Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/8aT67bzTQFl-jtTBMu206nH7oow.roa
File: 8aT67bzTQFl-jtTBMu206nH7oow.roa (raw, json)
Hash identifier: hwEUBB2v2ZfsfwhkOr9qTX1C3j/FS1YODDt4hCLWAZ4=
Subject key identifier: F1:A4:FA:ED:BC:D3:40:59:7E:8E:D4:C1:32:ED:B4:EA:71:FB:A2:8C
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 019078167F3CA15DEFD7607B4A260F039B1F
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/8aT67bzTQFl-jtTBMu206nH7oow.roa
Signing time: Wed 03 Jul 2024 10:14:18 +0000
ROA not before: Wed 03 Jul 2024 10:14:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212384
IP address blocks: 45.133.108.0/22 maxlen: 22
185.60.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 16:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:16:7f:3c:a1:5d:ef:d7:60:7b:4a:26:0f:03:9b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jul 3 10:14:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1a4faedbcd340597e8ed4c132edb4ea71fba28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:54:3a:35:31:14:c2:3c:62:9f:a5:0d:f2:34:
49:0f:c1:47:07:33:64:be:d0:04:3f:4d:94:9e:ea:
6f:82:54:12:2d:75:6b:8d:c3:2c:ef:cc:21:d3:2c:
7b:34:41:99:9b:5d:66:5d:84:8b:5b:7c:dc:61:98:
fc:99:f2:81:87:de:48:aa:fb:15:be:1d:dc:f5:8f:
1b:65:e1:7a:6b:77:4e:02:13:ad:5a:54:d6:45:1e:
6d:f6:0f:b1:43:13:23:8d:30:47:44:47:09:02:80:
fc:2f:50:0a:9c:30:cc:f2:46:69:f3:81:e0:ae:64:
95:43:38:08:df:fe:4b:01:7f:ee:10:ce:5f:ec:8d:
85:97:3e:a8:1f:ce:9a:3a:37:96:9e:a0:41:3d:21:
b6:63:a1:e5:4b:c4:93:06:7f:1b:6b:d7:cf:be:9a:
e1:b1:14:f1:27:18:47:aa:03:4d:f4:45:6c:4a:09:
e8:2e:e5:d9:fe:61:5d:d1:38:ea:48:65:f1:a0:e5:
df:69:32:99:da:eb:f1:86:04:d4:12:0b:87:87:02:
ea:1e:c6:28:2e:d7:68:be:c3:4a:1f:e9:06:60:3b:
0b:7b:c8:ff:14:07:72:c1:94:b4:19:4a:83:4a:8d:
40:f2:85:0a:57:2f:0c:8a:c1:7f:7c:d9:5b:e2:c2:
d1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A4:FA:ED:BC:D3:40:59:7E:8E:D4:C1:32:ED:B4:EA:71:FB:A2:8C
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/8aT67bzTQFl-jtTBMu206nH7oow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.108.0/22
185.60.144.0/22
Signature Algorithm: sha256WithRSAEncryption
89:cd:21:e3:6a:cc:47:84:00:23:45:f6:8b:db:72:a9:0c:c4:
9f:6e:2c:74:c3:4e:da:ce:2a:7b:12:70:b0:fc:8b:b9:d6:6e:
ed:05:bd:51:f0:f5:33:4b:69:47:64:93:6f:17:f0:a0:e3:18:
b5:da:1d:3e:fe:af:64:fb:1a:38:50:d1:e3:4f:f4:8f:64:f8:
95:46:68:75:34:4e:f1:47:3d:90:7a:f8:f5:c1:bf:d8:d9:0f:
30:74:08:36:e1:0a:54:28:a8:fc:9e:4a:1e:8a:55:66:08:76:
b6:6a:90:9b:d3:20:6d:d3:8c:8b:da:68:83:b1:40:8d:2e:d5:
28:77:93:1c:e2:59:aa:2f:94:30:45:25:fb:0f:ac:2d:9b:ba:
cb:50:dd:06:f7:05:c3:36:fa:b6:09:28:d3:d9:85:48:00:9d:
ce:4b:16:10:be:6f:86:73:ed:c6:03:79:7f:09:2c:9d:03:28:
d6:d4:c8:b9:f9:8c:b5:bb:c7:d4:fc:70:d5:1d:9c:2c:68:b9:
da:41:91:3d:5c:03:f0:2a:4b:34:9e:58:96:1a:7d:22:f4:24:
e2:4c:90:0f:20:47:bf:46:a8:08:32:2a:89:79:4f:5f:dc:a3:
33:a9:1d:4f:12:2a:33:98:d0:dd:2a:65:3b:06:10:01:12:70:
ab:a6:63:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZB4Fn88oV3v12B7SiYPA5sfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwNzAzMTAxNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWE0ZmFlZGJjZDM0MDU5N2U4ZWQ0YzEzMmVkYjRlYTcxZmJhMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslQ6NTEUwjxin6UN8jRJD8FHBzNk
vtAEP02UnupvglQSLXVrjcMs78wh0yx7NEGZm11mXYSLW3zcYZj8mfKBh95IqvsV
vh3c9Y8bZeF6a3dOAhOtWlTWRR5t9g+xQxMjjTBHREcJAoD8L1AKnDDM8kZp84Hg
rmSVQzgI3/5LAX/uEM5f7I2Flz6oH86aOjeWnqBBPSG2Y6HlS8STBn8ba9fPvprh
sRTxJxhHqgNN9EVsSgnoLuXZ/mFd0TjqSGXxoOXfaTKZ2uvxhgTUEguHhwLqHsYo
LtdovsNKH+kGYDsLe8j/FAdywZS0GUqDSo1A8oUKVy8MisF/fNlb4sLROwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPGk+u2800BZfo7UwTLttOpx+6KMMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvOGFUNjdielRRRmwtanRUQk11MjA2bkg3b293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYVsAwQC
uTyQMA0GCSqGSIb3DQEBCwUAA4IBAQCJzSHjasxHhAAjRfaL23KpDMSfbix0w07a
zip7EnCw/Iu51m7tBb1R8PUzS2lHZJNvF/Cg4xi12h0+/q9k+xo4UNHjT/SPZPiV
Rmh1NE7xRz2Qevj1wb/Y2Q8wdAg24QpUKKj8nkoeilVmCHa2apCb0yBt04yL2miD
sUCNLtUod5Mc4lmqL5QwRSX7D6wtm7rLUN0G9wXDNvq2CSjT2YVIAJ3OSxYQvm+G
c+3GA3l/CSydAyjW1Mi5+Yy1u8fU/HDVHZwsaLnaQZE9XAPwKks0nliWGn0i9CTi
TJAPIEe/RqgIMiqJeU9f3KMzqR1PEiozmNDdKmU7BhABEnCrpmPy
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:27:17 2024 by rpki-client on console-ams.rpki-client.org