Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/oLByLBpFGvxSWJHtb3qCNHZ1n5I.roa
File: oLByLBpFGvxSWJHtb3qCNHZ1n5I.roa (raw, json)
Hash identifier: Fwo4EtcnaiJQgDniXLbjoAaIAIvTvDrLifi0qzvMxZQ=
Subject key identifier: A0:B0:72:2C:1A:45:1A:FC:52:58:91:ED:6F:7A:82:34:76:75:9F:92
Certificate issuer: /CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Certificate serial: 018D081FD67A67904BE81DE290FF6DF64C89
Authority key identifier: 92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/oLByLBpFGvxSWJHtb3qCNHZ1n5I.roa
Signing time: Sun 14 Jan 2024 13:18:40 +0000
ROA not before: Sun 14 Jan 2024 13:18:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42156
IP address blocks: 45.83.172.0/22 maxlen: 22
185.251.180.0/24 maxlen: 24
185.161.188.0/24 maxlen: 24
45.143.62.0/23 maxlen: 23
45.143.60.0/24 maxlen: 24
45.143.61.0/24 maxlen: 24
69.48.159.0/24 maxlen: 24
2a0e:e2c0::/29 maxlen: 29
2a0e:8480::/29 maxlen: 29
2a0e:e2c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/kq8Dyi32Qjt30O83N7D0eRqgNaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/kq8Dyi32Qjt30O83N7D0eRqgNaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:1f:d6:7a:67:90:4b:e8:1d:e2:90:ff:6d:f6:4c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Validity
Not Before: Jan 14 13:18:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0b0722c1a451afc525891ed6f7a823476759f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:74:21:c5:1e:05:e8:2b:35:2e:e5:8e:7b:8d:
dc:58:80:35:b0:a2:3b:c2:a2:f4:7f:61:8a:eb:bb:
e5:23:6e:68:47:0c:ea:af:17:31:33:e7:8b:33:73:
9d:2e:83:a1:a2:b6:e9:66:b7:b7:f2:ac:a9:7f:97:
53:6d:91:4a:08:29:ff:09:af:b4:f3:59:22:fc:e0:
3b:37:18:57:22:28:21:e5:82:22:86:bf:5b:3c:9d:
27:db:87:e7:c0:6e:2f:c6:7d:3e:1f:c0:a6:78:d7:
91:91:83:6f:88:db:34:a3:91:6d:da:22:ad:70:54:
84:16:a9:e7:3c:2f:bb:03:59:38:d1:fa:b2:50:ab:
6b:0d:ff:aa:6f:b2:34:a8:21:48:96:cd:ac:63:60:
7b:1c:5d:e5:e4:93:c2:85:83:fe:6e:ce:b5:3d:b3:
8a:39:ba:a1:d9:0a:2a:f5:63:6d:57:4b:ec:af:9e:
2e:09:c8:80:30:da:c8:c9:1f:b4:68:33:14:b6:60:
19:41:4d:90:dd:80:bc:a1:ca:5e:ad:e8:fe:50:70:
0d:eb:48:de:bf:6f:9c:1a:75:80:83:77:b4:27:34:
ad:31:c5:60:79:a1:c9:1d:2f:a0:9e:9c:e7:8c:55:
25:86:91:b9:b6:d5:b6:32:17:83:c0:23:49:4a:ab:
74:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B0:72:2C:1A:45:1A:FC:52:58:91:ED:6F:7A:82:34:76:75:9F:92
X509v3 Authority Key Identifier:
keyid:92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/oLByLBpFGvxSWJHtb3qCNHZ1n5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/kq8Dyi32Qjt30O83N7D0eRqgNaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.172.0/22
45.143.60.0/22
69.48.159.0/24
185.161.188.0/24
185.251.180.0/24
IPv6:
2a0e:8480::/29
2a0e:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:d5:27:9b:4b:27:dd:1d:95:c6:62:68:3f:07:8b:ee:3c:8c:
c6:e0:b5:e4:ab:4c:3a:2f:ab:4e:d2:c2:79:41:1e:02:bc:8e:
87:65:df:8d:43:24:11:d5:3a:ef:51:48:95:e7:cd:ae:9c:fd:
b4:34:1a:60:f2:6d:04:b0:f1:6a:89:a6:af:e9:09:6f:3f:71:
e8:b5:29:10:29:53:66:6f:6b:44:99:0f:cf:9c:22:67:72:a3:
0b:bc:e9:57:da:4a:19:2e:8e:0a:a2:be:41:75:93:9e:aa:f7:
b6:70:41:6f:e8:33:64:15:17:36:98:8a:54:20:42:5c:a0:c8:
61:8c:c9:0f:44:80:f4:ef:65:a8:64:33:e8:ab:03:67:98:ab:
79:ab:33:4f:ae:8f:37:3d:96:36:23:b8:da:49:4c:4a:44:9d:
fd:d1:39:71:cc:09:bd:97:8b:e9:b5:2b:29:8f:7d:78:b3:fd:
4a:4a:ec:11:16:49:cd:27:47:7f:cd:97:34:17:a3:10:78:e2:
16:b4:30:84:87:a8:51:da:5d:7f:53:a7:a6:ed:6b:06:00:4d:
04:d1:7b:c0:ce:4b:69:5c:85:9d:94:f3:4c:59:94:00:37:a1:
f7:1e:67:e8:1b:6c:c4:ae:3d:9d:49:55:24:ec:7d:4d:0b:bd:
6a:1d:58:b5
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY0IH9Z6Z5BL6B3ikP9t9kyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYWYwM2NhMmRmNjQyM2I3N2QwZWYzNzM3YjBmNDc5MWFh
MDM1YTMwHhcNMjQwMTE0MTMxODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGIwNzIyYzFhNDUxYWZjNTI1ODkxZWQ2ZjdhODIzNDc2NzU5ZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XQhxR4F6Cs1LuWOe43cWIA1sKI7
wqL0f2GK67vlI25oRwzqrxcxM+eLM3OdLoOhorbpZre38qypf5dTbZFKCCn/Ca+0
81ki/OA7NxhXIigh5YIihr9bPJ0n24fnwG4vxn0+H8CmeNeRkYNviNs0o5Ft2iKt
cFSEFqnnPC+7A1k40fqyUKtrDf+qb7I0qCFIls2sY2B7HF3l5JPChYP+bs61PbOK
Obqh2Qoq9WNtV0vsr54uCciAMNrIyR+0aDMUtmAZQU2Q3YC8ocperej+UHAN60je
v2+cGnWAg3e0JzStMcVgeaHJHS+gnpznjFUlhpG5ttW2MheDwCNJSqt03wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKCwciwaRRr8UliR7W96gjR2dZ+SMB8GA1UdIwQY
MBaAFJKvA8ot9kI7d9DvNzew9HkaoDWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEt
NzAzYjZiNzBhN2VjLzEvb0xCeUxCcEZHdnhTV0pIdGIzcUNOSFoxbjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEtNzAzYjZiNzBhN2Vj
LzEva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLVOsAwQC
LY88AwQARTCfAwQAuaG8AwQAufu0MBQEAgACMA4DBQMqDoSAAwUDKg7iwDANBgkq
hkiG9w0BAQsFAAOCAQEAP9Unm0sn3R2VxmJoPweL7jyMxuC15KtMOi+rTtLCeUEe
AryOh2XfjUMkEdU671FIlefNrpz9tDQaYPJtBLDxaommr+kJbz9x6LUpEClTZm9r
RJkPz5wiZ3KjC7zpV9pKGS6OCqK+QXWTnqr3tnBBb+gzZBUXNpiKVCBCXKDIYYzJ
D0SA9O9lqGQz6KsDZ5ireaszT66PNz2WNiO42klMSkSd/dE5ccwJvZeL6bUrKY99
eLP9SkrsERZJzSdHf82XNBejEHjiFrQwhIeoUdpdf1Onpu1rBgBNBNF7wM5LaVyF
nZTzTFmUADeh9x5n6BtsxK49nUlVJOx9TQu9ah1YtQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:22:29 2024 by rpki-client on console-fra.rpki-client.org