Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/_1iaPHL2L4hSeUJOhGJjalrN844.roa
File: _1iaPHL2L4hSeUJOhGJjalrN844.roa (raw, json)
Hash identifier: vUYs+AIPDHpt8BD0lLUEk/FI6mBVYJaQCYzd6O7kD6Q=
Subject key identifier: FF:58:9A:3C:72:F6:2F:88:52:79:42:4E:84:62:63:6A:5A:CD:F3:8E
Certificate issuer: /CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Certificate serial: 018E12E9937E4CCF5AE99AE5D819C789EA68
Authority key identifier: 2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/_1iaPHL2L4hSeUJOhGJjalrN844.roa
Signing time: Wed 06 Mar 2024 08:38:01 +0000
ROA not before: Wed 06 Mar 2024 08:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211393
IP address blocks: 45.9.23.0/24 maxlen: 24
193.36.4.0/22 maxlen: 22
2a0b:6dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:e9:93:7e:4c:cf:5a:e9:9a:e5:d8:19:c7:89:ea:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Validity
Not Before: Mar 6 08:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff589a3c72f62f885279424e8462636a5acdf38e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:56:7a:5a:a0:bb:4f:c8:1d:ab:22:86:da:d5:
10:ff:e1:22:bf:cf:11:1b:5d:97:b4:f8:71:9e:36:
4c:5f:73:67:d3:0b:c6:9b:66:7b:49:f2:a7:12:f5:
c4:77:93:4b:7d:19:bc:2d:9f:57:2b:40:4d:4d:e2:
24:47:6b:83:d0:1d:13:12:4a:02:5b:0e:2c:33:6a:
38:9a:c4:eb:4a:90:74:40:c4:97:d4:f1:a4:d1:8a:
47:f9:12:16:7c:da:da:df:ca:26:4f:d7:70:d2:fb:
a8:63:26:82:ec:7f:0d:e4:8d:7c:de:f2:d7:c9:e9:
fd:e7:cf:6f:70:46:06:73:9a:78:e4:ec:4c:08:41:
45:6e:04:44:2a:ea:6f:22:27:0c:98:23:ea:cc:f6:
d3:90:c2:53:5d:b2:c9:7d:69:62:69:5e:3e:b0:f3:
9a:e7:18:25:9b:34:61:c8:32:df:90:21:42:de:1f:
ee:de:ba:6b:ce:38:dd:88:2b:26:8b:7d:bb:57:75:
7d:60:37:82:8b:2f:8a:61:09:fe:ee:a1:70:8e:e0:
e1:e1:92:24:a6:ca:94:24:b2:d3:48:93:0a:fe:b7:
7b:dc:12:a7:31:65:e8:2e:ce:fa:fc:6c:ba:40:8e:
a2:29:18:7b:53:98:34:aa:96:88:1f:68:7c:48:e3:
f8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:58:9A:3C:72:F6:2F:88:52:79:42:4E:84:62:63:6A:5A:CD:F3:8E
X509v3 Authority Key Identifier:
keyid:2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/_1iaPHL2L4hSeUJOhGJjalrN844.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.23.0/24
193.36.4.0/22
IPv6:
2a0b:6dc0::/29
Signature Algorithm: sha256WithRSAEncryption
52:d3:3f:45:ee:cb:6b:44:18:a4:ae:c5:90:de:0d:05:2c:05:
d5:34:ba:f7:8a:e9:06:51:22:3a:6f:16:71:18:7a:72:95:47:
cf:86:a0:03:37:6d:da:4f:6d:e0:66:9b:39:71:80:f1:2e:09:
33:47:e3:2a:17:3e:47:13:d0:55:71:4e:50:ef:8d:21:f6:97:
8b:e3:c5:27:76:fa:c8:04:ab:e9:61:a3:3f:68:e8:9f:0f:8a:
e8:4d:d0:7a:b7:29:bd:36:16:10:31:6a:60:ea:d0:36:32:0e:
f5:03:a4:ad:ed:d3:4f:92:98:b3:91:c1:a9:2b:b1:1d:e2:93:
c5:35:61:b6:d4:76:58:73:3c:80:1f:7a:dc:13:1f:87:ae:f9:
98:a1:3b:9d:88:9f:23:e8:33:51:32:97:79:27:33:51:14:65:
a5:ef:5a:30:3a:99:af:f2:79:8a:55:10:36:99:d1:e2:5e:fa:
31:8c:64:f6:d7:de:12:34:d8:09:23:5c:80:3a:b0:40:3c:92:
df:0d:23:1b:d1:7d:c6:30:d9:04:33:05:5d:49:af:05:00:30:
9e:fc:f0:23:ec:4e:f5:b8:01:b6:4a:94:a7:e1:7a:6a:0e:66:
d5:c5:63:af:d1:e9:09:6a:0b:04:a4:81:16:85:28:75:d7:bc:
b4:18:60:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY4S6ZN+TM9a6Zrl2BnHiepoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzI5MWI4ZGI2Y2ZkZGY2ZGQyYTFkNTViMjI2ZDQ5NDky
YTI3MDUwHhcNMjQwMzA2MDgzODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU4OWEzYzcyZjYyZjg4NTI3OTQyNGU4NDYyNjM2YTVhY2RmMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilZ6WqC7T8gdqyKG2tUQ/+Eiv88R
G12XtPhxnjZMX3Nn0wvGm2Z7SfKnEvXEd5NLfRm8LZ9XK0BNTeIkR2uD0B0TEkoC
Ww4sM2o4msTrSpB0QMSX1PGk0YpH+RIWfNra38omT9dw0vuoYyaC7H8N5I183vLX
yen9589vcEYGc5p45OxMCEFFbgREKupvIicMmCPqzPbTkMJTXbLJfWliaV4+sPOa
5xglmzRhyDLfkCFC3h/u3rprzjjdiCsmi327V3V9YDeCiy+KYQn+7qFwjuDh4ZIk
psqUJLLTSJMK/rd73BKnMWXoLs76/Gy6QI6iKRh7U5g0qpaIH2h8SOP4SwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP9Ymjxy9i+IUnlCToRiY2pazfOOMB8GA1UdIwQY
MBaAFC3CkbjbbP3fbdKh1VsibUlJKicFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjIt
MmIxNzBlOTVjMmI3LzEvXzFpYVBITDJMNGhTZVVKT2hHSmphbHJOODQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjItMmIxNzBlOTVjMmI3
LzEvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQkXAwQC
wSQEMA0EAgACMAcDBQMqC23AMA0GCSqGSIb3DQEBCwUAA4IBAQBS0z9F7strRBik
rsWQ3g0FLAXVNLr3iukGUSI6bxZxGHpylUfPhqADN23aT23gZps5cYDxLgkzR+Mq
Fz5HE9BVcU5Q740h9peL48UndvrIBKvpYaM/aOifD4roTdB6tym9NhYQMWpg6tA2
Mg71A6St7dNPkpizkcGpK7Ed4pPFNWG21HZYczyAH3rcEx+HrvmYoTudiJ8j6DNR
Mpd5JzNRFGWl71owOpmv8nmKVRA2mdHiXvoxjGT2194SNNgJI1yAOrBAPJLfDSMb
0X3GMNkEMwVdSa8FADCe/PAj7E71uAG2SpSn4XpqDmbVxWOv0ekJagsEpIEWhSh1
17y0GGBo
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:17 2024 by rpki-client on console-fra.rpki-client.org