Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/RUnKLPnQyVVMCgh2TXYgum5Q_8M.roa
File: RUnKLPnQyVVMCgh2TXYgum5Q_8M.roa (raw, json)
Hash identifier: /8idVx/hoO0ee5A2c8G2J2MuVBKbHV7bQpE74ImLQTU=
Subject key identifier: 45:49:CA:2C:F9:D0:C9:55:4C:0A:08:76:4D:76:20:BA:6E:50:FF:C3
Certificate issuer: /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial: 018F88AD39171558857C20E95ADF8A3A5C7D
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/RUnKLPnQyVVMCgh2TXYgum5Q_8M.roa
Signing time: Fri 17 May 2024 22:30:04 +0000
ROA not before: Fri 17 May 2024 22:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42032
IP address blocks: 45.14.60.0/22 maxlen: 22
2a06:8a02::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:88:ad:39:17:15:58:85:7c:20:e9:5a:df:8a:3a:5c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
Validity
Not Before: May 17 22:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4549ca2cf9d0c9554c0a08764d7620ba6e50ffc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:79:9c:16:20:50:4f:49:ca:4d:72:80:4b:
f8:07:8f:fe:0d:bd:2f:fc:87:0c:3c:70:dc:3c:7f:
10:03:0d:f6:f7:b8:39:bd:96:cc:9a:b4:eb:da:e9:
f8:9e:3b:23:d7:9a:80:86:29:bd:57:ee:f7:b7:ba:
ac:80:4d:d9:fc:db:aa:2e:fb:a7:a1:53:0f:49:31:
a9:cb:d8:1e:7f:6c:4e:b2:20:a5:be:64:fd:b9:3d:
67:d7:5c:19:9d:66:38:33:ab:72:da:d9:3d:89:e6:
e6:50:06:2f:5c:30:17:8d:fc:e0:3c:7e:50:e7:fb:
7c:aa:44:fb:f0:9c:ce:45:92:98:7a:cf:2a:df:aa:
a1:dc:e4:71:2d:ce:75:b1:c9:94:d8:96:60:ea:11:
8b:56:1d:b2:6e:f2:39:d6:bc:5b:7c:24:38:e8:bb:
1e:c5:dd:a4:6f:aa:2e:07:31:bc:6a:c7:98:a4:73:
2f:ad:33:64:d6:cc:13:fb:88:ee:86:27:c5:17:eb:
b2:ff:51:10:dd:44:41:6a:8b:f8:65:2b:37:14:f0:
fe:34:cc:81:5d:e5:c8:11:9e:a7:cb:23:f0:d9:7b:
9c:3d:72:a2:36:77:01:ef:cc:44:b1:5e:af:b4:04:
d8:df:fa:6f:e0:22:d4:db:41:56:e7:95:ea:db:37:
0a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:49:CA:2C:F9:D0:C9:55:4C:0A:08:76:4D:76:20:BA:6E:50:FF:C3
X509v3 Authority Key Identifier:
keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/RUnKLPnQyVVMCgh2TXYgum5Q_8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.60.0/22
IPv6:
2a06:8a02::/32
Signature Algorithm: sha256WithRSAEncryption
b2:f2:49:eb:fa:73:7e:c3:ce:c4:ba:5b:21:4f:8a:af:83:6f:
b9:da:0c:3e:8b:c9:37:41:db:4b:eb:85:16:b6:2e:31:59:26:
32:92:5c:12:27:82:61:b2:4f:8b:46:38:57:08:f0:b7:07:3f:
0c:78:18:3a:0c:a9:ac:b6:e8:30:4e:b0:0b:e6:c2:87:29:57:
de:4c:e9:a7:dc:d8:3e:1b:1c:10:10:dd:bc:7f:68:2d:53:9c:
4e:1e:43:2a:71:5b:2e:76:07:06:19:04:3b:96:25:fe:9e:95:
5f:bd:ee:40:06:bf:18:37:b8:ba:af:98:97:71:66:cd:17:a1:
2a:36:ac:7c:87:24:6d:65:47:9d:6f:3f:4c:80:24:e1:2f:a3:
31:ef:70:f7:39:27:6e:1a:2f:49:44:78:ef:1d:23:7c:17:54:
5d:12:55:f4:2a:ff:89:fe:ce:53:99:51:1b:27:f6:9a:3d:c3:
89:c2:94:51:dc:8a:24:f7:ef:77:42:80:f2:d1:16:30:d4:ea:
7e:ac:e6:33:89:91:f5:ef:0e:aa:6a:66:7d:35:d2:e3:7f:ea:
b3:38:9c:31:75:54:5c:5a:c5:ec:10:4f:d8:67:b4:80:b3:d3:
30:18:58:c8:98:e5:2d:9e:84:03:08:7a:b7:6a:a2:68:25:94:
76:1e:b2:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+IrTkXFViFfCDpWt+KOlx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGU1OWEyMjNmNGJjYjgyMzQ5MmZiMTA5NmMzYTgyMzEw
YzAzZGEwHhcNMjQwNTE3MjIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQ5Y2EyY2Y5ZDBjOTU1NGMwYTA4NzY0ZDc2MjBiYTZlNTBmZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTN5nBYgUE9Jyk1ygEv4B4/+Db0v
/IcMPHDcPH8QAw3297g5vZbMmrTr2un4njsj15qAhim9V+73t7qsgE3Z/NuqLvun
oVMPSTGpy9gef2xOsiClvmT9uT1n11wZnWY4M6ty2tk9iebmUAYvXDAXjfzgPH5Q
5/t8qkT78JzORZKYes8q36qh3ORxLc51scmU2JZg6hGLVh2ybvI51rxbfCQ46Lse
xd2kb6ouBzG8aseYpHMvrTNk1swT+4juhifFF+uy/1EQ3URBaov4ZSs3FPD+NMyB
XeXIEZ6nyyPw2XucPXKiNncB78xEsV6vtATY3/pv4CLU20FW55Xq2zcKwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEVJyiz50MlVTAoIdk12ILpuUP/DMB8GA1UdIwQY
MBaAFDBOWaIj9Ly4I0kvsQlsOoIxDAPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTct
MzQ0Y2M1MDJmMWJkLzEvUlVuS0xQblF5VlZNQ2doMlRYWWd1bTVRXzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTctMzQ0Y2M1MDJmMWJk
LzEvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ48MA0E
AgACMAcDBQAqBooCMA0GCSqGSIb3DQEBCwUAA4IBAQCy8knr+nN+w87EulshT4qv
g2+52gw+i8k3QdtL64UWti4xWSYyklwSJ4Jhsk+LRjhXCPC3Bz8MeBg6DKmstugw
TrAL5sKHKVfeTOmn3Ng+GxwQEN28f2gtU5xOHkMqcVsudgcGGQQ7liX+npVfve5A
Br8YN7i6r5iXcWbNF6EqNqx8hyRtZUedbz9MgCThL6Mx73D3OSduGi9JRHjvHSN8
F1RdElX0Kv+J/s5TmVEbJ/aaPcOJwpRR3Iok9+93QoDy0RYw1Op+rOYziZH17w6q
amZ9NdLjf+qzOJwxdVRcWsXsEE/YZ7SAs9MwGFjImOUtnoQDCHq3aqJoJZR2HrJv
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:33:42 2024 by rpki-client on console-ams.rpki-client.org