Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/mvqbGm52JqHnV5OpR4-M0tVvmTQ.roa
File: mvqbGm52JqHnV5OpR4-M0tVvmTQ.roa (raw, json)
Hash identifier: aY//I2dNH+HRcUfriv2CGjPQFsQCjo+YmW4RKMtYmpg=
Subject key identifier: 9A:FA:9B:1A:6E:76:26:A1:E7:57:93:A9:47:8F:8C:D2:D5:6F:99:34
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FAA27C2D86951E5B15008140AC8C0
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/mvqbGm52JqHnV5OpR4-M0tVvmTQ.roa
Signing time: Tue 02 Jan 2024 04:30:10 +0000
ROA not before: Tue 02 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 45.137.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:aa:27:c2:d8:69:51:e5:b1:50:08:14:0a:c8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9afa9b1a6e7626a1e75793a9478f8cd2d56f9934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:f0:cd:3b:6b:7f:f3:e9:5c:ae:ef:c5:19:
74:73:ea:3c:4f:8f:93:55:8c:d1:4b:fe:d7:39:9d:
86:d6:3e:9f:21:b8:ee:9b:d1:3c:0d:28:26:59:fa:
50:f6:67:c5:6d:68:f0:0b:de:aa:85:1d:41:62:86:
15:45:d7:b5:45:e0:c4:c6:c9:32:8a:00:f3:62:ad:
93:6b:22:34:29:a0:57:8b:f4:1b:4c:48:b9:43:0a:
30:2d:af:42:77:49:bc:1b:5d:be:7c:dd:33:df:62:
72:2f:ec:9b:33:6c:e1:fa:6b:ed:9f:df:5e:e3:66:
6c:58:48:d1:b3:e5:3e:e0:d9:5a:48:4b:fe:ed:aa:
1f:79:c6:16:d7:5c:3c:08:cf:fb:1b:db:87:5c:8d:
4d:1e:2e:e0:b1:10:68:ad:e7:1d:4b:55:ef:05:8a:
96:d1:36:6c:ae:e5:d4:06:84:25:62:39:f2:7f:ff:
1f:56:96:d1:83:60:00:e8:2d:d1:3b:01:f4:b0:77:
9b:f4:5c:87:8a:b2:96:8e:f6:5b:7a:42:cf:b0:5d:
20:da:85:0e:f2:9f:98:44:5c:f6:d8:2b:c7:f6:63:
0e:bd:83:e1:02:9c:a5:32:52:ef:39:55:35:13:48:
88:47:d6:94:b4:be:2e:82:63:91:e2:77:7d:72:b8:
35:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:FA:9B:1A:6E:76:26:A1:E7:57:93:A9:47:8F:8C:D2:D5:6F:99:34
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/mvqbGm52JqHnV5OpR4-M0tVvmTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.196.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:62:0b:fd:63:3a:e9:c9:f2:85:79:83:6f:68:23:7a:ae:d2:
8c:4e:d6:f6:25:fb:84:f3:9e:03:6e:8e:58:57:41:05:66:7b:
41:0b:4e:4b:81:09:58:a3:36:6a:8d:a9:9d:98:dc:fa:f1:44:
63:be:ab:2d:4a:0e:ab:ab:31:74:66:68:63:5d:1c:2e:20:35:
7f:e3:b4:c4:88:c4:d9:74:68:ce:d6:29:a9:2d:f2:90:3a:28:
3f:1d:03:81:52:c3:ab:4c:18:20:97:fb:00:3c:75:ab:df:8d:
d1:4a:b4:41:d8:b3:99:52:39:c4:46:ab:4a:a8:97:fd:d4:01:
87:57:af:b5:1d:80:48:a6:70:29:b9:3d:58:e8:0a:a0:a1:ba:
f2:c1:ed:a3:56:61:ae:72:44:c9:18:7b:df:e9:bf:d7:76:80:
86:17:e1:a7:3e:96:42:7e:d0:dc:62:7f:24:05:4a:91:bd:e8:
4d:7d:d3:e3:c6:e3:41:ef:50:22:90:44:0a:06:ca:93:b4:de:
c5:37:5c:b8:ab:02:10:8a:1f:35:42:30:4d:ae:3a:5b:39:c1:
7e:6d:73:a9:19:46:41:68:7e:30:84:3d:75:14:05:9c:c3:c4:
c9:45:19:e6:cc:a1:d2:09:e9:92:42:5e:23:5d:a7:23:6f:35:
83:8b:6a:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb6onwthpUeWxUAgUCsjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWZhOWIxYTZlNzYyNmExZTc1NzkzYTk0NzhmOGNkMmQ1NmY5OTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL/wzTtrf/PpXK7vxRl0c+o8T4+T
VYzRS/7XOZ2G1j6fIbjum9E8DSgmWfpQ9mfFbWjwC96qhR1BYoYVRde1ReDExsky
igDzYq2TayI0KaBXi/QbTEi5QwowLa9Cd0m8G12+fN0z32JyL+ybM2zh+mvtn99e
42ZsWEjRs+U+4NlaSEv+7aofecYW11w8CM/7G9uHXI1NHi7gsRBorecdS1XvBYqW
0TZsruXUBoQlYjnyf/8fVpbRg2AA6C3ROwH0sHeb9FyHirKWjvZbekLPsF0g2oUO
8p+YRFz22CvH9mMOvYPhApylMlLvOVU1E0iIR9aUtL4ugmOR4nd9crg1nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJr6mxpudiah51eTqUePjNLVb5k0MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbXZxYkdtNTJKcUhuVjVPcFI0LU0wdFZ2bVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYnEMA0G
CSqGSIb3DQEBCwUAA4IBAQC0Ygv9YzrpyfKFeYNvaCN6rtKMTtb2JfuE854Dbo5Y
V0EFZntBC05LgQlYozZqjamdmNz68URjvqstSg6rqzF0ZmhjXRwuIDV/47TEiMTZ
dGjO1impLfKQOig/HQOBUsOrTBggl/sAPHWr343RSrRB2LOZUjnERqtKqJf91AGH
V6+1HYBIpnApuT1Y6Aqgobrywe2jVmGuckTJGHvf6b/XdoCGF+GnPpZCftDcYn8k
BUqRvehNfdPjxuNB71AikEQKBsqTtN7FN1y4qwIQih81QjBNrjpbOcF+bXOpGUZB
aH4whD11FAWcw8TJRRnmzKHSCemSQl4jXacjbzWDi2qT
-----END CERTIFICATE-----
Generated at Tue May 7 03:11:56 2024 by rpki-client on console-ams.rpki-client.org