Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/kj__tH8eLjBOJ2qcKU-dZUe5BNA.roa
File: kj__tH8eLjBOJ2qcKU-dZUe5BNA.roa (raw, json)
Hash identifier: gr8cFL69H2a8kMsZ7EFk5o/kAp0rurfZKuszej+VSrM=
Subject key identifier: 92:3F:FF:B4:7F:1E:2E:30:4E:27:6A:9C:29:4F:9D:65:47:B9:04:D0
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 018CC86F82EC1DFE557D151EC7937F574DC1
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/kj__tH8eLjBOJ2qcKU-dZUe5BNA.roa
Signing time: Tue 02 Jan 2024 04:30:00 +0000
ROA not before: Tue 02 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48806
IP address blocks: 45.132.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:82:ec:1d:fe:55:7d:15:1e:c7:93:7f:57:4d:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 2 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=923fffb47f1e2e304e276a9c294f9d6547b904d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1b:10:64:3f:97:e5:d9:2c:26:7f:96:9e:d7:
96:a5:57:bb:f5:e2:c1:da:a2:50:57:fb:52:64:1b:
6c:d1:7c:d9:06:59:bc:8f:ed:89:a7:04:32:d6:0d:
40:6d:cd:30:8f:f1:0c:48:68:59:0b:ee:0b:af:dc:
c1:42:01:b8:f6:82:46:0b:04:35:3a:97:0c:21:32:
63:d8:48:76:87:fa:41:3a:c0:3e:80:a5:f3:b3:86:
f9:b1:16:d7:03:28:f6:3e:fc:66:90:3d:6d:b2:37:
78:ae:95:56:c1:36:6e:a1:81:d7:f0:97:80:bb:c4:
a1:91:b5:d0:3e:f2:5c:6a:f8:e5:c5:10:2e:cd:5c:
62:74:5e:53:79:7a:dd:3a:fc:c2:04:32:ec:a1:2a:
94:21:00:f5:ab:8b:54:35:d8:b4:0f:2d:2c:2f:8f:
b9:0e:fd:06:18:03:8f:ac:47:a9:ac:73:c4:b7:41:
96:b1:a8:32:5d:34:b0:e9:84:dc:64:89:9c:19:8e:
3b:70:57:f9:d8:60:89:48:ba:ce:02:d0:cd:2d:ee:
2a:cc:fb:8a:06:44:6d:3e:6f:27:e3:72:65:f2:42:
91:12:76:14:dd:5d:e3:a7:6e:b0:14:3d:cf:8b:d8:
87:74:c5:03:3f:8c:01:2e:f9:5d:b6:01:e9:05:60:
fd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3F:FF:B4:7F:1E:2E:30:4E:27:6A:9C:29:4F:9D:65:47:B9:04:D0
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/kj__tH8eLjBOJ2qcKU-dZUe5BNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.113.0/24
Signature Algorithm: sha256WithRSAEncryption
98:00:fc:04:c9:bb:80:3c:f4:7d:b7:14:98:7d:0a:77:56:7d:
55:5f:d0:3f:61:c7:59:ca:65:f3:1e:ee:e3:cc:18:19:36:23:
70:84:78:50:31:15:84:65:7a:9f:3d:83:a2:c5:9e:e0:3a:a6:
a6:b6:06:de:3e:1e:8a:40:44:29:7a:3f:fa:41:8d:83:2a:ca:
b4:76:77:60:46:29:5d:62:e9:9d:46:b7:aa:98:d5:dd:de:ce:
0e:f5:d7:25:8c:2b:e6:55:e1:de:9c:83:33:d0:bb:02:2a:bf:
99:11:06:0b:cd:1d:23:90:f7:e5:9d:7f:49:9b:1c:56:e2:1d:
e3:a2:65:ff:df:32:ce:68:12:6f:43:bc:3d:23:c6:57:6f:cc:
9a:d3:fb:ac:22:7b:67:d9:44:d0:de:7a:af:e5:7a:bb:97:20:
02:c4:a8:77:a3:41:7c:9f:dd:01:56:aa:4a:c7:80:b7:a5:50:
56:97:92:3b:d8:02:d1:d4:93:b7:f7:1b:72:2b:2c:8b:21:83:
00:c8:a7:4a:f8:24:7e:74:08:de:f5:c0:5a:f7:69:fd:18:1b:
a7:fa:5e:8a:75:3f:6a:2e:3c:0e:49:67:4b:f5:50:ba:ee:67:
76:96:8a:03:9a:59:df:e7:66:ee:69:75:ce:ba:db:7d:b5:03:
48:56:5b:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb4LsHf5VfRUex5N/V03BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjQwMTAyMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNmZmZiNDdmMWUyZTMwNGUyNzZhOWMyOTRmOWQ2NTQ3YjkwNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxsQZD+X5dksJn+WnteWpVe79eLB
2qJQV/tSZBts0XzZBlm8j+2JpwQy1g1Abc0wj/EMSGhZC+4Lr9zBQgG49oJGCwQ1
OpcMITJj2Eh2h/pBOsA+gKXzs4b5sRbXAyj2PvxmkD1tsjd4rpVWwTZuoYHX8JeA
u8ShkbXQPvJcavjlxRAuzVxidF5TeXrdOvzCBDLsoSqUIQD1q4tUNdi0Dy0sL4+5
Dv0GGAOPrEeprHPEt0GWsagyXTSw6YTcZImcGY47cFf52GCJSLrOAtDNLe4qzPuK
BkRtPm8n43Jl8kKREnYU3V3jp26wFD3Pi9iHdMUDP4wBLvldtgHpBWD9uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJI//7R/Hi4wTidqnClPnWVHuQTQMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEva2pfX3RIOGVMakJPSjJxY0tVLWRaVWU1Qk5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYRxMA0G
CSqGSIb3DQEBCwUAA4IBAQCYAPwEybuAPPR9txSYfQp3Vn1VX9A/YcdZymXzHu7j
zBgZNiNwhHhQMRWEZXqfPYOixZ7gOqamtgbePh6KQEQpej/6QY2DKsq0dndgRild
YumdRreqmNXd3s4O9dcljCvmVeHenIMz0LsCKr+ZEQYLzR0jkPflnX9JmxxW4h3j
omX/3zLOaBJvQ7w9I8ZXb8ya0/usIntn2UTQ3nqv5Xq7lyACxKh3o0F8n90BVqpK
x4C3pVBWl5I72ALR1JO39xtyKyyLIYMAyKdK+CR+dAje9cBa92n9GBun+l6KdT9q
LjwOSWdL9VC67md2looDmlnf52buaXXOutt9tQNIVltT
-----END CERTIFICATE-----
Generated at Thu May 2 18:03:48 2024 by rpki-client on console-ams.rpki-client.org