Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/BKb7XG_Y_snDtXcgAHsqhtFo8v4.roa
File: BKb7XG_Y_snDtXcgAHsqhtFo8v4.roa (raw, json)
Hash identifier: USVDlvAYbm2wUpjn6m+8YObV5uuluIJcM9CqrwH+yGQ=
Subject key identifier: 04:A6:FB:5C:6F:D8:FE:C9:C3:B5:77:20:00:7B:2A:86:D1:68:F2:FE
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0190B2666946ED579AAD4EFF3A2B7B829ED9
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/BKb7XG_Y_snDtXcgAHsqhtFo8v4.roa
Signing time: Sun 14 Jul 2024 17:59:34 +0000
ROA not before: Sun 14 Jul 2024 17:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398395
IP address blocks: 45.145.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b2:66:69:46:ed:57:9a:ad:4e:ff:3a:2b:7b:82:9e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jul 14 17:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04a6fb5c6fd8fec9c3b57720007b2a86d168f2fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:67:45:f7:39:a0:16:ca:79:c7:78:a2:ed:51:
73:83:b4:5a:1d:6d:5e:cb:a6:2f:2b:fe:83:6f:0d:
d8:7b:d8:c8:67:ee:05:be:7e:97:5e:44:5b:c2:06:
f5:15:d2:26:d0:0a:e9:62:2d:c2:d4:b1:9a:fd:bd:
a6:b7:4a:a9:ae:40:af:5e:6d:ce:cf:82:83:e9:12:
46:54:df:86:38:e7:19:c5:44:ea:4a:e8:a2:1c:0e:
37:26:43:b1:bf:4a:b4:fd:87:af:ca:c3:96:8a:f4:
1c:b1:7f:6c:b9:03:bf:4e:ce:91:40:b0:91:56:38:
57:f4:5a:13:2c:e9:18:2e:6b:8a:95:60:a5:4c:78:
77:dc:26:f9:40:2d:38:39:3c:37:46:f1:ee:47:71:
c2:d4:c4:53:e9:f5:58:1c:4c:36:be:3f:a9:ae:69:
10:74:13:2d:07:03:9a:cc:ca:e3:45:d8:c0:ba:2a:
db:8b:c1:9f:bd:8c:9c:db:b5:1e:a0:b2:17:20:65:
ac:18:f9:02:97:cb:4a:1e:dc:81:1f:87:2e:a2:db:
6d:f5:af:aa:b6:d6:8b:6c:50:18:b5:8a:39:48:c4:
f2:29:10:ab:90:04:e9:5e:7b:3a:01:05:17:f9:bc:
bd:cf:de:de:07:e2:4f:14:83:ee:6d:d1:cf:4e:4d:
5f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A6:FB:5C:6F:D8:FE:C9:C3:B5:77:20:00:7B:2A:86:D1:68:F2:FE
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/BKb7XG_Y_snDtXcgAHsqhtFo8v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.17.0/24
Signature Algorithm: sha256WithRSAEncryption
35:7e:3f:9b:65:c6:ac:fb:a6:34:58:57:80:2b:99:f6:3d:7e:
59:a4:c7:33:76:27:cb:c9:e2:6e:e7:c7:d1:1d:4f:40:2f:f4:
8d:af:24:ba:b0:43:e4:75:6f:ed:f9:cf:88:11:3f:2b:5e:51:
5b:7e:58:09:b3:84:a7:df:e6:a7:57:f2:87:31:f4:a9:b4:bb:
04:08:0b:b4:0c:ce:dc:fd:53:5a:01:b0:e3:6c:5b:93:e3:2c:
56:60:e2:df:2b:ff:f0:d8:6b:7c:d8:31:5a:f8:1b:9a:8c:fd:
9e:b2:40:2a:88:8a:61:6a:32:70:78:9b:0c:3e:3b:54:e2:cc:
d5:c5:66:ba:6b:a8:99:38:76:d3:81:b2:ce:2d:a6:94:0b:4a:
7d:40:09:4b:35:3b:25:34:91:5e:0d:2f:02:df:93:ca:d7:a4:
03:6b:55:52:ba:f8:9e:ba:63:e4:d2:7c:96:b9:db:d3:2b:72:
0f:c0:6c:ea:f6:3a:a1:49:35:91:73:13:38:b1:66:3d:3b:b3:
7c:e2:29:e3:50:d3:76:e0:1b:50:01:26:73:ed:6a:ad:a1:e5:
d4:41:99:5b:08:62:74:e8:51:dc:dd:5e:6a:c1:d4:92:77:84:
d7:87:b2:a3:b4:72:b0:b7:cd:8f:1f:65:d9:f9:64:64:4b:3d:
e6:97:ee:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCyZmlG7VearU7/Oit7gp7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwNzE0MTc1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGE2ZmI1YzZmZDhmZWM5YzNiNTc3MjAwMDdiMmE4NmQxNjhmMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2dF9zmgFsp5x3ii7VFzg7RaHW1e
y6YvK/6Dbw3Ye9jIZ+4Fvn6XXkRbwgb1FdIm0ArpYi3C1LGa/b2mt0qprkCvXm3O
z4KD6RJGVN+GOOcZxUTqSuiiHA43JkOxv0q0/YevysOWivQcsX9suQO/Ts6RQLCR
VjhX9FoTLOkYLmuKlWClTHh33Cb5QC04OTw3RvHuR3HC1MRT6fVYHEw2vj+prmkQ
dBMtBwOazMrjRdjAuirbi8GfvYyc27UeoLIXIGWsGPkCl8tKHtyBH4cuottt9a+q
ttaLbFAYtYo5SMTyKRCrkATpXns6AQUX+by9z97eB+JPFIPubdHPTk1fWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASm+1xv2P7Jw7V3IAB7KobRaPL+MB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvQktiN1hHX1lfc25EdFhjZ0FIc3FodEZvOHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZERMA0G
CSqGSIb3DQEBCwUAA4IBAQA1fj+bZcas+6Y0WFeAK5n2PX5ZpMczdifLyeJu58fR
HU9AL/SNryS6sEPkdW/t+c+IET8rXlFbflgJs4Sn3+anV/KHMfSptLsECAu0DM7c
/VNaAbDjbFuT4yxWYOLfK//w2Gt82DFa+BuajP2eskAqiIphajJweJsMPjtU4szV
xWa6a6iZOHbTgbLOLaaUC0p9QAlLNTslNJFeDS8C35PK16QDa1VSuvieumPk0nyW
udvTK3IPwGzq9jqhSTWRcxM4sWY9O7N84injUNN24BtQASZz7WqtoeXUQZlbCGJ0
6FHc3V5qwdSSd4TXh7KjtHKwt82PH2XZ+WRkSz3ml+47
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:54:22 2024 by rpki-client on console-fra.rpki-client.org