Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/S6SCkSuSJXnMC9O7btAy1tkWxQA.roa
File: S6SCkSuSJXnMC9O7btAy1tkWxQA.roa (raw, json)
Hash identifier: fMltvV0yeLeXpkZRnOyfVnBirfGJ0mAvKTWM5ttH2dM=
Subject key identifier: 4B:A4:82:91:2B:92:25:79:CC:0B:D3:BB:6E:D0:32:D6:D9:16:C5:00
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348B0C5BE66C6528E749B0F5B3FA407
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/S6SCkSuSJXnMC9O7btAy1tkWxQA.roa
Signing time: Mon 01 Jan 2024 04:29:30 +0000
ROA not before: Mon 01 Jan 2024 04:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 45.134.20.0/24 maxlen: 24
2a0e:d787::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b0:c5:be:66:c6:52:8e:74:9b:0f:5b:3f:a4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ba482912b922579cc0bd3bb6ed032d6d916c500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:55:1f:1a:5d:bb:3a:d7:8a:0c:ba:48:2e:bc:
29:e1:25:ab:e9:91:2a:de:85:33:89:c4:76:e0:a3:
62:23:32:08:28:a0:5f:33:78:42:fe:e5:af:59:60:
b8:de:86:17:2c:e0:7d:be:b6:93:ff:dc:be:f2:ea:
d7:c0:a3:5c:18:b3:54:8b:bd:15:6b:61:e5:ad:80:
0d:eb:8a:e5:85:e4:ee:ae:04:cb:0f:de:ed:2d:bb:
43:fc:e3:de:6b:77:fd:90:c2:64:64:5b:fa:40:26:
ec:cf:ba:4f:4e:9b:3f:9c:5b:21:d8:f4:55:7a:fc:
d5:05:d7:6f:bb:eb:09:da:ea:98:b1:b6:11:43:d0:
a9:45:05:7f:b4:e9:b4:a1:e1:5c:b7:e3:1a:28:cd:
55:02:98:93:20:22:f3:fa:3d:59:59:35:5a:62:bf:
26:3c:3b:f3:76:a8:ea:ae:56:1d:be:de:ce:6e:78:
6f:dc:77:9d:8f:bb:41:b1:39:c2:7d:a6:39:5a:c9:
1b:b3:cb:59:35:83:82:18:5b:93:a5:39:be:ae:24:
6d:dd:9c:c8:b2:07:67:61:91:90:7b:d8:bc:8a:e7:
67:80:e0:29:9a:a6:70:ae:ab:35:18:26:0e:1e:52:
2a:cf:34:70:a5:d2:2a:68:ab:12:e1:fc:a3:82:e7:
2c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A4:82:91:2B:92:25:79:CC:0B:D3:BB:6E:D0:32:D6:D9:16:C5:00
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/S6SCkSuSJXnMC9O7btAy1tkWxQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.20.0/24
IPv6:
2a0e:d787::/32
Signature Algorithm: sha256WithRSAEncryption
46:cb:c5:b7:71:83:78:bc:a3:3b:b4:78:34:b4:c9:76:cd:e7:
89:17:29:fc:3a:4f:f6:ed:69:48:2c:39:de:de:7b:79:03:2d:
aa:c1:34:ec:94:1a:ae:50:d5:ec:18:aa:66:6a:83:22:90:e0:
12:3e:19:d5:cb:c8:3a:8f:5a:d1:be:37:e5:5d:31:dc:55:ce:
fd:7f:d4:76:98:97:db:69:25:85:ec:51:37:86:7c:45:5b:45:
3e:84:f4:d7:04:9d:10:b8:d8:93:fc:cf:ab:39:ec:b0:56:b7:
6f:ed:3f:e1:b6:2a:42:3c:02:1f:7d:6d:c1:aa:c2:0e:8e:be:
a1:a8:ad:9a:9e:a9:56:16:30:72:c1:88:ed:c6:42:ef:dc:c6:
62:8b:3e:04:b7:3b:bc:f1:21:8c:e8:ad:7f:26:72:be:36:e5:
58:79:33:7b:9c:8e:1d:00:40:be:cb:4f:c5:27:f5:dd:69:b3:
24:fa:c0:5a:41:51:97:93:48:bf:fe:61:57:50:4a:34:d7:a3:
59:47:db:4c:a0:ca:99:49:f0:5a:1e:c7:35:d4:a9:ec:75:b3:
4a:9a:ae:f0:b2:9d:6a:8e:e0:f5:16:e5:90:a7:1f:ee:76:cd:
4c:19:16:f2:ea:88:c3:dd:0f:6a:5f:31:21:d9:d7:12:49:14:
27:29:cb:37
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSLDFvmbGUo50mw9bP6QHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmE0ODI5MTJiOTIyNTc5Y2MwYmQzYmI2ZWQwMzJkNmQ5MTZjNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFUfGl27OteKDLpILrwp4SWr6ZEq
3oUzicR24KNiIzIIKKBfM3hC/uWvWWC43oYXLOB9vraT/9y+8urXwKNcGLNUi70V
a2HlrYAN64rlheTurgTLD97tLbtD/OPea3f9kMJkZFv6QCbsz7pPTps/nFsh2PRV
evzVBddvu+sJ2uqYsbYRQ9CpRQV/tOm0oeFct+MaKM1VApiTICLz+j1ZWTVaYr8m
PDvzdqjqrlYdvt7Obnhv3Hedj7tBsTnCfaY5Wskbs8tZNYOCGFuTpTm+riRt3ZzI
sgdnYZGQe9i8iudngOApmqZwrqs1GCYOHlIqzzRwpdIqaKsS4fyjgucsLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEukgpErkiV5zAvTu27QMtbZFsUAMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvUzZTQ2tTdVNKWG5NQzlPN2J0QXkxdGtXeFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYYUMA0E
AgACMAcDBQAqDteHMA0GCSqGSIb3DQEBCwUAA4IBAQBGy8W3cYN4vKM7tHg0tMl2
zeeJFyn8Ok/27WlILDne3nt5Ay2qwTTslBquUNXsGKpmaoMikOASPhnVy8g6j1rR
vjflXTHcVc79f9R2mJfbaSWF7FE3hnxFW0U+hPTXBJ0QuNiT/M+rOeywVrdv7T/h
tipCPAIffW3BqsIOjr6hqK2anqlWFjBywYjtxkLv3MZiiz4Etzu88SGM6K1/JnK+
NuVYeTN7nI4dAEC+y0/FJ/XdabMk+sBaQVGXk0i//mFXUEo016NZR9tMoMqZSfBa
Hsc11KnsdbNKmq7wsp1qjuD1FuWQpx/uds1MGRby6ojD3Q9qXzEh2dcSSRQnKcs3
-----END CERTIFICATE-----
Generated at Fri May 10 12:01:27 2024 by rpki-client on console-ams.rpki-client.org