Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/9FjfULi1N4iXr2Ia8d2Kfe8coU0.roa
File: 9FjfULi1N4iXr2Ia8d2Kfe8coU0.roa (raw, json)
Hash identifier: PCPB6RJAUWzRmi6cS/EpscADVeXTylvPxK5iIN9DRJw=
Subject key identifier: F4:58:DF:50:B8:B5:37:88:97:AF:62:1A:F1:DD:8A:7D:EF:1C:A1:4D
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 0190CB88CEF2B0E3FDA41FB5213A45596AFF
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/9FjfULi1N4iXr2Ia8d2Kfe8coU0.roa
Signing time: Fri 19 Jul 2024 15:07:39 +0000
ROA not before: Fri 19 Jul 2024 15:07:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 145.224.128.0/20 maxlen: 24
145.224.160.0/20 maxlen: 24
145.224.176.0/20 maxlen: 24
145.224.192.0/19 maxlen: 24
145.224.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cb:88:ce:f2:b0:e3:fd:a4:1f:b5:21:3a:45:59:6a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Jul 19 15:07:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f458df50b8b5378897af621af1dd8a7def1ca14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d8:1a:45:14:76:e7:c6:38:24:25:30:12:07:
32:f1:6c:bf:0a:93:ec:82:61:6b:cc:77:0c:c8:7e:
72:43:44:a7:19:16:bd:17:3d:dd:a2:89:ea:0c:2d:
cb:e9:73:bb:8f:86:73:a4:ea:44:04:8a:08:ea:8e:
60:a3:0f:c3:5e:f4:51:c1:d9:db:af:a0:a1:2f:67:
8a:b8:a5:3e:f7:ef:89:67:33:5c:6b:15:96:53:70:
e5:a7:71:71:71:c5:58:5e:fb:94:06:00:47:30:c0:
fd:34:aa:11:db:3f:6b:2d:96:3c:3d:fb:d6:92:b8:
c3:49:40:db:8a:91:34:f1:34:bd:70:7e:68:a0:c6:
25:22:79:b2:e0:84:5a:7c:3f:55:d7:23:4b:c7:f1:
d6:2c:de:8c:76:c3:19:33:df:53:71:0a:77:73:9f:
69:33:bc:9c:8a:b8:2d:60:45:5d:42:3c:0f:ef:63:
a0:dd:24:db:ae:cf:37:db:94:7e:c5:77:e9:44:ba:
67:e6:ad:11:8f:e2:11:7b:7b:5d:05:0c:12:9c:ee:
11:28:e9:a6:94:7e:95:3c:92:8a:3e:48:dd:2b:4f:
7b:77:93:72:41:af:a3:35:f6:30:15:02:a7:ec:28:
e5:f3:5e:2a:13:d1:64:1b:06:57:d4:08:7a:e9:81:
35:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:58:DF:50:B8:B5:37:88:97:AF:62:1A:F1:DD:8A:7D:EF:1C:A1:4D
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/9FjfULi1N4iXr2Ia8d2Kfe8coU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.128.0/20
145.224.160.0-145.224.223.255
Signature Algorithm: sha256WithRSAEncryption
46:96:82:00:84:cf:d4:09:27:02:93:0a:54:ef:92:5e:27:c4:
7b:53:43:fb:aa:a0:d9:35:b2:95:62:dc:25:86:20:16:b3:2b:
a0:85:dd:9a:5c:58:7c:0e:b0:b1:6b:6f:fa:31:16:4f:63:73:
b5:35:9a:f1:ae:86:9e:26:96:db:69:9d:e6:4a:2a:92:48:1f:
c7:4e:35:20:d7:9b:64:19:2e:f9:33:e7:42:07:49:95:1c:dd:
54:b2:7a:f6:a6:36:db:e4:81:c0:c2:33:c9:6d:cc:3b:d4:74:
eb:6e:fb:62:88:bd:06:20:c5:01:5e:1b:f9:a5:72:d6:b2:c9:
76:da:54:c3:e8:65:20:36:a9:b9:e1:72:2d:00:31:d9:8b:fc:
fc:00:1b:aa:44:67:ab:f1:17:9c:5d:b5:57:18:55:20:39:f1:
32:41:57:96:65:8c:b8:ce:0c:8c:34:3a:7b:e6:c9:e4:cd:35:
0a:61:42:8b:b9:7d:82:11:9d:55:91:78:5b:22:8b:27:32:3d:
6c:52:dc:b3:19:c9:ec:6e:11:29:39:ef:9e:18:77:21:84:e7:
17:8b:30:31:aa:94:01:a6:e7:8c:74:0f:03:09:bf:84:3b:73:
1e:10:44:0a:14:14:79:da:7f:22:ff:a9:c0:fb:9f:c8:ef:eb:
9d:af:d9:27
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZDLiM7ysOP9pB+1ITpFWWr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjQwNzE5MTUwNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDU4ZGY1MGI4YjUzNzg4OTdhZjYyMWFmMWRkOGE3ZGVmMWNhMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9gaRRR258Y4JCUwEgcy8Wy/CpPs
gmFrzHcMyH5yQ0SnGRa9Fz3doonqDC3L6XO7j4ZzpOpEBIoI6o5gow/DXvRRwdnb
r6ChL2eKuKU+9++JZzNcaxWWU3Dlp3FxccVYXvuUBgBHMMD9NKoR2z9rLZY8PfvW
krjDSUDbipE08TS9cH5ooMYlInmy4IRafD9V1yNLx/HWLN6MdsMZM99TcQp3c59p
M7ycirgtYEVdQjwP72Og3STbrs8325R+xXfpRLpn5q0Rj+IRe3tdBQwSnO4RKOmm
lH6VPJKKPkjdK097d5NyQa+jNfYwFQKn7Cjl814qE9FkGwZX1Ah66YE1FQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPRY31C4tTeIl69iGvHdin3vHKFNMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvOUZqZlVMaTFONGlYcjJJYThkMktmZThjb1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQEkeCAMAwD
BAWR4KADBAWR4MAwDQYJKoZIhvcNAQELBQADggEBAEaWggCEz9QJJwKTClTvkl4n
xHtTQ/uqoNk1spVi3CWGIBazK6CF3ZpcWHwOsLFrb/oxFk9jc7U1mvGuhp4mlttp
neZKKpJIH8dONSDXm2QZLvkz50IHSZUc3VSyevamNtvkgcDCM8ltzDvUdOtu+2KI
vQYgxQFeG/mlctayyXbaVMPoZSA2qbnhci0AMdmL/PwAG6pEZ6vxF5xdtVcYVSA5
8TJBV5ZljLjODIw0OnvmyeTNNQphQou5fYIRnVWReFsiiycyPWxS3LMZyexuESk5
754YdyGE5xeLMDGqlAGm54x0DwMJv4Q7cx4QRAoUFHnafyL/qcD7n8jv652v2Sc=
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:07:36 2024 by rpki-client on console-ams.rpki-client.org