Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/8zqAkBSNxwEbxrdIs9OySbnEH3k.roa
File: 8zqAkBSNxwEbxrdIs9OySbnEH3k.roa (raw, json)
Hash identifier: LVByO2USf5ugkih7KO2vAeCKBXH9ZxOBKvA5NSk8kP0=
Subject key identifier: F3:3A:80:90:14:8D:C7:01:1B:C6:B7:48:B3:D3:B2:49:B9:C4:1F:79
Certificate issuer: /CN=19c91f1cb0874232a04fbc092baa688accecc9d7
Certificate serial: 018CC34906B56210B979D2F5477EC1485B41
Authority key identifier: 19:C9:1F:1C:B0:87:42:32:A0:4F:BC:09:2B:AA:68:8A:CC:EC:C9:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GckfHLCHQjKgT7wJK6poiszsydc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/8zqAkBSNxwEbxrdIs9OySbnEH3k.roa
Signing time: Mon 01 Jan 2024 04:29:52 +0000
ROA not before: Mon 01 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40138
IP address blocks: 45.85.236.0/24 maxlen: 24
45.85.237.0/24 maxlen: 24
2a0e:c887::/44 maxlen: 48
2a0e:c886::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/GckfHLCHQjKgT7wJK6poiszsydc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/GckfHLCHQjKgT7wJK6poiszsydc.mft
rsync://rpki.ripe.net/repository/DEFAULT/GckfHLCHQjKgT7wJK6poiszsydc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 22:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:06:b5:62:10:b9:79:d2:f5:47:7e:c1:48:5b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19c91f1cb0874232a04fbc092baa688accecc9d7
Validity
Not Before: Jan 1 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f33a8090148dc7011bc6b748b3d3b249b9c41f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8f:fe:0c:96:07:7e:29:77:71:49:ab:09:e3:
dd:25:8c:cb:0e:43:ee:17:6f:f9:a2:c1:50:78:e1:
2e:bd:bc:84:ba:f3:e7:e6:0c:dc:d2:38:7f:bc:25:
b3:cd:6b:e9:8f:b2:22:a9:4c:9e:3d:60:32:a6:3b:
13:02:d6:03:c2:f0:d6:81:76:4b:dc:f2:4b:37:91:
29:19:98:e3:a0:7f:ce:78:7d:5e:9b:ee:59:94:82:
fa:38:c5:a1:a8:02:85:fc:8f:83:c2:fc:cb:5f:69:
3e:f8:14:0a:ed:5f:14:62:28:4e:90:01:d3:40:df:
dc:ef:08:f0:1d:78:4e:11:83:e0:19:13:9e:c0:aa:
c7:0c:26:fd:8e:80:ed:6e:f7:ab:74:ce:c5:f7:74:
bc:46:9d:2c:26:bb:de:15:9c:cc:34:6f:0e:ae:3d:
d9:a3:22:dc:da:43:05:05:e7:ea:49:3a:4a:f6:fc:
68:96:d8:00:da:4f:a7:e0:de:3d:9e:df:35:3b:98:
dc:a3:95:7d:dd:ff:d9:4d:b6:fe:8a:d7:ea:19:69:
0c:61:8d:30:64:2f:38:0b:fc:0e:be:b6:fe:39:67:
e9:79:4a:3f:f4:e1:02:89:69:30:9e:6e:23:68:9f:
6d:13:86:4d:40:4e:1b:87:c2:a7:dd:a5:99:35:30:
d6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3A:80:90:14:8D:C7:01:1B:C6:B7:48:B3:D3:B2:49:B9:C4:1F:79
X509v3 Authority Key Identifier:
keyid:19:C9:1F:1C:B0:87:42:32:A0:4F:BC:09:2B:AA:68:8A:CC:EC:C9:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GckfHLCHQjKgT7wJK6poiszsydc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/8zqAkBSNxwEbxrdIs9OySbnEH3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/046337-4f1f-444e-83d7-054d65d7247f/1/GckfHLCHQjKgT7wJK6poiszsydc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.236.0/23
IPv6:
2a0e:c886::/44
2a0e:c887::/44
Signature Algorithm: sha256WithRSAEncryption
aa:b8:69:fe:53:49:41:28:33:54:a4:7e:ff:b2:91:e6:6b:47:
ed:92:01:4f:f9:44:ee:8f:df:95:cf:b8:52:3f:eb:16:19:45:
72:8e:02:19:23:9a:a4:2e:92:8a:17:b7:4c:e7:5e:08:58:85:
fd:cb:6e:c0:b5:10:8a:80:8f:e8:52:f9:7d:4d:69:0a:28:3e:
e0:c9:bf:6d:60:9e:4d:40:ba:cb:8c:13:1a:77:6d:b5:ef:cd:
8f:f6:83:cd:d4:39:c9:23:10:1b:59:6f:d1:39:a1:f2:46:f1:
70:d5:f7:aa:f8:7c:ad:3b:12:8a:70:94:05:76:e8:7a:1a:70:
83:09:9b:ab:b1:34:a3:db:59:22:9d:da:55:07:6b:31:72:4f:
70:89:ac:57:59:be:e4:9b:31:55:37:be:7e:45:db:17:3b:5f:
4b:47:26:ec:f4:96:4a:9d:11:ee:3e:3f:a4:9b:6c:6e:75:33:
99:94:35:bb:34:c6:6e:b9:25:75:5f:ef:06:5b:6c:70:e0:94:
2a:b2:2a:7f:49:06:9d:30:ed:d9:4f:ff:b8:ae:4f:f4:0f:e6:
ee:90:46:fe:bf:74:9d:33:61:1e:c6:63:78:ae:30:d5:fe:bd:
bd:21:9c:c4:43:10:e7:13:cc:c2:b7:e9:52:ce:9a:e4:50:78:
20:ee:e0:d2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDSQa1YhC5edL1R37BSFtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YzkxZjFjYjA4NzQyMzJhMDRmYmMwOTJiYWE2ODhhY2Nl
Y2M5ZDcwHhcNMjQwMTAxMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNhODA5MDE0OGRjNzAxMWJjNmI3NDhiM2QzYjI0OWI5YzQxZjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY/+DJYHfil3cUmrCePdJYzLDkPu
F2/5osFQeOEuvbyEuvPn5gzc0jh/vCWzzWvpj7IiqUyePWAypjsTAtYDwvDWgXZL
3PJLN5EpGZjjoH/OeH1em+5ZlIL6OMWhqAKF/I+DwvzLX2k++BQK7V8UYihOkAHT
QN/c7wjwHXhOEYPgGROewKrHDCb9joDtbverdM7F93S8Rp0sJrveFZzMNG8Orj3Z
oyLc2kMFBefqSTpK9vxoltgA2k+n4N49nt81O5jco5V93f/ZTbb+itfqGWkMYY0w
ZC84C/wOvrb+OWfpeUo/9OECiWkwnm4jaJ9tE4ZNQE4bh8Kn3aWZNTDWkwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPM6gJAUjccBG8a3SLPTskm5xB95MB8GA1UdIwQY
MBaAFBnJHxywh0IyoE+8CSuqaIrM7MnXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2NrZkhMQ0hRaktnVDd3Sks2cG9pc3pzeWRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8wNDYzMzctNGYxZi00NDRlLTgzZDct
MDU0ZDY1ZDcyNDdmLzEvOHpxQWtCU054d0VieHJkSXM5T3lTYm5FSDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8wNDYzMzctNGYxZi00NDRlLTgzZDctMDU0ZDY1ZDcyNDdm
LzEvR2NrZkhMQ0hRaktnVDd3Sks2cG9pc3pzeWRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBLVXsMBgE
AgACMBIDBwQqDsiGAAADBwQqDsiHAAAwDQYJKoZIhvcNAQELBQADggEBAKq4af5T
SUEoM1Skfv+ykeZrR+2SAU/5RO6P35XPuFI/6xYZRXKOAhkjmqQukooXt0znXghY
hf3LbsC1EIqAj+hS+X1NaQooPuDJv21gnk1AusuMExp3bbXvzY/2g83UOckjEBtZ
b9E5ofJG8XDV96r4fK07EopwlAV26HoacIMJm6uxNKPbWSKd2lUHazFyT3CJrFdZ
vuSbMVU3vn5F2xc7X0tHJuz0lkqdEe4+P6SbbG51M5mUNbs0xm65JXVf7wZbbHDg
lCqyKn9JBp0w7dlP/7iuT/QP5u6QRv6/dJ0zYR7GY3iuMNX+vb0hnMRDEOcTzMK3
6VLOmuRQeCDu4NI=
-----END CERTIFICATE-----
Generated at Sun May 19 06:16:07 2024 by rpki-client on console-fra.rpki-client.org