Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/KD70Gp1D_lkzDLC-EM7MzoplRbc.roa
File: KD70Gp1D_lkzDLC-EM7MzoplRbc.roa (raw, json)
Hash identifier: jQ+EI3Vf5fimNk6bLwzNjKtkAJUR0oxNu2zQ6HA7rwc=
Subject key identifier: 28:3E:F4:1A:9D:43:FE:59:33:0C:B0:BE:10:CE:CC:CE:8A:65:45:B7
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018FAB5D808786AC473C7A1FF0748C09C5AF
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/KD70Gp1D_lkzDLC-EM7MzoplRbc.roa
Signing time: Fri 24 May 2024 16:09:42 +0000
ROA not before: Fri 24 May 2024 16:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196695
IP address blocks: 45.147.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ab:5d:80:87:86:ac:47:3c:7a:1f:f0:74:8c:09:c5:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: May 24 16:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=283ef41a9d43fe59330cb0be10ceccce8a6545b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:cc:03:b9:61:b6:e2:50:3e:d9:f5:76:8d:a4:
38:03:d2:f1:2a:54:ec:74:e7:92:d5:f1:f8:b9:e1:
0a:0c:f2:b2:4a:9d:8b:ee:ed:19:a0:4e:09:c1:07:
ed:f6:42:f7:ed:21:f5:db:be:9c:36:8b:fd:21:9a:
7b:ad:98:c3:bf:c6:bb:d7:cc:a2:6c:e9:7a:6c:c2:
c9:2f:0c:41:4c:b6:f5:23:b5:4f:51:af:f7:72:1b:
b4:97:32:22:ea:3e:8c:1a:67:67:c1:ff:9b:b7:00:
e6:f0:28:63:e7:30:28:a6:91:89:a7:43:32:bd:5e:
8e:bd:1a:eb:20:a9:3b:2d:49:0e:7f:69:bb:e2:33:
b7:36:8f:79:eb:19:b3:89:6f:d3:ed:df:96:10:8d:
c0:3b:cf:7e:f8:93:89:26:32:32:b1:32:f9:8e:3e:
15:f5:5b:da:d2:1f:ca:db:51:d8:77:d1:95:52:e6:
35:75:18:42:17:ff:24:9d:22:21:77:58:cf:ce:3d:
8a:e9:53:01:66:7a:5d:47:81:81:7b:e9:2a:5d:70:
bd:9d:01:19:55:6a:3f:d6:f4:d9:72:4b:e9:2e:00:
8d:d6:30:2d:32:b8:c8:c1:04:f1:ac:1c:98:a7:1f:
b3:6c:14:99:76:9e:98:b7:7e:df:2f:f5:de:6a:2b:
6d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:3E:F4:1A:9D:43:FE:59:33:0C:B0:BE:10:CE:CC:CE:8A:65:45:B7
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/KD70Gp1D_lkzDLC-EM7MzoplRbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.3.0/24
Signature Algorithm: sha256WithRSAEncryption
54:f3:3a:a9:fc:57:88:62:3e:5b:23:e6:36:14:07:0e:61:7a:
c5:a8:f0:f4:e9:84:0e:ea:54:94:3b:d4:aa:80:30:f0:f5:18:
38:0e:e1:7c:97:46:fe:c0:3a:c6:2c:d4:c5:49:74:65:03:2e:
f6:be:fe:1d:ac:74:8d:44:15:99:c5:9b:ba:5a:4b:4f:92:b0:
97:62:80:34:3f:85:94:65:85:79:28:63:28:44:11:24:29:b0:
6a:6d:55:26:66:1e:a0:54:29:02:93:67:7e:b4:7c:64:2f:8e:
d1:ac:a3:28:53:71:8a:4c:01:d1:48:3e:ff:49:cb:64:b7:7e:
9d:56:e2:69:20:f3:2a:c1:ad:16:6d:ca:80:4a:b5:ae:4f:66:
0d:cd:70:a6:e3:83:43:f8:70:68:5d:b6:71:e0:64:f2:d4:ec:
b1:c5:6b:d7:35:ca:ea:01:17:e6:8d:cc:dc:89:24:a9:0d:95:
ec:09:c7:10:70:14:6c:26:1b:a0:08:a2:fd:f0:b9:c0:72:fd:
20:ea:25:35:1e:22:62:34:98:ce:43:b0:4c:e2:96:96:f3:f4:
05:72:bc:36:1a:ec:ed:44:20:31:7f:9e:19:26:e9:62:d5:a6:
5a:f4:1f:1a:0a:15:f3:f6:a3:b3:0b:a5:15:8d:90:8d:0f:bc:
19:a0:18:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+rXYCHhqxHPHof8HSMCcWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNTI0MTYwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODNlZjQxYTlkNDNmZTU5MzMwY2IwYmUxMGNlY2NjZThhNjU0NWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7MwDuWG24lA+2fV2jaQ4A9LxKlTs
dOeS1fH4ueEKDPKySp2L7u0ZoE4JwQft9kL37SH1276cNov9IZp7rZjDv8a718yi
bOl6bMLJLwxBTLb1I7VPUa/3chu0lzIi6j6MGmdnwf+btwDm8Chj5zAoppGJp0My
vV6OvRrrIKk7LUkOf2m74jO3No956xmziW/T7d+WEI3AO89++JOJJjIysTL5jj4V
9Vva0h/K21HYd9GVUuY1dRhCF/8knSIhd1jPzj2K6VMBZnpdR4GBe+kqXXC9nQEZ
VWo/1vTZckvpLgCN1jAtMrjIwQTxrByYpx+zbBSZdp6Yt37fL/XeaittzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCg+9BqdQ/5ZMwywvhDOzM6KZUW3MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvS0Q3MEdwMURfbGt6RExDLUVNN016b3BsUmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMDMA0G
CSqGSIb3DQEBCwUAA4IBAQBU8zqp/FeIYj5bI+Y2FAcOYXrFqPD06YQO6lSUO9Sq
gDDw9Rg4DuF8l0b+wDrGLNTFSXRlAy72vv4drHSNRBWZxZu6WktPkrCXYoA0P4WU
ZYV5KGMoRBEkKbBqbVUmZh6gVCkCk2d+tHxkL47RrKMoU3GKTAHRSD7/Sctkt36d
VuJpIPMqwa0WbcqASrWuT2YNzXCm44ND+HBoXbZx4GTy1OyxxWvXNcrqARfmjczc
iSSpDZXsCccQcBRsJhugCKL98LnAcv0g6iU1HiJiNJjOQ7BM4paW8/QFcrw2Guzt
RCAxf54ZJuli1aZa9B8aChXz9qOzC6UVjZCND7wZoBhk
-----END CERTIFICATE-----
Generated at Wed Jun 26 08:52:34 2024 by rpki-client on console-ams.rpki-client.org