Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/02hc6JgWitJscQKFhogl4dZ92hc.roa
File: 02hc6JgWitJscQKFhogl4dZ92hc.roa (raw, json)
Hash identifier: pzOSGio3pWFX43S1mVvEXTZ8dGupKg0aN02/TVWGRTg=
Subject key identifier: D3:68:5C:E8:98:16:8A:D2:6C:71:02:85:86:88:25:E1:D6:7D:DA:17
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 018D0DB4FA425C11061111611E6CD6686F65
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/02hc6JgWitJscQKFhogl4dZ92hc.roa
Signing time: Mon 15 Jan 2024 15:19:40 +0000
ROA not before: Mon 15 Jan 2024 15:19:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 45.143.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:b4:fa:42:5c:11:06:11:11:61:1e:6c:d6:68:6f:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 15 15:19:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3685ce898168ad26c710285868825e1d67dda17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:84:48:eb:89:3b:24:04:f4:34:ed:e2:b2:46:
26:76:29:01:9a:56:15:57:b9:a1:bb:7b:8c:c3:d1:
ba:1c:e8:e3:b6:cd:48:c4:97:ed:36:ad:1e:9b:d1:
b5:44:28:51:89:94:b9:8e:bf:b2:89:31:e8:6a:3a:
82:6f:05:92:bb:3c:86:77:10:6b:7f:2a:38:36:55:
cd:b5:b3:9c:cd:df:ec:33:cb:45:8f:0f:d8:54:c3:
6e:3d:73:97:1b:ba:06:ef:c1:ae:f4:52:c4:93:07:
e8:84:50:09:24:64:3a:00:b5:29:5f:b5:15:df:d0:
ab:e6:75:fd:ce:9e:30:0d:7f:1d:4d:87:80:6f:37:
1d:7b:5e:6e:f5:5a:99:03:a6:80:d7:2c:58:ab:2e:
a2:de:dd:1d:ae:5b:d6:fb:2e:ec:ce:2a:80:ed:a2:
b7:46:70:91:97:e1:f2:9b:f7:54:4e:6c:fb:24:85:
94:66:24:31:ce:c5:85:73:30:56:a5:9e:85:00:f6:
b4:ca:03:54:ee:13:7e:5f:9e:99:87:fb:3a:62:1d:
18:c5:68:26:9a:fb:d5:ff:1d:49:53:43:76:f9:dd:
a4:54:d4:e9:a5:21:67:ee:ba:9e:48:99:8f:9b:07:
19:f7:e0:23:8e:cb:29:ea:15:f6:d4:d7:11:ec:df:
37:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:68:5C:E8:98:16:8A:D2:6C:71:02:85:86:88:25:E1:D6:7D:DA:17
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/02hc6JgWitJscQKFhogl4dZ92hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.203.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:af:44:ea:39:82:93:9f:6f:ec:b1:3e:e0:2a:8a:03:86:5d:
88:63:8b:aa:e8:a2:e2:f3:b2:68:84:d3:f2:75:b0:9c:da:51:
e0:49:d7:0d:1c:61:b1:c7:0e:d9:ee:bd:d2:c2:35:6f:42:bb:
47:4f:e2:d3:21:79:28:32:90:aa:15:1a:17:6c:15:b8:f1:6d:
36:04:ee:db:ca:d4:8e:5c:a4:ad:a3:07:b6:f4:31:e6:62:8f:
6b:30:57:8c:7c:ee:b2:03:de:0e:d6:c6:33:5f:e5:8d:3c:58:
08:dc:74:71:dd:59:90:e9:08:e0:81:9f:af:b5:b8:6d:13:33:
0d:d0:2e:3b:dc:8f:a8:df:13:f5:83:4a:0e:06:68:54:13:86:
cb:ef:46:ae:a6:f3:06:18:b0:9e:5b:97:b0:23:d4:36:b7:79:
cf:0e:87:e8:d1:6f:5f:12:1f:84:70:fe:6d:a2:6b:c7:06:ca:
ad:d8:42:93:87:fc:55:e1:ef:d4:e2:77:34:03:a7:7e:37:e8:
e8:71:66:56:4c:9d:23:8d:c8:28:c1:20:52:f2:8a:ac:00:72:
9f:8b:9f:52:04:df:23:e4:97:cc:ee:d9:dc:d6:01:90:52:92:
ce:22:23:61:2e:81:1f:80:f8:a6:60:2d:50:b3:57:9f:08:01:
9d:b1:72:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0NtPpCXBEGERFhHmzWaG9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjQwMTE1MTUxOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzY4NWNlODk4MTY4YWQyNmM3MTAyODU4Njg4MjVlMWQ2N2RkYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoRI64k7JAT0NO3iskYmdikBmlYV
V7mhu3uMw9G6HOjjts1IxJftNq0em9G1RChRiZS5jr+yiTHoajqCbwWSuzyGdxBr
fyo4NlXNtbOczd/sM8tFjw/YVMNuPXOXG7oG78Gu9FLEkwfohFAJJGQ6ALUpX7UV
39Cr5nX9zp4wDX8dTYeAbzcde15u9VqZA6aA1yxYqy6i3t0drlvW+y7sziqA7aK3
RnCRl+Hym/dUTmz7JIWUZiQxzsWFczBWpZ6FAPa0ygNU7hN+X56Zh/s6Yh0YxWgm
mvvV/x1JU0N2+d2kVNTppSFn7rqeSJmPmwcZ9+Ajjssp6hX21NcR7N83WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNoXOiYForSbHEChYaIJeHWfdoXMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvMDJoYzZKZ1dpdEpzY1FLRmhvZ2w0ZFo5MmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY/LMA0G
CSqGSIb3DQEBCwUAA4IBAQA9r0TqOYKTn2/ssT7gKooDhl2IY4uq6KLi87JohNPy
dbCc2lHgSdcNHGGxxw7Z7r3SwjVvQrtHT+LTIXkoMpCqFRoXbBW48W02BO7bytSO
XKStowe29DHmYo9rMFeMfO6yA94O1sYzX+WNPFgI3HRx3VmQ6QjggZ+vtbhtEzMN
0C473I+o3xP1g0oOBmhUE4bL70aupvMGGLCeW5ewI9Q2t3nPDofo0W9fEh+EcP5t
omvHBsqt2EKTh/xV4e/U4nc0A6d+N+jocWZWTJ0jjcgowSBS8oqsAHKfi59SBN8j
5JfM7tnc1gGQUpLOIiNhLoEfgPimYC1Qs1efCAGdsXL1
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:56:13 2024 by rpki-client on console-fra.rpki-client.org