Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/q4Wqt8E70K29pbI9B4Dgb3LAjzI.roa
File: q4Wqt8E70K29pbI9B4Dgb3LAjzI.roa (raw, json)
Hash identifier: 7rceFhg8C/icwID3OjObptzOT3ybymh87IV5qEMEn+M=
Subject key identifier: AB:85:AA:B7:C1:3B:D0:AD:BD:A5:B2:3D:07:80:E0:6F:72:C0:8F:32
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0191BDED2CCD89CC4A51B52A0BC5898FF480
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/q4Wqt8E70K29pbI9B4Dgb3LAjzI.roa
Signing time: Wed 04 Sep 2024 16:45:22 +0000
ROA not before: Wed 04 Sep 2024 16:45:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8708
IP address blocks: 45.135.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:ed:2c:cd:89:cc:4a:51:b5:2a:0b:c5:89:8f:f4:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Sep 4 16:45:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab85aab7c13bd0adbda5b23d0780e06f72c08f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:62:3a:cc:0f:67:62:3d:cf:d2:a4:7e:12:31:
1c:61:48:c5:0e:d0:5a:b1:d2:47:cc:ba:c5:5c:d0:
27:03:73:30:c7:ba:1c:45:ce:48:4e:62:42:79:cb:
d4:3b:98:15:b3:04:ab:1e:1f:20:a4:71:34:2d:58:
dd:29:77:b5:e0:bf:98:b5:1a:4c:a7:6e:e5:40:f6:
c6:5f:30:71:3d:73:87:bc:b9:56:90:ed:8c:44:ae:
97:6f:5e:83:07:2d:5a:d2:c6:61:31:48:dc:73:22:
20:ec:d8:b0:8a:51:24:39:41:b0:39:ba:6b:52:6b:
8b:ec:39:02:bd:60:38:cf:26:c3:55:7d:18:41:ce:
af:0b:d8:a5:db:0b:03:88:35:65:5e:f5:bc:7e:bc:
4e:ec:f9:94:29:11:3a:51:54:6a:b7:95:dd:bf:12:
c1:9e:1e:4c:c3:52:0e:2a:06:a2:40:b1:98:1f:24:
a7:df:9f:ab:04:0c:a8:f1:94:91:bb:b4:e6:5a:45:
cd:e7:94:bf:db:6e:a1:02:a2:2f:2a:e7:14:29:4f:
98:c1:83:9c:e4:d6:12:7c:b6:41:5f:89:b8:0b:00:
95:08:48:98:d1:2a:ee:ff:b2:dc:60:45:87:0d:3d:
9f:3d:79:6e:3e:cd:81:85:27:5e:74:99:81:e3:e1:
47:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:85:AA:B7:C1:3B:D0:AD:BD:A5:B2:3D:07:80:E0:6F:72:C0:8F:32
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/q4Wqt8E70K29pbI9B4Dgb3LAjzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.224.0/24
Signature Algorithm: sha256WithRSAEncryption
10:80:14:54:d9:65:54:0f:46:47:92:dc:f0:8b:cf:14:ce:2f:
a8:4f:3a:4e:9f:35:45:14:b3:c5:c0:fc:c5:36:41:d4:25:ee:
7f:c4:8b:8f:d1:ec:d6:14:a1:a0:19:3e:c8:2f:d6:d5:94:e4:
bd:52:e9:78:d5:b1:28:23:5e:48:f3:4a:e3:98:11:07:14:1b:
2d:03:fb:df:ec:5e:af:dc:ca:59:c5:b7:ca:4c:72:d4:c6:d3:
d6:12:3e:4a:42:3d:d0:c5:e6:06:63:54:ca:ed:3e:26:25:6f:
24:61:de:29:e2:3c:0b:ba:c4:64:a7:6d:95:f4:63:5a:16:80:
22:57:ee:38:fb:5c:0f:fe:0c:e6:11:e3:2f:8b:6f:e9:4c:a8:
72:4a:ef:97:cf:ec:7e:a6:46:df:9f:48:b6:b3:d6:53:4c:f3:
98:81:82:76:c0:53:97:9b:f6:b3:3a:2d:e2:d7:16:bf:27:cc:
fc:fa:5a:1e:c9:3c:9f:3c:22:61:96:3b:0a:9c:e0:62:d6:75:
43:32:f6:05:20:57:8e:d9:76:a6:ca:62:26:0a:e8:4f:eb:f1:
98:b0:fd:5c:9c:59:6c:24:15:a4:79:ae:0c:3b:ff:18:11:28:
b4:e8:4b:d4:b7:6b:3f:5d:ca:be:92:2a:0c:1c:dc:3c:52:4b:
ec:fd:44:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZG97SzNicxKUbUqC8WJj/SAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwOTA0MTY0NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjg1YWFiN2MxM2JkMGFkYmRhNWIyM2QwNzgwZTA2ZjcyYzA4ZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWI6zA9nYj3P0qR+EjEcYUjFDtBa
sdJHzLrFXNAnA3Mwx7ocRc5ITmJCecvUO5gVswSrHh8gpHE0LVjdKXe14L+YtRpM
p27lQPbGXzBxPXOHvLlWkO2MRK6Xb16DBy1a0sZhMUjccyIg7NiwilEkOUGwObpr
UmuL7DkCvWA4zybDVX0YQc6vC9il2wsDiDVlXvW8frxO7PmUKRE6UVRqt5XdvxLB
nh5Mw1IOKgaiQLGYHySn35+rBAyo8ZSRu7TmWkXN55S/226hAqIvKucUKU+YwYOc
5NYSfLZBX4m4CwCVCEiY0Sru/7LcYEWHDT2fPXluPs2BhSdedJmB4+FHXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKuFqrfBO9CtvaWyPQeA4G9ywI8yMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvcTRXcXQ4RTcwSzI5cGJJOUI0RGdiM0xBanpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYfgMA0G
CSqGSIb3DQEBCwUAA4IBAQAQgBRU2WVUD0ZHktzwi88Uzi+oTzpOnzVFFLPFwPzF
NkHUJe5/xIuP0ezWFKGgGT7IL9bVlOS9Uul41bEoI15I80rjmBEHFBstA/vf7F6v
3MpZxbfKTHLUxtPWEj5KQj3QxeYGY1TK7T4mJW8kYd4p4jwLusRkp22V9GNaFoAi
V+44+1wP/gzmEeMvi2/pTKhySu+Xz+x+pkbfn0i2s9ZTTPOYgYJ2wFOXm/azOi3i
1xa/J8z8+loeyTyfPCJhljsKnOBi1nVDMvYFIFeO2XamymImCuhP6/GYsP1cnFls
JBWkea4MO/8YESi06EvUt2s/Xcq+kioMHNw8Ukvs/UTM
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:54:52 2024 by rpki-client on console-ams.rpki-client.org