Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/fb2a45-8d94-4a8d-bcb0-6191b9d0cda3/1/Z9ef8Z9xVJqROk528L17EBpkqBc.roa
File: Z9ef8Z9xVJqROk528L17EBpkqBc.roa (raw, json)
Hash identifier: 76kSg5wwCRxAVuPO6BxQc4qLKwylAsh84bgg7+Tf1OA=
Subject key identifier: 67:D7:9F:F1:9F:71:54:9A:91:3A:4E:76:F0:BD:7B:10:1A:64:A8:17
Certificate issuer: /CN=61b1e31c09fe826fe4d792e7fa8855e0ad39342a
Certificate serial: 018CC3B70E6A1C1A058C307E87698FE42AC5
Authority key identifier: 61:B1:E3:1C:09:FE:82:6F:E4:D7:92:E7:FA:88:55:E0:AD:39:34:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbHjHAn-gm_k15Ln-ohV4K05NCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/fb2a45-8d94-4a8d-bcb0-6191b9d0cda3/1/Z9ef8Z9xVJqROk528L17EBpkqBc.roa
Signing time: Mon 01 Jan 2024 06:30:03 +0000
ROA not before: Mon 01 Jan 2024 06:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199803
IP address blocks: 185.45.200.0/22 maxlen: 22
2a01:7fe0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/fb2a45-8d94-4a8d-bcb0-6191b9d0cda3/1/YbHjHAn-gm_k15Ln-ohV4K05NCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/fb2a45-8d94-4a8d-bcb0-6191b9d0cda3/1/YbHjHAn-gm_k15Ln-ohV4K05NCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbHjHAn-gm_k15Ln-ohV4K05NCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0e:6a:1c:1a:05:8c:30:7e:87:69:8f:e4:2a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1e31c09fe826fe4d792e7fa8855e0ad39342a
Validity
Not Before: Jan 1 06:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67d79ff19f71549a913a4e76f0bd7b101a64a817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dd:26:1e:a6:89:24:ad:3d:5a:9f:ca:cc:5b:
06:ff:ac:68:d3:a7:a5:bb:0a:d2:9e:03:fd:45:d5:
1b:15:5a:ed:2c:ff:f0:b7:69:4a:10:95:20:92:cf:
da:8f:5e:ca:91:3e:08:a6:bf:41:8f:8c:97:0e:ca:
21:0d:10:5c:f9:1e:b4:68:29:8c:74:bc:ca:99:e4:
1b:63:e4:d8:e7:ba:6a:15:6f:b9:86:89:ec:74:6e:
54:eb:b2:2f:67:bb:e3:c2:99:97:38:0c:14:c3:7c:
5a:ce:56:09:0b:96:79:05:c5:75:2f:5b:91:8b:66:
ac:ab:70:d3:2b:88:d2:74:c0:ba:a3:8b:e4:47:17:
db:7b:8f:66:7d:cf:ef:2d:e5:95:86:d1:71:39:b8:
bb:65:dc:13:61:df:0c:49:02:7e:30:a4:5e:7c:c3:
77:ac:ba:2c:65:a0:07:36:ef:3f:93:6d:c0:f8:1a:
55:c1:ee:20:46:fe:19:85:89:db:dc:10:61:5b:99:
eb:46:62:25:e9:9b:a6:45:f5:30:15:1a:97:78:f3:
f5:6e:94:5b:5a:46:83:59:76:36:6f:ce:05:f0:be:
27:28:53:9e:dd:9f:1e:69:e5:93:95:9d:e8:10:95:
bc:11:6e:ab:f6:40:19:20:38:00:c9:22:96:41:b6:
77:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D7:9F:F1:9F:71:54:9A:91:3A:4E:76:F0:BD:7B:10:1A:64:A8:17
X509v3 Authority Key Identifier:
keyid:61:B1:E3:1C:09:FE:82:6F:E4:D7:92:E7:FA:88:55:E0:AD:39:34:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbHjHAn-gm_k15Ln-ohV4K05NCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/fb2a45-8d94-4a8d-bcb0-6191b9d0cda3/1/Z9ef8Z9xVJqROk528L17EBpkqBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/fb2a45-8d94-4a8d-bcb0-6191b9d0cda3/1/YbHjHAn-gm_k15Ln-ohV4K05NCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.200.0/22
IPv6:
2a01:7fe0::/32
Signature Algorithm: sha256WithRSAEncryption
51:6c:43:49:c6:10:92:bc:e6:7d:30:28:89:91:85:af:26:db:
f3:7d:d4:63:68:7c:b8:2e:dd:92:de:33:0d:22:e9:18:4e:38:
d4:dc:56:e0:69:fb:90:59:32:2f:aa:98:ba:2b:2f:95:2e:21:
2a:a9:94:2f:f3:f0:1f:35:6e:ef:6b:56:e9:5a:1b:a8:58:ab:
fe:88:e3:67:a2:e2:c2:72:be:9c:45:03:71:ce:4a:be:01:58:
c1:fe:4a:de:f5:c4:13:ce:40:4b:36:41:b0:0c:e2:d9:ba:f9:
dc:f3:93:5b:6c:bd:94:2c:58:bb:30:91:46:89:e8:75:65:f5:
b0:77:43:ef:fe:10:67:c0:20:bb:21:fa:a7:33:11:d9:d1:87:
c0:a5:2e:ae:c8:0c:7b:18:41:98:7e:2b:c4:10:fe:7f:52:b7:
15:0a:99:c5:4d:6e:d9:94:f4:25:1c:a0:c5:02:3e:00:72:85:
51:1f:dc:fc:00:4d:f6:5f:4b:78:19:76:e7:a2:b6:80:8d:3f:
67:d2:bc:b6:98:d3:dd:ec:10:13:48:ec:b1:7e:be:64:74:79:
07:e6:6c:fc:b5:c8:45:32:c8:eb:15:2e:13:d8:ed:a4:66:b9:
e5:71:ae:1b:11:c8:49:e5:3e:57:0c:d3:64:7d:12:19:c3:3b:
00:78:ee:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtw5qHBoFjDB+h2mP5CrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjFlMzFjMDlmZTgyNmZlNGQ3OTJlN2ZhODg1NWUwYWQz
OTM0MmEwHhcNMjQwMTAxMDYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Q3OWZmMTlmNzE1NDlhOTEzYTRlNzZmMGJkN2IxMDFhNjRhODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt0mHqaJJK09Wp/KzFsG/6xo06el
uwrSngP9RdUbFVrtLP/wt2lKEJUgks/aj17KkT4Ipr9Bj4yXDsohDRBc+R60aCmM
dLzKmeQbY+TY57pqFW+5honsdG5U67IvZ7vjwpmXOAwUw3xazlYJC5Z5BcV1L1uR
i2asq3DTK4jSdMC6o4vkRxfbe49mfc/vLeWVhtFxObi7ZdwTYd8MSQJ+MKRefMN3
rLosZaAHNu8/k23A+BpVwe4gRv4ZhYnb3BBhW5nrRmIl6ZumRfUwFRqXePP1bpRb
WkaDWXY2b84F8L4nKFOe3Z8eaeWTlZ3oEJW8EW6r9kAZIDgAySKWQbZ3wQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGfXn/GfcVSakTpOdvC9exAaZKgXMB8GA1UdIwQY
MBaAFGGx4xwJ/oJv5NeS5/qIVeCtOTQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJIakhBbi1nbV9rMTVMbi1vaFY0SzA1TkNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mYjJhNDUtOGQ5NC00YThkLWJjYjAt
NjE5MWI5ZDBjZGEzLzEvWjllZjhaOXhWSnFST2s1MjhMMTdFQnBrcUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mYjJhNDUtOGQ5NC00YThkLWJjYjAtNjE5MWI5ZDBjZGEz
LzEvWWJIakhBbi1nbV9rMTVMbi1vaFY0SzA1TkNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS3IMA0E
AgACMAcDBQAqAX/gMA0GCSqGSIb3DQEBCwUAA4IBAQBRbENJxhCSvOZ9MCiJkYWv
JtvzfdRjaHy4Lt2S3jMNIukYTjjU3FbgafuQWTIvqpi6Ky+VLiEqqZQv8/AfNW7v
a1bpWhuoWKv+iONnouLCcr6cRQNxzkq+AVjB/kre9cQTzkBLNkGwDOLZuvnc85Nb
bL2ULFi7MJFGieh1ZfWwd0Pv/hBnwCC7IfqnMxHZ0YfApS6uyAx7GEGYfivEEP5/
UrcVCpnFTW7ZlPQlHKDFAj4AcoVRH9z8AE32X0t4GXbnoraAjT9n0ry2mNPd7BAT
SOyxfr5kdHkH5mz8tchFMsjrFS4T2O2kZrnlca4bEchJ5T5XDNNkfRIZwzsAeO67
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:56 2024 by rpki-client on console-ams.rpki-client.org