Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/BypXmvpbhcejR4GI0vMradnMRTw.roa
File: BypXmvpbhcejR4GI0vMradnMRTw.roa (raw, json)
Hash identifier: NjidUx2eOTT21ACdp42hgjnWSe/W7zlhHEjr0Vs7aSw=
Subject key identifier: 07:2A:57:9A:FA:5B:85:C7:A3:47:81:88:D2:F3:2B:69:D9:CC:45:3C
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0190BFCBF9F7C382836A2CFB44C1D7BFBC8B
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/BypXmvpbhcejR4GI0vMradnMRTw.roa
Signing time: Wed 17 Jul 2024 08:25:34 +0000
ROA not before: Wed 17 Jul 2024 08:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24013
IP address blocks: 45.11.45.0/24 maxlen: 32
185.222.222.0/24 maxlen: 32
2a09::/48 maxlen: 128
2a09:7:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:cb:f9:f7:c3:82:83:6a:2c:fb:44:c1:d7:bf:bc:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jul 17 08:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=072a579afa5b85c7a3478188d2f32b69d9cc453c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:06:17:d1:67:a6:00:fa:85:02:08:7a:7b:a1:
24:d0:dc:b8:31:26:4f:08:bb:3e:d2:09:36:3c:04:
79:e8:48:8e:23:a5:00:a7:f1:c6:00:7a:b9:31:d7:
2c:1d:ce:96:c8:b0:f7:8c:fc:d0:d1:37:4b:d5:10:
98:81:a1:3b:c6:ff:f0:0c:ea:28:68:a4:ae:66:f5:
d2:da:d8:6a:c0:e7:72:d2:1a:24:d8:d8:2c:64:96:
7d:60:df:07:85:a9:9e:66:a7:27:ae:51:f8:d1:d9:
d6:5a:f3:91:49:95:7d:af:fb:64:5a:e5:49:b4:86:
c6:72:ee:ad:76:92:70:3d:b8:e3:ea:dc:2e:01:78:
73:a7:cd:84:e4:ae:e3:a0:a8:b3:ab:d5:f1:0d:e2:
a0:cb:1f:b2:b7:bf:8e:d4:18:ff:99:9b:92:77:0e:
94:50:e6:cd:f5:34:9d:1d:ce:81:b6:28:ef:c7:7d:
a5:49:ba:1f:9d:0c:8a:e8:0f:ea:5b:3e:2e:10:9d:
22:37:58:60:3b:14:ff:0e:98:ee:0e:47:24:ac:ce:
c5:67:da:9b:3d:02:2f:3d:42:1a:9b:dc:ad:6f:17:
29:8d:21:3e:2d:c2:98:b3:d5:91:5f:86:7e:83:8d:
5d:6f:73:97:34:27:0d:67:b1:8a:ba:db:41:2e:41:
4b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:2A:57:9A:FA:5B:85:C7:A3:47:81:88:D2:F3:2B:69:D9:CC:45:3C
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/BypXmvpbhcejR4GI0vMradnMRTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.45.0/24
185.222.222.0/24
IPv6:
2a09::/48
2a09:7:1000::/36
Signature Algorithm: sha256WithRSAEncryption
7a:c1:1d:36:15:8a:98:3f:0a:c1:dc:88:4b:95:05:fb:61:26:
27:f7:6e:86:9c:dd:8c:25:3c:28:a5:ed:2c:de:4c:17:f0:94:
44:d1:82:f5:1f:18:9e:af:bd:9e:d9:cd:10:fb:80:76:04:d5:
64:68:7f:b2:4a:26:bd:6e:69:e6:f7:34:61:c4:c2:de:96:c7:
ec:fa:d5:0b:05:02:3c:94:5f:9b:b1:99:6c:c5:16:54:68:10:
9c:e4:0e:09:1b:02:49:53:9e:78:a3:a1:63:ff:2a:08:b0:b7:
74:31:7f:c1:24:71:a9:89:a2:54:7c:76:7c:d2:95:bf:bd:18:
6d:f6:66:92:a0:a3:46:94:56:50:bf:94:c7:97:7c:dd:7e:cc:
07:a7:ad:70:56:47:02:c9:66:58:13:29:77:52:2c:23:30:7f:
0a:0f:a9:8c:f6:75:42:25:99:24:70:29:80:c6:0a:65:9e:d8:
07:74:e7:51:7d:00:06:f7:7d:34:89:1d:b0:03:8b:e3:b0:33:
56:8e:fc:c6:37:61:1f:cb:85:2b:6e:13:fe:9a:0b:36:12:28:
6c:51:5d:50:f3:5e:09:01:b3:b8:af:9f:ba:17:da:73:33:33:
e6:ef:b3:d8:79:8c:09:9a:d9:b4:da:cb:72:c0:a6:8c:6c:36:
fe:c4:b3:41
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZC/y/n3w4KDaiz7RMHXv7yLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwNzE3MDgyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzJhNTc5YWZhNWI4NWM3YTM0NzgxODhkMmYzMmI2OWQ5Y2M0NTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAYX0WemAPqFAgh6e6Ek0Ny4MSZP
CLs+0gk2PAR56EiOI6UAp/HGAHq5MdcsHc6WyLD3jPzQ0TdL1RCYgaE7xv/wDOoo
aKSuZvXS2thqwOdy0hok2NgsZJZ9YN8HhameZqcnrlH40dnWWvORSZV9r/tkWuVJ
tIbGcu6tdpJwPbjj6twuAXhzp82E5K7joKizq9XxDeKgyx+yt7+O1Bj/mZuSdw6U
UObN9TSdHc6Btijvx32lSbofnQyK6A/qWz4uEJ0iN1hgOxT/DpjuDkckrM7FZ9qb
PQIvPUIam9ytbxcpjSE+LcKYs9WRX4Z+g41db3OXNCcNZ7GKuttBLkFLDwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFAcqV5r6W4XHo0eBiNLzK2nZzEU8MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvQnlwWG12cGJoY2VqUjRHSTB2TXJhZG5NUlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQALQstAwQA
ud7eMBcEAgACMBEDBwAqCQAAAAADBgQqCQAHEDANBgkqhkiG9w0BAQsFAAOCAQEA
esEdNhWKmD8KwdyIS5UF+2EmJ/duhpzdjCU8KKXtLN5MF/CURNGC9R8Ynq+9ntnN
EPuAdgTVZGh/skomvW5p5vc0YcTC3pbH7PrVCwUCPJRfm7GZbMUWVGgQnOQOCRsC
SVOeeKOhY/8qCLC3dDF/wSRxqYmiVHx2fNKVv70YbfZmkqCjRpRWUL+Ux5d83X7M
B6etcFZHAslmWBMpd1IsIzB/Cg+pjPZ1QiWZJHApgMYKZZ7YB3TnUX0ABvd9NIkd
sAOL47AzVo78xjdhH8uFK24T/poLNhIobFFdUPNeCQGzuK+fuhfaczMz5u+z2HmM
CZrZtNrLcsCmjGw2/sSzQQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:55:50 2024 by rpki-client on console-ams.rpki-client.org