Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/kBUG1c-jelFg11_fHeAYiX7jfJk.roa
File: kBUG1c-jelFg11_fHeAYiX7jfJk.roa (raw, json)
Hash identifier: ZFTa8KBu2NuQfR07Msh5M/+J+XzUk5x9YmlroF25oVA=
Subject key identifier: 90:15:06:D5:CF:A3:7A:51:60:D7:5F:DF:1D:E0:18:89:7E:E3:7C:99
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018D195D272862EF440DB2611D92BC617F3F
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/kBUG1c-jelFg11_fHeAYiX7jfJk.roa
Signing time: Wed 17 Jan 2024 21:39:11 +0000
ROA not before: Wed 17 Jan 2024 21:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51847
IP address blocks: 45.145.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.mft
rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:19:5d:27:28:62:ef:44:0d:b2:61:1d:92:bc:61:7f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Jan 17 21:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=901506d5cfa37a5160d75fdf1de018897ee37c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:ab:85:6a:14:23:2d:36:8c:c4:dc:4b:bc:95:
f7:06:38:ac:8a:3a:49:2a:93:b4:bd:a8:9b:fb:da:
e0:cc:a5:88:ef:67:86:c8:b2:7e:4c:e6:fa:fb:05:
6b:ff:a8:8d:f4:28:d0:05:a5:a3:77:02:6c:0f:95:
96:3b:41:a3:a8:02:e3:b2:e8:4d:e7:d8:69:a0:9d:
0e:fe:30:1c:00:c6:a8:f9:72:05:57:56:97:96:af:
ee:92:07:dd:9e:f0:bc:06:d4:7e:19:d7:9f:0c:52:
32:31:9f:f9:cd:28:62:fe:a6:cf:d5:67:74:89:c4:
f3:39:f0:00:af:5f:c3:7e:cd:85:47:6a:f0:5b:5f:
6d:4e:59:83:8b:fc:32:56:6d:c7:d9:d6:ec:47:dc:
ef:33:12:60:1b:58:30:a3:f8:ae:89:9c:90:89:bb:
12:6c:14:c0:07:db:55:8d:73:60:5d:2c:6e:7f:01:
c4:32:cb:f0:79:20:c7:e5:f4:8b:9b:71:31:48:5d:
26:71:33:83:58:75:08:3d:67:93:d2:ac:e3:9f:b7:
21:28:24:77:04:d9:d2:51:99:ba:f6:6a:cb:63:0d:
18:d5:41:3c:dd:80:e2:1b:11:35:ec:4d:58:f8:a5:
90:44:ff:24:74:2c:72:7e:c9:9a:ef:ef:fe:be:44:
1a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:15:06:D5:CF:A3:7A:51:60:D7:5F:DF:1D:E0:18:89:7E:E3:7C:99
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/kBUG1c-jelFg11_fHeAYiX7jfJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.154.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:88:f1:75:2d:4e:e0:24:8b:dc:d5:03:6e:ac:15:a6:0c:c7:
8f:8d:79:e7:4d:d8:c5:33:b6:67:06:fc:50:ba:06:7c:32:ce:
8f:d6:51:7b:64:63:f7:ef:d1:5a:37:b6:88:10:b0:94:88:5b:
1e:12:d5:9b:ad:1e:3d:ad:7c:8c:70:5b:81:01:33:90:6c:ce:
ee:19:38:e0:47:17:5d:1f:56:56:ce:07:4f:7f:d0:5c:35:e7:
58:96:2c:5e:89:bd:2d:17:08:41:5d:ad:25:ea:29:ec:40:f5:
4b:43:97:4d:eb:56:a1:d8:8c:eb:44:09:a5:ad:a5:90:87:c3:
1f:d3:91:6c:64:6b:c7:1b:88:4e:27:98:9d:46:a8:3e:dd:7a:
9e:36:30:19:74:70:8a:c9:bc:6d:0d:f4:69:35:b8:a5:b6:0f:
12:d3:c5:80:7d:65:2a:ee:4b:7d:1d:ff:f3:ee:65:56:7a:55:
10:1b:2a:28:ac:85:b3:86:62:00:53:d2:de:61:06:21:6c:8a:
55:ab:67:df:11:37:8f:ac:34:e0:45:b3:35:e1:75:e5:8f:94:
a0:52:a2:a3:5b:ba:4a:24:dd:55:16:d1:e3:0f:aa:a5:de:dd:
a5:c5:45:e2:77:e2:c3:da:10:38:da:7c:14:db:2d:aa:23:14:
d3:64:e6:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0ZXScoYu9EDbJhHZK8YX8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjQwMTE3MjEzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDE1MDZkNWNmYTM3YTUxNjBkNzVmZGYxZGUwMTg4OTdlZTM3Yzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9auFahQjLTaMxNxLvJX3BjisijpJ
KpO0vaib+9rgzKWI72eGyLJ+TOb6+wVr/6iN9CjQBaWjdwJsD5WWO0GjqALjsuhN
59hpoJ0O/jAcAMao+XIFV1aXlq/ukgfdnvC8BtR+GdefDFIyMZ/5zShi/qbP1Wd0
icTzOfAAr1/Dfs2FR2rwW19tTlmDi/wyVm3H2dbsR9zvMxJgG1gwo/iuiZyQibsS
bBTAB9tVjXNgXSxufwHEMsvweSDH5fSLm3ExSF0mcTODWHUIPWeT0qzjn7chKCR3
BNnSUZm69mrLYw0Y1UE83YDiGxE17E1Y+KWQRP8kdCxyfsma7+/+vkQarwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAVBtXPo3pRYNdf3x3gGIl+43yZMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEva0JVRzFjLWplbEZnMTFfZkhlQVlpWDdqZkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZGaMA0G
CSqGSIb3DQEBCwUAA4IBAQAaiPF1LU7gJIvc1QNurBWmDMePjXnnTdjFM7ZnBvxQ
ugZ8Ms6P1lF7ZGP379FaN7aIELCUiFseEtWbrR49rXyMcFuBATOQbM7uGTjgRxdd
H1ZWzgdPf9BcNedYlixeib0tFwhBXa0l6insQPVLQ5dN61ah2IzrRAmlraWQh8Mf
05FsZGvHG4hOJ5idRqg+3XqeNjAZdHCKybxtDfRpNbiltg8S08WAfWUq7kt9Hf/z
7mVWelUQGyoorIWzhmIAU9LeYQYhbIpVq2ffETePrDTgRbM14XXlj5SgUqKjW7pK
JN1VFtHjD6ql3t2lxUXid+LD2hA42nwU2y2qIxTTZOZy
-----END CERTIFICATE-----
Generated at Tue May 21 10:58:45 2024 by rpki-client on console-ams.rpki-client.org