Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/a0cjBqxlKDEfkReE5_XQHoVTicw.roa
File: a0cjBqxlKDEfkReE5_XQHoVTicw.roa (raw, json)
Hash identifier: igGzFAQsr5tupcD11Py6TMUzp0+Vh+1as5ldw2Bmkyc=
Subject key identifier: 6B:47:23:06:AC:65:28:31:1F:91:17:84:E7:F5:D0:1E:85:53:89:CC
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018CC9BCB98055B26EE06137388497A3C3F9
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/a0cjBqxlKDEfkReE5_XQHoVTicw.roa
Signing time: Tue 02 Jan 2024 10:33:57 +0000
ROA not before: Tue 02 Jan 2024 10:33:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31418
IP address blocks: 81.45.21.0/24 maxlen: 24
81.45.22.0/24 maxlen: 24
81.45.20.0/24 maxlen: 24
81.45.23.0/24 maxlen: 24
195.53.129.0/24 maxlen: 24
195.53.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b9:80:55:b2:6e:e0:61:37:38:84:97:a3:c3:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 2 10:33:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b472306ac6528311f911784e7f5d01e855389cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c4:7f:1f:4f:c2:1b:67:43:5b:2f:6a:17:3d:
a6:a5:ec:4d:01:93:d3:00:bd:e7:6c:5c:ad:94:b8:
a2:d1:fa:15:39:40:1f:4a:24:69:99:72:29:1e:a2:
77:39:82:9e:a2:79:34:f6:95:73:26:81:65:f0:4f:
23:71:76:b3:be:78:7b:a8:7d:d9:8d:b6:98:fc:14:
d4:8a:bb:e3:aa:16:54:5d:ad:24:3a:ad:37:5b:38:
8c:d6:41:30:52:d1:ae:8c:d2:50:68:80:9f:b2:f4:
d2:f3:42:bc:09:4b:6a:16:24:91:34:e9:93:b3:8f:
87:02:dd:83:63:fe:87:53:97:f4:c6:dd:be:11:f2:
1b:4d:6f:c9:c2:cf:6d:30:e3:bf:15:95:80:58:7f:
9f:6b:d4:34:52:a8:2e:28:e3:f4:5c:fb:a7:12:1e:
13:2c:1f:44:5a:c6:41:70:4f:25:9d:f6:3a:c8:2a:
61:17:93:77:f2:1a:b2:de:15:b0:6b:11:44:d1:59:
24:c3:09:31:8c:9b:3a:4d:20:95:08:6b:82:2c:14:
49:59:97:8f:51:7e:6d:9f:91:6b:39:ae:1e:ec:2c:
c4:c4:ee:ec:7a:7b:ab:a0:a3:db:59:e1:84:6d:99:
38:0e:85:bb:a9:4b:f8:a4:c8:ac:4e:9e:df:ca:37:
17:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:47:23:06:AC:65:28:31:1F:91:17:84:E7:F5:D0:1E:85:53:89:CC
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/a0cjBqxlKDEfkReE5_XQHoVTicw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.45.20.0/22
195.53.128.0/23
Signature Algorithm: sha256WithRSAEncryption
13:05:13:13:57:1e:b1:91:ab:51:01:8f:17:c5:4f:3f:3b:77:
d6:b2:0f:cc:89:60:a0:dc:9d:df:4b:a3:30:70:87:a2:91:ad:
cf:da:2c:4c:aa:4a:5b:89:eb:31:d6:a2:ae:1a:6f:20:ae:4e:
c3:6f:cb:9c:7a:82:40:e0:c5:cd:59:cb:5e:7a:b9:ff:31:f9:
08:b6:fe:b2:a7:8d:44:cc:14:c2:95:5b:9e:ec:8e:34:fb:ba:
1c:f7:4f:ca:d7:40:b1:78:01:62:47:18:a4:d4:97:33:e9:3d:
8e:06:9c:2a:5c:4f:89:62:75:86:dc:be:6c:eb:60:80:09:16:
4d:27:a5:12:d1:36:37:34:39:39:d8:0a:c6:ea:db:3a:27:4f:
59:66:97:f8:8e:8b:a1:e5:12:30:a6:5e:48:0f:23:44:f1:19:
38:c0:65:9b:7f:d7:81:93:a8:6b:b3:7b:d4:40:0d:41:d4:52:
e6:9b:a1:d1:1f:96:91:b0:12:5e:4a:ee:24:0d:18:78:35:3d:
b6:ee:c9:da:d2:11:2e:5e:11:66:90:e7:62:11:81:6d:70:a5:
0c:10:d3:f7:e8:75:83:8f:aa:bb:8f:b1:87:1d:b1:c7:a8:0e:
53:a1:f9:cf:fe:80:1d:6b:ab:b4:48:56:f8:4d:9c:40:4d:d9:
b3:d2:01:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvLmAVbJu4GE3OISXo8P5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjQwMTAyMTAzMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQ3MjMwNmFjNjUyODMxMWY5MTE3ODRlN2Y1ZDAxZTg1NTM4OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMR/H0/CG2dDWy9qFz2mpexNAZPT
AL3nbFytlLii0foVOUAfSiRpmXIpHqJ3OYKeonk09pVzJoFl8E8jcXazvnh7qH3Z
jbaY/BTUirvjqhZUXa0kOq03WziM1kEwUtGujNJQaICfsvTS80K8CUtqFiSRNOmT
s4+HAt2DY/6HU5f0xt2+EfIbTW/Jws9tMOO/FZWAWH+fa9Q0UqguKOP0XPunEh4T
LB9EWsZBcE8lnfY6yCphF5N38hqy3hWwaxFE0VkkwwkxjJs6TSCVCGuCLBRJWZeP
UX5tn5FrOa4e7CzExO7senuroKPbWeGEbZk4DoW7qUv4pMisTp7fyjcXwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGtHIwasZSgxH5EXhOf10B6FU4nMMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvYTBjakJxeGxLREVma1JlRTVfWFFIb1ZUaWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCUS0UAwQB
wzWAMA0GCSqGSIb3DQEBCwUAA4IBAQATBRMTVx6xkatRAY8XxU8/O3fWsg/MiWCg
3J3fS6MwcIeika3P2ixMqkpbiesx1qKuGm8grk7Db8uceoJA4MXNWcteern/MfkI
tv6yp41EzBTClVue7I40+7oc90/K10CxeAFiRxik1Jcz6T2OBpwqXE+JYnWG3L5s
62CACRZNJ6US0TY3NDk52ArG6ts6J09ZZpf4jouh5RIwpl5IDyNE8Rk4wGWbf9eB
k6hrs3vUQA1B1FLmm6HRH5aRsBJeSu4kDRh4NT227sna0hEuXhFmkOdiEYFtcKUM
ENP36HWDj6q7j7GHHbHHqA5TofnP/oAda6u0SFb4TZxATdmz0gEs
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:12:22 2024 by rpki-client on console-ams.rpki-client.org