Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/dl4qd2NxLv2pdTNq0OS-OOlqIBQ.roa
File: dl4qd2NxLv2pdTNq0OS-OOlqIBQ.roa (raw, json)
Hash identifier: R4VZvRsgmGwvVdNYC34Oay7cu6wYCD63hbEHa/PcSQI=
Subject key identifier: 76:5E:2A:77:63:71:2E:FD:A9:75:33:6A:D0:E4:BE:38:E9:6A:20:14
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 018CC794486224BC79E57FCE20F670B8AEAB
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/dl4qd2NxLv2pdTNq0OS-OOlqIBQ.roa
Signing time: Tue 02 Jan 2024 00:30:33 +0000
ROA not before: Tue 02 Jan 2024 00:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51327
IP address blocks: 139.45.214.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:48:62:24:bc:79:e5:7f:ce:20:f6:70:b8:ae:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Jan 2 00:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=765e2a7763712efda975336ad0e4be38e96a2014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:07:73:ff:47:45:c2:65:29:67:32:23:f5:31:
ff:bc:a9:0c:15:85:f9:5f:38:3b:5e:e4:d7:37:1f:
6d:65:cc:91:5c:b7:79:ce:58:86:45:da:05:70:62:
23:26:b6:e3:66:eb:a3:2b:aa:93:3a:6b:bf:f0:d2:
89:d3:ea:ea:ea:75:80:69:3a:23:71:8c:c5:fa:eb:
b4:01:95:03:22:88:64:95:93:ee:fe:f9:28:d0:01:
3b:a3:3d:aa:1a:32:6a:a0:ab:42:f0:f2:75:4c:41:
9b:fb:84:29:83:82:90:d5:69:0f:75:4f:83:e6:25:
f3:1f:47:34:e3:91:bf:3d:74:9e:57:51:c0:59:06:
c6:2f:71:d8:5d:6c:8b:a7:56:14:f3:cf:da:6a:46:
50:b6:33:81:47:e2:31:81:d4:19:5e:af:60:6d:3b:
66:89:43:f6:8d:6c:98:a2:f5:5d:d5:2d:b3:41:bd:
0a:c8:34:aa:d1:38:c4:e5:49:f5:4d:eb:b2:f7:f5:
8b:a3:7b:e0:73:22:35:aa:60:d2:87:dd:3e:df:1f:
ee:87:5e:9f:60:65:ed:72:6e:c7:3b:87:3a:46:69:
d5:4d:43:9f:48:1c:80:1b:3a:c2:a1:0a:14:44:89:
3c:f7:d9:f7:77:0a:83:57:ee:35:ca:80:d0:75:b8:
57:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:5E:2A:77:63:71:2E:FD:A9:75:33:6A:D0:E4:BE:38:E9:6A:20:14
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/dl4qd2NxLv2pdTNq0OS-OOlqIBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.45.214.0/23
Signature Algorithm: sha256WithRSAEncryption
22:73:33:bd:29:53:45:84:58:ab:91:84:be:da:f2:58:e3:be:
73:ab:9c:77:9f:38:32:5e:ac:ca:2e:3a:99:87:0c:41:e0:df:
26:2b:9b:9e:ee:a1:41:df:c4:49:20:ce:41:e9:9b:4f:12:59:
40:6b:18:fb:7f:99:72:7f:dd:98:b8:0e:b8:b2:bd:83:58:42:
92:ee:67:01:b4:64:94:3e:b4:d2:61:cc:23:31:7b:06:4a:da:
b5:2c:5d:11:1d:0f:94:a0:2d:ad:3b:ce:20:6e:c5:13:5d:1b:
b8:38:60:67:23:9a:45:16:43:d0:c2:c5:37:47:3e:e3:af:67:
8c:54:42:ce:ee:22:3b:ed:d7:51:22:cf:c8:f7:5a:1f:f8:52:
93:4a:51:d3:94:87:05:be:cc:27:ee:d7:ae:48:c3:bc:f4:8d:
62:79:eb:b3:b5:cf:cf:b6:f9:37:cb:8f:7a:de:c2:96:05:0a:
38:d2:31:d2:e0:51:19:50:1c:c5:f7:d6:b5:09:a7:a3:4a:3f:
ae:07:02:8e:8c:ef:f0:00:db:16:05:c9:3c:51:7b:75:c5:88:
e5:1c:33:61:67:f2:fc:7b:8b:88:5e:5c:4c:3e:82:fc:76:ac:
79:5b:ee:07:c4:8f:0f:27:9e:ed:8b:94:a3:f4:27:d5:e0:92:
54:fd:67:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlEhiJLx55X/OIPZwuK6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjQwMTAyMDAzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjVlMmE3NzYzNzEyZWZkYTk3NTMzNmFkMGU0YmUzOGU5NmEyMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgdz/0dFwmUpZzIj9TH/vKkMFYX5
Xzg7XuTXNx9tZcyRXLd5zliGRdoFcGIjJrbjZuujK6qTOmu/8NKJ0+rq6nWAaToj
cYzF+uu0AZUDIohklZPu/vko0AE7oz2qGjJqoKtC8PJ1TEGb+4Qpg4KQ1WkPdU+D
5iXzH0c045G/PXSeV1HAWQbGL3HYXWyLp1YU88/aakZQtjOBR+IxgdQZXq9gbTtm
iUP2jWyYovVd1S2zQb0KyDSq0TjE5Un1Teuy9/WLo3vgcyI1qmDSh90+3x/uh16f
YGXtcm7HO4c6RmnVTUOfSByAGzrCoQoURIk899n3dwqDV+41yoDQdbhXkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZeKndjcS79qXUzatDkvjjpaiAUMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvZGw0cWQyTnhMdjJwZFROcTBPUy1PT2xxSUJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBiy3WMA0G
CSqGSIb3DQEBCwUAA4IBAQAiczO9KVNFhFirkYS+2vJY475zq5x3nzgyXqzKLjqZ
hwxB4N8mK5ue7qFB38RJIM5B6ZtPEllAaxj7f5lyf92YuA64sr2DWEKS7mcBtGSU
PrTSYcwjMXsGStq1LF0RHQ+UoC2tO84gbsUTXRu4OGBnI5pFFkPQwsU3Rz7jr2eM
VELO7iI77ddRIs/I91of+FKTSlHTlIcFvswn7teuSMO89I1ieeuztc/Ptvk3y496
3sKWBQo40jHS4FEZUBzF99a1CaejSj+uBwKOjO/wANsWBck8UXt1xYjlHDNhZ/L8
e4uIXlxMPoL8dqx5W+4HxI8PJ57ti5Sj9CfV4JJU/Wej
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:53 2024 by rpki-client on console-ams.rpki-client.org