Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/yOj2MTtFoiKamf4mRCEPRAzhFT4.roa
File: yOj2MTtFoiKamf4mRCEPRAzhFT4.roa (raw, json)
Hash identifier: uLylM8RFi3UqmL1ceh5VyMVXLZPFd0ryIGsCaufNAsw=
Subject key identifier: C8:E8:F6:31:3B:45:A2:22:9A:99:FE:26:44:21:0F:44:0C:E1:15:3E
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA25D969B63261395127DF4F9F211
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/yOj2MTtFoiKamf4mRCEPRAzhFT4.roa
Signing time: Tue 02 Jan 2024 04:30:08 +0000
ROA not before: Tue 02 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11172
IP address blocks: 45.84.217.0/24 maxlen: 24
2a0f:15c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a2:5d:96:9b:63:26:13:95:12:7d:f4:f9:f2:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8e8f6313b45a2229a99fe2644210f440ce1153e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ac:a9:2e:67:21:cd:1d:f6:d6:43:fc:1b:39:
77:2b:5c:32:24:32:f8:ae:41:82:97:a3:dc:b5:45:
7d:d3:c8:7d:12:d7:7a:0e:de:0f:ba:c9:a1:f5:4d:
9d:15:64:52:3f:4f:09:c1:35:23:37:cd:77:24:fb:
60:c8:51:56:29:d8:a8:24:5e:90:a1:0b:55:d3:00:
cb:72:be:ff:37:31:76:99:d9:30:d3:6a:d8:a2:ec:
9f:cc:19:ec:dd:1a:7f:1d:7a:72:a5:65:2e:2c:07:
18:37:2b:30:71:bd:7b:9e:3f:1c:a5:27:ed:1b:b3:
fa:5c:82:8e:55:70:8e:70:30:2a:1e:30:6a:36:10:
80:23:6e:aa:48:8a:02:95:3b:22:6a:41:74:15:be:
d4:25:13:94:2b:36:23:37:87:b8:04:0b:bc:65:8a:
1b:78:60:53:94:10:b1:a7:a6:90:2f:cc:21:14:46:
28:01:cf:7e:b3:ef:5c:22:3a:b1:f8:35:69:d4:07:
fd:a8:30:c3:34:ac:92:22:cb:e9:56:66:5b:a7:d2:
04:31:ae:d9:f9:7f:25:fb:5a:5a:35:a0:47:2a:21:
b6:e9:77:62:a7:0b:f9:ed:cc:b6:bc:54:f1:d9:38:
dc:d4:fa:e1:cb:f4:ab:95:94:01:f2:f1:14:1b:7f:
2b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E8:F6:31:3B:45:A2:22:9A:99:FE:26:44:21:0F:44:0C:E1:15:3E
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/yOj2MTtFoiKamf4mRCEPRAzhFT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.217.0/24
IPv6:
2a0f:15c1::/32
Signature Algorithm: sha256WithRSAEncryption
bc:18:c8:34:41:03:35:82:c0:af:0e:62:72:b6:55:6a:f6:74:
64:a0:e5:ee:a5:ae:c3:15:ab:a8:99:cf:97:b8:97:d5:69:b9:
b7:3e:5d:73:77:a4:8d:4e:76:bd:08:9f:af:62:62:22:f0:37:
ed:3e:84:e5:ac:3e:d9:69:e2:ef:ad:a4:99:2a:c9:00:16:d7:
69:b1:b0:66:52:2a:0d:26:af:81:3d:88:f3:cc:4f:72:66:c5:
f5:5e:03:3f:0a:a5:5f:2d:75:b2:fb:2a:92:da:c0:18:d5:39:
00:f2:4c:96:27:9d:52:9f:8e:70:32:d7:8a:e7:30:1f:e9:ba:
7d:ed:20:37:b5:91:4c:39:e0:fd:c7:cb:d1:22:15:78:11:cc:
fe:e3:38:f8:c5:1a:a3:7e:13:2e:94:f3:8b:74:d6:de:d6:02:
90:bb:71:19:55:ee:02:cf:a4:7c:70:29:00:b0:32:b0:ca:c8:
5d:58:a2:6c:0b:96:28:3e:27:5f:76:39:e2:d2:d8:64:28:62:
84:e2:00:98:cb:24:36:f7:6a:29:51:d0:25:96:02:3a:ed:d0:
15:b7:f5:b5:e0:09:96:c2:d9:10:85:ff:37:8b:4b:4a:06:80:
d5:39:7c:39:f5:95:fc:20:df:9a:78:54:49:08:97:9a:c7:b0:
8b:3b:18:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb6JdlptjJhOVEn30+fIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGU4ZjYzMTNiNDVhMjIyOWE5OWZlMjY0NDIxMGY0NDBjZTExNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6ypLmchzR321kP8Gzl3K1wyJDL4
rkGCl6PctUV908h9Etd6Dt4Pusmh9U2dFWRSP08JwTUjN813JPtgyFFWKdioJF6Q
oQtV0wDLcr7/NzF2mdkw02rYouyfzBns3Rp/HXpypWUuLAcYNyswcb17nj8cpSft
G7P6XIKOVXCOcDAqHjBqNhCAI26qSIoClTsiakF0Fb7UJROUKzYjN4e4BAu8ZYob
eGBTlBCxp6aQL8whFEYoAc9+s+9cIjqx+DVp1Af9qDDDNKySIsvpVmZbp9IEMa7Z
+X8l+1paNaBHKiG26Xdipwv57cy2vFTx2Tjc1Prhy/SrlZQB8vEUG38rWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMjo9jE7RaIimpn+JkQhD0QM4RU+MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEveU9qMk1UdEZvaUthbWY0bVJDRVBSQXpoRlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVTZMA0E
AgACMAcDBQAqDxXBMA0GCSqGSIb3DQEBCwUAA4IBAQC8GMg0QQM1gsCvDmJytlVq
9nRkoOXupa7DFauomc+XuJfVabm3Pl1zd6SNTna9CJ+vYmIi8DftPoTlrD7ZaeLv
raSZKskAFtdpsbBmUioNJq+BPYjzzE9yZsX1XgM/CqVfLXWy+yqS2sAY1TkA8kyW
J51Sn45wMteK5zAf6bp97SA3tZFMOeD9x8vRIhV4Ecz+4zj4xRqjfhMulPOLdNbe
1gKQu3EZVe4Cz6R8cCkAsDKwyshdWKJsC5YoPidfdjni0thkKGKE4gCYyyQ292op
UdAllgI67dAVt/W14AmWwtkQhf83i0tKBoDVOXw59ZX8IN+aeFRJCJeax7CLOxiS
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:00:12 2024 by rpki-client on console-ams.rpki-client.org