Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/sZIkiPPFonIOzqS3oGsh9SFwMVc.roa
File: sZIkiPPFonIOzqS3oGsh9SFwMVc.roa (raw, json)
Hash identifier: Uh211qtm2l5AbYjwL51kj1bQ36P6YgPTvvzijaObYkU=
Subject key identifier: B1:92:24:88:F3:C5:A2:72:0E:CE:A4:B7:A0:6B:21:F5:21:70:31:57
Certificate issuer: /CN=33358b451ee0fe85b004a0564f8310fb211c95fa
Certificate serial: 018CC64A4270B24921E77D6EAB2ABEF59F7C
Authority key identifier: 33:35:8B:45:1E:E0:FE:85:B0:04:A0:56:4F:83:10:FB:21:1C:95:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/sZIkiPPFonIOzqS3oGsh9SFwMVc.roa
Signing time: Mon 01 Jan 2024 18:30:04 +0000
ROA not before: Mon 01 Jan 2024 18:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49042
IP address blocks: 45.148.123.0/24 maxlen: 24
45.148.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/MzWLRR7g_oWwBKBWT4MQ-yEclfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/MzWLRR7g_oWwBKBWT4MQ-yEclfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:42:70:b2:49:21:e7:7d:6e:ab:2a:be:f5:9f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33358b451ee0fe85b004a0564f8310fb211c95fa
Validity
Not Before: Jan 1 18:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1922488f3c5a2720ecea4b7a06b21f521703157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:89:15:9c:98:6d:61:f1:6b:3c:31:00:51:
6a:b3:06:4e:31:8e:5d:f0:8b:60:4f:bd:0e:eb:47:
c6:f0:ee:49:fb:fa:82:23:c8:0f:c7:88:26:87:26:
fa:d9:e0:f8:6a:eb:eb:65:da:d1:3c:3f:0c:4f:dd:
bd:0f:da:8e:b2:c3:4c:e3:15:75:63:a0:3e:55:10:
0a:86:ca:27:c4:83:26:64:c1:e3:18:2e:33:f8:c1:
5d:6b:e4:f1:82:a8:d3:41:88:e1:a3:91:e2:3e:94:
f1:d1:21:19:34:8e:83:d0:f8:2d:aa:9f:f4:28:e6:
84:d7:05:9b:a5:90:7f:2d:38:20:0b:e0:1f:cd:e3:
c6:b5:e9:d8:a0:0b:93:1b:9a:4d:9c:9c:40:07:9e:
59:a5:60:80:c9:b6:98:ca:e7:be:7f:8b:97:85:4e:
99:90:02:af:99:fe:61:ef:26:b2:ca:b2:53:53:c2:
d2:8b:f7:94:f4:de:c6:df:56:8b:b2:29:0d:8b:04:
75:65:cf:bc:03:98:19:89:a0:ba:05:51:f2:38:11:
7f:4f:f6:d4:1b:fa:8a:12:15:2d:c4:93:13:84:03:
be:73:94:3f:1c:d8:ce:6e:bf:02:6f:f7:76:28:72:
4a:72:38:0b:3d:7e:09:5d:0a:1b:c7:67:c1:84:14:
9f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:92:24:88:F3:C5:A2:72:0E:CE:A4:B7:A0:6B:21:F5:21:70:31:57
X509v3 Authority Key Identifier:
keyid:33:35:8B:45:1E:E0:FE:85:B0:04:A0:56:4F:83:10:FB:21:1C:95:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/sZIkiPPFonIOzqS3oGsh9SFwMVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/MzWLRR7g_oWwBKBWT4MQ-yEclfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.120.0/24
45.148.123.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:65:14:2c:13:80:fa:bb:23:46:f5:75:c8:16:5d:0a:4a:5d:
f6:e1:73:9c:08:87:cc:95:25:7e:ce:66:7c:71:7a:2f:07:1e:
de:34:29:c8:4c:0b:6a:ee:ca:dc:40:c6:55:67:c2:e1:c3:d4:
45:82:bf:52:f4:93:1e:9d:e4:7a:cb:02:61:de:97:9c:2d:c3:
b3:5b:ce:a4:90:12:da:0d:c0:ce:e9:e8:75:f5:c8:e9:0b:6a:
0b:81:77:28:92:44:04:b3:e6:ae:b1:40:6e:b9:28:fd:d4:42:
73:91:b5:1d:06:bf:02:ac:a2:f4:72:d3:f9:8e:d6:15:fd:98:
95:f5:3f:7f:36:fe:b2:8d:be:6b:d8:6f:ab:c6:bf:e3:8c:3f:
00:b2:5d:91:79:a8:94:b1:68:62:07:8d:84:70:f1:49:9b:ca:
ef:79:56:ce:29:a2:46:9a:2d:ba:b1:01:e2:29:0a:9a:fa:62:
7f:71:27:96:2a:4a:ca:fe:5a:c0:2b:36:73:ca:42:e0:dc:aa:
22:8e:6f:f0:ac:6a:2e:8e:1a:49:fb:90:94:af:5e:ba:36:4e:
42:d6:8c:63:75:01:ee:48:f0:87:45:16:d4:e1:21:34:40:18:
8b:79:71:69:28:39:3e:51:18:40:08:4e:e7:6e:3f:20:b8:2c:
14:86:a8:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSkJwskkh531uqyq+9Z98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzU4YjQ1MWVlMGZlODViMDA0YTA1NjRmODMxMGZiMjEx
Yzk1ZmEwHhcNMjQwMTAxMTgzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTkyMjQ4OGYzYzVhMjcyMGVjZWE0YjdhMDZiMjFmNTIxNzAzMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIuJFZyYbWHxazwxAFFqswZOMY5d
8ItgT70O60fG8O5J+/qCI8gPx4gmhyb62eD4auvrZdrRPD8MT929D9qOssNM4xV1
Y6A+VRAKhsonxIMmZMHjGC4z+MFda+TxgqjTQYjho5HiPpTx0SEZNI6D0Pgtqp/0
KOaE1wWbpZB/LTggC+AfzePGtenYoAuTG5pNnJxAB55ZpWCAybaYyue+f4uXhU6Z
kAKvmf5h7yayyrJTU8LSi/eU9N7G31aLsikNiwR1Zc+8A5gZiaC6BVHyOBF/T/bU
G/qKEhUtxJMThAO+c5Q/HNjObr8Cb/d2KHJKcjgLPX4JXQobx2fBhBSfVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLGSJIjzxaJyDs6kt6BrIfUhcDFXMB8GA1UdIwQY
MBaAFDM1i0Ue4P6FsASgVk+DEPshHJX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpXTFJSN2dfb1d3QktCV1Q0TVEteUVjbGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85ZjE4ZjgtOTZjNC00YjIzLTkzMWYt
ZDVmMDQ3YzI5MTkwLzEvc1pJa2lQUEZvbklPenFTM29Hc2g5U0Z3TVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85ZjE4ZjgtOTZjNC00YjIzLTkzMWYtZDVmMDQ3YzI5MTkw
LzEvTXpXTFJSN2dfb1d3QktCV1Q0TVEteUVjbGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZR4AwQA
LZR7MA0GCSqGSIb3DQEBCwUAA4IBAQAbZRQsE4D6uyNG9XXIFl0KSl324XOcCIfM
lSV+zmZ8cXovBx7eNCnITAtq7srcQMZVZ8Lhw9RFgr9S9JMeneR6ywJh3pecLcOz
W86kkBLaDcDO6eh19cjpC2oLgXcokkQEs+ausUBuuSj91EJzkbUdBr8CrKL0ctP5
jtYV/ZiV9T9/Nv6yjb5r2G+rxr/jjD8Asl2ReaiUsWhiB42EcPFJm8rveVbOKaJG
mi26sQHiKQqa+mJ/cSeWKkrK/lrAKzZzykLg3Koijm/wrGoujhpJ+5CUr166Nk5C
1oxjdQHuSPCHRRbU4SE0QBiLeXFpKDk+URhACE7nbj8guCwUhqgI
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:25:14 2024 by rpki-client on console-ams.rpki-client.org