Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/DLhkV7NehyXVAGakYgQZybZ56eA.roa
File: DLhkV7NehyXVAGakYgQZybZ56eA.roa (raw, json)
Hash identifier: ekA2mqzFUPPwcIuQm82k/pGiLqT60YWGcnCSm43k7Tk=
Subject key identifier: 0C:B8:64:57:B3:5E:87:25:D5:00:66:A4:62:04:19:C9:B6:79:E9:E0
Certificate issuer: /CN=cb4ed88c5bfbc2b956fcbb30d14e832bdbb9610d
Certificate serial: 019045E9E3D27321A21B1CF460C9AC14ADA9
Authority key identifier: CB:4E:D8:8C:5B:FB:C2:B9:56:FC:BB:30:D1:4E:83:2B:DB:B9:61:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/DLhkV7NehyXVAGakYgQZybZ56eA.roa
Signing time: Sun 23 Jun 2024 16:24:34 +0000
ROA not before: Sun 23 Jun 2024 16:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25431
IP address blocks: 45.10.48.0/24 maxlen: 24
217.24.16.0/20 maxlen: 20
217.24.16.0/22 maxlen: 22
217.24.20.0/22 maxlen: 22
217.24.24.0/22 maxlen: 22
217.24.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 16:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:45:e9:e3:d2:73:21:a2:1b:1c:f4:60:c9:ac:14:ad:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb4ed88c5bfbc2b956fcbb30d14e832bdbb9610d
Validity
Not Before: Jun 23 16:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cb86457b35e8725d50066a4620419c9b679e9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3a:50:d7:e8:91:a1:20:16:2d:f7:26:d1:44:
3a:fb:6d:77:74:9f:d7:f6:3e:5e:31:06:cd:3c:35:
55:9d:21:1e:57:be:0d:35:31:56:fe:28:e6:ba:af:
9d:64:ad:84:f1:d3:06:cd:2e:74:78:a9:ce:25:5e:
f2:8b:2d:a9:12:4b:b0:4d:c0:b0:8e:5b:9a:48:c6:
af:8d:83:1b:6f:28:bb:51:a1:93:a7:f4:d8:87:ef:
92:9f:70:b1:8d:83:f6:2c:b0:cb:1a:19:f5:50:05:
2a:7b:e7:58:01:f5:51:a9:ef:01:e3:d9:2c:e8:63:
0f:38:87:15:70:64:2a:cd:65:a3:52:b2:c6:86:96:
88:7f:a5:27:71:79:74:fe:04:85:0f:d3:f0:a7:cb:
09:24:4d:20:25:c3:99:7d:35:5f:d0:7d:6d:40:f2:
1f:29:66:1a:22:b7:c2:a3:22:dc:41:c9:5a:60:04:
5c:c3:d9:b5:a9:e1:6e:e9:3c:8d:6d:9d:2d:2e:54:
14:c9:0a:dd:da:3c:59:50:9d:57:bc:81:2d:57:d6:
9c:1f:7e:15:f1:4e:5a:97:99:4f:b6:56:35:b6:99:
33:4f:b7:de:d9:0a:39:76:00:3d:6d:92:60:6d:c9:
c3:20:1b:22:d3:03:ff:f0:b1:c1:d4:c3:b5:c8:8b:
fb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B8:64:57:B3:5E:87:25:D5:00:66:A4:62:04:19:C9:B6:79:E9:E0
X509v3 Authority Key Identifier:
keyid:CB:4E:D8:8C:5B:FB:C2:B9:56:FC:BB:30:D1:4E:83:2B:DB:B9:61:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/DLhkV7NehyXVAGakYgQZybZ56eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.48.0/24
217.24.16.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:55:be:ca:79:2f:98:82:12:3b:e1:c0:80:56:4f:43:fb:82:
1e:11:f4:77:8f:40:76:20:a2:ae:5d:4f:9a:41:9a:4f:d7:97:
78:bc:b5:19:6d:65:38:7c:3f:fa:14:3a:ce:a5:ca:6e:26:a1:
c5:d3:2e:02:ad:a0:e5:74:3f:ed:f1:bb:d4:0f:99:42:cf:d8:
80:18:ac:cb:e4:6c:92:0f:27:77:47:73:c9:f6:c5:54:44:02:
0e:61:a3:e8:b6:51:b3:a2:fc:fb:29:3c:05:60:c3:f0:9d:19:
81:d7:af:50:8e:89:55:22:64:94:4b:20:dc:8d:76:89:b1:e2:
10:b6:56:cd:ac:44:a5:1f:6c:d1:50:c7:cd:80:89:b3:fb:86:
8d:72:3f:65:08:6b:00:e6:07:3a:90:82:72:15:c0:26:72:13:
3d:7b:09:f8:64:20:a7:34:f0:0a:71:ae:36:27:d6:f5:e1:ac:
63:8b:58:9b:44:bc:3b:63:3d:54:35:c4:4d:a1:dd:b5:7d:6c:
3e:fc:eb:8f:58:7c:fb:03:2e:bb:55:b0:03:7d:d9:a5:09:42:
83:b8:c3:a5:86:00:64:96:23:0c:d8:47:7c:bd:a8:e9:a3:9d:
09:64:fd:66:aa:e5:1f:b5:16:f4:64:67:fa:ba:7b:98:41:9c:
0b:20:22:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBF6ePScyGiGxz0YMmsFK2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNGVkODhjNWJmYmMyYjk1NmZjYmIzMGQxNGU4MzJiZGJi
OTYxMGQwHhcNMjQwNjIzMTYyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2I4NjQ1N2IzNWU4NzI1ZDUwMDY2YTQ2MjA0MTljOWI2NzllOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjpQ1+iRoSAWLfcm0UQ6+213dJ/X
9j5eMQbNPDVVnSEeV74NNTFW/ijmuq+dZK2E8dMGzS50eKnOJV7yiy2pEkuwTcCw
jluaSMavjYMbbyi7UaGTp/TYh++Sn3CxjYP2LLDLGhn1UAUqe+dYAfVRqe8B49ks
6GMPOIcVcGQqzWWjUrLGhpaIf6UncXl0/gSFD9Pwp8sJJE0gJcOZfTVf0H1tQPIf
KWYaIrfCoyLcQclaYARcw9m1qeFu6TyNbZ0tLlQUyQrd2jxZUJ1XvIEtV9acH34V
8U5al5lPtlY1tpkzT7fe2Qo5dgA9bZJgbcnDIBsi0wP/8LHB1MO1yIv7cwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAy4ZFezXocl1QBmpGIEGcm2eengMB8GA1UdIwQY
MBaAFMtO2Ixb+8K5Vvy7MNFOgyvbuWENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTA3WWpGdjd3cmxXX0xzdzBVNkRLOXU1WVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9iMzA5MTYtMjEyNS00YTRmLTlhMzYt
MjY0MTk3NTQ0M2ZmLzEvRExoa1Y3TmVoeVhWQUdha1lnUVp5Ylo1NmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9iMzA5MTYtMjEyNS00YTRmLTlhMzYtMjY0MTk3NTQ0M2Zm
LzEveTA3WWpGdjd3cmxXX0xzdzBVNkRLOXU1WVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQowAwQE
2RgQMA0GCSqGSIb3DQEBCwUAA4IBAQB9Vb7KeS+YghI74cCAVk9D+4IeEfR3j0B2
IKKuXU+aQZpP15d4vLUZbWU4fD/6FDrOpcpuJqHF0y4CraDldD/t8bvUD5lCz9iA
GKzL5GySDyd3R3PJ9sVURAIOYaPotlGzovz7KTwFYMPwnRmB169QjolVImSUSyDc
jXaJseIQtlbNrESlH2zRUMfNgImz+4aNcj9lCGsA5gc6kIJyFcAmchM9ewn4ZCCn
NPAKca42J9b14axji1ibRLw7Yz1UNcRNod21fWw+/OuPWHz7Ay67VbADfdmlCUKD
uMOlhgBkliMM2Ed8vajpo50JZP1mquUftRb0ZGf6unuYQZwLICKh
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:18:52 2024 by rpki-client on console-ams.rpki-client.org