Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/CbnkuGa-vRt817TPJQiKWPsPIsM.roa
File: CbnkuGa-vRt817TPJQiKWPsPIsM.roa (raw, json)
Hash identifier: rqAibwp4yOWuz88x7rlZJtulRS8+09gC1Nq6isozT/U=
Subject key identifier: 09:B9:E4:B8:66:BE:BD:1B:7C:D7:B4:CF:25:08:8A:58:FB:0F:22:C3
Certificate issuer: /CN=4a4ad03a0f592bb9c97c3052a690125d846415a4
Certificate serial: 018CC2DB0BB5F0544D6EF84CE331334237DE
Authority key identifier: 4A:4A:D0:3A:0F:59:2B:B9:C9:7C:30:52:A6:90:12:5D:84:64:15:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/CbnkuGa-vRt817TPJQiKWPsPIsM.roa
Signing time: Mon 01 Jan 2024 02:29:44 +0000
ROA not before: Mon 01 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207782
IP address blocks: 45.11.203.0/24 maxlen: 24
45.11.202.0/24 maxlen: 24
45.11.200.0/24 maxlen: 24
45.81.101.0/24 maxlen: 24
45.81.100.0/24 maxlen: 24
45.81.103.0/24 maxlen: 24
45.81.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/SkrQOg9ZK7nJfDBSppASXYRkFaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/SkrQOg9ZK7nJfDBSppASXYRkFaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0b:b5:f0:54:4d:6e:f8:4c:e3:31:33:42:37:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a4ad03a0f592bb9c97c3052a690125d846415a4
Validity
Not Before: Jan 1 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09b9e4b866bebd1b7cd7b4cf25088a58fb0f22c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d5:22:93:1d:d7:46:77:7b:3f:54:3a:7c:60:
ed:d6:ea:61:95:6a:29:79:ab:89:cd:6a:aa:c4:2a:
c2:e5:d2:4c:6d:7c:be:99:16:f8:6a:72:c8:fc:41:
c2:cf:9e:cd:85:5e:93:5f:d9:54:4e:a2:fb:64:93:
71:5d:8d:89:a9:ac:8c:4e:b0:73:a8:c6:bb:88:b1:
ef:f3:b4:05:3c:0f:a2:09:b8:ca:5e:a7:33:a9:cc:
e1:b7:7b:0b:38:b3:fa:94:9e:f1:73:ad:88:82:fa:
84:ff:3b:e8:f9:aa:f5:14:de:b7:e8:d2:1a:24:0e:
94:62:dd:a9:11:5d:f2:5f:42:27:02:26:e3:17:b8:
7b:cf:2a:71:f8:73:9e:1e:fd:bb:6e:7a:37:cd:fa:
59:1c:39:10:59:97:55:77:84:da:ca:d6:e1:fe:cc:
17:1b:6b:b1:dd:f6:92:16:a9:2e:69:ca:96:3c:b2:
4d:fa:02:bd:4d:74:70:9c:7b:94:a9:24:11:02:b1:
94:2f:80:a8:b8:58:c4:7f:5b:35:7f:e4:14:b7:27:
48:21:4a:bf:92:0d:68:e3:91:6a:9c:49:c1:f5:23:
f1:cd:43:af:b6:ca:0b:12:78:93:da:ce:c1:c8:af:
ae:32:2f:d1:cd:3f:f1:6c:84:50:a9:11:80:e0:22:
1a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B9:E4:B8:66:BE:BD:1B:7C:D7:B4:CF:25:08:8A:58:FB:0F:22:C3
X509v3 Authority Key Identifier:
keyid:4A:4A:D0:3A:0F:59:2B:B9:C9:7C:30:52:A6:90:12:5D:84:64:15:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkrQOg9ZK7nJfDBSppASXYRkFaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/CbnkuGa-vRt817TPJQiKWPsPIsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/167903-f426-4bf0-9233-a9ac66be48f7/1/SkrQOg9ZK7nJfDBSppASXYRkFaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.200.0/24
45.11.202.0/23
45.81.100.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:20:91:64:1d:0b:31:08:0c:fa:63:68:b4:b5:e7:28:f7:68:
41:75:72:03:9b:7f:9a:08:02:4d:9e:fa:02:61:a5:cf:5d:fb:
6d:f0:4d:e9:51:d8:8f:b4:21:4a:11:03:a9:c1:82:a6:a9:af:
7f:43:1b:21:91:d9:18:4e:9a:fb:fc:64:92:e3:a9:7a:c0:bb:
9a:15:ec:90:8c:1b:11:0b:a3:28:f4:a5:a9:b7:97:b8:1b:cc:
3f:52:38:e2:ff:66:88:f7:0b:8b:72:b0:fc:e9:2d:6f:70:60:
1a:58:6d:84:4f:26:ef:8f:77:2c:7a:59:4e:65:b5:27:cc:73:
e5:ee:81:15:98:32:c6:31:56:10:6e:be:a9:de:5c:6d:06:c9:
8d:f8:ef:ee:b7:03:f5:d3:54:be:1e:ec:dc:a2:bf:51:55:0d:
50:6d:a1:f2:ee:19:4a:2d:0e:08:8d:18:72:ef:ea:55:0d:41:
27:e6:47:dc:a9:7a:c3:f6:44:f7:c3:98:ac:46:8c:88:df:1b:
7a:22:ce:64:83:69:06:2c:01:96:47:b8:0f:1b:d3:54:2b:01:
d5:0f:9f:97:fc:1e:c2:2f:54:d2:14:7b:d5:3d:61:a5:b8:93:
d8:dd:51:69:11:b1:83:4c:b6:65:62:ad:ad:17:cf:5b:81:76:
92:93:99:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2wu18FRNbvhM4zEzQjfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNGFkMDNhMGY1OTJiYjljOTdjMzA1MmE2OTAxMjVkODQ2
NDE1YTQwHhcNMjQwMTAxMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI5ZTRiODY2YmViZDFiN2NkN2I0Y2YyNTA4OGE1OGZiMGYyMmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNUikx3XRnd7P1Q6fGDt1uphlWop
eauJzWqqxCrC5dJMbXy+mRb4anLI/EHCz57NhV6TX9lUTqL7ZJNxXY2JqayMTrBz
qMa7iLHv87QFPA+iCbjKXqczqczht3sLOLP6lJ7xc62IgvqE/zvo+ar1FN636NIa
JA6UYt2pEV3yX0InAibjF7h7zypx+HOeHv27bno3zfpZHDkQWZdVd4Taytbh/swX
G2ux3faSFqkuacqWPLJN+gK9TXRwnHuUqSQRArGUL4CouFjEf1s1f+QUtydIIUq/
kg1o45FqnEnB9SPxzUOvtsoLEniT2s7ByK+uMi/RzT/xbIRQqRGA4CIaqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAm55Lhmvr0bfNe0zyUIilj7DyLDMB8GA1UdIwQY
MBaAFEpK0DoPWSu5yXwwUqaQEl2EZBWkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tyUU9nOVpLN25KZkRCU3BwQVNYWVJrRmFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8xNjc5MDMtZjQyNi00YmYwLTkyMzMt
YTlhYzY2YmU0OGY3LzEvQ2Jua3VHYS12UnQ4MTdUUEpRaUtXUHNQSXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8xNjc5MDMtZjQyNi00YmYwLTkyMzMtYTlhYzY2YmU0OGY3
LzEvU2tyUU9nOVpLN25KZkRCU3BwQVNYWVJrRmFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQvIAwQB
LQvKAwQCLVFkMA0GCSqGSIb3DQEBCwUAA4IBAQCPIJFkHQsxCAz6Y2i0teco92hB
dXIDm3+aCAJNnvoCYaXPXftt8E3pUdiPtCFKEQOpwYKmqa9/QxshkdkYTpr7/GSS
46l6wLuaFeyQjBsRC6Mo9KWpt5e4G8w/Ujji/2aI9wuLcrD86S1vcGAaWG2ETybv
j3csellOZbUnzHPl7oEVmDLGMVYQbr6p3lxtBsmN+O/utwP101S+Huzcor9RVQ1Q
baHy7hlKLQ4IjRhy7+pVDUEn5kfcqXrD9kT3w5isRoyI3xt6Is5kg2kGLAGWR7gP
G9NUKwHVD5+X/B7CL1TSFHvVPWGluJPY3VFpEbGDTLZlYq2tF89bgXaSk5nT
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:41:14 2024 by rpki-client on console-ams.rpki-client.org