Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/i2UMhhYYtw4nhsFIMO2CeZFxW7M.roa
File: i2UMhhYYtw4nhsFIMO2CeZFxW7M.roa (raw, json)
Hash identifier: ACnCjVO69Pm/aVUbp5bbFv0a7wiZdZVCtiK68yUZL7Y=
Subject key identifier: 8B:65:0C:86:16:18:B7:0E:27:86:C1:48:30:ED:82:79:91:71:5B:B3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0194222042398B5B8224EE857B80F87C4814
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/i2UMhhYYtw4nhsFIMO2CeZFxW7M.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393894
IP address blocks: 45.80.100.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:42:39:8b:5b:82:24:ee:85:7b:80:f8:7c:48:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b650c861618b70e2786c14830ed827991715bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9a:d2:ab:ec:41:fd:54:a1:45:b2:29:3a:ea:
f5:74:de:f2:8a:da:c3:19:cd:47:fa:bd:38:a9:96:
ce:99:46:31:da:cc:a3:50:c8:53:3c:73:d3:e2:95:
84:aa:98:e0:2f:1e:63:ec:8e:09:6b:68:88:91:c6:
31:21:10:65:3e:26:02:86:8d:45:eb:b1:c4:4a:ca:
3b:bf:42:a4:88:35:f3:fb:77:85:80:e4:5a:b6:c9:
aa:b3:12:3c:43:f3:8c:48:12:14:3f:05:ef:68:a8:
9c:f6:fd:36:6b:b6:53:05:69:85:a5:5b:be:90:1f:
2a:92:fc:a1:7f:b0:ec:a8:5b:87:6b:c5:20:e1:2d:
76:22:2c:72:be:ff:a1:b2:08:d5:6b:35:d0:77:14:
b2:6f:03:78:1d:27:98:0b:da:f7:8f:bb:8f:3a:5b:
ef:2c:53:bf:df:d8:44:a1:55:aa:b3:d3:d7:f3:0d:
7b:4d:18:c3:79:69:46:4c:91:59:73:a8:38:08:a1:
5c:38:be:a0:b0:53:00:c5:15:43:15:b7:c3:83:18:
6b:47:e9:11:59:c7:ab:7d:f8:e3:60:56:34:25:94:
49:04:0a:24:74:7c:bb:ae:a3:ef:79:87:88:e4:4a:
2d:02:7d:63:d9:c3:17:69:11:e7:87:cb:17:53:ea:
71:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:65:0C:86:16:18:B7:0E:27:86:C1:48:30:ED:82:79:91:71:5B:B3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/i2UMhhYYtw4nhsFIMO2CeZFxW7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.100.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:4a:8a:e0:fa:3f:70:56:fb:c2:64:79:2d:5d:e3:35:26:e4:
47:5a:ce:24:77:20:60:e9:88:bf:76:dd:87:df:1f:85:3e:02:
58:d9:6c:6a:2e:a5:f1:0c:76:fc:80:22:07:34:67:49:9a:3c:
98:1c:40:a6:91:a4:b8:3c:2e:4c:02:01:fb:cf:78:1d:fc:29:
20:fb:16:52:3f:d6:d6:96:b8:5d:ad:bd:3a:43:93:29:b9:b1:
d2:35:0d:f4:1c:3e:17:70:c1:a2:86:60:95:97:f1:cc:15:d6:
2f:2d:8c:79:ad:b3:a4:72:71:af:37:b0:82:24:59:be:ee:77:
fb:30:39:8c:b5:f2:f6:cb:d1:74:10:d7:d1:23:29:70:ca:49:
6c:6e:aa:1b:82:de:7c:6a:a0:35:6e:dd:09:67:57:cb:8a:03:
8f:3d:3c:8c:5d:c2:89:2d:c3:5f:80:77:38:8a:5c:43:65:e2:
e0:6e:d9:e9:f6:a8:ab:ca:41:80:07:bf:53:9c:59:aa:90:6e:
bb:55:fb:f7:a2:da:0c:3a:d7:a5:c9:23:05:eb:b7:e1:d6:d2:
cf:db:16:ac:88:68:4a:34:f7:5c:1a:18:30:0c:36:52:4e:1b:
04:97:fe:6a:e7:d5:73:e4:2c:58:6c:f4:7e:42:65:7c:30:99:
7a:50:50:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIEI5i1uCJO6Fe4D4fEgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjY1MGM4NjE2MThiNzBlMjc4NmMxNDgzMGVkODI3OTkxNzE1YmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJrSq+xB/VShRbIpOur1dN7yitrD
Gc1H+r04qZbOmUYx2syjUMhTPHPT4pWEqpjgLx5j7I4Ja2iIkcYxIRBlPiYCho1F
67HESso7v0KkiDXz+3eFgORatsmqsxI8Q/OMSBIUPwXvaKic9v02a7ZTBWmFpVu+
kB8qkvyhf7DsqFuHa8Ug4S12Iixyvv+hsgjVazXQdxSybwN4HSeYC9r3j7uPOlvv
LFO/39hEoVWqs9PX8w17TRjDeWlGTJFZc6g4CKFcOL6gsFMAxRVDFbfDgxhrR+kR
WcerffjjYFY0JZRJBAokdHy7rqPveYeI5EotAn1j2cMXaRHnh8sXU+pxowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItlDIYWGLcOJ4bBSDDtgnmRcVuzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaTJVTWhoWVl0dzRuaHNGSU1PMkNlWkZ4VzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVBkMA0G
CSqGSIb3DQEBCwUAA4IBAQBeSorg+j9wVvvCZHktXeM1JuRHWs4kdyBg6Yi/dt2H
3x+FPgJY2WxqLqXxDHb8gCIHNGdJmjyYHECmkaS4PC5MAgH7z3gd/Ckg+xZSP9bW
lrhdrb06Q5MpubHSNQ30HD4XcMGihmCVl/HMFdYvLYx5rbOkcnGvN7CCJFm+7nf7
MDmMtfL2y9F0ENfRIylwyklsbqobgt58aqA1bt0JZ1fLigOPPTyMXcKJLcNfgHc4
ilxDZeLgbtnp9qirykGAB79TnFmqkG67Vfv3otoMOtelySMF67fh1tLP2xasiGhK
NPdcGhgwDDZSThsEl/5q59Vz5CxYbPR+QmV8MJl6UFBB
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:40:58 2025 by rpki-client