Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0bnuTkCfYfzUfw3eB1VZySpW2z8.roa
File: 0bnuTkCfYfzUfw3eB1VZySpW2z8.roa (raw, json)
Hash identifier: 57UexDJJ4dyqLTvR+hM8PAsHjeV+TSvkbh8n7TWviQs=
Subject key identifier: D1:B9:EE:4E:40:9F:61:FC:D4:7F:0D:DE:07:55:59:C9:2A:56:DB:3F
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018CC6B7B5CC4D3853E22CCC9BA84F5198DE
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0bnuTkCfYfzUfw3eB1VZySpW2z8.roa
Signing time: Mon 01 Jan 2024 20:29:37 +0000
ROA not before: Mon 01 Jan 2024 20:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57724
IP address blocks: 45.155.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:b5:cc:4d:38:53:e2:2c:cc:9b:a8:4f:51:98:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 20:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1b9ee4e409f61fcd47f0dde075559c92a56db3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9c:56:21:39:d8:cb:d6:1d:11:06:8c:7e:09:
41:e9:4a:89:e1:8b:65:04:22:a1:0f:9d:44:37:46:
ae:58:bf:32:db:3a:3f:f5:5f:9f:41:a0:30:00:e3:
1f:c2:a1:93:3b:2b:23:1a:3e:a4:a9:e0:f4:d2:e3:
58:3a:03:6b:03:c6:c0:8f:91:2c:9b:0d:a0:35:03:
26:a9:c3:50:cf:3f:40:32:a8:c8:2f:c1:db:06:2d:
dc:63:3a:8d:07:dd:88:df:28:17:85:72:45:71:9d:
57:85:4a:af:1e:f9:bd:40:e5:8f:e4:2f:1f:2f:1c:
a8:ef:d7:d6:9b:1d:e8:10:81:c9:d9:94:9b:84:9d:
92:cf:0e:cd:7b:8e:e0:7a:28:a8:99:9e:a3:22:23:
67:93:f2:e8:f4:df:05:04:d6:68:a1:2a:95:bd:55:
73:82:8d:59:e8:b6:5c:10:c0:de:79:cc:d0:3d:02:
a6:0a:dc:e7:e3:07:9f:0d:98:d0:37:cc:42:a1:f9:
bc:d2:56:69:0f:8d:22:1d:27:58:32:74:5a:d9:40:
e7:eb:ee:ae:3b:38:08:6a:d5:dc:89:e4:fa:86:7c:
a1:64:ab:6d:61:62:4f:25:20:1e:22:6b:7a:d9:84:
72:24:1c:46:4c:cb:16:de:81:09:96:0c:5c:2a:9a:
67:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B9:EE:4E:40:9F:61:FC:D4:7F:0D:DE:07:55:59:C9:2A:56:DB:3F
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0bnuTkCfYfzUfw3eB1VZySpW2z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.60.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:bc:24:51:2e:ee:97:c4:6a:d5:f7:85:78:7e:64:90:91:c0:
89:66:27:b7:34:4e:dc:75:3d:db:05:4a:a3:e2:4b:f6:e6:db:
53:45:1c:92:e1:27:87:49:89:a6:00:b2:f5:8b:f0:e8:d6:12:
0e:e9:f8:ea:8a:07:7c:d8:5f:38:0d:48:0f:55:c3:6a:8a:b5:
51:a1:84:7a:be:03:18:6b:0e:7e:24:cb:12:25:48:76:84:75:
27:4c:ce:b5:60:93:a5:f3:5b:b2:40:9b:dc:52:57:d3:ae:7c:
c7:b4:3c:3d:c4:8e:8b:e5:02:2b:97:84:c9:f8:a3:92:a1:b2:
d3:83:4f:3b:cc:13:52:ba:a5:5d:f3:d9:ad:43:cd:ea:b9:0e:
61:fc:a4:b2:54:c4:cb:b7:e9:d9:b3:63:16:ce:c2:a3:1f:01:
b4:50:5c:7f:96:5f:1b:8d:71:a9:37:83:be:49:e0:7b:57:3e:
61:f6:07:2c:38:40:2a:3f:b1:f9:83:cb:71:b9:f4:4a:b3:7f:
0a:54:b7:32:c6:c3:ae:a3:e8:fd:97:22:ea:1c:ec:82:92:df:
28:62:6e:59:52:03:a2:88:5d:0b:cb:c9:a2:95:ee:4d:76:70:
1c:58:c9:6b:c6:eb:32:64:0e:10:a9:62:c2:d7:bd:4e:76:85:
b7:6b:25:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt7XMTThT4izMm6hPUZjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI5ZWU0ZTQwOWY2MWZjZDQ3ZjBkZGUwNzU1NTljOTJhNTZkYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJxWITnYy9YdEQaMfglB6UqJ4Ytl
BCKhD51EN0auWL8y2zo/9V+fQaAwAOMfwqGTOysjGj6kqeD00uNYOgNrA8bAj5Es
mw2gNQMmqcNQzz9AMqjIL8HbBi3cYzqNB92I3ygXhXJFcZ1XhUqvHvm9QOWP5C8f
Lxyo79fWmx3oEIHJ2ZSbhJ2Szw7Ne47geiiomZ6jIiNnk/Lo9N8FBNZooSqVvVVz
go1Z6LZcEMDeeczQPQKmCtzn4wefDZjQN8xCofm80lZpD40iHSdYMnRa2UDn6+6u
OzgIatXcieT6hnyhZKttYWJPJSAeImt62YRyJBxGTMsW3oEJlgxcKppnxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNG57k5An2H81H8N3gdVWckqVts/MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvMGJudVRrQ2ZZZnpVZnczZUIxVlp5U3BXMno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZs8MA0G
CSqGSIb3DQEBCwUAA4IBAQBdvCRRLu6XxGrV94V4fmSQkcCJZie3NE7cdT3bBUqj
4kv25ttTRRyS4SeHSYmmALL1i/Do1hIO6fjqigd82F84DUgPVcNqirVRoYR6vgMY
aw5+JMsSJUh2hHUnTM61YJOl81uyQJvcUlfTrnzHtDw9xI6L5QIrl4TJ+KOSobLT
g087zBNSuqVd89mtQ83quQ5h/KSyVMTLt+nZs2MWzsKjHwG0UFx/ll8bjXGpN4O+
SeB7Vz5h9gcsOEAqP7H5g8txufRKs38KVLcyxsOuo+j9lyLqHOyCkt8oYm5ZUgOi
iF0Ly8mile5NdnAcWMlrxusyZA4QqWLC171OdoW3ayXO
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:54 2024 by rpki-client on console-ams.rpki-client.org