Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/lZqe5XA_dnTRRCXrpa_IbbGalE8.roa
File: lZqe5XA_dnTRRCXrpa_IbbGalE8.roa (raw, json)
Hash identifier: JjmEWi4EASeEY1luQr7sUn0IZ7opQFJcCrrHgAi5DYw=
Subject key identifier: 95:9A:9E:E5:70:3F:76:74:D1:44:25:EB:A5:AF:C8:6D:B1:9A:94:4F
Certificate issuer: /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial: 018CC348F006F3F8519E04D79D2E9F2FA7D8
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/lZqe5XA_dnTRRCXrpa_IbbGalE8.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 145.46.161.0/24 maxlen: 24
145.46.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f0:06:f3:f8:51:9e:04:d7:9d:2e:9f:2f:a7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=959a9ee5703f7674d14425eba5afc86db19a944f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b0:eb:26:ec:62:fe:29:d6:2a:09:9a:d7:57:
5d:c2:65:3a:42:e9:1c:78:f9:aa:4e:ac:87:45:53:
85:93:c9:0a:2b:d2:2d:3d:eb:f1:fe:52:99:2e:8a:
e2:fe:0a:b5:8d:b5:96:27:14:7c:01:2c:7a:8a:92:
11:c7:6d:16:e8:57:62:9b:b8:80:1c:2d:ce:88:0a:
cd:e2:92:79:54:3e:71:7f:af:e3:bc:b0:da:83:07:
f8:1a:92:2c:e8:af:2e:e6:5f:e1:bc:39:19:45:51:
dc:11:f5:63:66:4e:68:f1:cd:eb:38:5a:7b:ce:32:
df:32:be:f3:2e:b3:0f:42:ca:6c:1a:8d:9b:05:61:
1e:0e:30:c1:96:42:a3:f4:07:59:77:9f:91:3d:45:
ab:ff:c7:7b:5f:ed:93:a9:3b:ef:13:31:b1:bb:9d:
8b:ae:36:c8:e8:3a:1f:56:86:87:99:bf:8c:14:38:
45:f4:53:a0:e0:f5:d1:cd:eb:fd:a8:52:af:db:a8:
94:c9:98:09:d3:2e:0e:aa:d6:b5:45:21:2c:a4:a8:
a0:e6:17:ed:a5:84:7e:cf:07:e5:60:8b:96:99:a2:
4b:fd:26:49:5f:63:aa:5a:90:54:4f:c9:ee:1d:df:
f4:74:fe:dc:aa:57:8b:7d:46:4b:d4:64:1b:74:c0:
d1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9A:9E:E5:70:3F:76:74:D1:44:25:EB:A5:AF:C8:6D:B1:9A:94:4F
X509v3 Authority Key Identifier:
keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/lZqe5XA_dnTRRCXrpa_IbbGalE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.46.160.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:95:b6:c0:38:08:0e:90:c2:24:01:e3:8b:41:cb:62:45:97:
76:cf:8c:c1:45:b4:93:93:ec:be:05:a2:f0:bc:0e:b7:cc:55:
3a:a7:42:6d:a8:e7:2e:2a:04:68:34:e0:e0:93:f3:7c:26:44:
ee:8f:e1:65:b1:3c:8e:85:9d:2f:0d:6d:67:09:65:65:61:e0:
cd:fe:8a:4d:ee:ba:b7:29:48:52:24:0d:bf:dd:da:31:f8:c5:
f3:9c:f7:7b:f9:53:c1:1c:66:71:3c:c1:0c:37:57:b5:b4:91:
65:a8:0c:7f:6e:f4:f8:eb:e9:0a:73:49:90:77:ea:be:e0:0e:
3f:96:35:d9:03:53:13:dc:f6:bc:45:c5:59:d3:8c:e8:0c:5c:
d6:e6:d4:48:2d:8f:bd:e4:85:67:8d:37:ce:56:17:eb:a1:ea:
f4:d0:6a:69:92:46:19:ce:68:69:7e:27:51:09:71:af:23:d6:
a7:e6:93:23:89:36:e1:ff:06:74:ac:aa:d7:e8:b4:48:57:49:
84:39:6a:66:51:69:89:bb:7b:7c:4c:00:86:5c:95:e4:40:b9:
d7:52:3a:dd:c0:83:35:6e:58:9d:7c:01:5e:19:d9:df:87:72:
b3:0c:f2:8c:27:36:13:1f:ca:d3:7c:92:ee:57:60:7a:12:51:
6b:a8:f2:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPAG8/hRngTXnS6fL6fYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTlhOWVlNTcwM2Y3Njc0ZDE0NDI1ZWJhNWFmYzg2ZGIxOWE5NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLDrJuxi/inWKgma11ddwmU6Qukc
ePmqTqyHRVOFk8kKK9ItPevx/lKZLori/gq1jbWWJxR8ASx6ipIRx20W6Fdim7iA
HC3OiArN4pJ5VD5xf6/jvLDagwf4GpIs6K8u5l/hvDkZRVHcEfVjZk5o8c3rOFp7
zjLfMr7zLrMPQspsGo2bBWEeDjDBlkKj9AdZd5+RPUWr/8d7X+2TqTvvEzGxu52L
rjbI6DofVoaHmb+MFDhF9FOg4PXRzev9qFKv26iUyZgJ0y4Oqta1RSEspKig5hft
pYR+zwflYIuWmaJL/SZJX2OqWpBUT8nuHd/0dP7cqleLfUZL1GQbdMDRgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWanuVwP3Z00UQl66WvyG2xmpRPMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvbFpxZTVYQV9kblRSUkNYcnBhX0liYkdhbEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkS6gMA0G
CSqGSIb3DQEBCwUAA4IBAQCslbbAOAgOkMIkAeOLQctiRZd2z4zBRbSTk+y+BaLw
vA63zFU6p0JtqOcuKgRoNODgk/N8JkTuj+FlsTyOhZ0vDW1nCWVlYeDN/opN7rq3
KUhSJA2/3dox+MXznPd7+VPBHGZxPMEMN1e1tJFlqAx/bvT46+kKc0mQd+q+4A4/
ljXZA1MT3Pa8RcVZ04zoDFzW5tRILY+95IVnjTfOVhfroer00GppkkYZzmhpfidR
CXGvI9an5pMjiTbh/wZ0rKrX6LRIV0mEOWpmUWmJu3t8TACGXJXkQLnXUjrdwIM1
blidfAFeGdnfh3KzDPKMJzYTH8rTfJLuV2B6ElFrqPKv
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:50:31 2024 by rpki-client on console-fra.rpki-client.org