Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/vZ1yAVzyASLv0TjQjOHxofpQPgQ.roa
File: vZ1yAVzyASLv0TjQjOHxofpQPgQ.roa (raw, json)
Hash identifier: PwV4fx6G6Bgl4hZ3vm+fDg9UULJs855TvFOatQDiSM8=
Subject key identifier: BD:9D:72:01:5C:F2:01:22:EF:D1:38:D0:8C:E1:F1:A1:FA:50:3E:04
Certificate issuer: /CN=62927b36b138f086358938e3acfda4638e56a792
Certificate serial: 018CC2DB1CFD7032767677743C557FE266E1
Authority key identifier: 62:92:7B:36:B1:38:F0:86:35:89:38:E3:AC:FD:A4:63:8E:56:A7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YpJ7NrE48IY1iTjjrP2kY45Wp5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/vZ1yAVzyASLv0TjQjOHxofpQPgQ.roa
Signing time: Mon 01 Jan 2024 02:29:48 +0000
ROA not before: Mon 01 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207265
IP address blocks: 45.151.128.0/22 maxlen: 22
2a10:20c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/YpJ7NrE48IY1iTjjrP2kY45Wp5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/YpJ7NrE48IY1iTjjrP2kY45Wp5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/YpJ7NrE48IY1iTjjrP2kY45Wp5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1c:fd:70:32:76:76:77:74:3c:55:7f:e2:66:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62927b36b138f086358938e3acfda4638e56a792
Validity
Not Before: Jan 1 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd9d72015cf20122efd138d08ce1f1a1fa503e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a6:c9:11:0a:81:42:20:37:60:36:8c:7f:35:
6d:29:6b:98:5f:a3:97:12:d0:51:1f:d4:b7:60:91:
ca:9a:5e:fe:33:50:b0:17:9b:ec:62:82:07:1c:7a:
28:10:30:ad:29:48:e8:68:d8:6b:d7:56:07:7c:cf:
17:5a:99:ed:4d:0f:3d:12:b1:94:2e:fc:85:04:6d:
6b:40:19:85:49:70:8c:b3:8d:4a:3f:6e:a0:bd:d5:
d5:ec:4c:57:d9:11:0f:7d:8b:dc:53:81:70:1b:77:
97:54:d4:86:ba:c3:93:e4:9e:58:33:50:b0:af:e0:
6c:84:55:ec:65:98:82:4b:86:45:17:04:73:49:06:
64:ff:57:18:a6:41:53:65:79:b5:3f:43:c3:aa:eb:
02:e5:ba:7d:84:52:e0:b6:b8:6d:75:ac:42:aa:eb:
f6:72:e1:ce:17:d1:7a:69:52:d2:7c:fa:18:4b:64:
f2:dd:4f:1c:cd:64:94:c0:4c:b2:9b:64:2c:b3:e7:
9a:6d:10:5c:58:9a:42:7b:c5:9b:63:d9:f2:50:ea:
5f:29:d5:f8:ed:4f:5f:5f:42:ae:21:d8:a9:3d:a6:
1f:32:1f:32:90:65:a0:37:c3:f8:90:fc:4c:88:13:
dc:c3:88:59:b6:36:21:d5:0b:48:af:7c:b6:90:7f:
a1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:9D:72:01:5C:F2:01:22:EF:D1:38:D0:8C:E1:F1:A1:FA:50:3E:04
X509v3 Authority Key Identifier:
keyid:62:92:7B:36:B1:38:F0:86:35:89:38:E3:AC:FD:A4:63:8E:56:A7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YpJ7NrE48IY1iTjjrP2kY45Wp5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/vZ1yAVzyASLv0TjQjOHxofpQPgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/YpJ7NrE48IY1iTjjrP2kY45Wp5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.128.0/22
IPv6:
2a10:20c0::/30
Signature Algorithm: sha256WithRSAEncryption
45:e3:1b:00:35:9c:c6:c8:e7:a3:30:47:99:33:fc:31:1d:28:
7e:88:ef:5c:f8:07:eb:1e:e8:99:17:01:40:8a:9a:d9:71:70:
1e:8e:a0:98:34:3b:15:0e:49:7e:f9:65:73:fa:be:b4:11:90:
55:df:a6:71:7d:ff:1b:b8:7f:c7:1e:66:dc:8d:95:a1:12:14:
2f:37:6b:21:22:20:f7:24:3e:60:d9:3c:8d:05:cc:98:59:d9:
7a:23:6c:fb:0f:38:51:77:42:9b:76:a5:62:9b:91:fa:e7:46:
4f:dc:eb:7f:4e:7c:2d:6d:d9:32:08:de:b3:95:0b:18:1d:d9:
88:13:52:3b:c0:fa:06:da:9c:7d:4d:ae:7f:a2:c1:a4:6c:84:
2d:d5:56:0c:ac:ae:6f:2a:80:5a:e7:18:9b:49:cf:3b:55:81:
68:8d:90:d4:24:dd:6f:a7:1a:3c:b8:c2:c7:c0:14:be:67:51:
48:d2:7a:36:6d:bf:5a:24:0f:0f:3e:89:cf:c6:6a:3a:41:fd:
cc:01:52:fc:0a:ee:9a:86:c4:32:74:bf:b5:fd:d3:1b:84:1f:
11:46:b7:86:e2:5d:1c:52:62:03:bb:4a:0f:82:c8:72:8b:19:
be:12:53:8e:11:75:7c:43:36:b2:ff:3c:b4:87:78:82:ae:d5:
36:99:0d:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2xz9cDJ2dnd0PFV/4mbhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOTI3YjM2YjEzOGYwODYzNTg5MzhlM2FjZmRhNDYzOGU1
NmE3OTIwHhcNMjQwMTAxMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDlkNzIwMTVjZjIwMTIyZWZkMTM4ZDA4Y2UxZjFhMWZhNTAzZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36bJEQqBQiA3YDaMfzVtKWuYX6OX
EtBRH9S3YJHKml7+M1CwF5vsYoIHHHooEDCtKUjoaNhr11YHfM8XWpntTQ89ErGU
LvyFBG1rQBmFSXCMs41KP26gvdXV7ExX2REPfYvcU4FwG3eXVNSGusOT5J5YM1Cw
r+BshFXsZZiCS4ZFFwRzSQZk/1cYpkFTZXm1P0PDqusC5bp9hFLgtrhtdaxCquv2
cuHOF9F6aVLSfPoYS2Ty3U8czWSUwEyym2Qss+eabRBcWJpCe8WbY9nyUOpfKdX4
7U9fX0KuIdipPaYfMh8ykGWgN8P4kPxMiBPcw4hZtjYh1QtIr3y2kH+hrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL2dcgFc8gEi79E40Izh8aH6UD4EMB8GA1UdIwQY
MBaAFGKSezaxOPCGNYk446z9pGOOVqeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXBKN05yRTQ4SVkxaVRqanJQMmtZNDVXcDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZDI0MWYtNzFlYS00YTFiLTk2ZWEt
YTk5YzdlZTVjMjg0LzEvdloxeUFWenlBU0x2MFRqUWpPSHhvZnBRUGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZDI0MWYtNzFlYS00YTFiLTk2ZWEtYTk5YzdlZTVjMjg0
LzEvWXBKN05yRTQ4SVkxaVRqanJQMmtZNDVXcDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZeAMA0E
AgACMAcDBQIqECDAMA0GCSqGSIb3DQEBCwUAA4IBAQBF4xsANZzGyOejMEeZM/wx
HSh+iO9c+AfrHuiZFwFAiprZcXAejqCYNDsVDkl++WVz+r60EZBV36Zxff8buH/H
HmbcjZWhEhQvN2shIiD3JD5g2TyNBcyYWdl6I2z7DzhRd0KbdqVim5H650ZP3Ot/
TnwtbdkyCN6zlQsYHdmIE1I7wPoG2px9Ta5/osGkbIQt1VYMrK5vKoBa5xibSc87
VYFojZDUJN1vpxo8uMLHwBS+Z1FI0no2bb9aJA8PPonPxmo6Qf3MAVL8Cu6ahsQy
dL+1/dMbhB8RRreG4l0cUmIDu0oPgshyixm+ElOOEXV8Qzay/zy0h3iCrtU2mQ10
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:01 2024 by rpki-client on console-ams.rpki-client.org