Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/L03TuYdoJ7d2mffhvejakuzQsok.roa
File: L03TuYdoJ7d2mffhvejakuzQsok.roa (raw, json)
Hash identifier: eTb4ukvhQ1B2ciluWJuIlh9+RG1vRi/dc4scOn7uG6Y=
Subject key identifier: 2F:4D:D3:B9:87:68:27:B7:76:99:F7:E1:BD:E8:DA:92:EC:D0:B2:89
Certificate issuer: /CN=85add8eaaeb3a478d7e5df3e7ee1c323f166bf28
Certificate serial: 0190987F3BFBAA15D71A798F23431B76E8E7
Authority key identifier: 85:AD:D8:EA:AE:B3:A4:78:D7:E5:DF:3E:7E:E1:C3:23:F1:66:BF:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/L03TuYdoJ7d2mffhvejakuzQsok.roa
Signing time: Tue 09 Jul 2024 17:16:33 +0000
ROA not before: Tue 09 Jul 2024 17:16:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208630
IP address blocks: 45.84.236.0/24 maxlen: 24
45.84.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 21:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:7f:3b:fb:aa:15:d7:1a:79:8f:23:43:1b:76:e8:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85add8eaaeb3a478d7e5df3e7ee1c323f166bf28
Validity
Not Before: Jul 9 17:16:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f4dd3b9876827b77699f7e1bde8da92ecd0b289
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c9:dc:47:79:da:4f:e9:7d:1c:92:02:42:2e:
f3:4b:42:4f:bd:49:97:38:a1:0b:39:0b:98:e9:a7:
d8:ba:87:e8:32:9d:5a:7f:83:f4:dc:de:28:8c:d0:
b7:36:f0:c4:3f:fc:c4:90:7d:9a:85:b7:bf:7e:3d:
ff:7c:7f:30:bd:8e:94:20:8a:a3:5e:83:98:74:f0:
81:cb:5f:c1:c1:ce:86:f8:f6:15:e4:41:9b:9f:0b:
74:56:44:f4:65:69:80:03:97:2a:48:6d:9b:33:88:
e4:d7:41:6c:fa:22:5e:e7:d8:99:20:0a:88:48:23:
dc:8f:9d:df:71:fc:ce:5d:34:bd:e6:2e:ce:67:3d:
48:d4:8f:23:5c:c7:ce:5a:76:aa:d6:8f:5e:c0:f6:
05:5e:ac:14:f2:88:39:5d:21:4b:54:00:fc:69:61:
a3:6a:44:6a:76:b6:e5:79:e5:cf:ea:85:f9:7b:2b:
29:57:d2:88:15:78:00:84:65:2a:52:4d:d4:27:02:
67:d9:71:fb:21:9f:46:6e:7b:4f:9c:2e:cb:2c:6e:
31:42:0b:cc:a1:aa:89:43:bd:17:c3:39:33:6e:75:
b0:74:2d:ca:85:17:1e:30:74:a1:26:2e:69:9b:22:
e9:46:90:ad:3e:48:de:29:b2:8d:2c:ae:00:85:48:
02:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:4D:D3:B9:87:68:27:B7:76:99:F7:E1:BD:E8:DA:92:EC:D0:B2:89
X509v3 Authority Key Identifier:
keyid:85:AD:D8:EA:AE:B3:A4:78:D7:E5:DF:3E:7E:E1:C3:23:F1:66:BF:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/L03TuYdoJ7d2mffhvejakuzQsok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.236.0/24
45.84.238.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:eb:38:c3:a5:71:d7:f3:88:96:f5:2e:7f:86:be:f4:46:03:
d0:ac:47:59:6d:f3:57:3d:94:fe:3d:65:f2:82:a8:54:a1:3f:
7e:5b:16:b2:12:5e:a5:c6:12:82:3c:d4:4f:32:64:23:4c:1c:
bb:8d:41:46:05:c7:bb:9c:1c:d8:d7:c3:c3:a9:6e:fa:c9:da:
9d:0e:90:54:0c:15:2f:e2:cd:85:9c:52:e8:6d:a0:b1:42:c6:
2d:a0:43:83:d8:75:1d:c9:68:f6:a5:4f:48:9d:70:6b:6a:c9:
5b:36:e1:dd:69:7c:47:3d:54:8f:df:bf:92:c0:83:1e:f7:47:
61:22:83:c3:2c:ea:c4:e9:28:d8:5d:ad:81:16:b4:ca:8b:9f:
f1:2e:af:d8:f6:81:60:ad:cc:a2:eb:20:47:e1:d5:80:f8:d0:
ef:ad:76:06:f9:9f:95:a2:7d:86:ff:78:dd:16:96:58:52:45:
bf:ac:08:4a:f7:c7:e6:f6:37:b9:60:ce:21:0c:e5:88:89:8c:
0b:12:63:cb:ab:01:6e:ee:a5:31:52:27:ea:7a:b2:4d:7f:6c:
d5:29:57:5c:7f:fa:5d:fe:30:29:be:23:7a:f7:1e:69:8b:f9:
15:6a:1c:ad:dc:7a:79:57:a1:fc:16:a3:9c:4e:a5:7f:0f:cc:
a0:87:6b:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCYfzv7qhXXGnmPI0MbdujnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWRkOGVhYWViM2E0NzhkN2U1ZGYzZTdlZTFjMzIzZjE2
NmJmMjgwHhcNMjQwNzA5MTcxNjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjRkZDNiOTg3NjgyN2I3NzY5OWY3ZTFiZGU4ZGE5MmVjZDBiMjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsncR3naT+l9HJICQi7zS0JPvUmX
OKELOQuY6afYuofoMp1af4P03N4ojNC3NvDEP/zEkH2ahbe/fj3/fH8wvY6UIIqj
XoOYdPCBy1/Bwc6G+PYV5EGbnwt0VkT0ZWmAA5cqSG2bM4jk10Fs+iJe59iZIAqI
SCPcj53fcfzOXTS95i7OZz1I1I8jXMfOWnaq1o9ewPYFXqwU8og5XSFLVAD8aWGj
akRqdrbleeXP6oX5eyspV9KIFXgAhGUqUk3UJwJn2XH7IZ9GbntPnC7LLG4xQgvM
oaqJQ70XwzkzbnWwdC3KhRceMHShJi5pmyLpRpCtPkjeKbKNLK4AhUgCXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC9N07mHaCe3dpn34b3o2pLs0LKJMB8GA1UdIwQY
MBaAFIWt2Oqus6R41+XfPn7hwyPxZr8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGEzWTZxNnpwSGpYNWQ4LWZ1SERJX0ZtdnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9kNDRkZDAtMDViNy00NDI3LWEwODIt
MWI3ZWMzOGU5ZjQ0LzEvTDAzVHVZZG9KN2QybWZmaHZlamFrdXpRc29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9kNDRkZDAtMDViNy00NDI3LWEwODItMWI3ZWMzOGU5ZjQ0
LzEvaGEzWTZxNnpwSGpYNWQ4LWZ1SERJX0ZtdnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVTsAwQA
LVTuMA0GCSqGSIb3DQEBCwUAA4IBAQCf6zjDpXHX84iW9S5/hr70RgPQrEdZbfNX
PZT+PWXygqhUoT9+WxayEl6lxhKCPNRPMmQjTBy7jUFGBce7nBzY18PDqW76ydqd
DpBUDBUv4s2FnFLobaCxQsYtoEOD2HUdyWj2pU9InXBraslbNuHdaXxHPVSP37+S
wIMe90dhIoPDLOrE6SjYXa2BFrTKi5/xLq/Y9oFgrcyi6yBH4dWA+NDvrXYG+Z+V
on2G/3jdFpZYUkW/rAhK98fm9je5YM4hDOWIiYwLEmPLqwFu7qUxUifqerJNf2zV
KVdcf/pd/jApviN69x5pi/kVahyt3Hp5V6H8FqOcTqV/D8ygh2sy
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:46:09 2024 by rpki-client on console-fra.rpki-client.org