Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/2VcrzTDFc4YQRvBAgwl-d4zGSwU.roa
File: 2VcrzTDFc4YQRvBAgwl-d4zGSwU.roa (raw, json)
Hash identifier: AscayusFIQTmwsfbFnL1o9gqepFZI/tbbMuQ72C4Q6o=
Subject key identifier: D9:57:2B:CD:30:C5:73:86:10:46:F0:40:83:09:7E:77:8C:C6:4B:05
Certificate issuer: /CN=63d5b48848107b86e142d1c06c29d4b70e7394d3
Certificate serial: 018CE3D7EDA6B45B0A60A6899FD23AA25A69
Authority key identifier: 63:D5:B4:88:48:10:7B:86:E1:42:D1:C0:6C:29:D4:B7:0E:73:94:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/2VcrzTDFc4YQRvBAgwl-d4zGSwU.roa
Signing time: Sun 07 Jan 2024 12:13:48 +0000
ROA not before: Sun 07 Jan 2024 12:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208161
IP address blocks: 45.156.185.0/24 maxlen: 24
45.156.186.0/24 maxlen: 24
45.156.184.0/24 maxlen: 24
45.156.187.0/24 maxlen: 24
2a0f:2b84:2a::/48 maxlen: 48
2a0f:2b81::/32 maxlen: 32
2a0f:2b84:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e3:d7:ed:a6:b4:5b:0a:60:a6:89:9f:d2:3a:a2:5a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d5b48848107b86e142d1c06c29d4b70e7394d3
Validity
Not Before: Jan 7 12:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9572bcd30c573861046f04083097e778cc64b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:78:fa:1c:7b:6b:76:ef:f2:a2:6f:02:8d:08:
76:f8:3b:38:17:9d:6b:5a:32:e4:f0:c1:fc:6e:7a:
bf:02:70:b6:cd:2d:d2:1a:4e:79:79:40:ee:7c:27:
e5:33:2e:d5:a3:f7:87:a5:1a:36:a7:2c:37:ce:db:
75:b5:fe:a6:97:87:fb:a1:6e:11:31:0b:54:66:fd:
93:db:b3:7c:5b:2d:06:d8:54:a7:a8:f8:0d:4f:58:
0a:87:a4:c7:7d:99:96:4b:d8:8c:6d:61:4a:81:60:
69:8b:41:b0:27:b4:a6:fa:d5:36:85:50:7b:ab:5a:
21:f4:38:74:84:22:b4:2d:b2:ed:d7:3d:41:01:5a:
23:e9:85:06:15:46:cd:7a:9d:1e:a8:2f:c8:da:e1:
8a:df:79:b3:a9:19:c2:10:69:26:7f:ac:69:8b:e6:
08:d7:46:85:8b:cc:37:58:b8:18:75:ad:04:55:78:
e6:a8:a6:b2:67:12:59:27:25:83:66:f3:f2:cf:f2:
9f:54:f5:f4:12:22:81:82:4d:a7:58:af:aa:29:6c:
e6:52:2d:fa:2d:05:e0:d3:c5:ed:42:73:51:00:22:
f4:e0:88:c9:be:fc:ca:02:77:52:23:d9:ad:49:b1:
df:29:88:8c:64:4f:19:a9:7f:ac:6d:b5:c3:83:29:
52:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:57:2B:CD:30:C5:73:86:10:46:F0:40:83:09:7E:77:8C:C6:4B:05
X509v3 Authority Key Identifier:
keyid:63:D5:B4:88:48:10:7B:86:E1:42:D1:C0:6C:29:D4:B7:0E:73:94:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/2VcrzTDFc4YQRvBAgwl-d4zGSwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.184.0/22
IPv6:
2a0f:2b81::/32
2a0f:2b84:1::/48
2a0f:2b84:2a::/48
Signature Algorithm: sha256WithRSAEncryption
96:34:4b:ec:c7:20:d6:e1:0b:68:8a:a3:8a:81:62:b5:52:76:
59:74:77:8a:0a:9d:6c:1d:04:21:56:95:29:36:eb:2c:23:a5:
08:9c:58:87:e8:10:29:ca:73:c0:db:50:bf:b7:40:43:9f:91:
72:66:e4:44:03:5c:65:dd:01:db:10:a7:02:f2:7f:e5:3f:8c:
75:8d:2e:c5:ad:7a:f0:a0:d0:0e:d1:10:b7:ca:49:41:f2:36:
dd:27:83:3f:56:87:4f:8b:41:c6:4c:35:f7:df:82:33:fa:96:
3e:d4:0e:05:df:c4:eb:7e:de:7c:1a:1a:46:47:03:e7:15:e5:
ea:0a:b9:3e:71:25:9b:df:5b:e3:64:d9:72:55:7a:c0:44:5b:
4f:2a:d0:15:2e:49:35:6d:a8:eb:a5:57:9d:c3:93:4a:37:6c:
53:9c:1e:69:7e:6b:5d:bf:95:f6:cc:f0:ee:05:52:cc:ba:13:
31:e1:dd:f4:7a:3e:b8:ff:3a:d5:76:8a:b5:4b:e3:c9:f9:3b:
99:aa:a1:86:b4:af:0e:4a:55:d8:98:b1:c6:f8:6f:0f:60:16:
a9:48:cd:81:16:04:75:bc:a3:25:75:39:48:3b:92:40:2d:66:
ad:73:51:b9:cb:2a:8a:0d:4c:40:b7:03:e3:73:f5:56:01:1b:
e3:f5:7e:11
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzj1+2mtFsKYKaJn9I6olppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDViNDg4NDgxMDdiODZlMTQyZDFjMDZjMjlkNGI3MGU3
Mzk0ZDMwHhcNMjQwMTA3MTIxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU3MmJjZDMwYzU3Mzg2MTA0NmYwNDA4MzA5N2U3NzhjYzY0YjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXj6HHtrdu/yom8CjQh2+Ds4F51r
WjLk8MH8bnq/AnC2zS3SGk55eUDufCflMy7Vo/eHpRo2pyw3ztt1tf6ml4f7oW4R
MQtUZv2T27N8Wy0G2FSnqPgNT1gKh6THfZmWS9iMbWFKgWBpi0GwJ7Sm+tU2hVB7
q1oh9Dh0hCK0LbLt1z1BAVoj6YUGFUbNep0eqC/I2uGK33mzqRnCEGkmf6xpi+YI
10aFi8w3WLgYda0EVXjmqKayZxJZJyWDZvPyz/KfVPX0EiKBgk2nWK+qKWzmUi36
LQXg08XtQnNRACL04IjJvvzKAndSI9mtSbHfKYiMZE8ZqX+sbbXDgylSTwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNlXK80wxXOGEEbwQIMJfneMxksFMB8GA1UdIwQY
MBaAFGPVtIhIEHuG4ULRwGwp1LcOc5TTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlXMGlFZ1FlNGJoUXRIQWJDblV0dzV6bE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMmNkYzItNDBhOC00NzgxLTg2MGIt
MjM4OGM5MDZiYzYyLzEvMlZjcnpUREZjNFlRUnZCQWd3bC1kNHpHU3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMmNkYzItNDBhOC00NzgxLTg2MGItMjM4OGM5MDZiYzYy
LzEvWTlXMGlFZ1FlNGJoUXRIQWJDblV0dzV6bE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQCLZy4MB8E
AgACMBkDBQAqDyuBAwcAKg8rhAABAwcAKg8rhAAqMA0GCSqGSIb3DQEBCwUAA4IB
AQCWNEvsxyDW4QtoiqOKgWK1UnZZdHeKCp1sHQQhVpUpNussI6UInFiH6BApynPA
21C/t0BDn5FyZuREA1xl3QHbEKcC8n/lP4x1jS7FrXrwoNAO0RC3yklB8jbdJ4M/
VodPi0HGTDX334Iz+pY+1A4F38Trft58GhpGRwPnFeXqCrk+cSWb31vjZNlyVXrA
RFtPKtAVLkk1bajrpVedw5NKN2xTnB5pfmtdv5X2zPDuBVLMuhMx4d30ej64/zrV
doq1S+PJ+TuZqqGGtK8OSlXYmLHG+G8PYBapSM2BFgR1vKMldTlIO5JALWatc1G5
yyqKDUxAtwPjc/VWARvj9X4R
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:47:22 2024 by rpki-client on console-ams.rpki-client.org