Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/kJyTZGrKIJP-guAGkQfidQemnN0.roa
File: kJyTZGrKIJP-guAGkQfidQemnN0.roa (raw, json)
Hash identifier: 5VNjlZQ2lTGQgsP/MAa7aAdGIHpHVpDviDdJ3Ul/giI=
Subject key identifier: 90:9C:93:64:6A:CA:20:93:FE:82:E0:06:91:07:E2:75:07:A6:9C:DD
Certificate issuer: /CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Certificate serial: 01941F8C47A234638C9E426CC1F8A22BB726
Authority key identifier: C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/kJyTZGrKIJP-guAGkQfidQemnN0.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209007
IP address blocks: 45.11.42.0/24 maxlen: 24
45.11.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:47:a2:34:63:8c:9e:42:6c:c1:f8:a2:2b:b7:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=909c93646aca2093fe82e0069107e27507a69cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b5:41:e9:19:a5:e1:0f:5c:ac:f4:c9:6b:9d:
3a:07:fd:5d:7d:2a:73:64:0e:bb:c4:5f:70:cc:f8:
fe:9e:94:5c:07:40:45:2f:d4:64:cb:97:f8:8a:99:
72:ee:4b:86:b3:f2:e5:c4:ee:3a:f9:26:ea:57:49:
1a:41:2f:59:4a:80:0b:6b:db:1f:4e:f9:12:2a:72:
9f:d3:3a:8d:e5:4c:c4:bc:f8:9c:43:c5:b5:2e:9c:
57:2b:a4:b1:bb:90:fe:f2:f4:14:0c:ef:c6:a9:9f:
0c:ab:b1:42:4f:6c:d4:7f:2f:36:d9:99:4d:fb:3d:
af:0e:6e:4a:97:44:b1:81:5c:7a:d0:cc:ee:9c:3d:
6f:69:21:d5:0b:8a:47:40:fc:4a:66:b0:63:02:40:
fb:28:13:7d:0e:8a:7b:c7:0c:28:c0:42:66:9c:82:
3a:26:d4:cc:8b:08:da:69:75:6b:11:75:3c:7a:09:
87:0b:e4:9b:2a:0a:8d:5f:d1:16:5a:c4:f1:8b:72:
55:37:4c:fb:c2:0e:00:dd:a4:02:1e:ea:f2:01:89:
26:a9:67:99:3e:2e:47:ad:e2:7c:b6:f0:66:34:37:
c2:c7:bb:ae:da:a1:8d:62:8c:fa:68:a0:be:83:46:
15:4c:4c:7a:ed:3d:d4:87:33:83:0a:dd:91:c1:f0:
53:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9C:93:64:6A:CA:20:93:FE:82:E0:06:91:07:E2:75:07:A6:9C:DD
X509v3 Authority Key Identifier:
keyid:C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/kJyTZGrKIJP-guAGkQfidQemnN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.42.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:e8:63:2c:ed:9c:67:1f:f9:9a:35:49:2a:66:1b:5e:88:8c:
da:f0:f2:be:35:85:22:4c:10:e6:97:1e:6a:8c:90:09:1d:9c:
e2:be:f4:e7:a6:67:ba:50:62:d7:f6:32:39:f9:26:d8:6a:9b:
9a:55:29:a2:02:7b:ad:e8:34:63:bd:54:6c:1c:bd:16:58:96:
b4:79:35:88:2c:34:30:b4:08:bd:c2:87:f3:63:25:9a:e7:d3:
10:a3:17:78:d4:f4:f6:eb:00:a8:35:9e:ed:c6:da:d8:79:9a:
ee:89:c3:0e:87:00:2f:04:c1:84:ee:d7:4e:e7:92:fc:54:5e:
30:8b:98:78:13:17:ea:1a:20:4c:79:c4:a6:76:a6:04:fa:2a:
d4:81:d5:03:fa:90:99:20:2f:5e:1c:b0:7a:b3:97:2e:24:cd:
eb:69:f5:b8:71:9f:65:ef:1b:b0:b0:6d:ed:ac:03:f3:f3:09:
f2:0b:e0:59:68:8b:ff:c4:48:5f:66:34:41:68:f3:f1:03:ce:
84:91:d8:1b:17:10:1d:8d:c9:76:71:e6:49:98:0f:43:4a:27:
a7:6e:34:98:94:b8:8a:40:1e:b9:b4:dd:fc:19:f7:6a:ad:30:
a2:2e:63:d8:ad:19:5d:a7:68:67:9f:8d:3e:67:78:d3:6d:41:
3f:38:79:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjEeiNGOMnkJswfiiK7cmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjIxYzg5YmM3ZTJiMjE0MDY3ZjMwNzA3YTRhMDNkYzM0
NmVlMDUwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDljOTM2NDZhY2EyMDkzZmU4MmUwMDY5MTA3ZTI3NTA3YTY5Y2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbVB6Rml4Q9crPTJa506B/1dfSpz
ZA67xF9wzPj+npRcB0BFL9Rky5f4iply7kuGs/LlxO46+SbqV0kaQS9ZSoALa9sf
TvkSKnKf0zqN5UzEvPicQ8W1LpxXK6Sxu5D+8vQUDO/GqZ8Mq7FCT2zUfy822ZlN
+z2vDm5Kl0SxgVx60MzunD1vaSHVC4pHQPxKZrBjAkD7KBN9Dop7xwwowEJmnII6
JtTMiwjaaXVrEXU8egmHC+SbKgqNX9EWWsTxi3JVN0z7wg4A3aQCHuryAYkmqWeZ
Pi5HreJ8tvBmNDfCx7uu2qGNYoz6aKC+g0YVTEx67T3UhzODCt2RwfBTnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCck2RqyiCT/oLgBpEH4nUHppzdMB8GA1UdIwQY
MBaAFMSyHIm8fishQGfzBwekoD3DRu4FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODkt
MDYzYjQwMTc0NTk3LzEva0p5VFpHcktJSlAtZ3VBR2tRZmlkUWVtbk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODktMDYzYjQwMTc0NTk3
LzEveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQsqMA0G
CSqGSIb3DQEBCwUAA4IBAQCo6GMs7ZxnH/maNUkqZhteiIza8PK+NYUiTBDmlx5q
jJAJHZzivvTnpme6UGLX9jI5+SbYapuaVSmiAnut6DRjvVRsHL0WWJa0eTWILDQw
tAi9wofzYyWa59MQoxd41PT26wCoNZ7txtrYeZruicMOhwAvBMGE7tdO55L8VF4w
i5h4ExfqGiBMecSmdqYE+irUgdUD+pCZIC9eHLB6s5cuJM3rafW4cZ9l7xuwsG3t
rAPz8wnyC+BZaIv/xEhfZjRBaPPxA86EkdgbFxAdjcl2ceZJmA9DSienbjSYlLiK
QB65tN38GfdqrTCiLmPYrRldp2hnn40+Z3jTbUE/OHlB
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:32 2025 by rpki-client