Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/CO_0VE__NsDRRWgM22BpYj_P-2w.roa
File: CO_0VE__NsDRRWgM22BpYj_P-2w.roa (raw, json)
Hash identifier: 9L7dPXppBRKZPIfj81oZDhRpj2/gGSzU+lLa3XMak6w=
Subject key identifier: 08:EF:F4:54:4F:FF:36:C0:D1:45:68:0C:DB:60:69:62:3F:CF:FB:6C
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 018FB8D81F3DDBEA2B639555BF5D573A7EC2
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/CO_0VE__NsDRRWgM22BpYj_P-2w.roa
Signing time: Mon 27 May 2024 06:58:42 +0000
ROA not before: Mon 27 May 2024 06:58:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 45.143.200.0/24 maxlen: 24
185.193.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 07:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b8:d8:1f:3d:db:ea:2b:63:95:55:bf:5d:57:3a:7e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: May 27 06:58:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08eff4544fff36c0d145680cdb6069623fcffb6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0b:db:64:28:58:25:88:a8:1c:24:41:ae:c5:
a6:fe:16:f9:e2:b2:17:15:06:35:e0:e2:04:d5:61:
1d:bc:1f:dd:a7:7d:92:4b:88:18:f5:f5:70:90:65:
2f:aa:e1:80:e8:18:19:af:12:00:1d:2d:b0:e7:79:
25:c9:d9:43:a9:5c:ef:3d:8f:aa:7b:45:a4:45:94:
7a:af:3d:16:77:6c:cd:46:57:74:3e:4b:9e:d5:f0:
44:45:89:16:51:1c:ba:73:9b:89:07:a4:0e:a1:e3:
36:4b:1f:2d:52:8f:d2:46:f1:44:e3:8e:fe:83:41:
dd:c2:87:d3:5e:ec:fb:8a:9b:61:7d:48:7b:6c:cc:
8f:9f:8a:c6:e2:ef:85:bd:54:21:cd:fb:ef:08:03:
6e:b6:51:7c:e3:5b:90:48:0a:f1:6e:95:2b:01:20:
8d:35:cf:e9:b1:c0:1a:8b:69:6b:c3:af:32:80:70:
5e:68:36:a7:05:60:40:99:6a:b8:bc:45:50:95:89:
5e:9c:54:a1:6a:76:13:cf:14:67:9a:75:2e:10:d3:
6c:16:55:ae:99:ea:0a:31:37:99:3f:80:5f:c8:2a:
73:fa:60:5d:b3:76:f7:9c:05:b3:51:e1:a0:92:95:
19:3c:22:cf:34:83:54:0a:d1:9e:5e:31:27:bf:4f:
e1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EF:F4:54:4F:FF:36:C0:D1:45:68:0C:DB:60:69:62:3F:CF:FB:6C
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/CO_0VE__NsDRRWgM22BpYj_P-2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.200.0/24
185.193.89.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:72:17:3d:fe:16:ad:f1:01:9d:37:c5:3c:2c:f3:77:7a:9a:
dd:0d:24:79:b3:c1:ee:b7:e2:9f:50:ca:dc:c4:96:b9:7b:f7:
d8:86:0c:94:c6:61:14:9d:da:25:9a:26:bf:ff:00:31:4f:6c:
de:91:4f:52:5c:53:da:3b:47:a5:38:cc:12:bf:ce:17:ec:cf:
32:a1:64:91:2b:47:5f:18:db:2a:fa:df:45:d6:c9:dd:9e:6c:
91:a4:bc:85:a3:b1:96:ea:52:38:40:04:e7:78:ab:2c:2c:eb:
d2:fa:31:6f:87:72:3b:2e:4e:30:85:03:b9:80:e4:fe:62:87:
e6:c7:d6:d5:2e:0c:e4:18:29:d5:35:c5:6a:d9:ac:b3:0e:b4:
b1:1a:78:bb:19:1f:8f:9c:a3:b6:fc:ae:a6:ee:dc:ab:69:4f:
ea:f4:75:ca:64:a2:39:2c:43:ef:ca:eb:fd:75:8e:4c:6a:ec:
27:cd:04:a1:b8:79:43:e6:34:31:81:84:df:b3:22:a4:51:e9:
4f:d6:c3:e6:b2:56:df:f1:8d:9f:9e:3e:8e:6d:6a:05:d9:27:
e9:40:55:a1:77:5b:ac:0e:98:1e:90:40:17:d7:55:21:f4:9c:
00:61:7f:2d:62:f6:27:c9:e8:f2:c0:a5:f3:8f:dc:9c:46:b8:
79:13:73:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+42B892+orY5VVv11XOn7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjQwNTI3MDY1ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGVmZjQ1NDRmZmYzNmMwZDE0NTY4MGNkYjYwNjk2MjNmY2ZmYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAvbZChYJYioHCRBrsWm/hb54rIX
FQY14OIE1WEdvB/dp32SS4gY9fVwkGUvquGA6BgZrxIAHS2w53klydlDqVzvPY+q
e0WkRZR6rz0Wd2zNRld0Pkue1fBERYkWURy6c5uJB6QOoeM2Sx8tUo/SRvFE447+
g0HdwofTXuz7ipthfUh7bMyPn4rG4u+FvVQhzfvvCANutlF841uQSArxbpUrASCN
Nc/pscAai2lrw68ygHBeaDanBWBAmWq4vEVQlYlenFShanYTzxRnmnUuENNsFlWu
meoKMTeZP4BfyCpz+mBds3b3nAWzUeGgkpUZPCLPNINUCtGeXjEnv0/hOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAjv9FRP/zbA0UVoDNtgaWI/z/tsMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvQ09fMFZFX19Oc0RSUldnTTIyQnBZal9QLTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY/IAwQA
ucFZMA0GCSqGSIb3DQEBCwUAA4IBAQAachc9/hat8QGdN8U8LPN3eprdDSR5s8Hu
t+KfUMrcxJa5e/fYhgyUxmEUndolmia//wAxT2zekU9SXFPaO0elOMwSv84X7M8y
oWSRK0dfGNsq+t9F1sndnmyRpLyFo7GW6lI4QATneKssLOvS+jFvh3I7Lk4whQO5
gOT+Yofmx9bVLgzkGCnVNcVq2ayzDrSxGni7GR+PnKO2/K6m7tyraU/q9HXKZKI5
LEPvyuv9dY5MauwnzQShuHlD5jQxgYTfsyKkUelP1sPmslbf8Y2fnj6ObWoF2Sfp
QFWhd1usDpgekEAX11Uh9JwAYX8tYvYnyejywKXzj9ycRrh5E3Mb
-----END CERTIFICATE-----
Generated at Thu Jun 20 15:07:30 2024 by rpki-client on console-ams.rpki-client.org