Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/D0GxtAQGtf0PtTuC9BvY0X3CfPI.roa
File: D0GxtAQGtf0PtTuC9BvY0X3CfPI.roa (raw, json)
Hash identifier: io9awGDaSI2F3j3lYq6dyEBMZ2N1UBN3ar287HiAHyE=
Subject key identifier: 0F:41:B1:B4:04:06:B5:FD:0F:B5:3B:82:F4:1B:D8:D1:7D:C2:7C:F2
Certificate issuer: /CN=a4a37beb7fd65caa9afc46d9f24273cd27c0f960
Certificate serial: 018CC3495AEE1D0F64F5F097C6978BDDF071
Authority key identifier: A4:A3:7B:EB:7F:D6:5C:AA:9A:FC:46:D9:F2:42:73:CD:27:C0:F9:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKN763_WXKqa_EbZ8kJzzSfA-WA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/D0GxtAQGtf0PtTuC9BvY0X3CfPI.roa
Signing time: Mon 01 Jan 2024 04:30:13 +0000
ROA not before: Mon 01 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20810
IP address blocks: 45.138.56.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/pKN763_WXKqa_EbZ8kJzzSfA-WA.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/pKN763_WXKqa_EbZ8kJzzSfA-WA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pKN763_WXKqa_EbZ8kJzzSfA-WA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5a:ee:1d:0f:64:f5:f0:97:c6:97:8b:dd:f0:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4a37beb7fd65caa9afc46d9f24273cd27c0f960
Validity
Not Before: Jan 1 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f41b1b40406b5fd0fb53b82f41bd8d17dc27cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:93:28:68:d4:e3:4c:57:30:17:76:cf:b8:09:
c4:90:f5:22:f4:b6:d1:77:75:ec:37:d2:b9:a0:2e:
55:17:f0:fd:08:35:11:13:31:c8:02:9e:f4:1c:c3:
39:86:ba:06:9c:89:f3:aa:d5:b4:12:1e:d4:87:1a:
c0:73:19:d7:24:5e:52:53:84:76:3e:d9:0f:3d:4b:
f5:05:f9:01:f2:6e:77:b9:b0:e3:89:b2:0e:1b:b4:
a3:1a:72:fb:a6:bf:d6:9f:c7:10:85:fd:08:7c:20:
b2:4c:29:ac:c2:a2:9c:92:ae:88:e8:c0:9e:82:83:
b7:08:15:08:38:16:ef:66:1e:bf:82:57:8f:95:97:
6b:90:38:0b:0b:f4:b9:83:6d:98:86:00:24:e4:4d:
31:f5:86:6c:17:1e:83:c2:4b:ed:76:f4:20:b0:e9:
29:2d:af:43:53:69:0f:46:72:5e:d6:35:b4:6b:c5:
c2:77:56:a3:75:af:2c:6d:d1:b3:26:88:19:35:76:
23:ab:c1:92:8f:a8:14:35:ba:1d:ce:b7:7d:a3:c2:
ec:c9:ce:d7:36:a5:c4:25:7e:fa:a3:b3:a3:be:0c:
f3:b6:54:a0:cd:53:0f:f5:46:51:b8:81:45:4f:73:
c5:93:70:d0:2e:40:a3:a4:f3:91:16:74:96:86:79:
99:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:41:B1:B4:04:06:B5:FD:0F:B5:3B:82:F4:1B:D8:D1:7D:C2:7C:F2
X509v3 Authority Key Identifier:
keyid:A4:A3:7B:EB:7F:D6:5C:AA:9A:FC:46:D9:F2:42:73:CD:27:C0:F9:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKN763_WXKqa_EbZ8kJzzSfA-WA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/D0GxtAQGtf0PtTuC9BvY0X3CfPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/pKN763_WXKqa_EbZ8kJzzSfA-WA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.56.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:03:01:b4:ff:00:77:40:50:0f:c1:3f:63:26:5c:a0:8a:f6:
52:e9:02:9a:7f:59:a5:f5:6f:63:97:8e:35:67:73:0f:32:16:
b0:67:61:86:87:fc:5e:62:74:0e:dd:30:45:a1:94:1a:13:f0:
ef:c5:52:36:9b:76:9b:45:72:13:58:30:46:0b:8b:c0:44:ce:
5a:1d:f0:8b:62:3d:4a:7d:b4:af:e1:ca:a9:4a:81:f9:9c:fd:
0f:ed:43:02:d3:60:54:be:67:b2:e9:08:18:89:51:5a:42:af:
83:fc:1c:f1:a3:fd:04:0b:dc:fa:ba:40:17:09:99:b8:2b:dd:
da:a4:9b:a7:a4:cb:61:c7:ab:8d:5c:50:79:85:23:7e:8d:c5:
da:7b:df:19:77:5c:b7:e8:20:3e:2c:a6:c9:b9:25:67:7b:6f:
ee:08:3d:e0:32:29:b5:58:77:08:ec:e3:3e:de:21:93:87:f3:
ac:b8:ed:a5:52:1b:17:d0:34:db:48:f8:7f:50:e1:5c:79:9f:
7e:05:10:4c:e7:82:e2:61:d0:3d:31:96:9e:58:e1:cc:0b:57:
12:20:14:74:ec:38:ab:a8:96:ab:2f:cb:6d:02:8f:29:18:8f:
38:f6:62:1f:60:11:18:a2:e7:99:a2:47:2e:e0:f5:bc:e2:5b:
d3:3e:7f:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVruHQ9k9fCXxpeL3fBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTM3YmViN2ZkNjVjYWE5YWZjNDZkOWYyNDI3M2NkMjdj
MGY5NjAwHhcNMjQwMTAxMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQxYjFiNDA0MDZiNWZkMGZiNTNiODJmNDFiZDhkMTdkYzI3Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpMoaNTjTFcwF3bPuAnEkPUi9LbR
d3XsN9K5oC5VF/D9CDUREzHIAp70HMM5hroGnInzqtW0Eh7UhxrAcxnXJF5SU4R2
PtkPPUv1BfkB8m53ubDjibIOG7SjGnL7pr/Wn8cQhf0IfCCyTCmswqKckq6I6MCe
goO3CBUIOBbvZh6/glePlZdrkDgLC/S5g22YhgAk5E0x9YZsFx6DwkvtdvQgsOkp
La9DU2kPRnJe1jW0a8XCd1ajda8sbdGzJogZNXYjq8GSj6gUNbodzrd9o8Lsyc7X
NqXEJX76o7OjvgzztlSgzVMP9UZRuIFFT3PFk3DQLkCjpPORFnSWhnmZKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9BsbQEBrX9D7U7gvQb2NF9wnzyMB8GA1UdIwQY
MBaAFKSje+t/1lyqmvxG2fJCc80nwPlgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtONzYzX1dYS3FhX0ViWjhrSnp6U2ZBLVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9mNDQwZGUtMTU5Mi00NThjLWFhYTMt
N2M0NzI0MWMwYTg0LzEvRDBHeHRBUUd0ZjBQdFR1QzlCdlkwWDNDZlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9mNDQwZGUtMTU5Mi00NThjLWFhYTMtN2M0NzI0MWMwYTg0
LzEvcEtONzYzX1dYS3FhX0ViWjhrSnp6U2ZBLVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYo4MA0G
CSqGSIb3DQEBCwUAA4IBAQB+AwG0/wB3QFAPwT9jJlygivZS6QKaf1ml9W9jl441
Z3MPMhawZ2GGh/xeYnQO3TBFoZQaE/DvxVI2m3abRXITWDBGC4vARM5aHfCLYj1K
fbSv4cqpSoH5nP0P7UMC02BUvmey6QgYiVFaQq+D/Bzxo/0EC9z6ukAXCZm4K93a
pJunpMthx6uNXFB5hSN+jcXae98Zd1y36CA+LKbJuSVne2/uCD3gMim1WHcI7OM+
3iGTh/OsuO2lUhsX0DTbSPh/UOFceZ9+BRBM54LiYdA9MZaeWOHMC1cSIBR07Dir
qJarL8ttAo8pGI849mIfYBEYoueZokcu4PW84lvTPn+1
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:43:55 2024 by rpki-client on console-ams.rpki-client.org