Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/yMTOQRX0eAgzJ_y9faawQzoV00o.roa
File: yMTOQRX0eAgzJ_y9faawQzoV00o.roa (raw, json)
Hash identifier: 1wSqEElgdbYnrvrLqhCigOi+CubMzJKnoThW0Pp8U+o=
Subject key identifier: C8:C4:CE:41:15:F4:78:08:33:27:FC:BD:7D:A6:B0:43:3A:15:D3:4A
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018F06475820F834587C2724493D552B849E
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/yMTOQRX0eAgzJ_y9faawQzoV00o.roa
Signing time: Mon 22 Apr 2024 14:48:09 +0000
ROA not before: Mon 22 Apr 2024 14:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 45.155.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:47:58:20:f8:34:58:7c:27:24:49:3d:55:2b:84:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 22 14:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8c4ce4115f478083327fcbd7da6b0433a15d34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:60:5e:ee:76:74:68:e6:e4:b0:13:97:34:d0:
2e:87:80:ec:a0:b0:06:cd:af:b6:19:6b:52:f7:e9:
3c:17:1b:78:63:1e:78:52:98:97:98:e4:f1:55:0a:
26:8c:8b:54:3f:31:43:19:fd:3d:04:b1:b7:d1:d7:
64:06:17:c4:12:6e:1f:b8:e8:ea:e1:85:fd:c6:e4:
e6:b9:40:95:fc:cc:14:de:f7:b3:eb:16:fb:13:23:
cf:f6:89:a3:ac:f7:6e:68:18:ad:4a:47:ef:a9:43:
b6:d7:48:1f:15:b5:60:39:7f:e5:b4:23:39:50:ef:
91:06:75:e5:79:80:e2:fb:cc:c6:55:c3:59:c9:1c:
35:91:00:59:a9:fc:91:f5:89:3b:75:db:ee:2c:2b:
a3:ff:2d:ca:ac:3c:c7:23:01:96:af:41:f7:7c:25:
43:a2:73:6b:eb:2f:bc:e5:d2:d7:09:6e:70:d1:68:
d2:b8:4d:25:0a:0d:6b:56:24:5b:92:31:ac:cc:89:
cd:48:12:20:2a:01:12:ec:c8:a1:15:24:c5:41:56:
f7:27:30:2c:7f:35:ad:e6:95:5a:93:9f:11:4a:cc:
96:4e:5d:dd:4a:1e:0f:9b:31:42:33:95:52:56:48:
4a:b7:9d:84:0a:dc:e0:c1:bb:b2:35:89:73:da:fa:
b9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C4:CE:41:15:F4:78:08:33:27:FC:BD:7D:A6:B0:43:3A:15:D3:4A
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/yMTOQRX0eAgzJ_y9faawQzoV00o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.64.0/24
Signature Algorithm: sha256WithRSAEncryption
14:a2:4d:8d:4c:04:78:79:bb:8e:10:be:08:6c:ce:27:95:48:
23:22:72:ac:5d:42:e9:34:39:93:23:f3:00:32:ea:f6:10:12:
a2:33:6a:a8:db:f9:44:8a:f6:0a:33:5a:6b:b3:63:e2:54:bb:
9c:ed:5a:30:e3:9b:1f:a4:3b:3a:fc:8f:a7:f5:5b:19:e3:74:
ac:da:2a:84:3e:38:fb:a6:6b:ca:c1:24:d8:5a:51:b8:fb:f9:
c0:66:b2:f6:2a:c9:92:d2:9b:fa:11:9e:ca:0e:ae:36:3f:82:
21:38:86:85:43:2c:c5:70:62:c9:be:49:c8:39:28:97:15:b9:
7c:cd:98:8d:28:1c:5b:48:f4:6a:aa:2e:c8:ef:0d:a0:58:46:
17:1a:5b:92:d4:d3:1f:03:c5:41:ca:0b:d7:44:54:88:e9:2b:
f0:ee:a6:2b:4d:75:16:05:be:3d:89:e7:56:69:d8:82:6c:a5:
bc:9c:c8:b4:21:91:48:b2:3b:8c:57:00:45:e5:71:80:58:00:
87:d5:3e:fc:79:d1:5e:0e:c9:bf:80:f8:f2:27:e8:8f:e0:32:
79:55:70:c1:34:0e:3f:74:de:a9:ce:ea:9d:83:63:69:f1:3a:
51:e8:41:5b:eb:1c:4c:68:be:60:f0:b4:f6:80:cb:87:ce:0c:
4b:6d:a7:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8GR1gg+DRYfCckST1VK4SeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNDIyMTQ0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGM0Y2U0MTE1ZjQ3ODA4MzMyN2ZjYmQ3ZGE2YjA0MzNhMTVkMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWBe7nZ0aObksBOXNNAuh4DsoLAG
za+2GWtS9+k8Fxt4Yx54UpiXmOTxVQomjItUPzFDGf09BLG30ddkBhfEEm4fuOjq
4YX9xuTmuUCV/MwU3vez6xb7EyPP9omjrPduaBitSkfvqUO210gfFbVgOX/ltCM5
UO+RBnXleYDi+8zGVcNZyRw1kQBZqfyR9Yk7ddvuLCuj/y3KrDzHIwGWr0H3fCVD
onNr6y+85dLXCW5w0WjSuE0lCg1rViRbkjGszInNSBIgKgES7MihFSTFQVb3JzAs
fzWt5pVak58RSsyWTl3dSh4PmzFCM5VSVkhKt52ECtzgwbuyNYlz2vq5WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjEzkEV9HgIMyf8vX2msEM6FdNKMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEveU1UT1FSWDBlQWd6Sl95OWZhYXdRem9WMDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZtAMA0G
CSqGSIb3DQEBCwUAA4IBAQAUok2NTAR4ebuOEL4IbM4nlUgjInKsXULpNDmTI/MA
Mur2EBKiM2qo2/lEivYKM1prs2PiVLuc7Vow45sfpDs6/I+n9VsZ43Ss2iqEPjj7
pmvKwSTYWlG4+/nAZrL2KsmS0pv6EZ7KDq42P4IhOIaFQyzFcGLJvknIOSiXFbl8
zZiNKBxbSPRqqi7I7w2gWEYXGluS1NMfA8VBygvXRFSI6Svw7qYrTXUWBb49iedW
adiCbKW8nMi0IZFIsjuMVwBF5XGAWACH1T78edFeDsm/gPjyJ+iP4DJ5VXDBNA4/
dN6pzuqdg2Np8TpR6EFb6xxMaL5g8LT2gMuHzgxLbafj
-----END CERTIFICATE-----
Generated at Wed May 8 04:33:13 2024 by rpki-client on console-ams.rpki-client.org