Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/b-KWuIeEguBwQR2O757y41PQWdM.roa
File: b-KWuIeEguBwQR2O757y41PQWdM.roa (raw, json)
Hash identifier: VbIxyqHuCj0AADHbwPa4LF8FzoMbhXX6g+lSJGRrqcA=
Subject key identifier: 6F:E2:96:B8:87:84:82:E0:70:41:1D:8E:EF:9E:F2:E3:53:D0:59:D3
Certificate issuer: /CN=66759f7a8f90672ea8353af4d11d6ac5e9fd8206
Certificate serial: 018DC0129CE13641A2FA132C6AB7325F5209
Authority key identifier: 66:75:9F:7A:8F:90:67:2E:A8:35:3A:F4:D1:1D:6A:C5:E9:FD:82:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZnWfeo-QZy6oNTr00R1qxen9ggY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/b-KWuIeEguBwQR2O757y41PQWdM.roa
Signing time: Mon 19 Feb 2024 06:34:21 +0000
ROA not before: Mon 19 Feb 2024 06:34:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18013
IP address blocks: 45.149.16.0/24 maxlen: 24
45.149.17.0/24 maxlen: 24
45.149.18.0/24 maxlen: 24
45.149.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/ZnWfeo-QZy6oNTr00R1qxen9ggY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/ZnWfeo-QZy6oNTr00R1qxen9ggY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZnWfeo-QZy6oNTr00R1qxen9ggY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:12:9c:e1:36:41:a2:fa:13:2c:6a:b7:32:5f:52:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66759f7a8f90672ea8353af4d11d6ac5e9fd8206
Validity
Not Before: Feb 19 06:34:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fe296b8878482e070411d8eef9ef2e353d059d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e0:22:b8:b4:25:02:a3:55:c3:65:22:81:a9:
e2:97:cc:66:e7:b7:8f:c0:b0:ab:bd:2e:13:6c:3d:
7c:91:c4:92:39:53:71:50:15:d4:14:1c:c3:c7:21:
b6:c1:1e:0e:0c:b3:6c:7b:60:2d:df:8f:20:8a:59:
90:0e:70:01:cf:0e:c9:2e:6e:6f:95:39:c5:f8:64:
4c:48:40:ad:66:76:d1:4e:1f:d9:58:fa:af:1d:e5:
57:93:77:88:ff:1d:f0:7b:fb:cd:cd:a7:b5:f2:be:
3c:8c:6e:15:5c:68:24:75:c4:4a:1f:62:53:f7:49:
bd:0f:bb:2d:2c:a4:e2:29:57:4a:1e:87:1f:58:38:
98:8c:da:6b:7e:11:73:33:1b:cc:b5:cf:ec:77:50:
3f:61:ce:4a:c4:fa:76:cc:1d:ea:95:e0:25:bf:55:
0e:82:bc:01:e6:f6:6a:bd:c4:64:e3:b0:9a:41:3a:
57:a8:a1:f9:93:0f:4d:7e:e2:e9:c7:a2:24:cd:3e:
24:19:00:02:1a:05:17:03:21:3d:2b:e2:10:34:4f:
04:e6:6b:e7:15:e5:08:6e:f4:b8:f5:5c:9d:c8:a5:
09:e4:bc:0a:36:56:be:92:d0:77:42:1d:f2:b4:12:
25:eb:f5:ff:44:5c:71:a0:8f:ef:96:a6:e7:55:4a:
3e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E2:96:B8:87:84:82:E0:70:41:1D:8E:EF:9E:F2:E3:53:D0:59:D3
X509v3 Authority Key Identifier:
keyid:66:75:9F:7A:8F:90:67:2E:A8:35:3A:F4:D1:1D:6A:C5:E9:FD:82:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZnWfeo-QZy6oNTr00R1qxen9ggY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/b-KWuIeEguBwQR2O757y41PQWdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/ZnWfeo-QZy6oNTr00R1qxen9ggY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.16.0/22
Signature Algorithm: sha256WithRSAEncryption
74:d3:5e:82:b5:87:38:3e:84:60:52:75:25:de:68:08:0e:ad:
ca:b5:25:39:da:a9:89:73:5e:4e:c0:22:00:9c:72:f0:77:7d:
30:29:7b:2f:e1:7b:41:1e:9a:cd:2c:55:be:f5:20:42:3a:0b:
5d:2a:21:59:ba:ed:c6:52:0f:42:6d:ab:63:00:79:ca:6a:00:
c6:a8:57:18:b5:21:fd:5f:6d:39:b2:0c:81:2b:34:d5:c0:8c:
c6:1e:d8:ad:42:0b:67:a3:41:6d:0b:3f:57:f2:33:aa:05:c6:
79:08:f1:22:5b:cc:55:52:00:14:80:32:14:9a:bd:e2:43:17:
39:49:ca:b8:32:0c:c2:16:9e:86:f8:5b:30:4b:fb:fa:8f:f4:
04:f9:f6:20:41:e4:13:3f:f7:c6:65:2a:5b:9b:66:a6:07:ee:
03:1c:af:96:ae:b6:74:f5:a5:a2:6b:78:a5:88:03:91:b6:0b:
cc:43:7d:7b:38:8f:5e:1e:46:59:21:b6:65:b3:1a:a2:55:4c:
17:91:5f:85:a9:44:5d:50:ea:c3:16:56:ba:9a:7e:8b:10:77:
33:63:c0:9d:d7:40:99:fe:fd:fe:d3:ae:46:9f:20:ac:1f:65:
fe:20:a0:00:80:f6:8d:af:5d:f9:24:d0:e5:15:1d:12:23:dc:
7b:6d:cc:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3AEpzhNkGi+hMsarcyX1IJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NzU5ZjdhOGY5MDY3MmVhODM1M2FmNGQxMWQ2YWM1ZTlm
ZDgyMDYwHhcNMjQwMjE5MDYzNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmUyOTZiODg3ODQ4MmUwNzA0MTFkOGVlZjllZjJlMzUzZDA1OWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+AiuLQlAqNVw2Uiganil8xm57eP
wLCrvS4TbD18kcSSOVNxUBXUFBzDxyG2wR4ODLNse2At348gilmQDnABzw7JLm5v
lTnF+GRMSECtZnbRTh/ZWPqvHeVXk3eI/x3we/vNzae18r48jG4VXGgkdcRKH2JT
90m9D7stLKTiKVdKHocfWDiYjNprfhFzMxvMtc/sd1A/Yc5KxPp2zB3qleAlv1UO
grwB5vZqvcRk47CaQTpXqKH5kw9NfuLpx6IkzT4kGQACGgUXAyE9K+IQNE8E5mvn
FeUIbvS49VydyKUJ5LwKNla+ktB3Qh3ytBIl6/X/RFxxoI/vlqbnVUo+PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/ilriHhILgcEEdju+e8uNT0FnTMB8GA1UdIwQY
MBaAFGZ1n3qPkGcuqDU69NEdasXp/YIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm5XZmVvLVFaeTZvTlRyMDBSMXF4ZW45Z2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xNzhiMDItOTQ4Yy00NjI0LTk3Yjgt
ZTRlMTdlNGI1MTgwLzEvYi1LV3VJZUVndUJ3UVIyTzc1N3k0MVBRV2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xNzhiMDItOTQ4Yy00NjI0LTk3YjgtZTRlMTdlNGI1MTgw
LzEvWm5XZmVvLVFaeTZvTlRyMDBSMXF4ZW45Z2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZUQMA0G
CSqGSIb3DQEBCwUAA4IBAQB0016CtYc4PoRgUnUl3mgIDq3KtSU52qmJc15OwCIA
nHLwd30wKXsv4XtBHprNLFW+9SBCOgtdKiFZuu3GUg9CbatjAHnKagDGqFcYtSH9
X205sgyBKzTVwIzGHtitQgtno0FtCz9X8jOqBcZ5CPEiW8xVUgAUgDIUmr3iQxc5
Scq4MgzCFp6G+FswS/v6j/QE+fYgQeQTP/fGZSpbm2amB+4DHK+WrrZ09aWia3il
iAORtgvMQ317OI9eHkZZIbZlsxqiVUwXkV+FqURdUOrDFla6mn6LEHczY8Cd10CZ
/v3+065GnyCsH2X+IKAAgPaNr135JNDlFR0SI9x7bcw2
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:16:06 2024 by rpki-client on console-ams.rpki-client.org