Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/Y5tBOnYBsjtqPhDcLgPZiyIj9M4.roa
File: Y5tBOnYBsjtqPhDcLgPZiyIj9M4.roa (raw, json)
Hash identifier: 2RYCQ7+7DKVhEvwDSDftTOwFc/fPpUinfyMS4D8jTxg=
Subject key identifier: 63:9B:41:3A:76:01:B2:3B:6A:3E:10:DC:2E:03:D9:8B:22:23:F4:CE
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 018CC49357EF433AEEB3AD9235EDD18EC853
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/Y5tBOnYBsjtqPhDcLgPZiyIj9M4.roa
Signing time: Mon 01 Jan 2024 10:30:39 +0000
ROA not before: Mon 01 Jan 2024 10:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60995
IP address blocks: 45.13.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:57:ef:43:3a:ee:b3:ad:92:35:ed:d1:8e:c8:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jan 1 10:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=639b413a7601b23b6a3e10dc2e03d98b2223f4ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6d:44:b4:20:04:fb:2a:41:c1:6e:ab:b2:bc:
5f:73:6e:21:38:4b:e8:76:30:77:6d:27:79:d4:e7:
52:f0:2c:f8:30:18:98:ec:db:b1:f9:c5:15:dc:75:
75:66:ca:8d:e5:41:df:a6:70:b6:e3:9f:be:f5:20:
d5:3c:0a:e1:b9:22:37:7c:95:c4:38:19:1b:41:bc:
3a:44:3e:09:4a:ed:61:38:f3:bc:a1:bc:eb:10:c4:
32:d8:be:9c:9e:54:70:38:0d:dc:4c:22:8c:09:13:
c5:f6:22:b3:26:fe:ee:63:68:80:bd:66:d3:c8:41:
ba:78:1c:69:fb:72:f0:4d:2a:2d:74:4f:2f:ec:3d:
a1:c9:7e:18:fc:14:04:64:da:ec:f1:e4:8d:7a:f4:
31:dc:95:17:a4:ce:98:8b:65:31:d4:de:d4:57:33:
dc:38:b6:62:ad:ea:05:63:e8:23:25:95:f1:48:c8:
34:7a:ab:df:23:2a:b0:71:39:1c:b5:81:3c:56:29:
ab:00:39:bd:2e:71:2c:3e:8c:42:1f:74:3c:3a:d7:
cd:93:be:ff:7f:01:43:27:69:51:0f:5f:4b:55:68:
13:13:b8:50:bf:46:d1:55:b5:42:fc:9b:dc:42:da:
e5:63:72:55:1d:45:d8:ed:28:b8:37:10:4c:eb:f6:
cf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9B:41:3A:76:01:B2:3B:6A:3E:10:DC:2E:03:D9:8B:22:23:F4:CE
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/Y5tBOnYBsjtqPhDcLgPZiyIj9M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.136.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:9e:0b:e9:7a:38:09:0e:a6:d5:46:07:a1:c2:ba:e0:30:a9:
68:21:c3:df:fe:fc:00:c9:68:47:0e:e0:7a:db:04:df:ec:b0:
12:09:5e:75:f9:ea:dc:e9:95:5f:40:ef:db:c9:17:84:5c:e6:
53:7f:43:64:cd:a1:f6:e7:8b:68:df:70:86:b0:a5:33:c2:41:
92:f0:a1:53:f6:68:34:1d:f0:b3:7a:68:24:6f:5a:25:80:a8:
d4:79:2b:99:f6:30:60:52:bc:8e:b3:0c:ce:dd:66:01:64:61:
85:0b:77:26:29:a9:02:8d:e6:0b:bb:f5:48:62:ba:95:7e:0b:
56:27:94:21:37:db:f4:63:43:80:9f:8a:82:5b:a3:31:c0:1a:
10:d9:07:a6:76:2d:db:a6:3d:b9:52:0f:e0:1a:93:fc:65:09:
58:c8:84:71:f9:2b:3f:94:90:14:53:1c:15:85:eb:99:42:91:
2a:b2:fe:25:06:79:27:a7:bf:d3:f9:6d:a4:7e:ea:18:70:7e:
66:05:08:fe:c1:fd:68:48:d0:a2:1e:73:2e:fd:62:0c:f3:de:
6e:f2:0f:28:d1:68:ea:39:eb:a2:62:6a:ab:47:d1:39:41:f9:
dd:17:10:7e:0c:0e:cf:eb:d4:f2:64:52:64:86:10:63:6b:66:
ed:93:37:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk1fvQzrus62SNe3RjshTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjQwMTAxMTAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzliNDEzYTc2MDFiMjNiNmEzZTEwZGMyZTAzZDk4YjIyMjNmNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm1EtCAE+ypBwW6rsrxfc24hOEvo
djB3bSd51OdS8Cz4MBiY7Nux+cUV3HV1ZsqN5UHfpnC245++9SDVPArhuSI3fJXE
OBkbQbw6RD4JSu1hOPO8obzrEMQy2L6cnlRwOA3cTCKMCRPF9iKzJv7uY2iAvWbT
yEG6eBxp+3LwTSotdE8v7D2hyX4Y/BQEZNrs8eSNevQx3JUXpM6Yi2Ux1N7UVzPc
OLZireoFY+gjJZXxSMg0eqvfIyqwcTkctYE8VimrADm9LnEsPoxCH3Q8OtfNk77/
fwFDJ2lRD19LVWgTE7hQv0bRVbVC/JvcQtrlY3JVHUXY7Si4NxBM6/bPHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGObQTp2AbI7aj4Q3C4D2YsiI/TOMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvWTV0Qk9uWUJzanRxUGhEY0xnUFppeUlqOU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ2IMA0G
CSqGSIb3DQEBCwUAA4IBAQAdngvpejgJDqbVRgehwrrgMKloIcPf/vwAyWhHDuB6
2wTf7LASCV51+erc6ZVfQO/byReEXOZTf0NkzaH254to33CGsKUzwkGS8KFT9mg0
HfCzemgkb1olgKjUeSuZ9jBgUryOswzO3WYBZGGFC3cmKakCjeYLu/VIYrqVfgtW
J5QhN9v0Y0OAn4qCW6MxwBoQ2Qemdi3bpj25Ug/gGpP8ZQlYyIRx+Ss/lJAUUxwV
heuZQpEqsv4lBnknp7/T+W2kfuoYcH5mBQj+wf1oSNCiHnMu/WIM895u8g8o0Wjq
OeuiYmqrR9E5QfndFxB+DA7P69TyZFJkhhBja2btkze3
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:17 2024 by rpki-client on console-fra.rpki-client.org