Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/u8zBuHARv8CyyionOPBGX5xAZKM.roa
File: u8zBuHARv8CyyionOPBGX5xAZKM.roa (raw, json)
Hash identifier: fWgGTbqSPk6KAbHlPb7dacN4y/WZk7mHEIrZYs4LScY=
Subject key identifier: BB:CC:C1:B8:70:11:BF:C0:B2:CA:2A:27:38:F0:46:5F:9C:40:64:A3
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018CC6B7B8932777FD1A9FDC48250FD1A9BA
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/u8zBuHARv8CyyionOPBGX5xAZKM.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197309
IP address blocks: 45.136.204.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:b8:93:27:77:fd:1a:9f:dc:48:25:0f:d1:a9:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbccc1b87011bfc0b2ca2a2738f0465f9c4064a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:35:09:2a:23:a8:ca:c2:07:19:8b:74:94:b3:
09:f2:f5:78:00:8a:d0:93:f2:60:b5:a6:3c:5d:ca:
cc:98:70:b1:54:fd:9a:c5:c3:32:be:cc:bc:80:de:
36:54:02:a1:c3:28:40:41:ec:95:ba:a0:cf:0d:4b:
96:8a:fb:cb:0b:f1:78:94:f9:31:75:da:43:66:f2:
c7:0e:ff:ce:ff:85:0c:ce:43:cd:95:05:65:78:d8:
d3:46:0b:90:cf:d8:35:f4:c8:e6:ec:97:c6:5a:9f:
3f:09:4b:6f:af:f9:da:86:1c:7e:6a:79:ee:ab:02:
a7:17:7f:ac:bf:99:4a:a6:e0:4c:97:2a:77:85:1b:
e7:0f:17:a4:10:79:86:03:79:57:a4:dc:82:ed:48:
6b:66:64:4c:18:b8:1c:d8:3a:44:94:bd:a7:01:0b:
f3:39:40:9a:78:b9:6a:9b:c2:32:6f:bd:41:52:64:
2d:55:8e:0e:fa:60:02:aa:2e:6f:15:5c:34:f5:17:
53:af:af:99:3a:85:a7:e1:e6:64:e2:91:9e:76:b6:
f1:46:7b:9d:3b:b7:08:dc:41:5a:e9:f1:4b:6f:dc:
b3:68:c6:8e:a7:96:13:33:de:ff:9b:03:fb:6f:ed:
bf:c5:e8:52:51:7a:89:7d:5c:84:5c:85:82:e5:b6:
ed:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:CC:C1:B8:70:11:BF:C0:B2:CA:2A:27:38:F0:46:5F:9C:40:64:A3
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/u8zBuHARv8CyyionOPBGX5xAZKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.204.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:d8:c9:f7:c3:cd:cd:7f:e7:9c:2a:28:ff:96:51:01:0c:4c:
60:e8:df:a9:b8:c6:52:78:2c:4c:b4:95:b8:63:3c:cb:39:46:
2c:d8:c6:a9:2a:52:02:d6:5f:82:d9:cc:ac:bc:fa:7c:b2:81:
c2:56:44:d4:74:8e:d1:c8:01:64:f2:b8:49:a0:df:18:2b:a8:
dd:2b:2f:4e:20:5a:25:c7:2b:7a:2d:1b:00:07:34:33:95:39:
c9:83:a3:73:b2:ca:ac:3d:37:0b:d3:85:06:2c:83:c6:1e:78:
3c:3d:34:c9:b0:cc:fd:7d:f3:3a:56:c3:aa:c6:ba:e6:5d:21:
7f:b3:ad:25:58:a8:0d:0e:23:4a:07:c7:e8:29:1b:69:78:4a:
50:9e:43:89:34:ff:96:82:83:b0:c9:c1:5e:91:d2:b1:e4:3c:
21:28:a3:f0:93:b3:30:7d:b1:06:c1:6a:13:8e:8d:ca:be:a3:
a5:1f:47:ee:bd:4e:83:13:3f:b2:3d:1b:56:a2:00:88:4c:03:
d8:d2:79:40:bc:df:cd:ad:d2:04:8a:91:e1:73:1c:31:d2:99:
28:a7:23:8c:ae:6f:0e:01:f8:f6:c2:4c:76:25:12:81:3e:63:
e6:25:dc:c0:aa:4b:31:cf:1a:97:e3:9c:2b:45:72:73:1a:25:
2e:49:76:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt7iTJ3f9Gp/cSCUP0am6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmNjYzFiODcwMTFiZmMwYjJjYTJhMjczOGYwNDY1ZjljNDA2NGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDUJKiOoysIHGYt0lLMJ8vV4AIrQ
k/JgtaY8XcrMmHCxVP2axcMyvsy8gN42VAKhwyhAQeyVuqDPDUuWivvLC/F4lPkx
ddpDZvLHDv/O/4UMzkPNlQVleNjTRguQz9g19Mjm7JfGWp8/CUtvr/nahhx+annu
qwKnF3+sv5lKpuBMlyp3hRvnDxekEHmGA3lXpNyC7UhrZmRMGLgc2DpElL2nAQvz
OUCaeLlqm8Iyb71BUmQtVY4O+mACqi5vFVw09RdTr6+ZOoWn4eZk4pGedrbxRnud
O7cI3EFa6fFLb9yzaMaOp5YTM97/mwP7b+2/xehSUXqJfVyEXIWC5bbtGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvMwbhwEb/AssoqJzjwRl+cQGSjMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvdTh6QnVIQVJ2OEN5eWlvbk9QQkdYNXhBWktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYjMMA0G
CSqGSIb3DQEBCwUAA4IBAQCc2Mn3w83Nf+ecKij/llEBDExg6N+puMZSeCxMtJW4
YzzLOUYs2MapKlIC1l+C2cysvPp8soHCVkTUdI7RyAFk8rhJoN8YK6jdKy9OIFol
xyt6LRsABzQzlTnJg6NzssqsPTcL04UGLIPGHng8PTTJsMz9ffM6VsOqxrrmXSF/
s60lWKgNDiNKB8foKRtpeEpQnkOJNP+WgoOwycFekdKx5DwhKKPwk7MwfbEGwWoT
jo3KvqOlH0fuvU6DEz+yPRtWogCITAPY0nlAvN/NrdIEipHhcxwx0pkopyOMrm8O
Afj2wkx2JRKBPmPmJdzAqksxzxqX45wrRXJzGiUuSXbG
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:54 2024 by rpki-client on console-ams.rpki-client.org