Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Af4nsGDJm7huCRdNdLEVbcYTfxY.roa
File: Af4nsGDJm7huCRdNdLEVbcYTfxY.roa (raw, json)
Hash identifier: bP2gRiWYqDV8bUmrj5Ov+X1eyfP12v+GJ2AIagFCBVk=
Subject key identifier: 01:FE:27:B0:60:C9:9B:B8:6E:09:17:4D:74:B1:15:6D:C6:13:7F:16
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0192BD365E5A7BF299C5BB3E593059AE84C3
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Af4nsGDJm7huCRdNdLEVbcYTfxY.roa
Signing time: Thu 24 Oct 2024 06:28:29 +0000
ROA not before: Thu 24 Oct 2024 06:28:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9312
IP address blocks: 45.82.76.0/22 maxlen: 32
45.90.208.0/24 maxlen: 24
45.90.209.0/24 maxlen: 24
45.90.210.0/24 maxlen: 24
45.90.211.0/24 maxlen: 24
45.142.124.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
194.36.243.0/24 maxlen: 24
194.169.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:36:5e:5a:7b:f2:99:c5:bb:3e:59:30:59:ae:84:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Oct 24 06:28:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01fe27b060c99bb86e09174d74b1156dc6137f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f5:9f:cc:8c:c2:76:48:63:89:58:29:69:ee:
36:0b:53:e3:23:d6:26:a0:bf:c4:90:86:f0:af:56:
47:a8:0b:6a:81:c6:ab:a1:a5:8b:fb:a0:00:9e:7b:
6e:f5:0c:07:b7:d2:0f:13:82:74:9b:ba:3c:05:5f:
de:c8:0d:6e:55:06:1c:54:53:e7:bd:bc:e3:5b:fe:
b5:60:19:d3:7c:92:91:6f:05:b8:6d:8d:4f:60:75:
8d:ba:f6:09:f4:33:56:33:ea:ae:ba:0c:9f:86:d4:
a5:21:99:cc:1a:fe:2a:4e:9c:e0:6c:b7:c7:8b:b1:
a0:a9:f4:fd:d1:9f:b4:d9:c6:37:56:cc:97:06:e6:
7c:aa:2b:c6:b7:1f:7c:97:7b:75:a1:51:47:d2:63:
f8:81:a3:89:f8:e5:e9:c2:e6:87:82:73:1a:eb:5f:
78:32:06:eb:35:49:70:cd:77:58:7f:ff:ea:8f:59:
6e:f6:47:a5:52:82:c1:c7:7f:67:a6:2a:e1:4e:c1:
df:9a:d1:50:e6:23:82:8c:f1:cd:20:4a:dc:a9:2d:
fe:9f:38:3e:66:d3:41:01:0a:e6:63:bf:d2:31:c8:
5e:ae:d3:66:4d:4e:5a:fc:7f:94:42:18:b0:10:13:
6e:4b:0b:67:ea:b9:b8:6e:67:75:6c:80:57:88:69:
de:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FE:27:B0:60:C9:9B:B8:6E:09:17:4D:74:B1:15:6D:C6:13:7F:16
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Af4nsGDJm7huCRdNdLEVbcYTfxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.76.0/22
45.90.208.0/22
45.142.124.0/24
95.214.164.0/23
149.62.46.0/23
194.36.243.0/24
194.169.55.0/24
Signature Algorithm: sha256WithRSAEncryption
19:40:91:43:38:32:d6:75:1c:df:6a:10:d1:8f:e6:14:7a:59:
50:5b:7d:41:f8:01:8b:aa:0f:12:4c:14:46:db:ac:4d:79:5e:
a1:84:70:cf:80:d8:67:72:80:e0:30:45:3b:5a:a4:12:dc:ee:
b5:64:af:c8:18:b3:f5:da:f8:fc:11:da:de:92:90:d4:16:91:
52:e4:8c:a7:72:bf:7a:38:6a:00:5c:b5:b7:d9:e0:75:8b:b3:
40:9e:df:97:62:31:ad:5f:ee:ae:ef:14:18:19:c2:01:6a:90:
cb:81:7c:7f:a3:44:44:cb:90:f4:6a:5b:eb:84:c6:49:1e:92:
c7:e7:48:91:51:3c:57:9e:1e:34:fe:e2:f9:f5:db:2b:81:a7:
72:f8:e5:00:a2:f4:06:be:39:5f:2b:f0:fb:d3:9b:6d:a2:97:
7e:a6:0f:ef:5e:45:bd:af:ad:71:5c:d5:42:c8:4b:4e:f1:b4:
d5:56:af:cd:94:5b:b0:35:74:2d:dd:62:89:6a:f8:80:b3:49:
3f:6c:c5:09:38:e1:26:81:ce:85:3d:9b:28:0e:1c:e3:cb:03:
03:5f:30:12:50:7e:77:03:e2:20:83:09:c4:c0:1b:b0:11:d6:
4e:05:33:77:11:3b:b6:78:ae:e1:57:f9:46:b3:4e:ff:57:be:
a5:c9:46:04
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZK9Nl5ae/KZxbs+WTBZroTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQxMDI0MDYyODI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWZlMjdiMDYwYzk5YmI4NmUwOTE3NGQ3NGIxMTU2ZGM2MTM3ZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/WfzIzCdkhjiVgpae42C1PjI9Ym
oL/EkIbwr1ZHqAtqgcaroaWL+6AAnntu9QwHt9IPE4J0m7o8BV/eyA1uVQYcVFPn
vbzjW/61YBnTfJKRbwW4bY1PYHWNuvYJ9DNWM+quugyfhtSlIZnMGv4qTpzgbLfH
i7GgqfT90Z+02cY3VsyXBuZ8qivGtx98l3t1oVFH0mP4gaOJ+OXpwuaHgnMa6194
MgbrNUlwzXdYf//qj1lu9kelUoLBx39npirhTsHfmtFQ5iOCjPHNIErcqS3+nzg+
ZtNBAQrmY7/SMchertNmTU5a/H+UQhiwEBNuSwtn6rm4bmd1bIBXiGneZwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAH+J7BgyZu4bgkXTXSxFW3GE38WMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvQWY0bnNHREptN2h1Q1JkTmRMRVZiY1lUZnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLVJMAwQC
LVrQAwQALY58AwQBX9akAwQBlT4uAwQAwiTzAwQAwqk3MA0GCSqGSIb3DQEBCwUA
A4IBAQAZQJFDODLWdRzfahDRj+YUellQW31B+AGLqg8STBRG26xNeV6hhHDPgNhn
coDgMEU7WqQS3O61ZK/IGLP12vj8EdrekpDUFpFS5Iyncr96OGoAXLW32eB1i7NA
nt+XYjGtX+6u7xQYGcIBapDLgXx/o0REy5D0alvrhMZJHpLH50iRUTxXnh40/uL5
9dsrgady+OUAovQGvjlfK/D705ttopd+pg/vXkW9r61xXNVCyEtO8bTVVq/NlFuw
NXQt3WKJaviAs0k/bMUJOOEmgc6FPZsoDhzjywMDXzASUH53A+IggwnEwBuwEdZO
BTN3ETu2eK7hV/lGs07/V76lyUYE
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:55:50 2024 by rpki-client on console-ams.rpki-client.org