Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KXF2QJ3TTvGL8g4Byc9ds_ddlAU.roa
File: KXF2QJ3TTvGL8g4Byc9ds_ddlAU.roa (raw, json)
Hash identifier: 4x+Us6FtfvylFNm+LohOaIMC4M0udxWXAuvFkk63s4E=
Subject key identifier: 29:71:76:40:9D:D3:4E:F1:8B:F2:0E:01:C9:CF:5D:B3:F7:5D:94:05
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018E9E2FA0F5FB2B00DAB9D12331B88585B5
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KXF2QJ3TTvGL8g4Byc9ds_ddlAU.roa
Signing time: Tue 02 Apr 2024 09:41:45 +0000
ROA not before: Tue 02 Apr 2024 09:41:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212396
IP address blocks: 45.85.88.0/24 maxlen: 24
45.145.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:2f:a0:f5:fb:2b:00:da:b9:d1:23:31:b8:85:85:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 2 09:41:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=297176409dd34ef18bf20e01c9cf5db3f75d9405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0d:9a:27:f6:1f:11:cd:18:5a:03:63:0a:cb:
b6:7d:74:7f:bf:5e:80:63:53:0b:46:49:00:ad:4a:
da:ed:3d:40:7e:1a:3d:01:50:93:84:29:4f:c6:f2:
ea:b9:fa:26:3e:4b:3b:ab:a3:24:50:7e:5b:7c:49:
d0:b2:93:f0:2d:26:f9:9b:be:9c:a4:b4:be:45:3a:
3f:d7:5f:76:d4:8d:60:3e:95:59:5f:c2:d0:17:5c:
a7:80:60:19:44:cb:01:77:8b:30:24:df:99:08:28:
74:95:e9:df:9d:45:ac:30:8b:c6:87:3c:f8:de:f2:
35:aa:a1:af:ba:5c:d2:5a:f3:07:19:8f:f3:fb:15:
0a:1e:af:4f:2c:29:9d:01:43:cb:53:75:b5:ed:53:
11:ce:05:3b:1d:74:3d:d6:85:b7:0f:de:ea:ef:1b:
bc:9b:b1:70:32:8d:3d:9d:99:f1:99:ed:23:21:16:
c7:ff:8d:fb:76:f0:80:4f:b8:71:d5:7c:21:25:83:
d1:21:0b:b8:9d:a4:2e:84:22:16:ce:67:f1:89:74:
ec:56:dd:4c:fc:8b:67:84:62:03:2d:f5:ca:b1:18:
95:da:f1:c4:04:f3:06:c7:64:dd:5d:b7:66:64:06:
29:93:e0:be:d5:af:12:ec:0f:53:ad:7d:48:89:22:
9d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:71:76:40:9D:D3:4E:F1:8B:F2:0E:01:C9:CF:5D:B3:F7:5D:94:05
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KXF2QJ3TTvGL8g4Byc9ds_ddlAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.88.0/24
45.145.248.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:15:77:c7:6a:25:db:f5:c6:c3:15:6e:0d:8a:18:c6:15:30:
e0:7c:e9:13:b9:fb:00:10:45:6a:f4:c1:93:ea:0e:35:cd:18:
b6:a6:9b:cd:6f:38:c4:4e:c0:b1:4f:17:52:fe:8a:bd:02:fb:
60:03:66:1b:c7:78:91:2b:4c:d0:85:18:f2:aa:34:0e:61:05:
6c:b8:3f:ec:cc:e2:7e:a7:c0:52:c8:0a:a0:3e:b9:92:75:1d:
f7:5b:c6:a7:ec:60:db:42:de:68:82:0a:9a:bd:d1:1c:a7:43:
a4:44:17:ae:9d:8e:39:92:ff:23:35:1c:0d:7f:b4:53:3e:49:
b1:24:63:a5:a4:95:8c:56:a3:38:e2:b1:7e:03:7c:c3:d2:b3:
eb:e3:b2:2f:e8:2a:2c:72:fc:de:bc:47:9d:e9:c9:3a:13:f0:
5b:66:f6:31:cc:6f:a7:5a:52:5a:fe:8f:8a:18:36:5f:88:bc:
9d:e5:40:08:19:56:cc:d3:db:fa:4a:b7:79:74:70:37:1a:d9:
09:8e:f7:7f:4a:80:8e:6b:8c:3b:ed:92:cc:46:dd:3f:c1:58:
70:f7:9b:e0:bc:7e:b4:ef:1a:0d:30:26:20:87:3d:92:03:8f:
f7:fa:2f:71:4a:ea:14:8a:dc:f4:8e:2b:a5:16:9e:20:ea:3b:
e8:cd:0d:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6eL6D1+ysA2rnRIzG4hYW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNDAyMDk0MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTcxNzY0MDlkZDM0ZWYxOGJmMjBlMDFjOWNmNWRiM2Y3NWQ5NDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig2aJ/YfEc0YWgNjCsu2fXR/v16A
Y1MLRkkArUra7T1Afho9AVCThClPxvLqufomPks7q6MkUH5bfEnQspPwLSb5m76c
pLS+RTo/11921I1gPpVZX8LQF1yngGAZRMsBd4swJN+ZCCh0lenfnUWsMIvGhzz4
3vI1qqGvulzSWvMHGY/z+xUKHq9PLCmdAUPLU3W17VMRzgU7HXQ91oW3D97q7xu8
m7FwMo09nZnxme0jIRbH/437dvCAT7hx1XwhJYPRIQu4naQuhCIWzmfxiXTsVt1M
/ItnhGIDLfXKsRiV2vHEBPMGx2TdXbdmZAYpk+C+1a8S7A9TrX1IiSKdKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFClxdkCd007xi/IOAcnPXbP3XZQFMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvS1hGMlFKM1RUdkdMOGc0QnljOWRzX2RkbEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVVYAwQA
LZH4MA0GCSqGSIb3DQEBCwUAA4IBAQC1FXfHaiXb9cbDFW4NihjGFTDgfOkTufsA
EEVq9MGT6g41zRi2ppvNbzjETsCxTxdS/oq9AvtgA2Ybx3iRK0zQhRjyqjQOYQVs
uD/szOJ+p8BSyAqgPrmSdR33W8an7GDbQt5oggqavdEcp0OkRBeunY45kv8jNRwN
f7RTPkmxJGOlpJWMVqM44rF+A3zD0rPr47Iv6CoscvzevEed6ck6E/BbZvYxzG+n
WlJa/o+KGDZfiLyd5UAIGVbM09v6Srd5dHA3GtkJjvd/SoCOa4w77ZLMRt0/wVhw
95vgvH607xoNMCYghz2SA4/3+i9xSuoUitz0jiulFp4g6jvozQ3v
-----END CERTIFICATE-----
Generated at Thu May 2 15:49:43 2024 by rpki-client on console-ams.rpki-client.org