Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fc147a-83fc-4a53-a912-b6b76e22ffac/1/bDOnid45G1X3TeYWlWe9xiaVcTc.roa
File: bDOnid45G1X3TeYWlWe9xiaVcTc.roa (raw, json)
Hash identifier: xue8C03QuBD8oFbqdATx8w73skPWcaBDtYYft4ekSwM=
Subject key identifier: 6C:33:A7:89:DE:39:1B:55:F7:4D:E6:16:95:67:BD:C6:26:95:71:37
Certificate issuer: /CN=e3ddd3cb648beb4251d47cc4b65bcd64b09a8d4b
Certificate serial: 018CC3491B0CAB5A3978FD76A87CABBAFE2B
Authority key identifier: E3:DD:D3:CB:64:8B:EB:42:51:D4:7C:C4:B6:5B:CD:64:B0:9A:8D:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/493Ty2SL60JR1HzEtlvNZLCajUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fc147a-83fc-4a53-a912-b6b76e22ffac/1/bDOnid45G1X3TeYWlWe9xiaVcTc.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208178
IP address blocks: 45.155.104.0/24 maxlen: 24
45.155.105.0/24 maxlen: 24
45.155.107.0/24 maxlen: 24
45.155.106.0/24 maxlen: 24
2a0f:fb00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/fc147a-83fc-4a53-a912-b6b76e22ffac/1/493Ty2SL60JR1HzEtlvNZLCajUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/fc147a-83fc-4a53-a912-b6b76e22ffac/1/493Ty2SL60JR1HzEtlvNZLCajUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/493Ty2SL60JR1HzEtlvNZLCajUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1b:0c:ab:5a:39:78:fd:76:a8:7c:ab:ba:fe:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3ddd3cb648beb4251d47cc4b65bcd64b09a8d4b
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c33a789de391b55f74de6169567bdc626957137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:09:80:fc:25:76:95:50:96:15:c5:55:8b:f6:
42:4b:0b:78:50:a9:1e:1c:a9:b3:24:e1:2f:0b:5b:
44:40:72:79:10:88:20:27:e0:7f:a6:65:66:89:39:
50:b1:e3:05:25:17:a9:32:b5:85:90:69:9f:5d:bd:
70:1c:a8:1b:27:89:41:10:a8:52:50:cc:db:14:79:
82:b8:9b:81:54:87:26:b1:69:f0:8d:05:6a:45:30:
5b:d3:89:a5:65:4b:c9:f8:db:77:eb:f0:2d:bd:80:
a8:cf:db:ca:5f:ab:6f:f5:7d:d8:be:4a:a4:bc:4a:
6b:54:22:67:54:2d:51:47:71:5f:ba:7a:2b:48:f6:
97:9e:ae:33:44:d2:4f:a2:0b:c4:0a:d5:33:5b:66:
0e:b8:8d:85:9f:f1:70:b5:54:96:75:49:47:74:d6:
ba:2e:20:b9:98:18:0b:c5:8c:cb:d5:31:0b:7d:be:
43:83:9d:44:66:44:f1:b9:98:a5:bf:8c:9c:58:f2:
5a:9f:89:9c:83:61:ef:41:d1:5e:5d:52:84:eb:82:
ed:a6:7a:6e:c7:ee:b9:db:6d:c3:e9:2a:fa:ef:12:
37:e8:62:f4:f7:4c:c7:8f:98:99:ba:80:1a:f4:99:
ba:02:08:68:98:0b:38:cd:3e:d4:d3:7a:91:90:6e:
ba:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:33:A7:89:DE:39:1B:55:F7:4D:E6:16:95:67:BD:C6:26:95:71:37
X509v3 Authority Key Identifier:
keyid:E3:DD:D3:CB:64:8B:EB:42:51:D4:7C:C4:B6:5B:CD:64:B0:9A:8D:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/493Ty2SL60JR1HzEtlvNZLCajUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fc147a-83fc-4a53-a912-b6b76e22ffac/1/bDOnid45G1X3TeYWlWe9xiaVcTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fc147a-83fc-4a53-a912-b6b76e22ffac/1/493Ty2SL60JR1HzEtlvNZLCajUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.104.0/22
IPv6:
2a0f:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
35:f0:85:0f:78:d8:c4:f9:ff:82:1d:85:c9:28:fb:ad:0f:de:
ff:94:ce:6c:66:b3:6d:7f:5e:a2:40:af:df:f1:0f:76:f2:01:
0b:82:d7:dd:c0:35:1b:7e:8c:c5:70:4b:db:17:45:62:bb:61:
8e:b2:be:2a:ce:8f:8a:a8:66:54:af:5c:7b:5a:13:42:62:b0:
8b:47:ac:55:fc:c2:32:1f:cc:be:f5:c3:87:f7:6d:5a:f9:bc:
21:be:b1:1b:f2:e0:03:13:b9:7a:1f:68:8f:c9:9d:82:fb:a7:
05:fe:de:94:01:21:9b:49:16:4a:ee:46:e5:77:1c:f5:e5:5c:
c5:a0:51:93:1e:03:b3:eb:53:2e:0f:dd:57:2b:3a:d6:89:41:
11:bc:96:d0:37:a5:6a:a2:0f:5b:10:4d:a7:a3:22:a7:74:18:
6a:e9:1d:30:46:e4:64:04:23:43:d9:45:44:dc:c0:59:7d:ab:
ee:9b:96:e9:da:75:44:de:c5:8f:59:d6:56:e4:4f:e8:d5:ba:
77:b3:65:40:79:5f:45:6c:5d:a0:11:5b:f3:b4:1a:9b:fd:e9:
e8:33:71:55:aa:53:26:17:e3:c6:9e:6f:f4:a1:85:5d:2b:3f:
be:37:0d:ee:aa:04:a4:fb:5b:5d:c3:79:9e:a7:77:1d:17:08:
b2:fb:c8:d7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSRsMq1o5eP12qHyruv4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZGRkM2NiNjQ4YmViNDI1MWQ0N2NjNGI2NWJjZDY0YjA5
YThkNGIwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzMzYTc4OWRlMzkxYjU1Zjc0ZGU2MTY5NTY3YmRjNjI2OTU3MTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QmA/CV2lVCWFcVVi/ZCSwt4UKke
HKmzJOEvC1tEQHJ5EIggJ+B/pmVmiTlQseMFJRepMrWFkGmfXb1wHKgbJ4lBEKhS
UMzbFHmCuJuBVIcmsWnwjQVqRTBb04mlZUvJ+Nt36/AtvYCoz9vKX6tv9X3Yvkqk
vEprVCJnVC1RR3FfunorSPaXnq4zRNJPogvECtUzW2YOuI2Fn/FwtVSWdUlHdNa6
LiC5mBgLxYzL1TELfb5Dg51EZkTxuZilv4ycWPJan4mcg2HvQdFeXVKE64Ltpnpu
x+65223D6Sr67xI36GL090zHj5iZuoAa9Jm6AghomAs4zT7U03qRkG66FwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGwzp4neORtV903mFpVnvcYmlXE3MB8GA1UdIwQY
MBaAFOPd08tki+tCUdR8xLZbzWSwmo1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDkzVHkyU0w2MEpSMUh6RXRsdk5aTENhalVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mYzE0N2EtODNmYy00YTUzLWE5MTIt
YjZiNzZlMjJmZmFjLzEvYkRPbmlkNDVHMVgzVGVZV2xXZTl4aWFWY1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mYzE0N2EtODNmYy00YTUzLWE5MTItYjZiNzZlMjJmZmFj
LzEvNDkzVHkyU0w2MEpSMUh6RXRsdk5aTENhalVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZtoMA0E
AgACMAcDBQMqD/sAMA0GCSqGSIb3DQEBCwUAA4IBAQA18IUPeNjE+f+CHYXJKPut
D97/lM5sZrNtf16iQK/f8Q928gELgtfdwDUbfozFcEvbF0Viu2GOsr4qzo+KqGZU
r1x7WhNCYrCLR6xV/MIyH8y+9cOH921a+bwhvrEb8uADE7l6H2iPyZ2C+6cF/t6U
ASGbSRZK7kbldxz15VzFoFGTHgOz61MuD91XKzrWiUERvJbQN6Vqog9bEE2noyKn
dBhq6R0wRuRkBCND2UVE3MBZfavum5bp2nVE3sWPWdZW5E/o1bp3s2VAeV9FbF2g
EVvztBqb/enoM3FVqlMmF+PGnm/0oYVdKz++Nw3uqgSk+1tdw3mep3cdFwiy+8jX
-----END CERTIFICATE-----
Generated at Tue May 21 23:18:28 2024 by rpki-client on console-ams.rpki-client.org