Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AN45_K_SIqtG0EqwZIHtWg5JjaQ.roa
File: AN45_K_SIqtG0EqwZIHtWg5JjaQ.roa (raw, json)
Hash identifier: ayLXoutjtBQfjlicDW7AfenlshtZjWx938UFcJ5iUNY=
Subject key identifier: 00:DE:39:FC:AF:D2:22:AB:46:D0:4A:B0:64:81:ED:5A:0E:49:8D:A4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC8027EA0B89CAB2C963459F836332BED
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AN45_K_SIqtG0EqwZIHtWg5JjaQ.roa
Signing time: Tue 02 Jan 2024 02:30:55 +0000
ROA not before: Tue 02 Jan 2024 02:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50926
IP address blocks: 194.35.43.0/24 maxlen: 24
37.32.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:7e:a0:b8:9c:ab:2c:96:34:59:f8:36:33:2b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00de39fcafd222ab46d04ab06481ed5a0e498da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:40:2f:a5:4f:7f:6b:df:a6:76:0a:e0:b0:77:
b8:ad:45:82:be:ef:81:7c:39:2a:72:98:9c:25:a6:
6f:1b:b6:63:bb:35:8e:58:4f:14:78:9b:d6:10:40:
67:ff:d2:08:2e:c0:72:6a:1a:67:5d:ae:08:b9:e8:
2a:19:ec:34:1f:86:5a:14:bb:e9:3c:17:dc:52:cb:
f8:eb:18:a2:f6:db:36:cc:ab:cb:35:65:44:19:55:
09:9e:34:b0:e9:51:08:59:e5:48:aa:04:af:69:6a:
c5:d0:88:71:0b:90:46:21:08:f2:bc:79:e4:45:1e:
5a:a1:ff:36:d3:19:30:4b:67:0a:7e:c8:55:b1:82:
88:81:aa:20:16:2d:62:07:76:1d:17:b1:a3:68:31:
7c:c4:77:f8:e8:fc:b0:13:26:fe:80:bc:56:33:be:
6b:a0:b5:43:f3:be:07:6a:e5:2a:9b:74:68:81:6d:
fa:85:39:eb:f2:19:4d:58:96:aa:39:b9:35:43:e1:
70:0f:70:94:de:c1:e6:39:0c:46:60:0a:d0:07:62:
eb:06:4e:51:0f:54:84:75:27:19:44:85:00:3b:c6:
ec:05:7c:f0:77:36:cc:54:70:9b:07:92:23:7e:5f:
00:6e:92:3c:a2:89:99:90:01:ec:fa:de:37:6a:f0:
ce:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:DE:39:FC:AF:D2:22:AB:46:D0:4A:B0:64:81:ED:5A:0E:49:8D:A4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/AN45_K_SIqtG0EqwZIHtWg5JjaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.98.0/24
194.35.43.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:6c:44:68:86:83:b4:30:12:3f:a9:e5:20:70:a7:da:43:64:
e5:99:72:46:b6:46:cd:9f:77:30:d6:e4:f3:db:ae:ed:7f:9c:
54:f5:a6:e8:3f:ad:76:dd:0f:e9:04:d1:74:c7:46:b5:69:04:
c0:e3:b3:52:7e:69:84:69:35:ef:e3:e7:64:32:49:c9:ce:fe:
87:cd:e7:a2:9c:d4:fe:06:6e:7f:aa:3a:e2:57:03:1b:9c:38:
ee:62:31:57:e5:63:48:f9:e5:39:d6:69:40:3c:ad:fc:22:6d:
83:ce:1e:d5:0e:69:60:63:b9:1f:78:b1:9c:df:49:a8:60:ec:
ce:4a:b5:46:ff:75:7d:0a:ae:49:8d:66:da:0d:d7:d6:7b:f4:
cc:c1:63:5a:1f:bd:5c:4f:1f:0f:42:87:fb:f3:54:0b:10:04:
ef:e2:1f:05:21:8a:78:44:b0:62:dd:51:68:9d:60:78:e1:0d:
15:6a:3a:95:72:f1:df:f1:d8:8b:9e:e5:1c:16:d3:7d:c5:09:
e2:ec:b8:c1:04:48:72:23:66:90:86:44:8c:d2:e9:c3:8a:0b:
73:c5:1f:41:55:b7:70:40:e6:91:1b:67:05:c7:df:72:e1:f6:
9e:ad:ca:72:b8:5e:8b:56:4f:ff:18:62:80:96:79:71:fd:61:
3a:cd:3b:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAn6guJyrLJY0Wfg2MyvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGRlMzlmY2FmZDIyMmFiNDZkMDRhYjA2NDgxZWQ1YTBlNDk4ZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0AvpU9/a9+mdgrgsHe4rUWCvu+B
fDkqcpicJaZvG7ZjuzWOWE8UeJvWEEBn/9IILsByahpnXa4IuegqGew0H4ZaFLvp
PBfcUsv46xii9ts2zKvLNWVEGVUJnjSw6VEIWeVIqgSvaWrF0IhxC5BGIQjyvHnk
RR5aof820xkwS2cKfshVsYKIgaogFi1iB3YdF7GjaDF8xHf46PywEyb+gLxWM75r
oLVD874HauUqm3RogW36hTnr8hlNWJaqObk1Q+FwD3CU3sHmOQxGYArQB2LrBk5R
D1SEdScZRIUAO8bsBXzwdzbMVHCbB5Ijfl8AbpI8oomZkAHs+t43avDOzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFADeOfyv0iKrRtBKsGSB7VoOSY2kMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQU40NV9LX1NJcXRHMEVxd1pJSHRXZzVKamFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJSBiAwQA
wiMrMA0GCSqGSIb3DQEBCwUAA4IBAQC6bERohoO0MBI/qeUgcKfaQ2TlmXJGtkbN
n3cw1uTz267tf5xU9aboP6123Q/pBNF0x0a1aQTA47NSfmmEaTXv4+dkMknJzv6H
zeeinNT+Bm5/qjriVwMbnDjuYjFX5WNI+eU51mlAPK38Im2Dzh7VDmlgY7kfeLGc
30moYOzOSrVG/3V9Cq5JjWbaDdfWe/TMwWNaH71cTx8PQof781QLEATv4h8FIYp4
RLBi3VFonWB44Q0VajqVcvHf8diLnuUcFtN9xQni7LjBBEhyI2aQhkSM0unDigtz
xR9BVbdwQOaRG2cFx99y4faercpyuF6LVk//GGKAlnlx/WE6zTso
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:30 2024 by rpki-client on console-ams.rpki-client.org