Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/ivT9LCeqKU1XBfscMqCXY89DyEo.roa
File: ivT9LCeqKU1XBfscMqCXY89DyEo.roa (raw, json)
Hash identifier: 0qOw9VMDRdYHRmp/t0meUrVXla/yRCkrJrbgxclFaB4=
Subject key identifier: 8A:F4:FD:2C:27:AA:29:4D:57:05:FB:1C:32:A0:97:63:CF:43:C8:4A
Certificate issuer: /CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Certificate serial: 018CC94E421AF8055DD04120BAB346C7D904
Authority key identifier: E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/ivT9LCeqKU1XBfscMqCXY89DyEo.roa
Signing time: Tue 02 Jan 2024 08:33:18 +0000
ROA not before: Tue 02 Jan 2024 08:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212362
IP address blocks: 45.129.105.0/24 maxlen: 24
2a0e:47c6::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.mft
rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:42:1a:f8:05:5d:d0:41:20:ba:b3:46:c7:d9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e
Validity
Not Before: Jan 2 08:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8af4fd2c27aa294d5705fb1c32a09763cf43c84a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:af:cb:18:47:fd:c1:4e:82:fc:89:76:5c:a9:
19:af:14:84:ce:e8:e4:76:27:64:32:00:93:80:aa:
c9:a3:05:72:e7:ed:d9:1d:74:f5:a9:2f:91:4c:58:
00:a7:de:55:ec:38:10:dd:52:55:98:d8:91:a4:4b:
ee:39:49:20:e2:2e:58:50:c0:30:da:bd:da:f1:5b:
1c:8f:82:93:49:54:44:ef:c2:86:cd:54:f1:0e:6d:
70:7d:7c:3c:81:ce:5f:54:7c:ff:06:5e:95:b4:71:
a5:aa:a5:55:c4:25:e2:70:95:9c:d7:e2:06:ce:60:
11:4d:8c:94:94:d1:9b:de:43:fe:23:14:57:ec:e1:
d2:c5:39:24:9e:57:49:39:88:11:90:c8:1d:95:44:
c1:b2:f8:be:af:8c:9d:13:48:f3:6a:d6:2b:75:1d:
dc:6c:34:c2:47:31:5f:eb:f9:d9:df:dc:60:85:d1:
34:53:05:43:94:49:0c:09:89:13:b1:75:8b:64:cf:
20:82:79:c6:08:72:cd:ce:58:09:de:03:08:d6:4a:
34:ac:61:ce:a4:6c:5b:be:94:71:37:63:cb:9b:c7:
71:0b:86:5a:3c:8b:97:c0:c2:33:3f:b7:7e:57:f6:
64:5a:aa:5a:5f:aa:74:53:82:34:20:5c:68:07:f0:
45:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F4:FD:2C:27:AA:29:4D:57:05:FB:1C:32:A0:97:63:CF:43:C8:4A
X509v3 Authority Key Identifier:
keyid:E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/ivT9LCeqKU1XBfscMqCXY89DyEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.105.0/24
IPv6:
2a0e:47c6::/32
Signature Algorithm: sha256WithRSAEncryption
27:28:9e:0b:8a:f4:45:54:e6:76:76:f3:a7:85:bb:c5:fe:9c:
e1:b0:25:ec:b4:1d:62:c4:fa:b3:31:dd:da:c7:ef:ae:55:d1:
7e:dc:83:41:00:f2:d5:aa:46:c2:0e:52:17:ee:e2:2f:7d:8a:
7f:ba:ac:37:c5:d8:9e:e6:fb:c8:fd:30:9a:db:3b:3a:fd:4a:
64:89:ab:2f:40:9c:a8:07:06:06:db:97:4e:b0:90:a1:39:dc:
a1:43:a8:9e:fd:0a:83:8b:f5:c3:95:7f:5b:c3:bf:28:8b:09:
4d:6a:2b:ff:0b:db:54:89:95:15:ae:e3:18:67:e4:cb:98:ec:
34:07:f2:24:53:f5:a0:c6:b3:22:07:33:ec:82:30:16:5b:40:
ed:70:c8:a8:56:91:17:42:83:82:3d:34:f5:76:18:da:d0:10:
cc:dd:e5:c1:81:cc:13:3b:0a:64:aa:07:83:16:85:58:46:5c:
b2:c3:e4:df:1e:a0:f6:0c:9f:8c:cd:f3:7c:e6:ea:cd:9e:8b:
c5:b9:af:05:52:b0:11:e7:8e:8a:f1:69:f5:d0:3e:4f:91:40:
e5:38:fd:bc:40:41:b2:17:7a:25:5c:18:1e:96:e3:f8:fb:de:
b6:44:ef:eb:21:2a:49:5b:94:b1:59:ea:75:e4:6b:a6:29:0b:
a3:6f:d3:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTkIa+AVd0EEgurNGx9kEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4OGMwNDc3MWUyYmZhYzhmNjBmMWI0YzljYmQwOTNhYWZl
YTk3NGUwHhcNMjQwMTAyMDgzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWY0ZmQyYzI3YWEyOTRkNTcwNWZiMWMzMmEwOTc2M2NmNDNjODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK/LGEf9wU6C/Il2XKkZrxSEzujk
didkMgCTgKrJowVy5+3ZHXT1qS+RTFgAp95V7DgQ3VJVmNiRpEvuOUkg4i5YUMAw
2r3a8Vscj4KTSVRE78KGzVTxDm1wfXw8gc5fVHz/Bl6VtHGlqqVVxCXicJWc1+IG
zmARTYyUlNGb3kP+IxRX7OHSxTkknldJOYgRkMgdlUTBsvi+r4ydE0jzatYrdR3c
bDTCRzFf6/nZ39xghdE0UwVDlEkMCYkTsXWLZM8ggnnGCHLNzlgJ3gMI1ko0rGHO
pGxbvpRxN2PLm8dxC4ZaPIuXwMIzP7d+V/ZkWqpaX6p0U4I0IFxoB/BFLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIr0/SwnqilNVwX7HDKgl2PPQ8hKMB8GA1UdIwQY
MBaAFOiMBHceK/rI9g8bTJy9CTqv6pdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUt
YmE2NDVmMTk5MTVhLzEvaXZUOUxDZXFLVTFYQmZzY01xQ1hZODlEeUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUtYmE2NDVmMTk5MTVh
LzEvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYFpMA0E
AgACMAcDBQAqDkfGMA0GCSqGSIb3DQEBCwUAA4IBAQAnKJ4LivRFVOZ2dvOnhbvF
/pzhsCXstB1ixPqzMd3ax++uVdF+3INBAPLVqkbCDlIX7uIvfYp/uqw3xdie5vvI
/TCa2zs6/UpkiasvQJyoBwYG25dOsJChOdyhQ6ie/QqDi/XDlX9bw78oiwlNaiv/
C9tUiZUVruMYZ+TLmOw0B/IkU/WgxrMiBzPsgjAWW0DtcMioVpEXQoOCPTT1dhja
0BDM3eXBgcwTOwpkqgeDFoVYRlyyw+TfHqD2DJ+MzfN85urNnovFua8FUrAR546K
8Wn10D5PkUDlOP28QEGyF3olXBgeluP4+962RO/rISpJW5SxWep15GumKQujb9Nd
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:35:18 2024 by rpki-client on console-ams.rpki-client.org