Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/kV1-K21oIpYORUg7QVC1Z6wKsjM.roa
File: kV1-K21oIpYORUg7QVC1Z6wKsjM.roa (raw, json)
Hash identifier: Im3gD25lzTya3gPROsNUubVeqxN4yBRHm3vRYSZrj60=
Subject key identifier: 91:5D:7E:2B:6D:68:22:96:0E:45:48:3B:41:50:B5:67:AC:0A:B2:33
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 018CC500E082A009EEE302BBF18801D8A17D
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/kV1-K21oIpYORUg7QVC1Z6wKsjM.roa
Signing time: Mon 01 Jan 2024 12:30:18 +0000
ROA not before: Mon 01 Jan 2024 12:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47377
IP address blocks: 45.144.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:e0:82:a0:09:ee:e3:02:bb:f1:88:01:d8:a1:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 1 12:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=915d7e2b6d6822960e45483b4150b567ac0ab233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a0:40:7f:4e:83:e1:03:9a:15:83:ee:db:c7:
ec:05:38:b5:1a:97:a1:6d:9f:0e:4f:8a:15:cf:1f:
ab:c2:32:7c:e5:7c:34:58:7f:78:c8:41:f2:81:76:
43:a3:09:fa:8a:26:63:98:33:96:0e:5c:65:88:31:
04:60:ed:ba:95:05:f4:9e:44:c0:d2:f8:e5:d8:60:
c6:6f:2c:d0:50:30:82:f7:30:57:e7:12:93:8b:27:
f8:ee:19:fd:aa:59:9d:52:ac:18:bc:0b:96:e9:5a:
e1:89:b8:c7:c4:2a:08:46:42:b5:b8:3b:25:19:1a:
54:2e:ed:73:71:76:e8:79:94:15:d1:e4:08:9d:92:
74:e1:60:3b:7f:d4:26:1c:d8:fd:ce:f8:59:45:25:
dd:95:7e:3a:bd:53:bd:03:92:64:db:77:2f:f6:55:
b9:45:8a:cd:62:6f:81:cf:52:5c:40:75:bc:e4:e3:
66:71:1c:e2:c6:a2:9e:cd:e2:d2:79:78:0a:e7:52:
ec:1b:ed:e6:b0:4a:89:63:a1:fe:41:a1:9e:4a:e0:
0d:3a:c5:47:4c:6b:92:8e:b8:2b:6e:8e:23:2c:80:
92:ab:6d:9c:4c:f8:41:c3:a7:82:dc:30:46:d0:72:
d1:bb:0f:c9:10:32:b5:f5:a3:a0:03:24:f9:e1:d3:
6f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:5D:7E:2B:6D:68:22:96:0E:45:48:3B:41:50:B5:67:AC:0A:B2:33
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/kV1-K21oIpYORUg7QVC1Z6wKsjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.128.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:b4:d9:d4:b1:20:58:e2:61:11:07:e0:2f:9b:10:57:0e:ad:
83:dd:ba:80:6a:f5:f6:94:4f:08:69:b9:74:96:7d:f9:cd:d8:
7e:9b:b1:bd:78:c5:98:87:14:ff:b2:4d:54:02:1f:40:79:62:
bd:42:79:eb:f4:fc:ce:14:ad:d9:b4:fa:c2:76:69:c4:38:a9:
71:84:a0:ff:54:8c:ae:da:09:80:e5:88:fb:73:d6:11:40:f2:
e1:a1:2b:b5:a0:02:c5:82:31:5f:8b:da:65:15:58:fd:ad:e9:
41:f3:c6:5d:65:1f:50:e5:d4:56:b1:3e:08:80:47:d1:43:eb:
ed:9e:bc:33:8f:46:0b:f2:79:27:76:ac:f2:30:f3:37:5c:36:
8c:c7:5d:55:38:4a:08:49:f2:09:95:26:86:48:6d:92:93:b5:
cc:4e:67:be:bf:e3:92:a4:90:c2:ed:71:83:3d:b6:eb:b0:8d:
c2:9f:7c:d0:41:da:05:81:8f:9d:4c:e8:a3:5b:14:84:da:fd:
f3:83:cd:68:84:e6:77:c6:eb:2d:1e:57:29:86:32:74:25:c5:
f0:e7:ff:49:c9:43:7b:40:07:72:24:5a:73:05:74:40:a8:c7:
b7:6c:af:e7:c9:ed:db:dd:f1:1a:10:47:97:d9:17:2c:ef:b5:
00:e4:5f:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAOCCoAnu4wK78YgB2KF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjQwMTAxMTIzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTVkN2UyYjZkNjgyMjk2MGU0NTQ4M2I0MTUwYjU2N2FjMGFiMjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6BAf06D4QOaFYPu28fsBTi1Gpeh
bZ8OT4oVzx+rwjJ85Xw0WH94yEHygXZDown6iiZjmDOWDlxliDEEYO26lQX0nkTA
0vjl2GDGbyzQUDCC9zBX5xKTiyf47hn9qlmdUqwYvAuW6VrhibjHxCoIRkK1uDsl
GRpULu1zcXboeZQV0eQInZJ04WA7f9QmHNj9zvhZRSXdlX46vVO9A5Jk23cv9lW5
RYrNYm+Bz1JcQHW85ONmcRzixqKezeLSeXgK51LsG+3msEqJY6H+QaGeSuANOsVH
TGuSjrgrbo4jLICSq22cTPhBw6eC3DBG0HLRuw/JEDK19aOgAyT54dNvZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFdfittaCKWDkVIO0FQtWesCrIzMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEva1YxLUsyMW9JcFlPUlVnN1FWQzFaNndLc2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZCAMA0G
CSqGSIb3DQEBCwUAA4IBAQBctNnUsSBY4mERB+AvmxBXDq2D3bqAavX2lE8Iabl0
ln35zdh+m7G9eMWYhxT/sk1UAh9AeWK9Qnnr9PzOFK3ZtPrCdmnEOKlxhKD/VIyu
2gmA5Yj7c9YRQPLhoSu1oALFgjFfi9plFVj9relB88ZdZR9Q5dRWsT4IgEfRQ+vt
nrwzj0YL8nkndqzyMPM3XDaMx11VOEoISfIJlSaGSG2Sk7XMTme+v+OSpJDC7XGD
PbbrsI3Cn3zQQdoFgY+dTOijWxSE2v3zg81ohOZ3xustHlcphjJ0JcXw5/9JyUN7
QAdyJFpzBXRAqMe3bK/nye3b3fEaEEeX2Rcs77UA5F9C
-----END CERTIFICATE-----
Generated at Tue Nov 26 05:15:49 2024 by rpki-client on console-fra.rpki-client.org