Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/0ddca2-81b3-4b99-be02-aa03ec66290f/1/VdvBEmsal7uZMZh7zcOVRww7ieY.roa
File: VdvBEmsal7uZMZh7zcOVRww7ieY.roa (raw, json)
Hash identifier: rrvyRqnlPR8CKcQ4g9R4YQdMtvIgCJIbsOczp4vR4ic=
Subject key identifier: 55:DB:C1:12:6B:1A:97:BB:99:31:98:7B:CD:C3:95:47:0C:3B:89:E6
Certificate issuer: /CN=10d49b73cada01ee851812ec440b7a1ec98648b3
Certificate serial: 018CC2DAD8A0241E85E2AC264C458DEF0FCC
Authority key identifier: 10:D4:9B:73:CA:DA:01:EE:85:18:12:EC:44:0B:7A:1E:C9:86:48:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ENSbc8raAe6FGBLsRAt6HsmGSLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/0ddca2-81b3-4b99-be02-aa03ec66290f/1/VdvBEmsal7uZMZh7zcOVRww7ieY.roa
Signing time: Mon 01 Jan 2024 02:29:31 +0000
ROA not before: Mon 01 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208495
IP address blocks: 45.132.132.0/22 maxlen: 22
45.132.132.0/24 maxlen: 24
45.132.134.0/24 maxlen: 24
45.132.133.0/24 maxlen: 24
45.132.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/0ddca2-81b3-4b99-be02-aa03ec66290f/1/ENSbc8raAe6FGBLsRAt6HsmGSLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/0ddca2-81b3-4b99-be02-aa03ec66290f/1/ENSbc8raAe6FGBLsRAt6HsmGSLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ENSbc8raAe6FGBLsRAt6HsmGSLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d8:a0:24:1e:85:e2:ac:26:4c:45:8d:ef:0f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10d49b73cada01ee851812ec440b7a1ec98648b3
Validity
Not Before: Jan 1 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55dbc1126b1a97bb9931987bcdc395470c3b89e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:99:13:3b:02:1c:e7:f0:04:65:82:46:92:ac:
48:38:f8:08:8d:3d:cf:78:03:01:43:52:83:53:92:
e7:13:5c:60:ca:66:62:8e:01:32:96:86:b5:39:c5:
04:20:b4:7f:b6:e6:d2:3a:4b:e5:2c:90:8e:b2:55:
58:a2:30:77:ce:68:f4:74:96:f3:a1:42:f9:87:de:
51:52:41:06:92:37:c2:6d:bd:71:a9:2d:84:2f:78:
e6:61:9e:c8:94:cb:9f:75:29:5b:e2:30:89:69:f2:
68:e0:0a:2c:75:e3:ba:87:33:3a:e5:64:9f:b8:aa:
7a:81:49:05:d7:a6:c8:07:7b:f7:67:cb:d3:e4:b1:
bb:a2:c7:81:3f:b8:71:16:74:3e:a7:e2:3f:cb:05:
55:be:7c:42:41:57:e1:49:7c:de:43:3e:fd:04:5c:
41:19:a3:24:47:f2:7f:f3:11:97:70:10:e1:c6:62:
cd:34:7f:bd:55:de:27:b3:50:73:bc:06:ff:fc:8d:
e7:88:74:f5:31:39:81:df:0b:da:49:d8:0f:b7:71:
d9:ad:bc:3b:5a:a1:75:f4:46:5c:92:54:37:03:73:
ec:bf:f6:ff:74:ca:c3:c1:b1:9c:b6:60:06:57:98:
fd:3c:fe:ac:3d:42:09:07:e5:28:c6:33:d8:19:fb:
a1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:DB:C1:12:6B:1A:97:BB:99:31:98:7B:CD:C3:95:47:0C:3B:89:E6
X509v3 Authority Key Identifier:
keyid:10:D4:9B:73:CA:DA:01:EE:85:18:12:EC:44:0B:7A:1E:C9:86:48:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ENSbc8raAe6FGBLsRAt6HsmGSLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/0ddca2-81b3-4b99-be02-aa03ec66290f/1/VdvBEmsal7uZMZh7zcOVRww7ieY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/0ddca2-81b3-4b99-be02-aa03ec66290f/1/ENSbc8raAe6FGBLsRAt6HsmGSLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.132.0/22
Signature Algorithm: sha256WithRSAEncryption
02:8c:67:42:0d:d1:6c:c7:20:cc:5d:ea:cc:01:ca:2c:4b:2f:
2f:a2:cf:c3:c9:59:c7:42:f1:3b:66:81:2e:31:b4:96:da:4e:
8c:fa:f5:f4:f4:3f:0e:cc:0c:41:6a:2a:d0:ee:79:a1:b8:5b:
29:39:ce:89:1c:63:06:66:ed:48:f3:f8:33:71:f4:46:2a:da:
a0:77:ff:49:39:61:07:14:30:34:5f:cc:58:22:fe:6c:73:91:
ed:5c:ec:5b:d0:3b:38:85:30:be:b0:9a:5e:54:21:46:13:0d:
d2:6d:99:89:94:1e:b7:07:c3:23:21:1d:cd:7f:92:f1:6c:33:
2e:c1:e6:74:be:b0:e4:06:fc:71:bb:28:31:e5:3e:20:a3:d7:
b4:81:e2:f8:76:22:b0:58:c7:e9:12:b5:18:7b:5f:66:57:d1:
9e:18:ee:57:af:07:d1:54:e7:5b:6c:2f:65:36:6f:cb:44:ae:
90:81:40:b6:e5:4a:d5:40:f7:64:e7:34:5b:18:7b:28:df:73:
97:d1:c3:ab:ab:fb:93:a5:09:61:6d:25:8c:3f:5b:71:f5:84:
03:10:e6:e2:ce:eb:ee:6b:31:91:31:42:e6:41:ba:ef:42:7d:
95:d2:ae:5e:ab:45:4b:a7:7c:76:9a:7a:60:99:47:03:b5:c6:
53:27:21:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2tigJB6F4qwmTEWN7w/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZDQ5YjczY2FkYTAxZWU4NTE4MTJlYzQ0MGI3YTFlYzk4
NjQ4YjMwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWRiYzExMjZiMWE5N2JiOTkzMTk4N2JjZGMzOTU0NzBjM2I4OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipkTOwIc5/AEZYJGkqxIOPgIjT3P
eAMBQ1KDU5LnE1xgymZijgEyloa1OcUEILR/tubSOkvlLJCOslVYojB3zmj0dJbz
oUL5h95RUkEGkjfCbb1xqS2EL3jmYZ7IlMufdSlb4jCJafJo4AosdeO6hzM65WSf
uKp6gUkF16bIB3v3Z8vT5LG7oseBP7hxFnQ+p+I/ywVVvnxCQVfhSXzeQz79BFxB
GaMkR/J/8xGXcBDhxmLNNH+9Vd4ns1BzvAb//I3niHT1MTmB3wvaSdgPt3HZrbw7
WqF19EZcklQ3A3Psv/b/dMrDwbGctmAGV5j9PP6sPUIJB+UoxjPYGfuhHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFXbwRJrGpe7mTGYe83DlUcMO4nmMB8GA1UdIwQY
MBaAFBDUm3PK2gHuhRgS7EQLeh7JhkizMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRU5TYmM4cmFBZTZGR0JMc1JBdDZIc21HU0xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wZGRjYTItODFiMy00Yjk5LWJlMDIt
YWEwM2VjNjYyOTBmLzEvVmR2QkVtc2FsN3VaTVpoN3pjT1ZSd3c3aWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wZGRjYTItODFiMy00Yjk5LWJlMDItYWEwM2VjNjYyOTBm
LzEvRU5TYmM4cmFBZTZGR0JMc1JBdDZIc21HU0xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYSEMA0G
CSqGSIb3DQEBCwUAA4IBAQACjGdCDdFsxyDMXerMAcosSy8vos/DyVnHQvE7ZoEu
MbSW2k6M+vX09D8OzAxBairQ7nmhuFspOc6JHGMGZu1I8/gzcfRGKtqgd/9JOWEH
FDA0X8xYIv5sc5HtXOxb0Ds4hTC+sJpeVCFGEw3SbZmJlB63B8MjIR3Nf5LxbDMu
weZ0vrDkBvxxuygx5T4go9e0geL4diKwWMfpErUYe19mV9GeGO5XrwfRVOdbbC9l
Nm/LRK6QgUC25UrVQPdk5zRbGHso33OX0cOrq/uTpQlhbSWMP1tx9YQDEObizuvu
azGRMULmQbrvQn2V0q5eq0VLp3x2mnpgmUcDtcZTJyFm
-----END CERTIFICATE-----
Generated at Sun May 19 22:58:13 2024 by rpki-client on console-fra.rpki-client.org