Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/d8MkI-JgmqlNjYBrJTKxabyb7cE.roa
File: d8MkI-JgmqlNjYBrJTKxabyb7cE.roa (raw, json)
Hash identifier: NDfx6cpmrnph4JTxGCavkW5ySGaUR1hhff4UkN+/xR8=
Subject key identifier: 77:C3:24:23:E2:60:9A:A9:4D:8D:80:6B:25:32:B1:69:BC:9B:ED:C1
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 018CC4933C956D9636032276A5C70438DD58
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/d8MkI-JgmqlNjYBrJTKxabyb7cE.roa
Signing time: Mon 01 Jan 2024 10:30:32 +0000
ROA not before: Mon 01 Jan 2024 10:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207492
IP address blocks: 45.140.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:3c:95:6d:96:36:03:22:76:a5:c7:04:38:dd:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 10:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77c32423e2609aa94d8d806b2532b169bc9bedc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9f:d6:44:60:d6:8c:85:a3:57:7f:fd:e3:ad:
82:4d:29:b2:d0:0e:66:45:5a:15:a9:ab:fe:e1:26:
b3:94:1b:39:d9:30:61:f0:3d:df:b7:c8:e4:f9:65:
51:77:fa:3b:74:7a:1a:b2:1f:ca:75:fc:b8:50:7b:
82:78:cb:4b:8c:5a:9d:9a:20:5a:10:db:77:b2:1b:
c6:7a:2d:e5:41:3d:f1:26:f6:ed:ac:30:5a:17:c6:
50:46:c1:5c:d8:0a:d6:90:39:02:62:85:81:44:2a:
75:0d:20:03:c2:4c:5b:ec:83:13:fa:17:82:c6:e1:
f2:78:95:45:e9:ff:50:3c:ac:97:f2:c7:45:a2:ff:
04:d2:71:ea:f4:b2:e4:59:1f:d7:71:bb:8e:1a:91:
09:d7:cc:38:d8:ff:59:f9:72:bf:b0:cf:9e:8a:fb:
d6:88:28:d0:30:e8:fb:b4:40:1d:34:ec:86:21:10:
48:74:59:11:f9:ef:d0:b0:81:9a:2f:b4:f6:1d:d7:
7a:a1:ae:e6:c2:6d:1c:c6:00:e4:23:98:34:bd:11:
8e:89:bb:73:fb:d4:6f:36:32:42:3e:d4:77:82:16:
4d:31:6a:5b:2b:c4:7d:1b:fa:c8:17:57:9e:1d:9b:
86:7d:6c:50:37:6e:12:68:16:79:ae:3c:a7:77:e8:
62:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C3:24:23:E2:60:9A:A9:4D:8D:80:6B:25:32:B1:69:BC:9B:ED:C1
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/d8MkI-JgmqlNjYBrJTKxabyb7cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.40.0/24
Signature Algorithm: sha256WithRSAEncryption
31:37:b3:14:28:3c:84:d5:02:07:1d:9d:cb:cd:e0:59:65:92:
a5:af:b8:1a:ed:06:a3:7c:d7:6e:0e:90:96:a7:fe:cd:c1:a1:
4a:8e:53:ca:ed:76:f3:43:e1:96:d5:4c:34:c1:c4:3a:01:4f:
33:da:80:c9:3c:3d:e4:f0:dd:40:7a:e3:b5:96:6e:29:49:5d:
bc:a9:5d:db:23:98:ed:f3:88:97:c9:22:1b:18:30:dc:08:fe:
d4:59:0c:1a:b9:23:16:a4:2e:da:4d:b5:2a:98:17:8c:1c:91:
be:f6:6c:c7:48:b9:14:55:e0:6f:67:e5:c6:bb:f0:ef:4f:92:
3f:77:c7:a1:a2:c2:be:08:02:d9:13:5a:7f:c8:78:c0:1b:45:
97:93:96:c5:4b:aa:a2:3a:7b:27:3d:89:8d:17:83:f7:d8:cb:
99:ad:f0:d5:cd:06:ad:2f:62:d3:6c:a0:14:b6:77:cf:a1:3f:
a4:7d:5e:98:f1:53:90:1c:c8:7e:e7:f9:03:6e:ab:29:f2:9c:
38:e3:4d:7b:c7:10:4e:55:4b:db:36:a3:41:33:21:f0:97:bf:
f3:de:95:92:fc:cb:be:7a:ff:5a:09:43:5d:ff:3d:ad:c1:0d:
7d:cc:de:f0:28:93:c9:ca:94:80:26:9c:e4:7d:0b:23:92:4e:
31:5e:f6:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkzyVbZY2AyJ2pccEON1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjQwMTAxMTAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2MzMjQyM2UyNjA5YWE5NGQ4ZDgwNmIyNTMyYjE2OWJjOWJlZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ/WRGDWjIWjV3/9462CTSmy0A5m
RVoVqav+4SazlBs52TBh8D3ft8jk+WVRd/o7dHoash/Kdfy4UHuCeMtLjFqdmiBa
ENt3shvGei3lQT3xJvbtrDBaF8ZQRsFc2ArWkDkCYoWBRCp1DSADwkxb7IMT+heC
xuHyeJVF6f9QPKyX8sdFov8E0nHq9LLkWR/XcbuOGpEJ18w42P9Z+XK/sM+eivvW
iCjQMOj7tEAdNOyGIRBIdFkR+e/QsIGaL7T2Hdd6oa7mwm0cxgDkI5g0vRGOibtz
+9RvNjJCPtR3ghZNMWpbK8R9G/rIF1eeHZuGfWxQN24SaBZ5rjynd+hiwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfDJCPiYJqpTY2AayUysWm8m+3BMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvZDhNa0ktSmdtcWxOallCckpUS3hhYnliN2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYwoMA0G
CSqGSIb3DQEBCwUAA4IBAQAxN7MUKDyE1QIHHZ3LzeBZZZKlr7ga7QajfNduDpCW
p/7NwaFKjlPK7XbzQ+GW1Uw0wcQ6AU8z2oDJPD3k8N1AeuO1lm4pSV28qV3bI5jt
84iXySIbGDDcCP7UWQwauSMWpC7aTbUqmBeMHJG+9mzHSLkUVeBvZ+XGu/DvT5I/
d8ehosK+CALZE1p/yHjAG0WXk5bFS6qiOnsnPYmNF4P32MuZrfDVzQatL2LTbKAU
tnfPoT+kfV6Y8VOQHMh+5/kDbqsp8pw44017xxBOVUvbNqNBMyHwl7/z3pWS/Mu+
ev9aCUNd/z2twQ19zN7wKJPJypSAJpzkfQsjkk4xXvae
-----END CERTIFICATE-----
Generated at Wed Jun 26 17:22:03 2024 by rpki-client on console-fra.rpki-client.org