Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/weX5IxwEtf1Kzap0RqlOCq-oipA.roa
File: weX5IxwEtf1Kzap0RqlOCq-oipA.roa (raw, json)
Hash identifier: HxCf6rAQ7zN1km/BYMX2Wm5h2moHNW+fv2jE0LqW7ro=
Subject key identifier: C1:E5:F9:23:1C:04:B5:FD:4A:CD:AA:74:46:A9:4E:0A:AF:A8:8A:90
Certificate issuer: /CN=a982f3d0e66429b685b1850a9dff25c7aa37a0c6
Certificate serial: 018CC8DCFBEFA86ECE55A41A97CB8F555B59
Authority key identifier: A9:82:F3:D0:E6:64:29:B6:85:B1:85:0A:9D:FF:25:C7:AA:37:A0:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/weX5IxwEtf1Kzap0RqlOCq-oipA.roa
Signing time: Tue 02 Jan 2024 06:29:34 +0000
ROA not before: Tue 02 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.13.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:fb:ef:a8:6e:ce:55:a4:1a:97:cb:8f:55:5b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a982f3d0e66429b685b1850a9dff25c7aa37a0c6
Validity
Not Before: Jan 2 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1e5f9231c04b5fd4acdaa7446a94e0aafa88a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:da:70:ed:37:6c:63:79:aa:64:10:20:22:b0:
7e:af:8e:08:df:22:c7:d2:fc:e1:d1:d2:7b:08:db:
ac:30:16:36:66:46:fb:59:7c:50:9c:01:ee:31:06:
84:74:d2:bf:6f:67:0f:98:46:13:45:d9:bf:59:24:
09:26:ca:50:13:dc:cd:e7:30:99:01:e2:06:b5:3a:
6a:5d:76:72:49:2e:74:d8:ac:d9:ed:a7:9c:f7:5f:
23:b8:6a:e8:46:a0:8f:be:b6:14:0f:a1:6c:5c:71:
07:56:ca:37:ae:62:8b:9e:fb:8f:66:85:41:e3:f0:
82:31:6b:33:3a:26:fb:c2:c9:fd:34:e4:fd:d2:9c:
74:e2:7a:2b:5a:50:3b:33:bb:8d:68:14:54:27:bf:
56:e2:6d:44:96:ed:77:37:49:af:13:c1:06:c1:00:
fb:31:78:5c:76:5f:74:77:84:60:1c:7b:85:84:fd:
52:9f:68:04:56:df:ba:08:3f:fa:a2:78:b4:2d:7a:
03:59:ad:cf:ab:74:ef:7c:85:4e:50:e3:ec:d9:e0:
b7:44:af:27:3d:87:8d:45:01:f0:13:71:3f:31:16:
58:5b:9a:8f:20:12:49:ed:50:af:e2:bc:bc:f8:fd:
2c:2f:ef:1b:d0:cf:71:13:69:83:41:36:c2:0f:35:
c0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E5:F9:23:1C:04:B5:FD:4A:CD:AA:74:46:A9:4E:0A:AF:A8:8A:90
X509v3 Authority Key Identifier:
keyid:A9:82:F3:D0:E6:64:29:B6:85:B1:85:0A:9D:FF:25:C7:AA:37:A0:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/weX5IxwEtf1Kzap0RqlOCq-oipA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.100.0/22
Signature Algorithm: sha256WithRSAEncryption
91:06:b2:26:12:b9:f6:53:02:95:35:62:81:4e:4c:0f:e0:8f:
9e:db:a7:e8:67:41:0d:72:21:63:15:70:3d:27:20:7a:91:dc:
fd:9e:1f:d1:e1:d0:4c:d1:51:27:45:1b:6b:7e:10:df:61:b4:
e7:71:20:e2:6a:37:ea:03:4e:0e:88:df:dc:63:ec:4b:a5:c9:
b1:f3:6a:bd:d8:6e:4f:17:97:69:0e:ca:b4:6b:6f:c5:f3:19:
35:39:d8:2b:4e:0b:04:85:5e:ec:30:32:10:23:c3:06:f9:9f:
75:16:8b:96:ac:1b:7c:08:f3:6c:6a:7d:9f:0f:8c:d6:ba:bb:
b6:5b:f5:61:3e:49:02:ff:93:96:5a:82:0f:8a:12:8b:c7:14:
55:2e:a2:39:6b:b8:fc:50:28:78:84:c0:d5:30:8e:9b:aa:9f:
40:6e:34:a2:c5:8d:eb:82:7b:53:8a:3c:a4:04:67:10:e7:1e:
73:98:09:68:e4:c0:13:04:b3:3f:27:4c:7f:c9:c3:a9:bd:74:
09:0e:09:bf:6b:f1:9b:28:6a:29:f0:90:27:b5:a6:fb:79:66:
4c:4a:9f:36:bd:29:f0:be:cb:6c:2c:f7:02:1c:ef:2b:2a:50:
b2:3b:13:64:23:76:c2:77:fa:df:a2:0e:1f:88:2e:35:59:a2:
4b:54:de:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3PvvqG7OVaQal8uPVVtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODJmM2QwZTY2NDI5YjY4NWIxODUwYTlkZmYyNWM3YWEz
N2EwYzYwHhcNMjQwMTAyMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU1ZjkyMzFjMDRiNWZkNGFjZGFhNzQ0NmE5NGUwYWFmYTg4YTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNpw7TdsY3mqZBAgIrB+r44I3yLH
0vzh0dJ7CNusMBY2Zkb7WXxQnAHuMQaEdNK/b2cPmEYTRdm/WSQJJspQE9zN5zCZ
AeIGtTpqXXZySS502KzZ7aec918juGroRqCPvrYUD6FsXHEHVso3rmKLnvuPZoVB
4/CCMWszOib7wsn9NOT90px04norWlA7M7uNaBRUJ79W4m1Elu13N0mvE8EGwQD7
MXhcdl90d4RgHHuFhP1Sn2gEVt+6CD/6oni0LXoDWa3Pq3TvfIVOUOPs2eC3RK8n
PYeNRQHwE3E/MRZYW5qPIBJJ7VCv4ry8+P0sL+8b0M9xE2mDQTbCDzXAKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHl+SMcBLX9Ss2qdEapTgqvqIqQMB8GA1UdIwQY
MBaAFKmC89DmZCm2hbGFCp3/JceqN6DGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlMejBPWmtLYmFGc1lVS25mOGx4Nm8zb01ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9iNDViYTQtYWIzNi00OWFiLTk4ZTQt
OGI0NzkzZjkwZjE1LzEvd2VYNUl4d0V0ZjFLemFwMFJxbE9DcS1vaXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9iNDViYTQtYWIzNi00OWFiLTk4ZTQtOGI0NzkzZjkwZjE1
LzEvcVlMejBPWmtLYmFGc1lVS25mOGx4Nm8zb01ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ1kMA0G
CSqGSIb3DQEBCwUAA4IBAQCRBrImErn2UwKVNWKBTkwP4I+e26foZ0ENciFjFXA9
JyB6kdz9nh/R4dBM0VEnRRtrfhDfYbTncSDiajfqA04OiN/cY+xLpcmx82q92G5P
F5dpDsq0a2/F8xk1OdgrTgsEhV7sMDIQI8MG+Z91FouWrBt8CPNsan2fD4zWuru2
W/VhPkkC/5OWWoIPihKLxxRVLqI5a7j8UCh4hMDVMI6bqp9AbjSixY3rgntTijyk
BGcQ5x5zmAlo5MATBLM/J0x/ycOpvXQJDgm/a/GbKGop8JAntab7eWZMSp82vSnw
vstsLPcCHO8rKlCyOxNkI3bCd/rfog4fiC41WaJLVN5X
-----END CERTIFICATE-----
Generated at Thu May 2 02:43:23 2024 by rpki-client on console-fra.rpki-client.org