Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kb2fPsCMkGcmgmFh3dAmcjwJAV0.roa
File: kb2fPsCMkGcmgmFh3dAmcjwJAV0.roa (raw, json)
Hash identifier: D5q91wXg6fYAazwCh4iK2Ot61cRDCl6Cnno5qRQmEl4=
Subject key identifier: 91:BD:9F:3E:C0:8C:90:67:26:82:61:61:DD:D0:26:72:3C:09:01:5D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191C6DD13F740FB34BED99D94CA2FC6F4B5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kb2fPsCMkGcmgmFh3dAmcjwJAV0.roa
Signing time: Fri 06 Sep 2024 10:24:22 +0000
ROA not before: Fri 06 Sep 2024 10:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201178
IP address blocks: 45.84.220.0/24 maxlen: 24
45.84.221.0/24 maxlen: 24
193.148.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c6:dd:13:f7:40:fb:34:be:d9:9d:94:ca:2f:c6:f4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 6 10:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91bd9f3ec08c906726826161ddd026723c09015d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:10:5e:49:22:82:d5:57:02:e4:d9:48:f2:
ae:3d:8a:36:42:72:24:d5:b8:23:11:7d:70:37:fa:
16:66:d3:c4:23:db:52:f5:87:19:10:a6:53:27:96:
0d:53:1c:c0:d0:64:c3:6c:a5:8f:5e:4a:43:85:51:
33:ef:e1:72:e7:b5:50:40:d7:4c:cb:47:f1:b0:05:
da:56:05:92:fb:47:40:fa:8e:a1:31:60:10:88:59:
da:df:09:79:ce:58:27:50:77:2f:f7:c4:de:ef:47:
32:86:ba:70:52:27:f5:d9:5d:6d:8d:d4:f7:09:62:
f2:01:0e:23:81:10:32:17:e0:1c:bd:13:58:0a:e9:
3c:df:8a:bc:c1:f0:49:90:e3:ae:70:89:9f:cc:b6:
90:4b:06:bd:bd:e9:2b:47:07:85:60:15:c7:1c:67:
fa:26:26:24:d3:7a:09:4f:35:3c:30:50:44:8e:65:
05:54:53:5c:47:cb:6a:c2:40:8f:70:95:3c:9b:d8:
6f:13:5a:0e:94:a6:d3:5c:72:72:c4:bd:20:3b:68:
c6:51:b5:52:e4:a6:16:73:03:e8:09:c9:34:b9:68:
21:bc:d7:a2:ec:52:f0:77:b5:e3:ac:19:03:8d:23:
3b:28:d8:f4:61:89:19:b2:ae:3e:76:8c:c6:27:53:
32:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BD:9F:3E:C0:8C:90:67:26:82:61:61:DD:D0:26:72:3C:09:01:5D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kb2fPsCMkGcmgmFh3dAmcjwJAV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.220.0/23
193.148.252.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:39:1a:bf:13:bf:46:f5:b4:cd:24:80:ac:ed:a6:37:5c:0f:
02:88:6b:0a:d9:89:74:f8:88:bc:10:ae:d2:57:fd:f5:dd:7c:
ab:4b:74:0b:50:be:22:06:86:da:98:52:3b:78:2b:58:30:d3:
da:0d:c2:31:d0:51:e9:0f:26:b3:53:8c:f6:8c:18:80:8f:03:
a6:6a:3f:b1:fd:04:a8:d1:bf:82:58:7f:c7:45:c5:c2:8f:7f:
69:ba:7d:02:40:aa:9b:eb:3f:2c:ed:dc:86:c9:e6:30:6a:10:
81:68:f9:dd:21:1c:ec:59:cb:d4:6c:85:16:e3:e5:95:4b:88:
67:92:4e:57:1d:79:da:e9:44:e5:53:97:60:02:6c:28:32:04:
e4:04:73:d5:51:26:bb:f1:ea:2f:6b:8d:70:26:ad:2e:b2:6b:
73:09:be:ab:b4:1b:50:af:c2:45:83:95:a5:9f:b5:66:a1:0a:
67:a9:c5:d2:0e:7d:f6:05:77:7a:fd:b2:a6:83:75:40:47:b4:
78:33:64:c0:73:97:d3:d9:25:a2:f0:25:91:3d:75:2f:af:c0:
c5:95:f5:dc:8c:ba:99:36:32:45:7f:b0:b2:05:62:41:10:c5:
aa:5f:5f:2e:29:2f:10:2b:55:a0:41:a3:28:c3:35:a3:61:32:
a4:6e:bd:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHG3RP3QPs0vtmdlMovxvS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTA2MTAyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWJkOWYzZWMwOGM5MDY3MjY4MjYxNjFkZGQwMjY3MjNjMDkwMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0IQXkkigtVXAuTZSPKuPYo2QnIk
1bgjEX1wN/oWZtPEI9tS9YcZEKZTJ5YNUxzA0GTDbKWPXkpDhVEz7+Fy57VQQNdM
y0fxsAXaVgWS+0dA+o6hMWAQiFna3wl5zlgnUHcv98Te70cyhrpwUif12V1tjdT3
CWLyAQ4jgRAyF+AcvRNYCuk834q8wfBJkOOucImfzLaQSwa9vekrRweFYBXHHGf6
JiYk03oJTzU8MFBEjmUFVFNcR8tqwkCPcJU8m9hvE1oOlKbTXHJyxL0gO2jGUbVS
5KYWcwPoCck0uWghvNei7FLwd7XjrBkDjSM7KNj0YYkZsq4+dozGJ1My6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJG9nz7AjJBnJoJhYd3QJnI8CQFdMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva2IyZlBzQ01rR2NtZ21GaDNkQW1jandKQVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVTcAwQA
wZT8MA0GCSqGSIb3DQEBCwUAA4IBAQCuORq/E79G9bTNJICs7aY3XA8CiGsK2Yl0
+Ii8EK7SV/313XyrS3QLUL4iBobamFI7eCtYMNPaDcIx0FHpDyazU4z2jBiAjwOm
aj+x/QSo0b+CWH/HRcXCj39pun0CQKqb6z8s7dyGyeYwahCBaPndIRzsWcvUbIUW
4+WVS4hnkk5XHXna6UTlU5dgAmwoMgTkBHPVUSa78eova41wJq0usmtzCb6rtBtQ
r8JFg5Wln7VmoQpnqcXSDn32BXd6/bKmg3VAR7R4M2TAc5fT2SWi8CWRPXUvr8DF
lfXcjLqZNjJFf7CyBWJBEMWqX18uKS8QK1WgQaMowzWjYTKkbr0l
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:21:17 2024 by rpki-client on console-ams.rpki-client.org