Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/rb1-8VqK6WW7GnPi3dVuiMtkbjg.roa
File: rb1-8VqK6WW7GnPi3dVuiMtkbjg.roa (raw, json)
Hash identifier: 3hK9LoK0Oj0D/HqKNm5Q37ietlXuNTYSIk9zecXjQ1U=
Subject key identifier: AD:BD:7E:F1:5A:8A:E9:65:BB:1A:73:E2:DD:D5:6E:88:CB:64:6E:38
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018E14A3C631BABFB8C519BE7639DD7C5D47
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/rb1-8VqK6WW7GnPi3dVuiMtkbjg.roa
Signing time: Wed 06 Mar 2024 16:41:01 +0000
ROA not before: Wed 06 Mar 2024 16:41:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209043
IP address blocks: 45.11.155.0/24 maxlen: 24
45.138.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:14:a3:c6:31:ba:bf:b8:c5:19:be:76:39:dd:7c:5d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Mar 6 16:41:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adbd7ef15a8ae965bb1a73e2ddd56e88cb646e38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2a:cb:95:75:d1:db:cd:9f:95:bb:91:e9:fc:
6b:26:43:f1:56:09:0d:8b:61:58:cc:23:0c:d1:e7:
4e:8d:d7:d6:69:28:dd:3d:85:f4:0d:71:9e:85:7b:
8d:78:70:ef:5d:e4:b5:9b:0a:66:81:1c:6a:e8:2e:
96:85:8d:d1:04:dd:8a:ee:71:c9:4c:39:44:cc:c2:
5e:a0:57:16:a4:20:5a:70:0b:e1:56:42:44:83:15:
67:1e:4c:0e:80:76:2b:24:2e:2b:93:9c:d6:9d:b5:
6e:44:b4:7c:0c:4f:dd:ba:e5:39:74:c6:4f:55:af:
a7:3d:e3:49:4e:ff:67:d4:36:67:70:fc:d7:60:30:
ee:95:91:71:3d:3c:89:43:ba:19:c5:89:11:4d:12:
3a:28:b6:3a:83:54:22:d9:03:3b:51:54:1e:cd:fd:
d8:c0:99:0d:61:e6:bf:0c:a0:09:d8:15:36:7d:12:
01:4b:84:5b:94:3b:f5:b0:4e:f5:23:2d:08:fa:dd:
f1:22:9d:9f:67:3e:47:fd:a0:fa:ca:53:d8:bd:77:
3b:53:15:ed:9c:9e:fe:85:bc:e5:ad:a4:50:96:5b:
f8:ab:26:0f:ba:17:18:0a:39:a5:3a:35:f1:e1:ce:
9e:dd:0a:dd:e6:2b:a4:f0:fd:c0:e5:ae:16:13:7c:
9b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:BD:7E:F1:5A:8A:E9:65:BB:1A:73:E2:DD:D5:6E:88:CB:64:6E:38
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/rb1-8VqK6WW7GnPi3dVuiMtkbjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.155.0/24
45.138.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:50:a6:ff:dd:c8:b0:91:3d:f8:3d:3e:a5:f8:a5:0f:82:ed:
92:bb:b4:f5:bb:62:84:04:0d:51:1e:92:81:80:49:23:0b:cb:
a1:d7:c8:72:f3:82:d3:d0:e9:65:0e:43:8e:f6:36:4f:40:e6:
6a:c3:c6:ac:d3:ed:1e:c1:65:6e:f4:e3:1e:37:2b:82:e6:46:
bf:ba:71:2a:91:ad:64:b2:81:c0:88:32:2e:76:78:a8:34:2f:
8a:6c:48:9f:dd:cd:39:0e:20:cf:a8:d0:85:da:fe:0c:3c:36:
93:95:bb:ab:cd:e9:a5:ce:5f:d4:9a:ce:52:ee:ec:85:30:12:
72:3e:23:e1:fa:de:fa:d9:d9:1f:6c:17:3e:ba:ae:3b:60:79:
f2:6d:59:ef:ae:46:47:19:7c:1a:af:7f:cc:5e:9a:3b:43:9b:
be:c6:61:8a:6c:b2:df:3c:a5:1d:3d:97:9a:e8:f2:4a:7a:1a:
c3:5b:d3:43:5c:75:c2:9c:5f:ca:e1:66:0c:2b:8d:dc:04:a0:
cb:65:ea:f9:f0:a9:94:7e:be:f1:7d:12:80:bd:0e:cc:68:1d:
75:a8:e7:3e:cd:50:8e:d8:57:7f:b5:71:32:13:44:b4:82:68:
c0:9b:96:93:bf:a1:31:c5:9b:25:24:55:10:23:a9:ab:98:b3:
28:f5:9d:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4Uo8Yxur+4xRm+djndfF1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMzA2MTY0MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGJkN2VmMTVhOGFlOTY1YmIxYTczZTJkZGQ1NmU4OGNiNjQ2ZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSrLlXXR282flbuR6fxrJkPxVgkN
i2FYzCMM0edOjdfWaSjdPYX0DXGehXuNeHDvXeS1mwpmgRxq6C6WhY3RBN2K7nHJ
TDlEzMJeoFcWpCBacAvhVkJEgxVnHkwOgHYrJC4rk5zWnbVuRLR8DE/duuU5dMZP
Va+nPeNJTv9n1DZncPzXYDDulZFxPTyJQ7oZxYkRTRI6KLY6g1Qi2QM7UVQezf3Y
wJkNYea/DKAJ2BU2fRIBS4RblDv1sE71Iy0I+t3xIp2fZz5H/aD6ylPYvXc7UxXt
nJ7+hbzlraRQllv4qyYPuhcYCjmlOjXx4c6e3Qrd5iuk8P3A5a4WE3yblwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK29fvFaiulluxpz4t3VbojLZG44MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvcmIxLThWcUs2V1c3R25QaTNkVnVpTXRrYmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQubAwQC
LYocMA0GCSqGSIb3DQEBCwUAA4IBAQBeUKb/3ciwkT34PT6l+KUPgu2Su7T1u2KE
BA1RHpKBgEkjC8uh18hy84LT0OllDkOO9jZPQOZqw8as0+0ewWVu9OMeNyuC5ka/
unEqka1ksoHAiDIudnioNC+KbEif3c05DiDPqNCF2v4MPDaTlburzemlzl/Ums5S
7uyFMBJyPiPh+t762dkfbBc+uq47YHnybVnvrkZHGXwar3/MXpo7Q5u+xmGKbLLf
PKUdPZea6PJKehrDW9NDXHXCnF/K4WYMK43cBKDLZer58KmUfr7xfRKAvQ7MaB11
qOc+zVCO2Fd/tXEyE0S0gmjAm5aTv6ExxZslJFUQI6mrmLMo9Z1H
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:56:04 2024 by rpki-client on console-ams.rpki-client.org