Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/kJvSMjJlP5MI3sFl406jVP1v-3I.roa
File: kJvSMjJlP5MI3sFl406jVP1v-3I.roa (raw, json)
Hash identifier: Eyqd6mgsm5RXeNwiC3yOGfGIHl4ms9TIRY3B+YDrcSU=
Subject key identifier: 90:9B:D2:32:32:65:3F:93:08:DE:C1:65:E3:4E:A3:54:FD:6F:FB:72
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 0190495B8B753459ADA621AD55341911DCB3
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/kJvSMjJlP5MI3sFl406jVP1v-3I.roa
Signing time: Mon 24 Jun 2024 08:27:34 +0000
ROA not before: Mon 24 Jun 2024 08:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 145.219.18.0/23 maxlen: 23
145.219.20.0/23 maxlen: 23
145.219.22.0/24 maxlen: 24
145.219.23.0/24 maxlen: 24
145.219.24.0/22 maxlen: 22
145.219.28.0/22 maxlen: 22
2a04:b0c0:10::/48 maxlen: 48
2a04:b0c0:11::/48 maxlen: 48
2a04:b0c0:12::/48 maxlen: 48
2a04:b0c0:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:5b:8b:75:34:59:ad:a6:21:ad:55:34:19:11:dc:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jun 24 08:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=909bd23232653f9308dec165e34ea354fd6ffb72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:10:39:44:f1:ab:0e:d1:e7:2a:b6:bf:39:c1:
85:2f:01:ed:ea:b5:4d:31:64:77:03:c3:a1:89:51:
ec:ca:03:4a:f8:68:c6:7e:01:39:50:e5:df:22:dc:
fc:4b:c6:fd:81:e6:13:c5:c1:24:0c:a3:b3:b4:33:
59:e7:8b:96:33:aa:7c:93:02:ee:d7:d4:91:80:27:
8c:88:f6:ed:f5:0b:fd:ea:71:96:aa:10:e7:ef:3f:
ef:65:35:44:ff:0a:6c:74:8f:2d:e8:a5:8b:9c:d9:
83:51:8b:07:4c:43:8d:db:48:cf:0d:84:d8:0c:9a:
b9:f2:c6:79:3d:63:94:a9:94:dc:71:60:9f:93:6c:
39:18:b9:e8:29:4e:1e:51:7d:4e:c0:e2:5d:c1:48:
07:e5:36:dd:d1:e1:05:07:40:ec:b4:e8:d0:88:97:
c0:aa:15:1c:3f:28:ea:79:db:99:4d:d5:92:f0:1a:
74:7e:8a:e0:28:e1:e6:f6:ba:5e:10:2b:08:43:80:
33:87:d8:45:50:44:1c:da:8f:33:7e:43:da:53:3c:
8c:ed:ee:98:e4:f2:50:65:db:82:f0:83:57:ce:db:
49:c0:22:2e:d3:90:55:b1:25:5e:90:d8:9a:68:11:
14:3a:51:ad:62:89:4b:28:35:29:ac:7e:f2:f6:b7:
5b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9B:D2:32:32:65:3F:93:08:DE:C1:65:E3:4E:A3:54:FD:6F:FB:72
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/kJvSMjJlP5MI3sFl406jVP1v-3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.18.0-145.219.31.255
IPv6:
2a04:b0c0:10::/46
Signature Algorithm: sha256WithRSAEncryption
55:e6:3e:5c:41:d6:68:4a:8a:78:92:b2:d3:eb:cd:09:91:85:
d8:0b:10:57:85:fa:08:b4:91:e8:5a:30:d3:43:8a:83:ec:c5:
77:1f:fc:82:e1:5d:7e:79:c0:ac:f9:ae:0e:ae:47:02:63:dc:
4f:05:09:46:26:e7:9b:e9:1f:59:04:1d:f8:15:6a:d1:85:2a:
aa:13:7e:83:24:7f:a2:7c:7e:8a:b0:c6:60:7d:22:06:53:c5:
bf:b1:fb:17:c9:5f:91:d5:85:28:37:87:d5:8b:6d:6c:76:eb:
be:0c:93:11:d1:88:e7:35:79:40:17:b6:7a:10:d8:4e:b1:e2:
b3:9a:c1:d9:14:4c:a8:d1:a0:84:c7:18:73:10:fe:bb:52:e0:
ba:a5:e1:73:d0:e9:23:2c:99:e3:6b:63:00:f0:f8:ca:43:7c:
72:d4:26:ab:45:46:8b:01:81:69:52:80:40:3c:36:46:90:c1:
78:25:af:3c:68:99:72:73:0c:40:19:7c:37:75:00:94:6d:48:
c9:77:0f:d3:55:82:d2:33:14:8f:4d:11:03:4d:2c:a1:bf:e0:
23:b9:f0:86:00:fa:23:8e:b1:26:dd:5f:6a:8c:9c:24:09:bc:
e3:a4:d0:15:7b:e3:1e:e9:8a:e7:92:f8:10:fc:09:32:2b:bf:
23:6a:be:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBJW4t1NFmtpiGtVTQZEdyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwNjI0MDgyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDliZDIzMjMyNjUzZjkzMDhkZWMxNjVlMzRlYTM1NGZkNmZmYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixA5RPGrDtHnKra/OcGFLwHt6rVN
MWR3A8OhiVHsygNK+GjGfgE5UOXfItz8S8b9geYTxcEkDKOztDNZ54uWM6p8kwLu
19SRgCeMiPbt9Qv96nGWqhDn7z/vZTVE/wpsdI8t6KWLnNmDUYsHTEON20jPDYTY
DJq58sZ5PWOUqZTccWCfk2w5GLnoKU4eUX1OwOJdwUgH5Tbd0eEFB0DstOjQiJfA
qhUcPyjqeduZTdWS8Bp0forgKOHm9rpeECsIQ4Azh9hFUEQc2o8zfkPaUzyM7e6Y
5PJQZduC8INXzttJwCIu05BVsSVekNiaaBEUOlGtYolLKDUprH7y9rdbFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCb0jIyZT+TCN7BZeNOo1T9b/tyMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEva0p2U01qSmxQNU1JM3NGbDQwNmpWUDF2LTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAGR2xID
BAWR2wAwDwQCAAIwCQMHAioEsMAAEDANBgkqhkiG9w0BAQsFAAOCAQEAVeY+XEHW
aEqKeJKy0+vNCZGF2AsQV4X6CLSR6Fow00OKg+zFdx/8guFdfnnArPmuDq5HAmPc
TwUJRibnm+kfWQQd+BVq0YUqqhN+gyR/onx+irDGYH0iBlPFv7H7F8lfkdWFKDeH
1YttbHbrvgyTEdGI5zV5QBe2ehDYTrHis5rB2RRMqNGghMcYcxD+u1LguqXhc9Dp
IyyZ42tjAPD4ykN8ctQmq0VGiwGBaVKAQDw2RpDBeCWvPGiZcnMMQBl8N3UAlG1I
yXcP01WC0jMUj00RA00sob/gI7nwhgD6I46xJt1faoycJAm846TQFXvjHumK55L4
EPwJMiu/I2q+OA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:26:42 2024 by rpki-client on console-ams.rpki-client.org