Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/grC2nL22JqPqNWuBsY7UWpZnHRk.roa
File: grC2nL22JqPqNWuBsY7UWpZnHRk.roa (raw, json)
Hash identifier: KiaK8PKz5AXoGTkogAgIHvsICtGAbOU2L8+RO9dDFpg=
Subject key identifier: 82:B0:B6:9C:BD:B6:26:A3:EA:35:6B:81:B1:8E:D4:5A:96:67:1D:19
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FB7F31E94AB3A1B6C990324938BB8
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/grC2nL22JqPqNWuBsY7UWpZnHRk.roa
Signing time: Tue 02 Jan 2024 04:30:13 +0000
ROA not before: Tue 02 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216022
IP address blocks: 45.134.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b7:f3:1e:94:ab:3a:1b:6c:99:03:24:93:8b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82b0b69cbdb626a3ea356b81b18ed45a96671d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a6:26:e9:9c:d8:5e:22:2a:0a:b7:b5:8d:cf:
9a:b8:36:cf:69:54:54:76:e6:13:c5:e9:a9:c6:cf:
33:c3:22:06:bb:d5:a1:35:46:dc:f6:96:32:7d:b9:
10:6f:ed:c8:03:c5:9b:07:7c:7b:bc:9e:97:0b:6f:
50:b3:f4:8e:75:ac:79:ab:8e:75:cb:be:28:93:a3:
99:71:5d:15:ca:af:4c:0d:aa:1b:78:bb:f8:19:bb:
82:8e:9a:f7:85:59:1e:59:e4:b1:c5:25:97:26:ec:
a4:d5:48:90:57:e9:9e:0e:c2:cb:9b:63:d0:18:7c:
80:78:10:4e:80:97:a5:a3:34:d8:48:d9:2f:a3:e5:
8f:18:df:bd:b6:f7:af:7b:4b:a0:3f:16:a3:65:74:
13:6e:d5:01:0f:54:3d:67:d4:de:12:bd:0e:4f:c8:
ce:18:f8:9a:31:39:be:9f:07:6f:a7:b5:1e:71:75:
5b:f5:75:2d:07:c2:a9:de:b7:e7:d9:a9:aa:20:9f:
2a:69:38:ac:e7:fc:0f:c6:16:fd:e2:fe:ab:b2:e0:
21:73:6e:27:9d:09:d9:72:c6:d1:b3:c2:d2:e6:72:
63:c8:1e:00:08:ce:a1:7d:33:d3:81:da:b2:1f:2a:
39:a6:24:48:63:36:a9:a4:90:45:f2:06:cc:b4:44:
b3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B0:B6:9C:BD:B6:26:A3:EA:35:6B:81:B1:8E:D4:5A:96:67:1D:19
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/grC2nL22JqPqNWuBsY7UWpZnHRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.222.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:e1:0b:21:ea:99:03:f2:ad:f6:6e:7b:4e:53:f9:bb:3e:09:
4e:12:a8:c3:d9:37:30:b9:c8:d4:6e:9e:72:5f:e0:5f:6d:6b:
73:3a:be:88:1e:1b:ea:3f:e5:f3:36:ca:b8:68:a2:67:40:05:
eb:98:73:a2:ba:70:e8:57:9a:4e:ab:fb:38:cd:ca:26:96:8d:
ff:f4:e4:55:ba:f5:b9:70:64:2e:10:1e:0e:c4:a0:38:6a:7b:
50:aa:9d:cb:b2:7e:da:ac:ea:2b:0a:b2:76:c5:ad:4e:da:c9:
10:9f:93:e2:f5:c6:93:91:d4:1e:75:d8:8c:97:45:ff:9d:d6:
d6:4d:29:4f:80:e1:b1:32:41:bd:c3:62:17:32:2a:50:ca:bc:
24:46:e3:e6:43:6b:ff:c3:f7:5c:ab:13:ed:40:40:9b:a1:e6:
36:bc:8c:4e:8a:8b:2d:68:2b:6d:a0:cc:5d:6f:57:c0:b3:67:
fd:ba:2f:d0:52:98:ef:b5:e6:b4:bd:d8:7a:43:f3:b5:b3:21:
4c:19:9d:20:f3:d1:5b:86:d0:72:97:5c:8b:50:4f:a7:58:f0:
54:92:53:35:1b:c9:57:fe:af:c7:13:58:a0:fa:76:7b:85:06:
a1:aa:3e:6b:4c:fe:06:70:10:54:81:43:11:d6:6b:24:a2:c6:
c5:2d:01:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb7fzHpSrOhtsmQMkk4u4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmIwYjY5Y2JkYjYyNmEzZWEzNTZiODFiMThlZDQ1YTk2NjcxZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaYm6ZzYXiIqCre1jc+auDbPaVRU
duYTxempxs8zwyIGu9WhNUbc9pYyfbkQb+3IA8WbB3x7vJ6XC29Qs/SOdax5q451
y74ok6OZcV0Vyq9MDaobeLv4GbuCjpr3hVkeWeSxxSWXJuyk1UiQV+meDsLLm2PQ
GHyAeBBOgJelozTYSNkvo+WPGN+9tveve0ugPxajZXQTbtUBD1Q9Z9TeEr0OT8jO
GPiaMTm+nwdvp7UecXVb9XUtB8Kp3rfn2amqIJ8qaTis5/wPxhb94v6rsuAhc24n
nQnZcsbRs8LS5nJjyB4ACM6hfTPTgdqyHyo5piRIYzappJBF8gbMtESz1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKwtpy9tiaj6jVrgbGO1FqWZx0ZMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvZ3JDMm5MMjJKcVBxTld1QnNZN1VXcFpuSFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYbeMA0G
CSqGSIb3DQEBCwUAA4IBAQC64Qsh6pkD8q32bntOU/m7PglOEqjD2TcwucjUbp5y
X+BfbWtzOr6IHhvqP+XzNsq4aKJnQAXrmHOiunDoV5pOq/s4zcomlo3/9ORVuvW5
cGQuEB4OxKA4antQqp3Lsn7arOorCrJ2xa1O2skQn5Pi9caTkdQeddiMl0X/ndbW
TSlPgOGxMkG9w2IXMipQyrwkRuPmQ2v/w/dcqxPtQECboeY2vIxOiostaCttoMxd
b1fAs2f9ui/QUpjvtea0vdh6Q/O1syFMGZ0g89FbhtByl1yLUE+nWPBUklM1G8lX
/q/HE1ig+nZ7hQahqj5rTP4GcBBUgUMR1mskosbFLQE2
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:38:48 2024 by rpki-client on console-ams.rpki-client.org