Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/BMMlJiGAdWgUhKg-ZO7okAcs2NQ.roa
File: BMMlJiGAdWgUhKg-ZO7okAcs2NQ.roa (raw, json)
Hash identifier: qjZKrKkvQxt3VUTZhXvNPlF2wOq42WC2q1S6MHsF+hs=
Subject key identifier: 04:C3:25:26:21:80:75:68:14:84:A8:3E:64:EE:E8:90:07:2C:D8:D4
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 018FE2F3512623FB8E5069AD534C0DCCAE19
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/BMMlJiGAdWgUhKg-ZO7okAcs2NQ.roa
Signing time: Tue 04 Jun 2024 11:12:27 +0000
ROA not before: Tue 04 Jun 2024 11:12:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 262287
IP address blocks: 45.132.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:f3:51:26:23:fb:8e:50:69:ad:53:4c:0d:cc:ae:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jun 4 11:12:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04c32526218075681484a83e64eee890072cd8d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9b:b0:6e:20:af:25:af:e7:6b:1d:6c:54:c1:
34:95:e4:64:e3:88:de:5b:c5:8a:ca:89:4f:c4:3f:
23:56:ce:1a:15:8d:65:d4:bc:d8:b7:c9:1a:5a:20:
65:f6:2f:07:d4:a7:a3:8e:21:b6:0d:e7:87:af:0b:
30:02:c4:47:59:b0:5d:e6:a0:8b:5f:09:1d:97:50:
d7:b9:b4:10:ed:d8:04:aa:f0:1c:ae:c8:11:37:36:
16:ce:14:04:bd:5f:4d:d2:2c:9d:a0:fc:a5:ed:a0:
11:57:46:51:e7:53:ba:9f:1e:43:f9:ea:f0:7c:a6:
e5:c7:98:87:fd:62:5e:30:f0:81:8f:1b:c1:5a:99:
45:89:1a:df:3c:6c:8f:84:38:10:51:73:f6:cf:05:
9f:2d:a0:7f:49:b5:dc:d5:e3:de:7e:de:53:94:59:
d7:79:59:de:ae:e5:de:a6:b2:16:84:df:b6:b3:52:
e7:7c:4f:a5:ec:fc:d4:aa:60:05:4e:fa:ee:57:c0:
8f:94:56:96:df:93:72:d7:45:f5:73:2f:1b:ce:cb:
7d:61:ae:fd:fb:36:77:32:1c:21:e2:cc:fc:73:8b:
7f:28:b1:70:02:43:84:36:ea:53:c1:5e:1c:cb:b8:
0b:2a:46:29:9a:a7:cd:b9:ba:62:b4:a4:d2:c9:7c:
53:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C3:25:26:21:80:75:68:14:84:A8:3E:64:EE:E8:90:07:2C:D8:D4
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/BMMlJiGAdWgUhKg-ZO7okAcs2NQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.113.0/24
Signature Algorithm: sha256WithRSAEncryption
05:da:9d:15:31:2c:35:a3:c8:28:a2:cf:fc:61:8d:d1:05:9b:
9a:b3:9b:53:8e:92:d9:e5:77:cc:bc:6e:10:80:df:7e:73:f6:
58:9d:34:fb:f1:42:e5:16:14:97:8b:cb:db:44:84:52:70:8f:
86:81:15:21:c3:dc:ac:2b:4d:a7:6d:c6:b6:f5:bc:6a:f2:e3:
35:11:aa:75:15:d6:e7:23:98:c6:fa:ad:40:13:b2:ec:9f:5b:
fb:2b:75:ce:25:bb:92:1f:e7:53:4d:7b:1e:4f:19:3b:e2:fa:
2c:41:f4:09:f0:30:74:51:4e:c1:84:80:6f:c8:60:1a:31:03:
ef:7c:29:4f:c1:ed:27:5f:48:86:98:07:65:86:db:e7:d2:e9:
c8:21:84:2e:df:02:9e:b4:2e:88:9e:32:4d:ad:7e:16:bf:1d:
a8:ea:70:8e:39:df:2e:6f:42:76:d4:66:c5:0e:17:99:a1:ed:
32:0d:84:8d:03:fe:cc:2e:18:6a:c1:e9:5a:d8:24:7b:7d:13:
de:55:96:77:f6:05:31:76:d1:25:be:c2:69:a5:85:7d:1d:91:
33:9f:71:53:1f:dd:d8:b4:1a:fa:d4:f5:68:aa:25:ef:55:01:
5f:aa:86:ca:d7:ac:e5:96:a1:f5:40:45:6b:71:2a:aa:de:95:
b9:4f:4a:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/i81EmI/uOUGmtU0wNzK4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjQwNjA0MTExMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGMzMjUyNjIxODA3NTY4MTQ4NGE4M2U2NGVlZTg5MDA3MmNkOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJuwbiCvJa/nax1sVME0leRk44je
W8WKyolPxD8jVs4aFY1l1LzYt8kaWiBl9i8H1KejjiG2DeeHrwswAsRHWbBd5qCL
Xwkdl1DXubQQ7dgEqvAcrsgRNzYWzhQEvV9N0iydoPyl7aARV0ZR51O6nx5D+erw
fKblx5iH/WJeMPCBjxvBWplFiRrfPGyPhDgQUXP2zwWfLaB/SbXc1ePeft5TlFnX
eVneruXeprIWhN+2s1LnfE+l7PzUqmAFTvruV8CPlFaW35Ny10X1cy8bzst9Ya79
+zZ3Mhwh4sz8c4t/KLFwAkOENupTwV4cy7gLKkYpmqfNubpitKTSyXxTLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATDJSYhgHVoFISoPmTu6JAHLNjUMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvQk1NbEppR0FkV2dVaEtnLVpPN29rQWNzMk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYRxMA0G
CSqGSIb3DQEBCwUAA4IBAQAF2p0VMSw1o8goos/8YY3RBZuas5tTjpLZ5XfMvG4Q
gN9+c/ZYnTT78ULlFhSXi8vbRIRScI+GgRUhw9ysK02nbca29bxq8uM1Eap1Fdbn
I5jG+q1AE7Lsn1v7K3XOJbuSH+dTTXseTxk74vosQfQJ8DB0UU7BhIBvyGAaMQPv
fClPwe0nX0iGmAdlhtvn0unIIYQu3wKetC6InjJNrX4Wvx2o6nCOOd8ub0J21GbF
DheZoe0yDYSNA/7MLhhqwela2CR7fRPeVZZ39gUxdtElvsJppYV9HZEzn3FTH93Y
tBr61PVoqiXvVQFfqobK16zllqH1QEVrcSqq3pW5T0oo
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:32 2024 by rpki-client on console-fra.rpki-client.org