Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/0Do0LybEPQ5dl4PCwV94JXoLDhE.roa
File: 0Do0LybEPQ5dl4PCwV94JXoLDhE.roa (raw, json)
Hash identifier: 36a+wYrqBP0VVGHPyz9OU7OxzhIUKaQzf1bflVl7oLo=
Subject key identifier: D0:3A:34:2F:26:C4:3D:0E:5D:97:83:C2:C1:5F:78:25:7A:0B:0E:11
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0191BDED2D98948166879A9ECEE25579CA2E
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/0Do0LybEPQ5dl4PCwV94JXoLDhE.roa
Signing time: Wed 04 Sep 2024 16:45:23 +0000
ROA not before: Wed 04 Sep 2024 16:45:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41236
IP address blocks: 45.91.6.0/24 maxlen: 24
45.139.71.0/24 maxlen: 24
45.145.18.0/24 maxlen: 24
45.145.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:ed:2d:98:94:81:66:87:9a:9e:ce:e2:55:79:ca:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Sep 4 16:45:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d03a342f26c43d0e5d9783c2c15f78257a0b0e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1f:4e:5e:9f:3b:07:06:d3:a8:63:73:b0:f9:
90:ba:72:d3:24:4e:41:1a:4e:6e:98:13:d5:be:27:
d9:86:f1:18:5f:c0:c5:77:80:4e:ea:27:a0:7e:61:
b9:19:7f:61:eb:c1:58:d8:59:3d:99:18:cf:69:34:
91:fe:be:a8:cf:32:ec:17:83:22:88:ef:54:70:66:
6f:52:ac:1b:08:51:2f:83:99:c7:08:55:14:a5:c2:
b8:91:ae:8c:c8:28:65:91:c8:9e:73:88:80:a1:8f:
1d:a1:7b:70:bb:cc:bc:8d:95:88:e4:f5:9a:c3:f1:
e7:c0:39:a2:bc:f2:fc:8c:05:44:0c:d9:4b:f6:4f:
e0:8b:13:87:14:08:26:38:a7:9f:07:15:e7:59:69:
98:2c:d2:cc:4e:b2:82:f0:85:78:80:55:a7:9f:7b:
b2:d5:8f:b4:89:4f:b8:cf:55:68:68:c4:3f:b9:5b:
48:0e:c2:7e:44:9f:52:89:3e:55:97:8e:0d:2b:1a:
80:14:85:f5:eb:47:bf:cc:b7:90:9d:3b:1b:81:32:
c9:f8:83:29:30:38:ec:f8:d3:ac:e8:20:9d:c3:d0:
6c:12:9d:ee:54:18:b4:c8:d6:e7:ad:a7:4b:ec:ff:
c7:7c:93:84:94:85:30:b8:fc:dc:21:1f:44:81:40:
5e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3A:34:2F:26:C4:3D:0E:5D:97:83:C2:C1:5F:78:25:7A:0B:0E:11
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/0Do0LybEPQ5dl4PCwV94JXoLDhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.6.0/24
45.139.71.0/24
45.145.18.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:53:a0:8e:ba:50:ad:fc:a1:d8:3a:bf:92:27:e4:21:ee:ed:
31:73:2c:78:04:b9:b3:31:62:75:9b:64:20:58:26:d9:52:fb:
5f:61:4d:b7:8e:69:e6:a4:ba:32:29:35:a4:1c:c0:6e:3f:ac:
6a:bf:3c:e3:9f:ac:4d:1d:59:22:b8:cc:8b:ac:2e:cf:c7:29:
71:a6:d1:50:60:03:dc:bd:b5:c2:f2:52:ac:8b:6a:7b:06:2f:
2a:d6:40:f9:c3:8c:97:6b:85:ff:a1:d0:12:fb:2c:de:22:d3:
9c:d0:d6:e3:4b:17:1b:dd:50:fc:a8:65:af:b7:d9:ee:23:43:
1f:fd:79:46:34:18:74:ee:f5:8a:24:ba:78:30:63:fc:e9:65:
8a:53:8f:5e:8b:1d:54:ce:d5:70:6a:78:d6:b8:ed:ea:4e:7e:
8c:d1:4d:91:b8:2e:13:b2:67:82:80:2a:01:84:f7:39:88:36:
bf:ec:95:45:25:c1:ff:a1:31:eb:ec:5c:f8:ab:2e:55:6f:be:
7f:9a:ca:de:12:b4:0b:34:dc:57:cf:d6:c0:ff:75:50:d4:27:
dc:50:ca:79:0d:ef:f2:20:43:aa:ba:51:fb:8e:18:67:a7:11:
a3:d5:c2:70:b2:b4:c4:2a:ef:7a:8d:11:62:2c:d0:3d:20:29:
fc:52:6c:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG97S2YlIFmh5qezuJVecouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwOTA0MTY0NTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDNhMzQyZjI2YzQzZDBlNWQ5NzgzYzJjMTVmNzgyNTdhMGIwZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB9OXp87BwbTqGNzsPmQunLTJE5B
Gk5umBPVvifZhvEYX8DFd4BO6iegfmG5GX9h68FY2Fk9mRjPaTSR/r6ozzLsF4Mi
iO9UcGZvUqwbCFEvg5nHCFUUpcK4ka6MyChlkciec4iAoY8doXtwu8y8jZWI5PWa
w/HnwDmivPL8jAVEDNlL9k/gixOHFAgmOKefBxXnWWmYLNLMTrKC8IV4gFWnn3uy
1Y+0iU+4z1VoaMQ/uVtIDsJ+RJ9SiT5Vl44NKxqAFIX160e/zLeQnTsbgTLJ+IMp
MDjs+NOs6CCdw9BsEp3uVBi0yNbnradL7P/HfJOElIUwuPzcIR9EgUBeKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNA6NC8mxD0OXZeDwsFfeCV6Cw4RMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvMERvMEx5YkVQUTVkbDRQQ3dWOTRKWG9MRGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVsGAwQA
LYtHAwQBLZESMA0GCSqGSIb3DQEBCwUAA4IBAQBrU6COulCt/KHYOr+SJ+Qh7u0x
cyx4BLmzMWJ1m2QgWCbZUvtfYU23jmnmpLoyKTWkHMBuP6xqvzzjn6xNHVkiuMyL
rC7PxylxptFQYAPcvbXC8lKsi2p7Bi8q1kD5w4yXa4X/odAS+yzeItOc0NbjSxcb
3VD8qGWvt9nuI0Mf/XlGNBh07vWKJLp4MGP86WWKU49eix1UztVwanjWuO3qTn6M
0U2RuC4TsmeCgCoBhPc5iDa/7JVFJcH/oTHr7Fz4qy5Vb75/msreErQLNNxXz9bA
/3VQ1CfcUMp5De/yIEOqulH7jhhnpxGj1cJwsrTEKu96jRFiLNA9ICn8UmzK
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:27:24 2024 by rpki-client on console-fra.rpki-client.org