Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8Drqe2CqRBACFNDgDFKo-j04SS0.roa
File: 8Drqe2CqRBACFNDgDFKo-j04SS0.roa (raw, json)
Hash identifier: pXhwjnfA/ygM+CAyH+sjrKXtpFbpPh1xMWcbgL78jMk=
Subject key identifier: F0:3A:EA:7B:60:AA:44:10:02:14:D0:E0:0C:52:A8:FA:3D:38:49:2D
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FB6D4DB3516508CEF742CB9123C09
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8Drqe2CqRBACFNDgDFKo-j04SS0.roa
Signing time: Tue 02 Jan 2024 04:30:13 +0000
ROA not before: Tue 02 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212042
IP address blocks: 45.87.29.0/24 maxlen: 24
45.150.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b6:d4:db:35:16:50:8c:ef:74:2c:b9:12:3c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f03aea7b60aa44100214d0e00c52a8fa3d38492d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3d:73:2f:bc:9f:21:6f:a9:37:d1:1e:6c:d4:
71:e4:09:93:ac:bd:1a:1d:70:56:d6:db:c5:d0:2c:
b7:34:5e:c4:9a:8e:dd:a9:2c:04:bb:2d:df:d1:62:
86:13:48:0a:c1:c3:6a:a6:6a:b4:c9:fb:d7:4e:a5:
38:ed:d9:5f:d3:8d:3e:25:e9:d4:24:0d:86:d2:4a:
fe:75:ca:73:c0:ad:d6:26:96:63:53:a2:ff:74:07:
88:90:e2:00:63:ca:2b:49:12:68:96:f3:6d:3a:da:
80:f8:fd:de:f5:45:df:fd:c2:08:b2:be:76:4f:6b:
e0:ec:b8:61:8a:f1:4c:c7:c4:95:34:35:15:66:a7:
4a:42:e9:a9:1d:04:b2:84:f2:ca:88:ce:4b:f4:05:
06:51:90:2e:c1:74:5f:db:fb:67:ec:ad:52:00:fd:
5f:c8:c8:c2:bf:dd:4d:f3:31:a1:a9:59:ff:c5:0c:
eb:bc:c0:23:fe:ed:ee:f7:b0:6a:35:16:76:7e:a8:
09:0c:97:9e:60:55:30:94:aa:24:3b:78:4e:fd:c4:
20:80:08:ce:9c:1a:ae:b0:78:1e:e0:4e:6a:b8:8f:
ac:d7:76:9a:e0:85:1a:c4:da:97:5f:54:a4:cc:ef:
be:46:e2:c3:fc:ad:68:43:d8:1f:e6:32:56:b4:14:
c0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3A:EA:7B:60:AA:44:10:02:14:D0:E0:0C:52:A8:FA:3D:38:49:2D
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8Drqe2CqRBACFNDgDFKo-j04SS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.29.0/24
45.150.95.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:63:b6:75:f2:41:a5:8e:58:9d:38:d2:2c:0c:da:f1:20:84:
74:cd:ec:8e:a7:19:f4:e1:09:19:37:b5:57:09:99:13:3b:6f:
62:70:3e:25:3b:14:76:0b:23:8c:6a:38:69:4e:51:66:2c:91:
35:d0:25:06:a0:4a:5c:ae:04:b7:df:06:ae:7e:cc:92:74:ea:
19:93:c4:c8:87:86:91:6c:14:3a:73:9d:2d:40:a9:43:03:f0:
93:7e:1e:df:17:85:47:93:1d:17:5b:24:05:81:47:5c:af:ab:
40:68:62:e7:ed:e4:40:d9:dd:98:e1:96:7e:bc:53:4f:c6:cf:
8e:7d:fa:fc:66:da:5b:ee:ce:6a:92:32:50:f7:29:11:20:59:
50:c8:b3:f3:81:39:cb:62:8e:9a:31:f4:c6:26:c1:06:35:49:
a8:9a:3f:d5:ad:27:0a:c4:58:f3:a5:1b:2d:44:63:9a:74:f4:
2b:d3:52:ac:70:7d:c2:a9:84:d0:0d:c2:c3:df:f8:90:31:e4:
3c:5a:14:1d:4a:b8:77:fe:81:07:d4:c4:6f:f5:ef:82:a6:92:
a9:89:e6:8a:69:fa:89:2d:51:d2:34:41:a2:f8:10:16:36:a8:
bd:9c:9b:8e:c5:c5:11:0c:3e:32:5b:46:a5:a2:f4:d4:45:10:
56:f8:c6:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb7bU2zUWUIzvdCy5EjwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNhZWE3YjYwYWE0NDEwMDIxNGQwZTAwYzUyYThmYTNkMzg0OTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD1zL7yfIW+pN9EebNRx5AmTrL0a
HXBW1tvF0Cy3NF7Emo7dqSwEuy3f0WKGE0gKwcNqpmq0yfvXTqU47dlf040+JenU
JA2G0kr+dcpzwK3WJpZjU6L/dAeIkOIAY8orSRJolvNtOtqA+P3e9UXf/cIIsr52
T2vg7LhhivFMx8SVNDUVZqdKQumpHQSyhPLKiM5L9AUGUZAuwXRf2/tn7K1SAP1f
yMjCv91N8zGhqVn/xQzrvMAj/u3u97BqNRZ2fqgJDJeeYFUwlKokO3hO/cQggAjO
nBqusHge4E5quI+s13aa4IUaxNqXX1SkzO++RuLD/K1oQ9gf5jJWtBTAiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPA66ntgqkQQAhTQ4AxSqPo9OEktMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOERycWUyQ3FSQkFDRk5EZ0RGS28tajA0U1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVcdAwQA
LZZfMA0GCSqGSIb3DQEBCwUAA4IBAQCsY7Z18kGljlidONIsDNrxIIR0zeyOpxn0
4QkZN7VXCZkTO29icD4lOxR2CyOMajhpTlFmLJE10CUGoEpcrgS33waufsySdOoZ
k8TIh4aRbBQ6c50tQKlDA/CTfh7fF4VHkx0XWyQFgUdcr6tAaGLn7eRA2d2Y4ZZ+
vFNPxs+Offr8Ztpb7s5qkjJQ9ykRIFlQyLPzgTnLYo6aMfTGJsEGNUmomj/VrScK
xFjzpRstRGOadPQr01KscH3CqYTQDcLD3/iQMeQ8WhQdSrh3/oEH1MRv9e+CppKp
ieaKafqJLVHSNEGi+BAWNqi9nJuOxcURDD4yW0alovTURRBW+Mai
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:38:47 2024 by rpki-client on console-ams.rpki-client.org