Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1i_W-Sdh6oqWN1UdoLn81np-ang.roa
File: 1i_W-Sdh6oqWN1UdoLn81np-ang.roa (raw, json)
Hash identifier: 8nW5zHP+p59mGxPXAEh+eF7IzShcwZYQhcd3qAjrrZA=
Subject key identifier: D6:2F:D6:F9:27:61:EA:8A:96:37:55:1D:A0:B9:FC:D6:7A:7E:6A:78
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AEE8AE835F70C8E17284D86264316
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1i_W-Sdh6oqWN1UdoLn81np-ang.roa
Signing time: Mon 01 Jan 2024 18:30:48 +0000
ROA not before: Mon 01 Jan 2024 18:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213392
IP address blocks: 45.86.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ee:8a:e8:35:f7:0c:8e:17:28:4d:86:26:43:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d62fd6f92761ea8a9637551da0b9fcd67a7e6a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4e:18:c0:73:80:1a:e9:86:26:fd:8f:af:8b:
40:be:8d:de:06:88:5a:57:ba:f0:a0:5d:05:d3:bf:
c6:2f:d0:56:1a:65:80:d6:49:f7:c9:2d:49:5b:3d:
e1:96:39:22:e8:79:04:c1:53:e2:69:a5:7f:88:5d:
6b:e5:5b:36:17:da:93:76:30:3d:a3:84:86:17:d0:
16:4d:8f:ca:13:fc:37:21:40:33:c8:ad:bb:02:d9:
d4:8f:07:4a:0c:b3:04:38:94:cc:e9:d5:e6:b0:54:
6d:28:39:e7:01:64:6a:a6:ed:0e:01:eb:cc:c1:2d:
1a:30:f2:43:2d:d3:6d:61:5f:4b:b4:ec:09:99:08:
b2:e0:56:59:39:8e:2e:14:f7:7b:0f:22:91:29:e4:
3a:1d:3b:2f:67:d8:dc:9a:f5:88:7c:ca:18:84:19:
95:8a:fb:5f:07:5c:f5:56:83:dc:13:42:21:6d:3e:
cf:96:e3:07:3e:2a:be:57:0e:cb:94:59:9f:b5:aa:
63:ea:68:5c:0b:ba:6e:82:d4:9e:4a:fe:f4:eb:9f:
90:4d:fc:25:ab:94:f6:9d:a1:33:4e:c8:d3:4e:9a:
c1:34:f6:26:15:1a:d2:10:bc:c9:6d:bd:0c:d1:e7:
eb:14:d3:89:05:a1:7a:06:43:56:f0:9c:c4:b8:50:
ac:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:2F:D6:F9:27:61:EA:8A:96:37:55:1D:A0:B9:FC:D6:7A:7E:6A:78
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1i_W-Sdh6oqWN1UdoLn81np-ang.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:2b:d7:05:43:53:63:b1:3d:0a:24:2d:35:98:6f:78:d6:77:
20:59:d8:69:a2:c1:1f:2a:6f:97:ec:b9:6f:7c:45:d8:9e:7a:
7c:77:7d:d8:dd:81:41:b0:ee:c1:ba:07:5f:e2:fb:d7:75:6c:
38:c1:d1:53:e0:be:33:05:78:e0:e2:f8:95:a6:03:61:46:44:
93:38:2b:74:bb:17:cd:9e:50:a7:2d:74:2d:f5:60:a4:3d:d8:
da:58:2a:5a:96:b3:f8:e3:ea:d5:72:2d:45:5e:d1:b0:d6:35:
dd:85:41:62:65:ba:b5:13:b5:b7:ba:11:2f:87:b9:c5:59:d2:
74:99:61:55:23:41:67:46:55:8d:5a:08:21:ea:3b:a9:0b:c4:
e7:7b:d0:00:6c:fc:88:23:9c:e8:1f:f4:be:39:34:4d:65:31:
92:8e:12:f7:69:95:16:c7:88:19:56:c9:f9:4a:6e:6c:ba:41:
b4:96:2b:16:04:3f:70:57:57:7b:07:b3:23:f0:82:61:c4:4f:
50:6b:d1:38:90:9b:9d:a4:76:bd:72:15:6a:03:79:9e:38:02:
e7:e1:88:cb:1f:a2:2e:05:f6:ad:b7:0d:85:f3:20:3c:73:c8:
bf:f9:82:38:fc:69:e7:40:11:8e:4a:3f:0e:3a:9c:07:cb:aa:
cf:4c:cf:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSu6K6DX3DI4XKE2GJkMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjJmZDZmOTI3NjFlYThhOTYzNzU1MWRhMGI5ZmNkNjdhN2U2YTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok4YwHOAGumGJv2Pr4tAvo3eBoha
V7rwoF0F07/GL9BWGmWA1kn3yS1JWz3hljki6HkEwVPiaaV/iF1r5Vs2F9qTdjA9
o4SGF9AWTY/KE/w3IUAzyK27AtnUjwdKDLMEOJTM6dXmsFRtKDnnAWRqpu0OAevM
wS0aMPJDLdNtYV9LtOwJmQiy4FZZOY4uFPd7DyKRKeQ6HTsvZ9jcmvWIfMoYhBmV
ivtfB1z1VoPcE0IhbT7PluMHPiq+Vw7LlFmftapj6mhcC7pugtSeSv7065+QTfwl
q5T2naEzTsjTTprBNPYmFRrSELzJbb0M0efrFNOJBaF6BkNW8JzEuFCshQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYv1vknYeqKljdVHaC5/NZ6fmp4MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvMWlfVy1TZGg2b3FXTjFVZG9MbjgxbnAtYW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZ+MA0G
CSqGSIb3DQEBCwUAA4IBAQANK9cFQ1NjsT0KJC01mG941ncgWdhposEfKm+X7Llv
fEXYnnp8d33Y3YFBsO7Bugdf4vvXdWw4wdFT4L4zBXjg4viVpgNhRkSTOCt0uxfN
nlCnLXQt9WCkPdjaWCpalrP44+rVci1FXtGw1jXdhUFiZbq1E7W3uhEvh7nFWdJ0
mWFVI0FnRlWNWggh6jupC8Tne9AAbPyII5zoH/S+OTRNZTGSjhL3aZUWx4gZVsn5
Sm5sukG0lisWBD9wV1d7B7Mj8IJhxE9Qa9E4kJudpHa9chVqA3meOALn4YjLH6Iu
Bfattw2F8yA8c8i/+YI4/GnnQBGOSj8OOpwHy6rPTM8I
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:54 2024 by rpki-client on console-fra.rpki-client.org