Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e996aa-2dcb-4c43-93fd-34b7d17ff715/1/KDEcwEs-EY38BX1F7FKvcYqHGAI.roa
File: KDEcwEs-EY38BX1F7FKvcYqHGAI.roa (raw, json)
Hash identifier: cZDnVQQpy3bWY8ZfUm99fXd6gLHuau6s0AU0xzAzgqM=
Subject key identifier: 28:31:1C:C0:4B:3E:11:8D:FC:05:7D:45:EC:52:AF:71:8A:87:18:02
Certificate issuer: /CN=076394845325084bb9ef78d4f717fc4b545fa7ed
Certificate serial: 018CC86EF1DC1F5439F86A0EB96FADA2E24C
Authority key identifier: 07:63:94:84:53:25:08:4B:B9:EF:78:D4:F7:17:FC:4B:54:5F:A7:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B2OUhFMlCEu573jU9xf8S1Rfp-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e996aa-2dcb-4c43-93fd-34b7d17ff715/1/KDEcwEs-EY38BX1F7FKvcYqHGAI.roa
Signing time: Tue 02 Jan 2024 04:29:23 +0000
ROA not before: Tue 02 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52199
IP address blocks: 45.149.54.0/24 maxlen: 24
2a0b:18c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e996aa-2dcb-4c43-93fd-34b7d17ff715/1/B2OUhFMlCEu573jU9xf8S1Rfp-0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e996aa-2dcb-4c43-93fd-34b7d17ff715/1/B2OUhFMlCEu573jU9xf8S1Rfp-0.mft
rsync://rpki.ripe.net/repository/DEFAULT/B2OUhFMlCEu573jU9xf8S1Rfp-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f1:dc:1f:54:39:f8:6a:0e:b9:6f:ad:a2:e2:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=076394845325084bb9ef78d4f717fc4b545fa7ed
Validity
Not Before: Jan 2 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28311cc04b3e118dfc057d45ec52af718a871802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:16:80:74:a7:7f:17:3d:3f:6c:39:89:96:fa:
9d:b4:bc:9a:11:8a:95:93:f4:60:10:1f:f4:2b:f6:
ef:e6:d2:36:d9:80:08:d3:5c:d9:cb:a6:82:dc:fe:
a1:d7:55:80:f3:47:66:6f:be:35:c2:c3:8a:6c:50:
90:3b:81:1b:59:b4:54:b3:43:f3:e5:e0:04:69:1e:
64:47:d2:52:ef:08:12:1a:9c:e6:ad:fc:0f:cd:75:
b2:f9:ad:dc:d3:57:46:a4:b1:aa:01:10:af:11:55:
8b:ff:2b:52:00:4a:1c:f5:83:0a:65:6f:6f:d9:7d:
10:b1:0e:6a:05:68:4e:84:10:07:3f:ac:a1:19:78:
43:b3:d3:6c:44:ca:f1:1b:f7:bf:d5:3c:1a:a0:45:
67:c6:79:6e:ed:30:26:ad:85:ee:43:5d:b1:b6:21:
d0:d1:9a:18:1e:e0:36:24:82:c6:9e:1b:a2:aa:da:
cb:c2:3a:67:80:57:ae:09:d4:65:fb:a4:d8:81:4b:
e7:39:ce:97:22:71:bd:33:f5:aa:10:21:f7:6e:f9:
cc:8f:17:b1:22:ef:ad:1f:29:32:f8:62:fc:72:34:
03:4e:7c:7a:42:be:5e:c4:f8:9b:55:eb:5e:52:cb:
6e:88:e9:b7:0d:98:00:ec:88:85:28:9c:57:61:49:
cc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:31:1C:C0:4B:3E:11:8D:FC:05:7D:45:EC:52:AF:71:8A:87:18:02
X509v3 Authority Key Identifier:
keyid:07:63:94:84:53:25:08:4B:B9:EF:78:D4:F7:17:FC:4B:54:5F:A7:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B2OUhFMlCEu573jU9xf8S1Rfp-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e996aa-2dcb-4c43-93fd-34b7d17ff715/1/KDEcwEs-EY38BX1F7FKvcYqHGAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e996aa-2dcb-4c43-93fd-34b7d17ff715/1/B2OUhFMlCEu573jU9xf8S1Rfp-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.54.0/24
IPv6:
2a0b:18c0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:8b:c8:be:5a:8b:2f:e7:da:21:14:36:8f:0d:e7:e3:21:7f:
7a:24:29:c0:20:9e:99:98:3d:ff:ad:3f:a7:87:fe:74:83:14:
d2:6a:e1:02:99:ed:87:f9:80:5f:b2:e8:48:90:a8:cc:4b:ab:
a0:df:8f:bc:a6:3f:b2:1c:27:43:32:45:20:f2:4e:e2:ef:cd:
18:3c:80:17:70:2e:8c:23:2d:49:cc:5a:57:b9:15:b6:9c:20:
0f:bc:12:d9:f3:41:1c:f5:3d:27:83:5e:ab:20:36:e5:ff:55:
90:98:47:68:ba:85:95:5b:b0:1a:07:65:59:ec:26:d1:48:58:
16:5e:42:1c:a6:9f:30:ce:8b:09:c1:28:88:51:66:a6:8e:f3:
b1:ec:01:83:46:fd:b2:6f:13:a9:7a:d1:a9:1d:55:a9:6d:2c:
53:ef:5d:ea:d2:f7:22:06:69:16:9f:46:53:b4:69:65:ea:a3:
90:d6:90:fe:97:be:a0:f9:67:f1:81:ae:a1:96:77:69:06:f6:
a3:b8:5b:75:eb:d0:50:68:f2:f2:ac:47:23:e7:58:d6:b3:10:
e1:3a:ae:37:22:1a:b3:32:59:b5:58:aa:63:53:dd:2b:df:94:
46:b5:62:db:0d:d6:01:49:41:1b:b2:6e:af:0d:45:bc:29:af:
c5:c7:ad:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbvHcH1Q5+GoOuW+touJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NjM5NDg0NTMyNTA4NGJiOWVmNzhkNGY3MTdmYzRiNTQ1
ZmE3ZWQwHhcNMjQwMTAyMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODMxMWNjMDRiM2UxMThkZmMwNTdkNDVlYzUyYWY3MThhODcxODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhaAdKd/Fz0/bDmJlvqdtLyaEYqV
k/RgEB/0K/bv5tI22YAI01zZy6aC3P6h11WA80dmb741wsOKbFCQO4EbWbRUs0Pz
5eAEaR5kR9JS7wgSGpzmrfwPzXWy+a3c01dGpLGqARCvEVWL/ytSAEoc9YMKZW9v
2X0QsQ5qBWhOhBAHP6yhGXhDs9NsRMrxG/e/1TwaoEVnxnlu7TAmrYXuQ12xtiHQ
0ZoYHuA2JILGnhuiqtrLwjpngFeuCdRl+6TYgUvnOc6XInG9M/WqECH3bvnMjxex
Iu+tHyky+GL8cjQDTnx6Qr5exPibVeteUstuiOm3DZgA7IiFKJxXYUnMVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCgxHMBLPhGN/AV9RexSr3GKhxgCMB8GA1UdIwQY
MBaAFAdjlIRTJQhLue941PcX/EtUX6ftMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjJPVWhGTWxDRXU1NzNqVTl4ZjhTMVJmcC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lOTk2YWEtMmRjYi00YzQzLTkzZmQt
MzRiN2QxN2ZmNzE1LzEvS0RFY3dFcy1FWTM4QlgxRjdGS3ZjWXFIR0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lOTk2YWEtMmRjYi00YzQzLTkzZmQtMzRiN2QxN2ZmNzE1
LzEvQjJPVWhGTWxDRXU1NzNqVTl4ZjhTMVJmcC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZU2MA0E
AgACMAcDBQMqCxjAMA0GCSqGSIb3DQEBCwUAA4IBAQBbi8i+Wosv59ohFDaPDefj
IX96JCnAIJ6ZmD3/rT+nh/50gxTSauECme2H+YBfsuhIkKjMS6ug34+8pj+yHCdD
MkUg8k7i780YPIAXcC6MIy1JzFpXuRW2nCAPvBLZ80Ec9T0ng16rIDbl/1WQmEdo
uoWVW7AaB2VZ7CbRSFgWXkIcpp8wzosJwSiIUWamjvOx7AGDRv2ybxOpetGpHVWp
bSxT713q0vciBmkWn0ZTtGll6qOQ1pD+l76g+Wfxga6hlndpBvajuFt169BQaPLy
rEcj51jWsxDhOq43IhqzMlm1WKpjU90r35RGtWLbDdYBSUEbsm6vDUW8Ka/Fx62d
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:24 2024 by rpki-client on console-fra.rpki-client.org