Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/Iopd-BqA3SPyN8dk3S77MQi90FM.roa
File: Iopd-BqA3SPyN8dk3S77MQi90FM.roa (raw, json)
Hash identifier: IXN9UC0/Us2cSvcFyPV0e35l8elnhLeWC+1GT4Ovrdg=
Subject key identifier: 22:8A:5D:F8:1A:80:DD:23:F2:37:C7:64:DD:2E:FB:31:08:BD:D0:53
Certificate issuer: /CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Certificate serial: 018F3D4FBD4EBD861A89CA5255B4CE36F026
Authority key identifier: 28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/Iopd-BqA3SPyN8dk3S77MQi90FM.roa
Signing time: Fri 03 May 2024 07:16:26 +0000
ROA not before: Fri 03 May 2024 07:16:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.11.68.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:4f:bd:4e:bd:86:1a:89:ca:52:55:b4:ce:36:f0:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Validity
Not Before: May 3 07:16:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=228a5df81a80dd23f237c764dd2efb3108bdd053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4a:c9:1d:0f:f5:72:8a:f0:d9:39:a8:53:2f:
0c:9e:a0:7c:ab:19:98:f8:cf:fc:79:b4:3e:0e:e3:
63:d4:ea:b2:84:b5:6a:e7:0b:37:51:5f:5b:bd:2f:
69:6c:e3:b3:fc:11:52:6b:71:33:54:28:fd:cd:84:
c7:c7:26:e2:22:47:36:2b:a5:f6:99:2c:69:9b:ed:
c4:b2:74:1a:04:b5:5b:9e:5a:5a:9d:b1:98:3d:20:
10:d1:c5:f3:cb:5a:cd:f0:3e:46:ec:f2:28:5c:26:
8b:f6:8e:d2:0f:bf:1b:b0:5a:48:7d:df:b2:0d:45:
f9:44:84:17:1d:df:1a:2c:78:a1:c7:1b:45:be:85:
10:eb:b4:f2:7c:3e:d3:73:f5:9d:48:80:b2:3d:f6:
c6:9a:e4:cb:c7:11:f6:7f:13:b8:4b:26:81:56:5d:
57:e9:59:b1:26:01:bc:07:22:1f:48:69:b9:95:b9:
ab:f0:75:72:ae:32:a1:6f:93:da:83:99:f2:7d:3c:
3b:a2:8b:2a:29:18:e2:51:be:d8:e1:97:87:0e:99:
e2:70:59:c4:3c:c7:84:6b:df:a4:4a:7b:55:80:0b:
19:7e:8b:1f:37:1e:9b:f8:80:27:f5:12:e6:fe:56:
25:8a:bc:3c:7b:ad:60:be:5e:72:89:b7:f8:a2:39:
42:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8A:5D:F8:1A:80:DD:23:F2:37:C7:64:DD:2E:FB:31:08:BD:D0:53
X509v3 Authority Key Identifier:
keyid:28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/Iopd-BqA3SPyN8dk3S77MQi90FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.68.0/22
Signature Algorithm: sha256WithRSAEncryption
33:74:a4:a3:28:de:3d:07:48:30:f3:f0:ba:cf:5b:af:18:57:
ed:d3:5e:30:e4:65:51:11:6c:d7:a1:4a:23:af:24:42:c5:9e:
a1:e6:33:eb:7f:93:33:21:66:b7:4e:57:50:fe:c6:7f:21:ed:
56:48:45:a8:59:4a:35:2b:f0:9a:1c:16:77:c5:2e:1d:19:3d:
e5:3c:43:b4:f9:28:22:8a:5b:5f:cc:6d:cd:69:02:4b:89:7c:
1b:1a:42:a8:39:66:1f:9c:f3:c3:8d:62:ce:3f:c1:25:6a:cc:
07:b1:f9:27:10:ef:f1:b0:fb:09:cb:58:72:96:ae:74:18:cc:
4e:46:0f:42:b9:e2:92:f3:64:3a:ee:ab:f2:38:10:5b:4a:f5:
ea:a0:b0:38:70:c8:92:8c:54:df:db:f6:6d:62:c7:7e:35:01:
ce:ad:05:72:0f:ae:d3:ae:f1:d0:bc:a7:1c:6b:b3:08:c3:ca:
82:f2:b6:f1:c7:43:ed:12:9a:37:4c:04:90:0a:d5:4e:e6:5c:
e3:51:8b:dd:7f:58:06:76:46:f9:f2:93:89:35:53:e8:28:c1:
71:90:ec:15:32:b3:48:05:99:be:8d:80:4f:c9:9c:92:cd:2a:
2f:31:04:62:6e:ca:00:45:d0:92:e8:13:e8:56:5a:c0:0e:61:
ab:6a:46:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY89T71OvYYaicpSVbTONvAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjRiYjM0ZmI1ZDE2Y2E5ZDFmYTNmOTc5NGNiNDhkNGJl
ZDg0NzMwHhcNMjQwNTAzMDcxNjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjhhNWRmODFhODBkZDIzZjIzN2M3NjRkZDJlZmIzMTA4YmRkMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUrJHQ/1corw2TmoUy8MnqB8qxmY
+M/8ebQ+DuNj1OqyhLVq5ws3UV9bvS9pbOOz/BFSa3EzVCj9zYTHxybiIkc2K6X2
mSxpm+3EsnQaBLVbnlpanbGYPSAQ0cXzy1rN8D5G7PIoXCaL9o7SD78bsFpIfd+y
DUX5RIQXHd8aLHihxxtFvoUQ67TyfD7Tc/WdSICyPfbGmuTLxxH2fxO4SyaBVl1X
6VmxJgG8ByIfSGm5lbmr8HVyrjKhb5Pag5nyfTw7oosqKRjiUb7Y4ZeHDpnicFnE
PMeEa9+kSntVgAsZfosfNx6b+IAn9RLm/lYlirw8e61gvl5yibf4ojlCDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKKXfgagN0j8jfHZN0u+zEIvdBTMB8GA1UdIwQY
MBaAFChkuzT7XRbKnR+j+XlMtI1L7YRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dTN05QdGRGc3FkSDZQNWVVeTBqVXZ0aEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80N2Y0NDUtNWVhOS00MzdkLWE1OWEt
NTkwMGE1OTQ3YjhkLzEvSW9wZC1CcUEzU1B5TjhkazNTNzdNUWk5MEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80N2Y0NDUtNWVhOS00MzdkLWE1OWEtNTkwMGE1OTQ3Yjhk
LzEvS0dTN05QdGRGc3FkSDZQNWVVeTBqVXZ0aEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQtEMA0G
CSqGSIb3DQEBCwUAA4IBAQAzdKSjKN49B0gw8/C6z1uvGFft014w5GVREWzXoUoj
ryRCxZ6h5jPrf5MzIWa3TldQ/sZ/Ie1WSEWoWUo1K/CaHBZ3xS4dGT3lPEO0+Sgi
iltfzG3NaQJLiXwbGkKoOWYfnPPDjWLOP8ElaswHsfknEO/xsPsJy1hylq50GMxO
Rg9CueKS82Q67qvyOBBbSvXqoLA4cMiSjFTf2/ZtYsd+NQHOrQVyD67TrvHQvKcc
a7MIw8qC8rbxx0PtEpo3TASQCtVO5lzjUYvdf1gGdkb58pOJNVPoKMFxkOwVMrNI
BZm+jYBPyZySzSovMQRibsoARdCS6BPoVlrADmGrakZl
-----END CERTIFICATE-----
Generated at Mon May 20 05:04:47 2024 by rpki-client on console-ams.rpki-client.org