Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qAMzstDmFktCjC9gpmjpnDabtzg.roa
File: qAMzstDmFktCjC9gpmjpnDabtzg.roa (raw, json)
Hash identifier: iDVx+kUAbdd0/GfLjYG7A66f322EO9+3m5+USks448s=
Subject key identifier: A8:03:33:B2:D0:E6:16:4B:42:8C:2F:60:A6:68:E9:9C:36:9B:B7:38
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FAEB5B5B34E180731783F6717083D
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qAMzstDmFktCjC9gpmjpnDabtzg.roa
Signing time: Tue 02 Jan 2024 04:30:11 +0000
ROA not before: Tue 02 Jan 2024 04:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61272
IP address blocks: 45.132.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ae:b5:b5:b3:4e:18:07:31:78:3f:67:17:08:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a80333b2d0e6164b428c2f60a668e99c369bb738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:58:34:21:0d:6d:93:56:59:5f:aa:43:f5:77:
34:8c:03:f9:2a:1b:17:e0:3f:94:c9:d2:e9:b6:0f:
5d:98:c0:6f:07:34:f8:34:37:d1:ed:be:26:17:24:
38:4d:5d:b9:74:dd:4a:e4:de:1e:23:ef:52:c4:4d:
98:49:ca:e5:4d:f0:30:a3:8f:46:22:6b:46:6b:bd:
eb:18:83:03:22:1d:d0:2b:d2:4c:26:3c:57:04:5e:
e8:41:2b:ae:a1:a6:46:90:a2:76:ad:44:73:ea:3a:
4e:bb:aa:d7:42:d2:8b:c9:1b:55:fc:51:0b:a1:ce:
60:f6:2b:90:08:fc:cb:9a:8c:82:23:d3:35:f4:07:
06:4f:11:6e:c3:f3:87:b8:b2:88:e0:24:0d:6f:10:
28:05:0f:2e:86:b7:63:60:4c:de:69:db:1b:e1:c5:
23:48:5a:64:3b:3c:a6:d5:29:c1:73:17:83:ef:ec:
77:2c:2f:dd:9d:26:3e:c1:7b:e5:d7:4d:16:a2:5b:
70:e0:93:9e:12:56:fb:cb:a8:ca:22:52:b2:ad:e5:
bb:c3:a0:02:89:91:31:e4:3a:43:84:5c:cc:84:a6:
a9:31:df:dd:73:ca:6a:01:36:5a:8a:64:16:7f:f8:
72:09:00:a5:ff:cb:63:4d:9a:7d:3c:9a:6f:34:71:
90:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:03:33:B2:D0:E6:16:4B:42:8C:2F:60:A6:68:E9:9C:36:9B:B7:38
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qAMzstDmFktCjC9gpmjpnDabtzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.194.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:da:3d:01:c7:65:7b:47:95:ea:8a:0b:71:6a:d3:94:73:18:
8f:b7:66:ef:14:61:d8:5d:85:62:7a:4b:4e:51:5b:dd:9d:a3:
2b:e4:83:70:49:fd:f9:79:0c:6b:0c:ab:1b:e7:09:9b:4a:ed:
f6:a2:42:c1:be:a7:4b:4c:0f:5d:ba:35:aa:82:f1:18:16:30:
1a:c7:46:ef:c0:d8:ad:4e:eb:2c:50:8d:57:02:f3:d9:a1:7e:
ba:e4:b8:33:b7:50:d4:62:d5:5b:3d:f8:29:12:ff:a6:54:0d:
03:ef:b5:21:73:12:df:d9:5a:46:4e:0b:ac:92:e4:2d:69:39:
01:bd:50:ef:ad:c9:41:0e:51:d1:d5:41:90:14:de:95:17:76:
09:8d:64:69:d0:24:b0:6f:b4:01:0f:d6:5c:ea:f4:f5:00:61:
ac:f8:0b:fe:6a:a1:b2:1b:b7:00:b6:05:a4:d3:2d:92:80:cf:
97:75:5f:68:09:58:b7:36:20:c3:41:14:fd:2e:df:a2:04:32:
5b:4b:72:17:63:3a:67:6f:59:4a:8a:fe:a0:26:f9:f5:a9:85:
6c:7d:88:0d:38:cd:78:48:4d:5a:6c:9d:78:45:e2:80:41:4f:
42:b1:61:13:90:40:a3:78:a4:ca:8e:31:3d:40:3b:d7:38:4e:
67:a3:c8:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb661tbNOGAcxeD9nFwg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODAzMzNiMmQwZTYxNjRiNDI4YzJmNjBhNjY4ZTk5YzM2OWJiNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1g0IQ1tk1ZZX6pD9Xc0jAP5KhsX
4D+UydLptg9dmMBvBzT4NDfR7b4mFyQ4TV25dN1K5N4eI+9SxE2YScrlTfAwo49G
ImtGa73rGIMDIh3QK9JMJjxXBF7oQSuuoaZGkKJ2rURz6jpOu6rXQtKLyRtV/FEL
oc5g9iuQCPzLmoyCI9M19AcGTxFuw/OHuLKI4CQNbxAoBQ8uhrdjYEzeadsb4cUj
SFpkOzym1SnBcxeD7+x3LC/dnSY+wXvl100Woltw4JOeElb7y6jKIlKyreW7w6AC
iZEx5DpDhFzMhKapMd/dc8pqATZaimQWf/hyCQCl/8tjTZp9PJpvNHGQrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgDM7LQ5hZLQowvYKZo6Zw2m7c4MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcUFNenN0RG1Ga3RDakM5Z3BtanBuRGFidHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYTCMA0G
CSqGSIb3DQEBCwUAA4IBAQBL2j0Bx2V7R5XqigtxatOUcxiPt2bvFGHYXYViektO
UVvdnaMr5INwSf35eQxrDKsb5wmbSu32okLBvqdLTA9dujWqgvEYFjAax0bvwNit
TussUI1XAvPZoX665Lgzt1DUYtVbPfgpEv+mVA0D77UhcxLf2VpGTguskuQtaTkB
vVDvrclBDlHR1UGQFN6VF3YJjWRp0CSwb7QBD9Zc6vT1AGGs+Av+aqGyG7cAtgWk
0y2SgM+XdV9oCVi3NiDDQRT9Lt+iBDJbS3IXYzpnb1lKiv6gJvn1qYVsfYgNOM14
SE1abJ14ReKAQU9CsWETkECjeKTKjjE9QDvXOE5no8gZ
-----END CERTIFICATE-----
Generated at Sat May 4 22:47:05 2024 by rpki-client on console-fra.rpki-client.org