Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/YySq0kT2l2oRHlcHOHNexHk6g5E.roa
File: YySq0kT2l2oRHlcHOHNexHk6g5E.roa (raw, json)
Hash identifier: EiXxkIAa/Q6eFVae7fC2J8bjpPnLClNlg5zKsHO3Nho=
Subject key identifier: 63:24:AA:D2:44:F6:97:6A:11:1E:57:07:38:73:5E:C4:79:3A:83:91
Certificate issuer: /CN=fa11c9560fa9105e6bdc4b492efab641ab50801d
Certificate serial: 01917E6E222145D5A662FF6F463708DE48D0
Authority key identifier: FA:11:C9:56:0F:A9:10:5E:6B:DC:4B:49:2E:FA:B6:41:AB:50:80:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-hHJVg-pEF5r3EtJLvq2QatQgB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/YySq0kT2l2oRHlcHOHNexHk6g5E.roa
Signing time: Fri 23 Aug 2024 08:50:32 +0000
ROA not before: Fri 23 Aug 2024 08:50:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21339
IP address blocks: 45.143.120.0/23 maxlen: 24
45.143.122.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/1-hHJVg-pEF5r3EtJLvq2QatQgB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/1-hHJVg-pEF5r3EtJLvq2QatQgB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-hHJVg-pEF5r3EtJLvq2QatQgB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:6e:22:21:45:d5:a6:62:ff:6f:46:37:08:de:48:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa11c9560fa9105e6bdc4b492efab641ab50801d
Validity
Not Before: Aug 23 08:50:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6324aad244f6976a111e570738735ec4793a8391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ea:02:c8:50:9d:0d:ee:42:48:fc:a6:c3:a5:
5e:54:10:59:e3:2d:95:a5:f8:34:04:bb:9f:91:70:
65:2a:10:3c:1f:bb:73:90:fc:5f:e4:3c:61:1d:2b:
fb:4f:ae:b5:65:99:5b:f1:66:38:63:57:34:f2:08:
9e:0d:f0:b6:0a:37:d6:5f:8c:78:13:ca:6b:28:ea:
a5:2b:ec:1e:75:fd:56:60:ee:19:69:58:11:8e:ab:
93:f4:84:ad:86:63:2f:e3:76:68:e4:7f:c4:48:ee:
3a:c4:3f:24:62:1b:07:48:c0:60:c0:8b:c9:6b:2d:
34:8b:37:5e:78:ce:d2:ca:a4:93:26:f4:2b:2f:d1:
64:57:37:89:17:be:3d:6d:52:de:d2:e5:1d:54:5c:
bf:23:17:03:20:0c:83:df:29:36:a6:26:2d:4b:fe:
84:30:f5:21:39:b5:f1:19:55:95:8a:31:9d:99:22:
dd:9e:08:cf:fd:80:55:b6:5c:3a:77:b8:0a:b5:85:
43:95:fa:2b:30:f7:29:24:21:6c:2f:17:90:74:e2:
c6:41:45:72:8c:90:b2:3c:da:f1:08:9c:a6:a4:56:
7f:c2:d3:31:25:7b:bb:c5:fb:9d:a5:e8:40:ac:6a:
2e:ed:2d:7b:af:51:48:4d:9e:2b:57:d0:59:f8:69:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:24:AA:D2:44:F6:97:6A:11:1E:57:07:38:73:5E:C4:79:3A:83:91
X509v3 Authority Key Identifier:
keyid:FA:11:C9:56:0F:A9:10:5E:6B:DC:4B:49:2E:FA:B6:41:AB:50:80:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-hHJVg-pEF5r3EtJLvq2QatQgB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/YySq0kT2l2oRHlcHOHNexHk6g5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/00ee6a-5e95-4e10-8ee6-7e222bfecc90/1/1-hHJVg-pEF5r3EtJLvq2QatQgB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:bb:b7:c4:dc:9d:db:67:0e:c8:c3:2c:d7:21:a4:8d:74:83:
9c:ec:7f:52:38:7e:d2:f4:51:cc:94:ae:37:d7:d0:a0:f9:24:
b7:fd:fe:f0:92:a0:62:8a:dc:d5:4d:a4:b8:48:bb:18:f2:e8:
78:a9:aa:f0:23:2e:8e:5c:9f:4b:8b:4a:68:a1:84:cc:5e:23:
a6:e0:24:81:2b:c3:a3:d5:6e:ca:f1:6b:b2:34:14:53:d9:63:
eb:3a:20:27:df:97:b5:d1:84:ce:ae:12:67:f2:f0:ca:76:dc:
99:64:79:6b:07:5f:a2:81:54:71:d3:d7:f4:51:cf:77:fe:52:
da:b0:5c:63:58:3e:09:21:9b:68:06:14:7a:43:bb:d6:e5:95:
8d:57:1d:b2:2c:9e:b8:28:e7:63:a6:10:36:dd:04:56:c5:79:
65:1e:f8:e8:18:a1:26:49:25:e7:1e:4d:c0:7a:b3:a6:57:15:
91:a6:74:51:e1:f7:c0:fd:31:7b:6a:63:28:18:42:bb:3f:74:
94:f3:da:6f:af:62:7e:fd:8d:de:45:db:13:f7:4f:da:90:1f:
cd:91:95:54:87:41:e9:8c:18:47:43:a4:b3:ba:9b:4e:53:c5:
79:e9:ab:c3:a4:67:d1:b4:24:25:ab:92:95:d6:0f:78:21:89:
0e:98:79:36
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZF+biIhRdWmYv9vRjcI3kjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMTFjOTU2MGZhOTEwNWU2YmRjNGI0OTJlZmFiNjQxYWI1
MDgwMWQwHhcNMjQwODIzMDg1MDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI0YWFkMjQ0ZjY5NzZhMTExZTU3MDczODczNWVjNDc5M2E4MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+oCyFCdDe5CSPymw6VeVBBZ4y2V
pfg0BLufkXBlKhA8H7tzkPxf5DxhHSv7T661ZZlb8WY4Y1c08gieDfC2CjfWX4x4
E8prKOqlK+wedf1WYO4ZaVgRjquT9ISthmMv43Zo5H/ESO46xD8kYhsHSMBgwIvJ
ay00izdeeM7SyqSTJvQrL9FkVzeJF749bVLe0uUdVFy/IxcDIAyD3yk2piYtS/6E
MPUhObXxGVWVijGdmSLdngjP/YBVtlw6d7gKtYVDlforMPcpJCFsLxeQdOLGQUVy
jJCyPNrxCJympFZ/wtMxJXu7xfudpehArGou7S17r1FITZ4rV9BZ+Gl9FwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGMkqtJE9pdqER5XBzhzXsR5OoORMB8GA1UdIwQY
MBaAFPoRyVYPqRBea9xLSS76tkGrUIAdMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oSEpWZy1wRUY1cjNFdEpMdnEyUWF0UWdCMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgvMDBlZTZhLTVlOTUtNGUxMC04ZWU2
LTdlMjIyYmZlY2M5MC8xL1l5U3Ewa1QybDJvUkhsY0hPSE5leEhrNmc1RS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjgvMDBlZTZhLTVlOTUtNGUxMC04ZWU2LTdlMjIyYmZlY2M5
MC8xLzEtaEhKVmctcEVGNXIzRXRKTHZxMlFhdFFnQjAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItj3gw
DQYJKoZIhvcNAQELBQADggEBAKG7t8TcndtnDsjDLNchpI10g5zsf1I4ftL0UcyU
rjfX0KD5JLf9/vCSoGKK3NVNpLhIuxjy6HipqvAjLo5cn0uLSmihhMxeI6bgJIEr
w6PVbsrxa7I0FFPZY+s6ICffl7XRhM6uEmfy8Mp23JlkeWsHX6KBVHHT1/RRz3f+
UtqwXGNYPgkhm2gGFHpDu9bllY1XHbIsnrgo52OmEDbdBFbFeWUe+OgYoSZJJece
TcB6s6ZXFZGmdFHh98D9MXtqYygYQrs/dJTz2m+vYn79jd5F2xP3T9qQH82RlVSH
QemMGEdDpLO6m05TxXnpq8OkZ9G0JCWrkpXWD3ghiQ6YeTY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:53 2024 by rpki-client on console-ams.rpki-client.org