Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/lGTKpj7YoUCGXF2Us2GxX8Ayr1s.roa
File: lGTKpj7YoUCGXF2Us2GxX8Ayr1s.roa (raw, json)
Hash identifier: XBukNQ76wTgpdaPf5u9zq34gNnhL9GKOolHXf5GIv0w=
Subject key identifier: 94:64:CA:A6:3E:D8:A1:40:86:5C:5D:94:B3:61:B1:5F:C0:32:AF:5B
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 018CC86F84B6B034AE090492A2A90A0D77D7
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/lGTKpj7YoUCGXF2Us2GxX8Ayr1s.roa
Signing time: Tue 02 Jan 2024 04:30:00 +0000
ROA not before: Tue 02 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 146.19.162.0/24 maxlen: 24
45.94.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:84:b6:b0:34:ae:09:04:92:a2:a9:0a:0d:77:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 2 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9464caa63ed8a140865c5d94b361b15fc032af5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:98:e2:72:dd:36:77:4b:27:38:4d:77:77:d4:
13:a7:10:10:16:e4:61:0e:ed:2d:af:2c:74:f1:9f:
74:ae:4a:4a:71:ef:54:d6:a9:97:2b:3e:ca:98:e5:
4e:32:7c:23:3b:34:f9:20:86:f3:a9:b1:83:fb:7a:
5d:0d:1b:b5:6f:ae:62:b8:0d:42:01:b1:46:33:71:
b6:1f:b9:4c:4b:df:0c:83:ae:47:43:fa:fd:da:5d:
0f:af:5e:ab:04:16:a6:8a:f0:b8:0e:ae:2c:a7:8b:
5a:45:79:c8:8b:d0:b5:e4:bc:4c:65:9f:d4:a7:02:
0e:ec:ad:75:f4:92:ca:ca:23:c0:28:c6:cb:f8:cc:
e0:f0:e1:5c:79:86:2c:b4:38:f9:ec:f8:3d:88:c0:
3c:e4:ae:d3:ea:b1:12:06:90:41:c0:d6:68:1e:3c:
dd:3b:97:2f:69:da:09:df:3f:2b:70:b8:ba:f7:78:
3d:58:7e:23:e3:6f:eb:5d:3e:3e:89:e2:5a:5c:49:
19:81:82:7f:c0:f3:16:0e:21:95:c5:b9:76:bf:57:
c4:80:3e:72:ec:84:5f:db:06:79:48:90:15:98:b4:
57:28:78:2c:0f:1a:47:2c:50:c6:db:86:40:27:25:
e6:dc:e4:2a:f7:01:bf:18:d7:40:f4:99:3d:fc:47:
e9:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:64:CA:A6:3E:D8:A1:40:86:5C:5D:94:B3:61:B1:5F:C0:32:AF:5B
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/lGTKpj7YoUCGXF2Us2GxX8Ayr1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.220.0/22
146.19.162.0/24
Signature Algorithm: sha256WithRSAEncryption
61:eb:e8:7c:3f:49:5a:2a:b3:c0:f8:58:86:0f:f2:27:d5:89:
b0:ae:db:fc:cb:f0:fc:1a:47:5b:9f:16:f6:9f:cd:b4:17:ef:
c9:c7:fb:b7:be:83:cf:f8:e0:3e:f8:c7:d3:fb:3b:6d:3b:64:
fb:2a:35:6b:f7:9e:59:69:51:c6:81:a7:34:af:e8:85:13:17:
16:11:7d:1f:27:36:6c:f5:fa:fb:08:16:3b:0c:2d:8c:24:74:
ca:57:fc:1f:4d:63:1a:c9:ae:b7:65:91:9d:0f:e9:df:20:a3:
70:4e:ed:0b:57:3f:24:28:3d:90:7e:5c:7f:e0:43:0b:c2:ab:
9d:8b:c6:d2:e8:4d:65:a3:33:3d:95:1b:59:8f:2c:c6:d9:fe:
e1:f4:38:d2:80:0f:92:5c:6d:34:c1:74:0e:4e:07:a0:42:f9:
05:1e:ef:54:9c:93:a9:66:83:24:d9:1d:b9:f2:c8:d1:ca:0f:
6d:b1:a0:0c:c6:53:d6:9a:fd:de:0f:a0:87:f6:53:da:16:dc:
f2:11:a2:43:e4:c8:29:0f:7a:40:78:bb:91:d3:a8:c0:d0:56:
df:22:c6:ef:4b:f8:30:29:9e:ef:9c:97:e1:36:ee:33:d5:f6:
d3:9a:88:a1:6b:de:8b:76:a7:03:94:94:b4:c5:9d:c8:a2:f0:
00:d5:ae:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb4S2sDSuCQSSoqkKDXfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjQwMTAyMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY0Y2FhNjNlZDhhMTQwODY1YzVkOTRiMzYxYjE1ZmMwMzJhZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5jict02d0snOE13d9QTpxAQFuRh
Du0tryx08Z90rkpKce9U1qmXKz7KmOVOMnwjOzT5IIbzqbGD+3pdDRu1b65iuA1C
AbFGM3G2H7lMS98Mg65HQ/r92l0Pr16rBBamivC4Dq4sp4taRXnIi9C15LxMZZ/U
pwIO7K119JLKyiPAKMbL+Mzg8OFceYYstDj57Pg9iMA85K7T6rESBpBBwNZoHjzd
O5cvadoJ3z8rcLi693g9WH4j42/rXT4+ieJaXEkZgYJ/wPMWDiGVxbl2v1fEgD5y
7IRf2wZ5SJAVmLRXKHgsDxpHLFDG24ZAJyXm3OQq9wG/GNdA9Jk9/EfpUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJRkyqY+2KFAhlxdlLNhsV/AMq9bMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvbEdUS3BqN1lvVUNHWEYyVXMyR3hYOEF5cjFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLV7cAwQA
khOiMA0GCSqGSIb3DQEBCwUAA4IBAQBh6+h8P0laKrPA+FiGD/In1Ymwrtv8y/D8
Gkdbnxb2n820F+/Jx/u3voPP+OA++MfT+zttO2T7KjVr955ZaVHGgac0r+iFExcW
EX0fJzZs9fr7CBY7DC2MJHTKV/wfTWMaya63ZZGdD+nfIKNwTu0LVz8kKD2Qflx/
4EMLwqudi8bS6E1lozM9lRtZjyzG2f7h9DjSgA+SXG00wXQOTgegQvkFHu9UnJOp
ZoMk2R258sjRyg9tsaAMxlPWmv3eD6CH9lPaFtzyEaJD5MgpD3pAeLuR06jA0Fbf
IsbvS/gwKZ7vnJfhNu4z1fbTmoiha96LdqcDlJS0xZ3IovAA1a5o
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:54:44 2024 by rpki-client on console-ams.rpki-client.org