Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/zBHQFtSETItcGmjSkf_C7oW4G9I.roa
File: zBHQFtSETItcGmjSkf_C7oW4G9I.roa (raw, json)
Hash identifier: Y8aM5Zk84QwqD+wmiwE9ld91GSzCKQD8crv3mAtUom0=
Subject key identifier: CC:11:D0:16:D4:84:4C:8B:5C:1A:68:D2:91:FF:C2:EE:85:B8:1B:D2
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA636A8DCA87CB9E0942306B0B416
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/zBHQFtSETItcGmjSkf_C7oW4G9I.roa
Signing time: Tue 02 Jan 2024 04:30:09 +0000
ROA not before: Tue 02 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32181
IP address blocks: 45.84.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a6:36:a8:dc:a8:7c:b9:e0:94:23:06:b0:b4:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc11d016d4844c8b5c1a68d291ffc2ee85b81bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:97:75:08:73:b3:79:ab:7a:8e:38:72:34:a9:
f7:48:65:bc:c1:09:2f:56:52:58:8e:f8:ee:42:d8:
83:01:85:90:c0:91:6e:3d:f1:e8:13:16:2b:6f:60:
0c:05:5d:2d:a2:f3:ac:92:9a:e9:66:d8:f3:e1:dc:
ce:a2:d7:90:0f:2f:93:34:f3:09:45:e0:f5:77:90:
33:73:e9:08:76:9b:f3:87:97:20:81:68:bb:d1:1b:
e6:7e:be:1b:42:38:69:a8:26:1c:aa:b9:94:31:7d:
57:29:19:6a:b5:a0:5e:c9:78:5d:2c:11:52:1b:4a:
f3:28:e0:5e:8e:70:e3:83:51:57:ba:bb:7b:96:59:
31:a6:de:a7:04:96:8f:76:94:db:10:8d:d5:af:fd:
8d:c7:ab:48:3b:82:f7:e1:f3:20:ec:8f:6e:59:dc:
f7:15:15:aa:34:22:cd:a6:35:41:6e:95:4f:2c:a2:
44:09:8b:95:85:70:78:8c:b4:97:46:f6:1e:c8:1f:
11:ec:20:05:61:96:0d:22:d6:ed:7b:7e:55:b5:a6:
02:99:fd:0b:d8:45:23:71:4e:15:fd:59:95:6a:a4:
12:9f:2e:2d:9c:ca:6c:44:a3:67:50:2f:bb:c6:4b:
eb:15:f9:e5:ff:37:27:0b:0f:38:ff:08:01:e9:08:
87:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:11:D0:16:D4:84:4C:8B:5C:1A:68:D2:91:FF:C2:EE:85:B8:1B:D2
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/zBHQFtSETItcGmjSkf_C7oW4G9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.215.0/24
Signature Algorithm: sha256WithRSAEncryption
61:57:86:11:9e:1d:33:a3:81:af:63:50:b0:be:39:9f:da:6b:
59:7e:ff:43:dd:76:81:fc:e3:e2:a6:3d:c7:ce:61:e4:b6:68:
12:87:97:9c:e6:1a:50:45:0f:dd:f5:c5:d6:7d:8f:28:52:90:
c8:a9:ca:6c:d3:33:fe:01:54:4a:66:a1:48:a6:2f:38:64:cc:
e6:9e:94:45:6c:47:68:73:5a:36:75:cf:12:86:aa:8e:f0:ff:
7e:79:49:07:f7:de:39:9e:70:3f:d6:69:21:26:68:c7:8c:62:
68:46:76:58:80:d6:73:90:fe:e4:1c:ed:49:ca:b6:13:b5:d3:
f4:fc:05:37:73:af:52:d9:57:6d:ce:c9:88:d1:1b:f1:84:72:
45:bd:30:4e:52:93:13:59:5f:24:6b:2c:35:49:9b:3f:23:55:
54:47:84:e8:09:35:4b:6f:f1:0b:e8:16:24:6e:07:d3:35:a4:
36:a3:a6:c1:82:cc:f2:5d:22:f7:5f:50:72:1e:53:e8:88:66:
c0:11:44:e3:05:13:7c:f7:a5:4f:5f:20:94:36:95:80:85:3c:
0a:37:fc:86:22:02:f7:63:50:cb:95:d5:02:88:44:ef:31:ca:
66:b4:f3:15:71:9f:bb:58:97:6f:1b:68:23:04:8d:29:ed:d5:
66:a3:fb:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb6Y2qNyofLnglCMGsLQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzExZDAxNmQ0ODQ0YzhiNWMxYTY4ZDI5MWZmYzJlZTg1YjgxYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZd1CHOzeat6jjhyNKn3SGW8wQkv
VlJYjvjuQtiDAYWQwJFuPfHoExYrb2AMBV0tovOskprpZtjz4dzOoteQDy+TNPMJ
ReD1d5Azc+kIdpvzh5cggWi70Rvmfr4bQjhpqCYcqrmUMX1XKRlqtaBeyXhdLBFS
G0rzKOBejnDjg1FXurt7llkxpt6nBJaPdpTbEI3Vr/2Nx6tIO4L34fMg7I9uWdz3
FRWqNCLNpjVBbpVPLKJECYuVhXB4jLSXRvYeyB8R7CAFYZYNItbte35VtaYCmf0L
2EUjcU4V/VmVaqQSny4tnMpsRKNnUC+7xkvrFfnl/zcnCw84/wgB6QiHiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwR0BbUhEyLXBpo0pH/wu6FuBvSMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvekJIUUZ0U0VUSXRjR21qU2tmX0M3b1c0RzlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVTXMA0G
CSqGSIb3DQEBCwUAA4IBAQBhV4YRnh0zo4GvY1Cwvjmf2mtZfv9D3XaB/OPipj3H
zmHktmgSh5ec5hpQRQ/d9cXWfY8oUpDIqcps0zP+AVRKZqFIpi84ZMzmnpRFbEdo
c1o2dc8ShqqO8P9+eUkH9945nnA/1mkhJmjHjGJoRnZYgNZzkP7kHO1JyrYTtdP0
/AU3c69S2VdtzsmI0RvxhHJFvTBOUpMTWV8kayw1SZs/I1VUR4ToCTVLb/EL6BYk
bgfTNaQ2o6bBgszyXSL3X1ByHlPoiGbAEUTjBRN896VPXyCUNpWAhTwKN/yGIgL3
Y1DLldUCiETvMcpmtPMVcZ+7WJdvG2gjBI0p7dVmo/u8
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:41:20 2024 by rpki-client on console-fra.rpki-client.org