Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b7d6d4-941b-422a-905d-e29833c9c1c6/1/n8h8qD2fxCDguAoqxFUYTf11SLY.roa
File: n8h8qD2fxCDguAoqxFUYTf11SLY.roa (raw, json)
Hash identifier: YU6fm9rNwMb3nQmr7soAsMrW/If8mjHn9HxnNPWXajs=
Subject key identifier: 9F:C8:7C:A8:3D:9F:C4:20:E0:B8:0A:2A:C4:55:18:4D:FD:75:48:B6
Certificate issuer: /CN=c118e34e09479dce89ef61d98f4c2abf8189cf24
Certificate serial: 0190B64F3C8888A56DABCC536AD1AD449148
Authority key identifier: C1:18:E3:4E:09:47:9D:CE:89:EF:61:D9:8F:4C:2A:BF:81:89:CF:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wRjjTglHnc6J72HZj0wqv4GJzyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b7d6d4-941b-422a-905d-e29833c9c1c6/1/n8h8qD2fxCDguAoqxFUYTf11SLY.roa
Signing time: Mon 15 Jul 2024 12:12:44 +0000
ROA not before: Mon 15 Jul 2024 12:12:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208443
IP address blocks: 45.136.188.0/23 maxlen: 23
45.136.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/b7d6d4-941b-422a-905d-e29833c9c1c6/1/wRjjTglHnc6J72HZj0wqv4GJzyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/b7d6d4-941b-422a-905d-e29833c9c1c6/1/wRjjTglHnc6J72HZj0wqv4GJzyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/wRjjTglHnc6J72HZj0wqv4GJzyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 18:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b6:4f:3c:88:88:a5:6d:ab:cc:53:6a:d1:ad:44:91:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c118e34e09479dce89ef61d98f4c2abf8189cf24
Validity
Not Before: Jul 15 12:12:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fc87ca83d9fc420e0b80a2ac455184dfd7548b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a8:e4:87:97:21:0a:a6:e9:b8:4b:86:03:fb:
cd:20:db:ca:29:40:1e:0b:67:32:3e:e8:a2:76:f1:
dd:b0:92:e5:8c:60:94:41:88:a4:f0:b6:08:93:d8:
3e:0c:e5:0e:60:d8:b9:bd:6c:10:b7:83:45:da:3e:
34:70:9d:ef:55:e2:67:75:05:32:6a:84:c7:4d:37:
ce:f9:af:13:d5:38:93:bc:92:f8:f4:17:b7:5d:ea:
93:ad:09:b2:b4:8c:7b:cb:d0:03:70:c2:2c:25:2b:
e8:28:b7:53:37:37:fc:b0:48:3a:a7:39:c6:50:87:
4f:ee:04:9c:da:8e:b7:94:b3:0a:02:85:fa:9b:ea:
2e:83:77:88:72:08:ad:ce:fd:7c:ea:50:66:a2:b7:
4c:4c:16:c9:b9:29:e7:19:d0:ce:04:d7:9c:68:9e:
c2:99:48:78:3b:e8:01:bf:50:e7:e6:42:bc:b3:60:
87:8b:04:02:37:bc:f1:4a:28:12:7d:b9:d1:bf:b9:
4d:76:fd:7f:92:e7:b7:dc:55:06:2c:3b:46:f3:cc:
e9:84:37:1d:34:2a:b4:df:25:4a:8c:ed:dd:dc:bd:
ad:a6:12:72:86:8e:c7:fb:22:28:fd:bb:6c:9f:90:
ad:ba:2a:51:dc:e7:ae:19:5e:80:33:89:61:a4:07:
37:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C8:7C:A8:3D:9F:C4:20:E0:B8:0A:2A:C4:55:18:4D:FD:75:48:B6
X509v3 Authority Key Identifier:
keyid:C1:18:E3:4E:09:47:9D:CE:89:EF:61:D9:8F:4C:2A:BF:81:89:CF:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wRjjTglHnc6J72HZj0wqv4GJzyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b7d6d4-941b-422a-905d-e29833c9c1c6/1/n8h8qD2fxCDguAoqxFUYTf11SLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b7d6d4-941b-422a-905d-e29833c9c1c6/1/wRjjTglHnc6J72HZj0wqv4GJzyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.188.0/22
Signature Algorithm: sha256WithRSAEncryption
10:f9:94:6d:93:29:4e:3a:42:f4:5e:a9:e6:be:bb:0e:63:24:
77:cf:d9:9b:7d:c6:db:a4:9b:de:0c:28:79:33:83:2b:71:80:
61:36:e1:8d:36:5c:31:3e:d5:d6:f9:55:59:44:da:b5:9f:34:
78:49:e9:cd:2f:0d:02:7b:1f:1f:b3:11:fc:1b:83:ec:1e:e2:
aa:64:aa:0a:98:9a:e6:e3:05:93:0f:50:d5:7f:77:17:65:dd:
9b:6c:59:ad:16:db:53:48:09:b3:09:f5:3c:b8:69:9e:3e:df:
bf:a4:74:1a:10:fa:9c:a7:f8:33:d3:29:ac:26:a2:24:eb:41:
2a:88:2a:2a:79:41:64:47:ef:f8:c6:76:ca:77:fb:bd:7d:5b:
f4:ad:0c:6c:0c:17:35:56:7e:81:61:4f:8a:11:07:f9:31:35:
b7:24:aa:df:43:df:89:2b:a9:e2:1b:88:df:59:84:bd:6b:e5:
ad:07:64:50:7a:d3:56:62:62:14:3b:04:e5:f1:9c:03:93:68:
66:29:42:91:3b:8f:1e:da:14:be:cb:e9:92:02:c8:b3:05:9c:
7f:cb:24:e5:6e:25:dd:ab:b0:b9:77:a8:3b:97:10:82:ed:c1:
e6:be:dd:e9:5f:38:93:77:59:57:87:64:cc:99:ea:a6:3d:b7:
ff:30:4b:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC2TzyIiKVtq8xTatGtRJFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMThlMzRlMDk0NzlkY2U4OWVmNjFkOThmNGMyYWJmODE4
OWNmMjQwHhcNMjQwNzE1MTIxMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmM4N2NhODNkOWZjNDIwZTBiODBhMmFjNDU1MTg0ZGZkNzU0OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApajkh5chCqbpuEuGA/vNINvKKUAe
C2cyPuiidvHdsJLljGCUQYik8LYIk9g+DOUOYNi5vWwQt4NF2j40cJ3vVeJndQUy
aoTHTTfO+a8T1TiTvJL49Be3XeqTrQmytIx7y9ADcMIsJSvoKLdTNzf8sEg6pznG
UIdP7gSc2o63lLMKAoX6m+oug3eIcgitzv186lBmordMTBbJuSnnGdDOBNecaJ7C
mUh4O+gBv1Dn5kK8s2CHiwQCN7zxSigSfbnRv7lNdv1/kue33FUGLDtG88zphDcd
NCq03yVKjO3d3L2tphJyho7H+yIo/btsn5CtuipR3OeuGV6AM4lhpAc3ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/IfKg9n8Qg4LgKKsRVGE39dUi2MB8GA1UdIwQY
MBaAFMEY404JR53Oie9h2Y9MKr+Bic8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1JqalRnbEhuYzZKNzJIWmowd3F2NEdKenlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iN2Q2ZDQtOTQxYi00MjJhLTkwNWQt
ZTI5ODMzYzljMWM2LzEvbjhoOHFEMmZ4Q0RndUFvcXhGVVlUZjExU0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iN2Q2ZDQtOTQxYi00MjJhLTkwNWQtZTI5ODMzYzljMWM2
LzEvd1JqalRnbEhuYzZKNzJIWmowd3F2NEdKenlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYi8MA0G
CSqGSIb3DQEBCwUAA4IBAQAQ+ZRtkylOOkL0XqnmvrsOYyR3z9mbfcbbpJveDCh5
M4MrcYBhNuGNNlwxPtXW+VVZRNq1nzR4SenNLw0Cex8fsxH8G4PsHuKqZKoKmJrm
4wWTD1DVf3cXZd2bbFmtFttTSAmzCfU8uGmePt+/pHQaEPqcp/gz0ymsJqIk60Eq
iCoqeUFkR+/4xnbKd/u9fVv0rQxsDBc1Vn6BYU+KEQf5MTW3JKrfQ9+JK6niG4jf
WYS9a+WtB2RQetNWYmIUOwTl8ZwDk2hmKUKRO48e2hS+y+mSAsizBZx/yyTlbiXd
q7C5d6g7lxCC7cHmvt3pXziTd1lXh2TMmeqmPbf/MEsG
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:28:51 2024 by rpki-client on console-ams.rpki-client.org