Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/If0vZeAVvOUSIdBUjOK2TTFK8hQ.roa
File: If0vZeAVvOUSIdBUjOK2TTFK8hQ.roa (raw, json)
Hash identifier: Ei6TJyzqPmV9Mm2D2yZDcDzEZpVT5/jEamzRFRfKysQ=
Subject key identifier: 21:FD:2F:65:E0:15:BC:E5:12:21:D0:54:8C:E2:B6:4D:31:4A:F2:14
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 018CC94CED923240F9F541E0A44ADED6EB84
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/If0vZeAVvOUSIdBUjOK2TTFK8hQ.roa
Signing time: Tue 02 Jan 2024 08:31:51 +0000
ROA not before: Tue 02 Jan 2024 08:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3169
IP address blocks: 45.88.4.0/24 maxlen: 24
155.133.62.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:ed:92:32:40:f9:f5:41:e0:a4:4a:de:d6:eb:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Jan 2 08:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21fd2f65e015bce51221d0548ce2b64d314af214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ae:a2:f5:d6:b8:7f:ed:36:69:95:e3:fc:0e:
21:97:c4:db:05:82:bf:c2:dc:9b:d4:49:26:f4:7d:
33:ed:8c:9d:34:6c:e4:57:43:05:24:a5:a7:c6:28:
51:5d:87:e4:b7:63:8d:53:7c:62:40:af:71:95:4c:
39:98:3a:bd:f4:0c:18:f9:3e:2e:9b:e1:8b:47:3a:
90:7c:4a:2d:29:bd:18:fc:d1:1f:30:a1:63:9c:f7:
77:b4:fb:cf:22:7d:c8:dc:a6:df:b2:7e:fb:71:39:
0e:78:7a:e4:ac:bd:a7:ad:52:87:e9:60:99:c5:03:
76:28:e1:c3:17:14:1c:ae:c7:1a:d8:1f:e7:eb:37:
17:3e:59:b6:07:35:29:b5:94:ad:ae:d6:ad:c3:4a:
c1:40:14:a4:e7:a1:fb:1f:90:74:b1:11:11:8d:77:
75:7b:59:14:55:34:71:21:98:8a:ff:17:52:ff:81:
c3:eb:91:bb:f6:6b:c8:0e:32:2a:e3:67:49:ef:ba:
66:b4:7c:7d:46:13:29:55:57:ed:3b:ad:4a:77:cf:
72:ed:ac:30:8d:f8:b5:c0:c0:44:a2:5d:d7:a5:64:
1a:42:9e:eb:45:91:ff:64:57:e9:6c:50:bb:bd:10:
94:9f:c1:79:de:8a:e5:ae:77:0d:5e:9d:15:10:07:
29:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FD:2F:65:E0:15:BC:E5:12:21:D0:54:8C:E2:B6:4D:31:4A:F2:14
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/If0vZeAVvOUSIdBUjOK2TTFK8hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.4.0/24
155.133.62.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:dd:c9:78:4f:c8:7f:05:97:c8:1a:b4:ee:84:e2:c1:8e:fb:
32:a9:ab:3d:cc:cc:9c:09:f4:68:b1:83:33:ba:b8:a0:51:e5:
1b:1d:de:09:99:d7:5c:97:24:8b:dd:c4:a6:64:2a:cf:fb:89:
a3:6d:70:7f:05:2e:da:1b:ed:4a:73:ed:fa:33:0d:4a:cd:db:
10:c1:3a:8f:63:34:a8:41:98:64:bb:5f:72:f1:17:ba:0f:5c:
b7:c6:8f:c6:8d:f8:90:6c:1d:bb:d7:01:eb:85:ca:7c:06:01:
62:31:51:5a:f7:e4:d8:96:bd:05:70:25:33:08:f6:30:a8:3e:
1b:c0:18:42:c6:1b:b8:1a:3d:cc:c4:8f:c1:29:a6:2c:05:7e:
be:7d:3a:21:8b:6d:a9:5f:12:71:12:e1:ba:2a:8b:f5:85:f0:
6a:82:a9:d4:ad:2b:4e:78:11:f0:be:2c:a1:3a:64:df:1b:de:
91:11:57:38:7a:ca:83:9a:a7:0c:c4:7f:45:73:62:68:34:a6:
f6:45:a7:8b:3c:b0:b0:fe:86:70:03:fb:9d:a5:71:3c:2c:1f:
b7:6a:69:56:51:2f:c5:3a:57:2f:22:11:65:f5:4c:f1:78:20:
ef:66:cd:59:e6:1f:24:ef:e3:67:8b:23:88:70:79:b1:01:57:
55:19:91:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTO2SMkD59UHgpEre1uuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjQwMTAyMDgzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZkMmY2NWUwMTViY2U1MTIyMWQwNTQ4Y2UyYjY0ZDMxNGFmMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj66i9da4f+02aZXj/A4hl8TbBYK/
wtyb1Ekm9H0z7YydNGzkV0MFJKWnxihRXYfkt2ONU3xiQK9xlUw5mDq99AwY+T4u
m+GLRzqQfEotKb0Y/NEfMKFjnPd3tPvPIn3I3Kbfsn77cTkOeHrkrL2nrVKH6WCZ
xQN2KOHDFxQcrsca2B/n6zcXPlm2BzUptZStrtatw0rBQBSk56H7H5B0sRERjXd1
e1kUVTRxIZiK/xdS/4HD65G79mvIDjIq42dJ77pmtHx9RhMpVVftO61Kd89y7aww
jfi1wMBEol3XpWQaQp7rRZH/ZFfpbFC7vRCUn8F53orlrncNXp0VEAcpIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCH9L2XgFbzlEiHQVIzitk0xSvIUMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvSWYwdlplQVZ2T1VTSWRCVWpPSzJUVEZLOGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVgEAwQB
m4U+MA0GCSqGSIb3DQEBCwUAA4IBAQDI3cl4T8h/BZfIGrTuhOLBjvsyqas9zMyc
CfRosYMzurigUeUbHd4JmddclySL3cSmZCrP+4mjbXB/BS7aG+1Kc+36Mw1KzdsQ
wTqPYzSoQZhku19y8Re6D1y3xo/GjfiQbB271wHrhcp8BgFiMVFa9+TYlr0FcCUz
CPYwqD4bwBhCxhu4Gj3MxI/BKaYsBX6+fTohi22pXxJxEuG6Kov1hfBqgqnUrStO
eBHwviyhOmTfG96REVc4esqDmqcMxH9Fc2JoNKb2RaeLPLCw/oZwA/udpXE8LB+3
amlWUS/FOlcvIhFl9UzxeCDvZs1Z5h8k7+NniyOIcHmxAVdVGZHq
-----END CERTIFICATE-----
Generated at Fri May 17 14:19:22 2024 by rpki-client on console-ams.rpki-client.org