Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/sl9GksecIE5ieps1MC3dnpfvQ4M.roa
File: sl9GksecIE5ieps1MC3dnpfvQ4M.roa (raw, json)
Hash identifier: SzuFdgF26/MDMYBo1h98cKfcpOw/1T1vtZZI4ZU7lXY=
Subject key identifier: B2:5F:46:92:C7:9C:20:4E:62:7A:9B:35:30:2D:DD:9E:97:EF:43:83
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01927815E00A0B6A813B00EDCFF7C913E009
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/sl9GksecIE5ieps1MC3dnpfvQ4M.roa
Signing time: Thu 10 Oct 2024 20:19:12 +0000
ROA not before: Thu 10 Oct 2024 20:19:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198825
IP address blocks: 45.154.99.0/24 maxlen: 24
2a0c:b641:af0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:78:15:e0:0a:0b:6a:81:3b:00:ed:cf:f7:c9:13:e0:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Oct 10 20:19:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b25f4692c79c204e627a9b35302ddd9e97ef4383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:15:97:5b:82:b8:6b:f7:e9:4b:02:d6:82:f0:
25:d3:af:0d:4e:b2:f0:56:39:5f:61:83:b6:d0:8e:
f5:26:18:8c:fd:80:4c:60:e3:73:bc:1f:9c:10:27:
8b:8f:c5:4d:54:fa:03:a6:e9:eb:6d:6b:ea:60:9a:
0c:ab:81:b2:79:0c:d3:0f:3f:31:7b:c3:e3:88:2f:
52:6f:d7:90:2e:89:38:f3:08:f2:ef:f8:24:61:04:
26:b5:68:80:81:0e:49:db:6d:35:66:3e:9a:74:a4:
c2:97:77:17:04:c7:14:65:8e:20:30:45:b9:c4:d6:
81:d1:55:7b:9d:8f:49:b9:cb:00:dc:8f:28:05:20:
a4:a1:2c:c0:10:3a:91:ff:b2:31:be:c2:38:4b:89:
48:97:ed:d3:99:ef:e8:63:da:00:b0:1c:c2:65:e1:
34:5e:fb:91:3a:57:67:9d:fd:da:e7:5a:79:a3:14:
d8:78:2e:1a:09:c1:92:09:08:52:7e:4e:42:f0:12:
dc:36:bc:8e:19:ba:08:ff:d8:cc:7f:91:65:9a:d7:
2b:7b:28:0f:d8:ae:02:76:e8:49:3d:00:d9:6a:3f:
c5:6d:c9:e8:8f:80:b8:14:be:fc:25:16:dc:55:04:
86:a9:3d:4b:3b:09:6c:e4:f2:85:1f:be:ef:db:db:
1a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:5F:46:92:C7:9C:20:4E:62:7A:9B:35:30:2D:DD:9E:97:EF:43:83
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/sl9GksecIE5ieps1MC3dnpfvQ4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.99.0/24
IPv6:
2a0c:b641:af0::/44
Signature Algorithm: sha256WithRSAEncryption
67:d5:84:0a:45:52:75:cb:24:ad:21:57:1c:f5:e2:f2:e7:93:
fa:a6:0e:07:6e:ec:a7:c0:bd:fc:60:6a:db:12:5f:24:27:1d:
8d:94:6b:47:da:4c:87:5e:0c:95:be:d9:53:da:d2:5d:13:70:
9f:81:9d:71:54:da:c8:38:1b:75:95:d9:a9:2b:fe:f3:52:a5:
e6:f6:26:20:1f:62:c1:54:64:ba:64:aa:c4:40:82:79:0f:4e:
e1:e7:ce:64:09:6c:a6:b4:b4:80:89:03:46:5d:15:a3:41:fa:
28:74:8d:33:8d:64:fa:72:a5:ef:0a:ed:55:f5:8d:60:09:da:
71:31:24:bc:65:8b:ae:64:8f:ba:47:f9:8f:aa:4b:85:80:6d:
2f:7e:f2:8f:65:fa:52:d6:ed:38:ab:4b:b2:6c:dc:0a:10:17:
d5:de:19:90:7d:e7:cd:8b:07:34:50:c0:cc:6d:0c:92:c6:08:
14:d9:4e:80:ee:42:89:fb:8a:17:01:59:27:10:a8:f6:1b:27:
2a:28:8c:95:67:e9:9e:c2:34:8e:35:c3:3f:f0:27:1c:1e:1e:
18:f6:54:f4:1d:25:0b:c2:9a:87:23:d4:01:1d:b4:55:0e:2c:
9f:b7:b5:1b:fb:97:2f:0c:34:d4:86:ee:28:72:84:2d:07:90:
64:47:4a:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJ4FeAKC2qBOwDtz/fJE+AJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQxMDEwMjAxOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjVmNDY5MmM3OWMyMDRlNjI3YTliMzUzMDJkZGQ5ZTk3ZWY0MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRWXW4K4a/fpSwLWgvAl068NTrLw
VjlfYYO20I71JhiM/YBMYONzvB+cECeLj8VNVPoDpunrbWvqYJoMq4GyeQzTDz8x
e8PjiC9Sb9eQLok48wjy7/gkYQQmtWiAgQ5J2201Zj6adKTCl3cXBMcUZY4gMEW5
xNaB0VV7nY9JucsA3I8oBSCkoSzAEDqR/7IxvsI4S4lIl+3Tme/oY9oAsBzCZeE0
XvuROldnnf3a51p5oxTYeC4aCcGSCQhSfk5C8BLcNryOGboI/9jMf5FlmtcreygP
2K4CduhJPQDZaj/Fbcnoj4C4FL78JRbcVQSGqT1LOwls5PKFH77v29saXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLJfRpLHnCBOYnqbNTAt3Z6X70ODMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvc2w5R2tzZWNJRTVpZXBzMU1DM2RucGZ2UTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZpjMA8E
AgACMAkDBwQqDLZBCvAwDQYJKoZIhvcNAQELBQADggEBAGfVhApFUnXLJK0hVxz1
4vLnk/qmDgdu7KfAvfxgatsSXyQnHY2Ua0faTIdeDJW+2VPa0l0TcJ+BnXFU2sg4
G3WV2akr/vNSpeb2JiAfYsFUZLpkqsRAgnkPTuHnzmQJbKa0tICJA0ZdFaNB+ih0
jTONZPpype8K7VX1jWAJ2nExJLxli65kj7pH+Y+qS4WAbS9+8o9l+lLW7TirS7Js
3AoQF9XeGZB9582LBzRQwMxtDJLGCBTZToDuQon7ihcBWScQqPYbJyoojJVn6Z7C
NI41wz/wJxweHhj2VPQdJQvCmocj1AEdtFUOLJ+3tRv7ly8MNNSG7ihyhC0HkGRH
SoA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:36:37 2024 by rpki-client on console-fra.rpki-client.org