Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2fOPQ19EI5_V1gDwBM3_IC3zIFU.roa
File: 2fOPQ19EI5_V1gDwBM3_IC3zIFU.roa (raw, json)
Hash identifier: T99TQPbmI+UKUIlJbBQ3fbjr5lPpte1V2ZKZcctpgP4=
Subject key identifier: D9:F3:8F:43:5F:44:23:9F:D5:D6:00:F0:04:CD:FF:20:2D:F3:20:55
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC801497AB4D9724E1C8EC48E58B4CD20
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2fOPQ19EI5_V1gDwBM3_IC3zIFU.roa
Signing time: Tue 02 Jan 2024 02:29:36 +0000
ROA not before: Tue 02 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34854
IP address blocks: 45.13.118.0/24 maxlen: 24
2a0c:b642:fc0::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:49:7a:b4:d9:72:4e:1c:8e:c4:8e:58:b4:cd:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9f38f435f44239fd5d600f004cdff202df32055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:32:84:19:c2:78:06:0b:1b:ea:06:d0:c1:b9:
71:aa:a0:f9:93:95:03:5b:51:bd:68:7f:2e:12:17:
d0:2b:d9:29:8c:47:6d:6d:3f:68:ef:48:7f:3c:02:
9a:e7:ec:2e:f2:ad:55:12:92:f0:ae:6a:30:5d:46:
95:87:37:90:39:1d:63:8f:bf:f0:6d:c1:b0:41:20:
c8:cc:ba:bb:19:a7:5c:d3:bd:9e:a0:ee:ea:d0:22:
6f:b5:99:d4:96:8a:fd:01:f5:89:6e:8c:57:c8:cd:
bd:1a:fa:37:b7:27:df:25:b2:cd:88:e3:72:26:70:
46:ad:1f:4f:6b:6f:b7:2e:ce:6d:b2:eb:26:00:ce:
3d:8d:7d:1f:89:15:f5:8b:4f:2e:06:6d:6c:7c:cf:
51:c6:10:cf:b2:e0:4a:2c:18:45:4b:de:8c:11:2b:
ea:8a:12:db:13:8a:29:91:b2:c0:33:18:13:17:8b:
16:b0:f4:13:1c:9d:f2:7f:b1:b9:05:c5:16:89:48:
dc:6a:4a:94:71:16:1f:20:4e:ee:0a:f1:32:e4:62:
55:88:d2:d2:34:90:49:4c:55:da:b0:b7:e8:88:cf:
bb:c3:e5:6f:40:2f:b7:12:e9:e8:e6:b0:1f:0e:0e:
13:dd:cf:02:1d:6f:1c:7d:6b:0b:c4:4a:25:00:c8:
52:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F3:8F:43:5F:44:23:9F:D5:D6:00:F0:04:CD:FF:20:2D:F3:20:55
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2fOPQ19EI5_V1gDwBM3_IC3zIFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.118.0/24
IPv6:
2a0c:b642:fc0::/43
Signature Algorithm: sha256WithRSAEncryption
8e:ba:8f:5a:2e:10:67:20:06:9d:26:d4:46:0b:b0:18:b0:c9:
1c:9d:b5:88:d7:4c:d4:70:a4:d6:9c:68:3e:7d:99:5b:a9:d0:
74:6c:d9:a5:b4:03:c2:6c:ff:a3:ee:a4:ec:7f:4a:58:32:52:
dd:74:e3:74:aa:15:45:16:e5:51:79:7e:f4:03:7f:1b:24:07:
1c:94:09:4e:26:ff:e4:7f:88:68:73:10:9f:47:cc:f9:6b:24:
5b:50:a3:cd:98:93:8b:8e:fb:8e:00:f1:83:01:b5:df:1c:77:
63:a9:1d:09:aa:d8:71:d6:6d:47:06:90:70:a0:62:42:53:96:
ff:11:5c:04:e2:f2:69:cd:03:0c:2a:a1:77:a7:a8:cf:ea:90:
5e:ca:4f:3e:77:71:d4:68:94:fe:90:16:12:f8:de:8e:6a:3a:
ef:98:43:2a:84:4b:19:5f:be:4c:de:ff:77:09:29:6b:4e:d3:
ec:e4:20:fe:0d:f4:f9:27:ef:81:d0:0e:84:7c:74:06:f2:ed:
7d:2c:19:46:52:99:5d:1f:e0:d7:4e:01:93:96:a6:0e:a5:65:
65:51:36:5b:b5:37:48:f1:46:e2:03:25:32:89:56:dd:6d:95:
3f:19:7c:1d:d5:f1:65:13:42:9f:c7:14:65:f3:df:92:50:23:
4b:db:ac:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAUl6tNlyThyOxI5YtM0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWYzOGY0MzVmNDQyMzlmZDVkNjAwZjAwNGNkZmYyMDJkZjMyMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjKEGcJ4Bgsb6gbQwblxqqD5k5UD
W1G9aH8uEhfQK9kpjEdtbT9o70h/PAKa5+wu8q1VEpLwrmowXUaVhzeQOR1jj7/w
bcGwQSDIzLq7Gadc072eoO7q0CJvtZnUlor9AfWJboxXyM29Gvo3tyffJbLNiONy
JnBGrR9Pa2+3Ls5tsusmAM49jX0fiRX1i08uBm1sfM9RxhDPsuBKLBhFS96MESvq
ihLbE4opkbLAMxgTF4sWsPQTHJ3yf7G5BcUWiUjcakqUcRYfIE7uCvEy5GJViNLS
NJBJTFXasLfoiM+7w+VvQC+3Euno5rAfDg4T3c8CHW8cfWsLxEolAMhSlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNnzj0NfRCOf1dYA8ATN/yAt8yBVMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMmZPUFExOUVJNV9WMWdEd0JNM19JQzN6SUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQ12MA8E
AgACMAkDBwUqDLZCD8AwDQYJKoZIhvcNAQELBQADggEBAI66j1ouEGcgBp0m1EYL
sBiwyRydtYjXTNRwpNacaD59mVup0HRs2aW0A8Js/6PupOx/SlgyUt1043SqFUUW
5VF5fvQDfxskBxyUCU4m/+R/iGhzEJ9HzPlrJFtQo82Yk4uO+44A8YMBtd8cd2Op
HQmq2HHWbUcGkHCgYkJTlv8RXATi8mnNAwwqoXenqM/qkF7KTz53cdRolP6QFhL4
3o5qOu+YQyqESxlfvkze/3cJKWtO0+zkIP4N9Pkn74HQDoR8dAby7X0sGUZSmV0f
4NdOAZOWpg6lZWVRNlu1N0jxRuIDJTKJVt1tlT8ZfB3V8WUTQp/HFGXz35JQI0vb
rPk=
-----END CERTIFICATE-----
Generated at Sat May 4 09:03:09 2024 by rpki-client on console-ams.rpki-client.org