljG0926T13PLkcqQTkILPkjIsN5631FM=
Subject key identifier: 3C:DE:39:8C:D4:C7:B3:76:F4:0C:40:23:85:A9:02:8C:DF:62:8C:6D
Certificate issuer: /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial: 018CC7955AB85B6E36454685F5C09932A451
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/PN45jNTHs3b0DEAjhakCjN9ijG0.roa
Signing time: Tue 02 Jan 2024 00:31:43 +0000
ROA not before: Tue 02 Jan 2024 00:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6663
IP address blocks: 195.146.0.0/20 maxlen: 20
195.146.11.0/24 maxlen: 24
195.146.8.0/24 maxlen: 24
195.146.12.0/24 maxlen: 24
195.146.16.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:5a:b8:5b:6e:36:45:46:85:f5:c0:99:32:a4:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Validity
Not Before: Jan 2 00:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cde398cd4c7b376f40c402385a9028cdf628c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a8:f6:1e:5f:f0:30:5a:4b:80:cf:96:2a:8a:
58:aa:00:49:18:23:c9:66:fa:2a:57:e8:6e:b0:9a:
06:2a:ec:61:30:82:22:71:44:76:b4:d7:da:d7:91:
ce:ef:98:83:18:f1:7f:5e:9f:6e:a1:a6:34:67:29:
17:b7:b0:b6:7f:df:17:d6:96:f4:ee:8b:cd:af:4e:
42:66:ad:dc:bf:e6:9d:30:d2:7c:02:c0:d9:e2:4a:
2c:aa:62:71:9e:65:70:42:c1:69:22:b8:6b:4f:ff:
6a:10:29:d3:e8:a2:66:a6:26:42:25:32:2d:f4:d7:
e6:70:fe:8f:07:76:98:7f:81:e2:b9:c8:40:a5:6a:
76:f4:79:f6:82:ba:86:f8:4d:e9:11:e6:78:c6:ce:
b6:0d:e1:9a:7e:ea:91:31:47:4c:62:e4:ff:2d:1a:
51:92:4c:fa:af:12:04:e6:d6:0c:8d:e8:8e:11:ce:
71:de:f2:0b:9c:81:ac:df:25:16:46:05:11:37:41:
ce:84:6c:62:fd:4a:02:89:23:2f:fc:86:82:c4:84:
8c:21:66:80:cf:35:54:9d:8d:79:c9:40:10:0d:69:
85:86:53:50:df:fc:64:5d:b0:16:fd:55:8f:f0:27:
0d:5e:99:96:bf:a8:8e:46:8c:fa:f6:06:8f:69:dd:
09:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DE:39:8C:D4:C7:B3:76:F4:0C:40:23:85:A9:02:8C:DF:62:8C:6D
X509v3 Authority Key Identifier:
keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/PN45jNTHs3b0DEAjhakCjN9ijG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.146.0.0/19
Signature Algorithm: sha256WithRSAEncryption
17:81:b9:24:ce:f8:0c:6f:4d:fd:e5:ec:c5:cf:9b:e5:73:06:
2d:81:d3:d1:e9:b2:d1:c3:e6:ed:25:5e:83:d8:b2:5c:92:ef:
fc:a7:06:b4:de:b3:7e:9c:d6:36:7b:db:0d:8c:a1:fc:2f:fa:
60:e9:cc:78:12:13:aa:bd:1a:1d:8d:1d:e8:2e:a6:b1:3d:8d:
7a:02:d3:b6:c0:76:c2:d9:ea:fe:40:55:bf:27:d3:42:13:bd:
6b:31:ed:89:d6:99:d5:17:5b:c3:c0:c8:cc:3b:c6:19:64:e7:
df:4b:f9:fd:7b:56:63:6e:3f:57:bf:6d:8a:d9:50:1a:51:a3:
82:0e:cb:27:c1:86:d4:e6:0e:79:a6:d3:a0:47:4d:ac:d8:62:
71:23:a7:de:5c:fb:31:f4:1e:87:b8:c4:66:22:d5:4f:fc:a1:
13:c4:1a:88:46:90:e2:e4:fc:98:23:62:6b:18:cf:81:84:3e:
57:09:10:32:d4:05:7d:ac:38:68:56:c1:33:a4:95:29:ae:e3:
75:84:33:7e:0e:c5:a5:ff:29:13:b7:0d:09:b7:73:f9:5c:9b:
40:00:89:21:66:98:a9:f2:c3:98:ec:a0:e4:42:3d:a3:c6:eb:
a8:8f:bd:48:b8:7a:2d:15:0a:4e:90:e3:e5:91:57:92:72:e4:
43:2c:af:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlVq4W242RUaF9cCZMqRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjQwMTAyMDAzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RlMzk4Y2Q0YzdiMzc2ZjQwYzQwMjM4NWE5MDI4Y2RmNjI4YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6j2Hl/wMFpLgM+WKopYqgBJGCPJ
ZvoqV+husJoGKuxhMIIicUR2tNfa15HO75iDGPF/Xp9uoaY0ZykXt7C2f98X1pb0
7ovNr05CZq3cv+adMNJ8AsDZ4kosqmJxnmVwQsFpIrhrT/9qECnT6KJmpiZCJTIt
9NfmcP6PB3aYf4HiuchApWp29Hn2grqG+E3pEeZ4xs62DeGafuqRMUdMYuT/LRpR
kkz6rxIE5tYMjeiOEc5x3vILnIGs3yUWRgURN0HOhGxi/UoCiSMv/IaCxISMIWaA
zzVUnY15yUAQDWmFhlNQ3/xkXbAW/VWP8CcNXpmWv6iORoz69gaPad0J8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzeOYzUx7N29AxAI4WpAozfYoxtMB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvUE40NWpOVEhzM2IwREVBamhha0NqTjlpakcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFw5IAMA0G
CSqGSIb3DQEBCwUAA4IBAQAXgbkkzvgMb0395ezFz5vlcwYtgdPR6bLRw+btJV6D
2LJcku/8pwa03rN+nNY2e9sNjKH8L/pg6cx4EhOqvRodjR3oLqaxPY16AtO2wHbC
2er+QFW/J9NCE71rMe2J1pnVF1vDwMjMO8YZZOffS/n9e1Zjbj9Xv22K2VAaUaOC
DssnwYbU5g55ptOgR02s2GJxI6feXPsx9B6HuMRmItVP/KETxBqIRpDi5PyYI2Jr
GM+BhD5XCRAy1AV9rDhoVsEzpJUpruN1hDN+DsWl/ykTtw0Jt3P5XJtAAIkhZpip
8sOY7KDkQj2jxuuoj71IuHotFQpOkOPlkVeScuRDLK+q
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:52 2024 by rpki-client on console-fra.rpki-client.org