Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/kr4Try9qXAtU35xvOwYeSDxQBgw.roa
File: kr4Try9qXAtU35xvOwYeSDxQBgw.roa (raw, json)
Hash identifier: kIJsrhqFC7kfGzscAa/aL6eytZeF/Dfzw5mL+p6zmcU=
Subject key identifier: 92:BE:13:AF:2F:6A:5C:0B:54:DF:9C:6F:3B:06:1E:48:3C:50:06:0C
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 018EA25777EC50CFF1FA1D700305102EDB88
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/kr4Try9qXAtU35xvOwYeSDxQBgw.roa
Signing time: Wed 03 Apr 2024 05:03:45 +0000
ROA not before: Wed 03 Apr 2024 05:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.129.88.0/24 maxlen: 24
45.129.90.0/24 maxlen: 24
45.135.169.0/24 maxlen: 24
45.135.170.0/23 maxlen: 24
45.151.252.0/22 maxlen: 24
79.143.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:57:77:ec:50:cf:f1:fa:1d:70:03:05:10:2e:db:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Apr 3 05:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92be13af2f6a5c0b54df9c6f3b061e483c50060c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:49:07:16:d1:c5:a4:1e:f2:37:78:98:e2:17:
91:24:22:31:bf:d5:0d:13:3a:7b:10:86:6e:f0:e8:
59:be:3e:12:64:88:9c:f4:8b:c9:0f:4a:63:c3:24:
7a:85:ea:ea:68:b0:8a:5f:b9:99:05:6c:40:73:cd:
54:2a:75:8c:41:45:35:2d:4c:7b:75:59:a4:da:29:
89:f8:f1:dc:00:a6:ec:e4:92:27:16:8d:3e:5d:4a:
fe:42:d7:0a:25:77:db:c3:b7:83:35:f2:31:d4:91:
1d:ae:a9:5e:d8:37:22:1d:8a:eb:91:3d:1f:c9:01:
36:a5:d4:83:9e:be:58:ed:da:94:57:b5:45:d7:a8:
da:4a:32:d3:ae:bb:ff:2d:e9:f0:46:67:28:4a:99:
f5:99:e2:5e:1e:cb:50:16:94:db:5e:f2:2d:7b:7d:
19:3a:b4:be:7c:5f:e8:fb:55:5c:85:7f:bb:a8:19:
4c:6a:40:21:e5:42:61:73:5d:26:8d:ea:eb:c8:64:
e0:8d:81:f7:80:2c:f9:4d:f4:3e:28:22:4a:97:aa:
6c:c0:e3:ca:d5:33:92:1c:f6:27:97:8f:6b:af:ac:
6c:ce:c5:75:52:d5:35:0d:6e:5a:b8:0f:d6:c4:9b:
26:48:9c:f0:c2:60:a0:59:13:64:87:51:3c:7e:82:
21:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:BE:13:AF:2F:6A:5C:0B:54:DF:9C:6F:3B:06:1E:48:3C:50:06:0C
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/kr4Try9qXAtU35xvOwYeSDxQBgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.88.0/24
45.129.90.0/24
45.135.169.0-45.135.171.255
45.151.252.0/22
79.143.138.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:b3:a6:7e:3c:62:e9:e0:05:7b:78:d3:2a:60:2b:fa:73:e5:
08:7a:a8:72:be:8a:db:91:9e:48:d9:60:d9:6b:dc:c7:27:38:
e2:45:35:5b:fc:14:b8:3f:56:33:61:66:b4:1f:b3:bd:db:cb:
cb:c8:e1:1d:42:eb:46:9a:57:5d:3c:70:c1:b5:75:67:76:3b:
1e:d0:f7:a9:89:a9:90:fc:55:c9:e8:80:9d:53:3a:e0:e5:25:
94:86:ef:73:07:50:9c:86:17:41:8b:30:05:46:dc:99:4f:d8:
6f:5b:91:71:52:97:82:e6:09:70:15:b4:5b:b0:36:ea:e9:93:
cf:27:f0:10:f4:5b:27:df:1e:74:d3:56:b3:d6:21:a8:e1:a6:
98:67:14:fe:82:26:a9:c6:ef:08:5d:74:2b:e9:3c:84:49:25:
b4:e0:6f:e7:ed:98:e8:ce:83:20:6d:12:e9:d0:9a:4e:85:bf:
5d:96:1d:a9:44:64:5d:72:be:fa:35:1e:26:46:24:4b:bf:eb:
7a:c9:f9:b5:7e:e1:2a:cd:d2:02:d5:d4:49:a6:b9:dd:49:69:
63:11:43:33:d0:65:b5:53:f8:64:a0:34:e6:a6:5e:fb:96:62:
82:04:eb:41:f0:db:87:d0:ea:69:36:a3:66:ad:06:c8:57:a5:
0c:8d:42:03
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY6iV3fsUM/x+h1wAwUQLtuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFm
OWYwN2UwHhcNMjQwNDAzMDUwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmJlMTNhZjJmNmE1YzBiNTRkZjljNmYzYjA2MWU0ODNjNTAwNjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEkHFtHFpB7yN3iY4heRJCIxv9UN
Ezp7EIZu8OhZvj4SZIic9IvJD0pjwyR6herqaLCKX7mZBWxAc81UKnWMQUU1LUx7
dVmk2imJ+PHcAKbs5JInFo0+XUr+QtcKJXfbw7eDNfIx1JEdrqle2DciHYrrkT0f
yQE2pdSDnr5Y7dqUV7VF16jaSjLTrrv/LenwRmcoSpn1meJeHstQFpTbXvIte30Z
OrS+fF/o+1VchX+7qBlMakAh5UJhc10mjerryGTgjYH3gCz5TfQ+KCJKl6pswOPK
1TOSHPYnl49rr6xszsV1UtU1DW5auA/WxJsmSJzwwmCgWRNkh1E8foIhzwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJK+E68valwLVN+cbzsGHkg8UAYMMB8GA1UdIwQY
MBaAFLqqe0wB6SnDiSOYGrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUt
ZTY4ZjZjZjJjMGQyLzEva3I0VHJ5OXFYQXRVMzV4dk93WWVTRHhRQmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQy
LzEvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALYFYAwQA
LYFaMAwDBAAth6kDBAIth6gDBAItl/wDBABPj4owDQYJKoZIhvcNAQELBQADggEB
AKGzpn48YungBXt40ypgK/pz5Qh6qHK+ituRnkjZYNlr3McnOOJFNVv8FLg/VjNh
ZrQfs73by8vI4R1C60aaV108cMG1dWd2Ox7Q96mJqZD8VcnogJ1TOuDlJZSG73MH
UJyGF0GLMAVG3JlP2G9bkXFSl4LmCXAVtFuwNurpk88n8BD0WyffHnTTVrPWIajh
pphnFP6CJqnG7whddCvpPIRJJbTgb+ftmOjOgyBtEunQmk6Fv12WHalEZF1yvvo1
HiZGJEu/63rJ+bV+4SrN0gLV1Emmud1JaWMRQzPQZbVT+GSgNOamXvuWYoIE60Hw
24fQ6mk2o2atBshXpQyNQgM=
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:23:13 2024 by rpki-client on console-fra.rpki-client.org