Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/2HSiRCVRROrOcEAAqDbXvkyrWKc.roa
File: 2HSiRCVRROrOcEAAqDbXvkyrWKc.roa (raw, json)
Hash identifier: ojFJJAIKbZ6SrKutOqNsG0fy9V6QfAg4wsSink+BljM=
Subject key identifier: D8:74:A2:44:25:51:44:EA:CE:70:40:00:A8:36:D7:BE:4C:AB:58:A7
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 019081C04184395E71571B3A09A8AB64EDB0
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/2HSiRCVRROrOcEAAqDbXvkyrWKc.roa
Signing time: Fri 05 Jul 2024 07:16:18 +0000
ROA not before: Fri 05 Jul 2024 07:16:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 45.90.248.0/22 maxlen: 22
212.60.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:81:c0:41:84:39:5e:71:57:1b:3a:09:a8:ab:64:ed:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jul 5 07:16:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d874a244255144eace704000a836d7be4cab58a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1a:b1:cf:c9:28:93:25:78:f3:7d:52:83:88:
2d:3e:ba:3a:00:70:b4:10:27:df:86:1f:58:b0:e8:
37:7e:c3:bf:92:1b:a2:a4:f3:95:a6:24:12:59:b0:
e0:45:ef:3d:46:9c:14:b9:76:77:f9:3b:40:37:d2:
c7:48:08:35:ca:1d:ce:dd:56:80:6f:0d:4a:79:3e:
05:1a:1c:e6:a8:62:c5:0b:36:90:95:f2:ba:80:90:
67:27:10:f4:98:95:cb:6c:ba:72:f7:75:ba:b9:5c:
e9:31:87:15:8c:78:ff:b3:3e:70:44:7e:87:ef:18:
76:91:55:6a:a9:67:e6:ec:3a:f9:d5:80:81:16:cc:
e8:6d:02:b7:d8:4f:22:7c:a5:4a:48:4f:06:01:16:
6c:9b:08:86:d1:41:5f:de:3e:c4:27:e9:7c:ab:17:
c5:24:39:22:18:82:d0:57:73:7e:39:32:12:0a:fc:
84:74:2f:ad:ab:bc:a8:fb:91:fe:b2:fb:dd:46:73:
2d:ef:f8:52:f2:75:c6:07:c3:80:95:f9:f5:22:b4:
c1:7d:37:67:d2:49:a8:b1:da:54:5c:87:d6:d3:72:
22:24:2a:11:96:b1:f2:62:38:73:d3:29:27:29:47:
41:ba:75:3b:1d:6a:b0:d3:86:0e:9d:d3:54:a3:e6:
db:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:74:A2:44:25:51:44:EA:CE:70:40:00:A8:36:D7:BE:4C:AB:58:A7
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/2HSiRCVRROrOcEAAqDbXvkyrWKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.248.0/22
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
30:53:2f:21:e7:9a:5d:db:df:75:c4:6f:86:2b:94:7f:e4:23:
c4:8d:06:00:7a:48:34:99:89:c6:c1:82:05:64:31:89:b4:23:
3b:42:1b:cb:ce:a6:e4:0a:5b:ad:d1:c0:36:60:c8:c1:96:2f:
a1:eb:13:0f:c1:67:76:d0:0a:8a:d4:df:42:ec:e3:e2:7a:79:
e7:e7:d2:b1:71:cf:af:2b:c2:73:8a:15:a0:fa:fe:6a:a9:33:
21:51:ff:8a:18:cc:99:2f:88:ff:e3:53:e3:53:58:21:95:f6:
1f:97:30:07:28:90:a4:f9:20:cb:d3:8c:04:31:b4:c8:73:ac:
d0:e6:c6:a8:23:71:41:9f:81:01:a9:ad:a8:e4:c0:59:2e:c1:
49:34:73:b9:42:6e:c0:b6:9b:42:19:ef:d2:1a:09:be:cb:7d:
a9:01:27:a2:4a:58:55:79:30:f5:4c:46:36:fb:e9:fc:c6:87:
6b:f8:d2:05:b2:e2:f7:f6:f5:ff:90:a0:fe:4c:d0:7a:81:dc:
9c:de:55:5d:71:36:11:b6:f5:6e:a5:02:6f:95:0c:14:91:cb:
5a:87:85:d8:69:aa:b5:ce:86:19:fc:c0:e3:37:f0:5b:fd:bb:
6f:f9:01:b0:66:59:3c:38:bc:c6:83:53:02:dd:8c:4a:66:65:
cf:11:c6:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCBwEGEOV5xVxs6CairZO2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwNzA1MDcxNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc0YTI0NDI1NTE0NGVhY2U3MDQwMDBhODM2ZDdiZTRjYWI1OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxqxz8kokyV4831Sg4gtPro6AHC0
ECffhh9YsOg3fsO/khuipPOVpiQSWbDgRe89RpwUuXZ3+TtAN9LHSAg1yh3O3VaA
bw1KeT4FGhzmqGLFCzaQlfK6gJBnJxD0mJXLbLpy93W6uVzpMYcVjHj/sz5wRH6H
7xh2kVVqqWfm7Dr51YCBFszobQK32E8ifKVKSE8GARZsmwiG0UFf3j7EJ+l8qxfF
JDkiGILQV3N+OTISCvyEdC+tq7yo+5H+svvdRnMt7/hS8nXGB8OAlfn1IrTBfTdn
0kmosdpUXIfW03IiJCoRlrHyYjhz0yknKUdBunU7HWqw04YOndNUo+bbJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNh0okQlUUTqznBAAKg2175Mq1inMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvMkhTaVJDVlJST3JPY0VBQXFEYlh2a3lyV0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVr4AwQC
1DwAMA0GCSqGSIb3DQEBCwUAA4IBAQAwUy8h55pd2991xG+GK5R/5CPEjQYAekg0
mYnGwYIFZDGJtCM7QhvLzqbkClut0cA2YMjBli+h6xMPwWd20AqK1N9C7OPiennn
59Kxcc+vK8JzihWg+v5qqTMhUf+KGMyZL4j/41PjU1ghlfYflzAHKJCk+SDL04wE
MbTIc6zQ5saoI3FBn4EBqa2o5MBZLsFJNHO5Qm7AtptCGe/SGgm+y32pASeiSlhV
eTD1TEY2++n8xodr+NIFsuL39vX/kKD+TNB6gdyc3lVdcTYRtvVupQJvlQwUkcta
h4XYaaq1zoYZ/MDjN/Bb/btv+QGwZlk8OLzGg1MC3YxKZmXPEcbp
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:57:28 2024 by rpki-client on console-ams.rpki-client.org