Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/m3AFnkXgkAql8a1VpLiY4aAry7k.roa
File: m3AFnkXgkAql8a1VpLiY4aAry7k.roa (raw, json)
Hash identifier: zhggfsKqmgFBLw6rD2jlUYI+uJsAsBSeIfkAbfHiiOU=
Subject key identifier: 9B:70:05:9E:45:E0:90:0A:A5:F1:AD:55:A4:B8:98:E1:A0:2B:CB:B9
Certificate issuer: /CN=fb12f05fcd59fd1686f929c67bedcef59e550df2
Certificate serial: 0190A6B3B830BA5814EDFEDD1B8C08ACC145
Authority key identifier: FB:12:F0:5F:CD:59:FD:16:86:F9:29:C6:7B:ED:CE:F5:9E:55:0D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/m3AFnkXgkAql8a1VpLiY4aAry7k.roa
Signing time: Fri 12 Jul 2024 11:28:34 +0000
ROA not before: Fri 12 Jul 2024 11:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51220
IP address blocks: 45.134.32.0/22 maxlen: 24
2a0e:7ec0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 17:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:b3:b8:30:ba:58:14:ed:fe:dd:1b:8c:08:ac:c1:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb12f05fcd59fd1686f929c67bedcef59e550df2
Validity
Not Before: Jul 12 11:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b70059e45e0900aa5f1ad55a4b898e1a02bcbb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5f:9f:8b:9a:56:fd:86:95:34:23:41:72:99:
36:9c:55:26:e3:5d:0d:ec:31:6d:82:5f:35:c4:c0:
bb:90:ee:3e:08:9f:ee:a6:7b:7d:93:4d:a6:47:fa:
a8:b7:bb:62:95:a3:c4:ce:8d:10:e6:73:43:c2:3a:
35:16:a2:2e:38:cc:98:34:f6:09:fa:ea:a9:fb:e7:
48:89:2c:1e:c9:57:9e:8d:cd:46:70:dd:59:0d:41:
b8:d5:05:37:9f:f5:85:d3:8b:d7:a7:cc:c3:0d:31:
d6:eb:be:eb:d0:3b:f1:37:8a:bb:af:b8:fa:af:cb:
43:5d:6b:47:bb:6e:a2:7c:33:25:aa:38:66:fb:44:
2b:a1:c2:be:d3:40:15:19:75:0e:36:17:11:be:1b:
f4:ac:2f:22:eb:ce:56:26:e7:f5:5f:40:37:32:23:
f6:99:ab:ad:0d:27:89:ad:7c:c5:4a:ad:91:73:b5:
bb:61:95:55:c3:a6:f8:e1:8b:25:54:e8:ae:d9:60:
87:d2:29:e9:38:e6:d0:33:89:41:cb:85:f6:74:43:
46:03:74:ad:37:8b:6d:f6:fb:85:e3:6f:72:ab:1b:
c3:ea:12:e2:0b:76:2f:df:2e:54:20:6b:0b:ab:be:
f8:d7:87:3b:94:da:c9:1c:0c:e0:34:78:c8:86:6b:
b7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:70:05:9E:45:E0:90:0A:A5:F1:AD:55:A4:B8:98:E1:A0:2B:CB:B9
X509v3 Authority Key Identifier:
keyid:FB:12:F0:5F:CD:59:FD:16:86:F9:29:C6:7B:ED:CE:F5:9E:55:0D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/m3AFnkXgkAql8a1VpLiY4aAry7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.32.0/22
IPv6:
2a0e:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
37:76:30:84:b8:9e:15:e1:10:75:5c:98:72:df:2b:9c:35:82:
66:56:5e:eb:7b:5f:53:fe:3e:b9:4a:a1:10:cb:fe:22:59:e2:
2a:47:46:a3:ee:cb:8c:91:bd:5e:c2:0a:49:0e:cb:7b:a3:53:
a2:1f:3c:42:9a:4c:4a:10:01:d0:30:65:f4:19:5e:da:90:e4:
52:62:a0:b3:99:e9:3a:d1:04:2d:0d:1e:ee:3c:47:82:32:f4:
b2:0b:3e:3a:0b:27:02:8f:74:a2:b9:67:07:80:1d:bb:5e:ea:
8d:85:0b:d1:0c:32:cc:ec:0c:a6:9a:ec:7f:d5:03:ed:4d:f7:
b0:3e:e6:de:3d:b8:ee:3a:51:90:3e:e0:c4:3c:c9:06:1a:f7:
f4:13:dd:71:7f:3b:ba:f5:ac:db:51:a1:cf:26:71:81:79:0c:
9c:c0:9c:a4:44:c2:b9:15:11:0d:a5:56:89:88:6c:cb:aa:89:
f3:19:a8:16:12:11:f0:0c:70:1e:e5:69:c3:9e:e0:30:87:28:
7d:dc:51:f6:57:70:ab:91:60:ca:8d:a0:01:f2:3a:e9:75:96:
3e:72:aa:80:62:eb:08:d7:09:69:59:f6:60:19:71:86:69:e6:
bc:ae:0c:d4:f0:d5:92:84:c8:b2:15:db:3a:31:47:e6:25:ee:
55:5d:9a:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCms7gwulgU7f7dG4wIrMFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMTJmMDVmY2Q1OWZkMTY4NmY5MjljNjdiZWRjZWY1OWU1
NTBkZjIwHhcNMjQwNzEyMTEyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjcwMDU5ZTQ1ZTA5MDBhYTVmMWFkNTVhNGI4OThlMWEwMmJjYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV+fi5pW/YaVNCNBcpk2nFUm410N
7DFtgl81xMC7kO4+CJ/upnt9k02mR/qot7tilaPEzo0Q5nNDwjo1FqIuOMyYNPYJ
+uqp++dIiSweyVeejc1GcN1ZDUG41QU3n/WF04vXp8zDDTHW677r0DvxN4q7r7j6
r8tDXWtHu26ifDMlqjhm+0QrocK+00AVGXUONhcRvhv0rC8i685WJuf1X0A3MiP2
mautDSeJrXzFSq2Rc7W7YZVVw6b44YslVOiu2WCH0inpOObQM4lBy4X2dENGA3St
N4tt9vuF429yqxvD6hLiC3Yv3y5UIGsLq77414c7lNrJHAzgNHjIhmu3uwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJtwBZ5F4JAKpfGtVaS4mOGgK8u5MB8GA1UdIwQY
MBaAFPsS8F/NWf0WhvkpxnvtzvWeVQ3yMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14THdYODFaX1JhRy1TbkdlLTNPOVo1VkRmSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkvYTAzN2QxLWVhN2MtNGM4NS04MTI4
LWQ0ZDBhYWI3MDFiZi8xL20zQUZua1hna0FxbDhhMVZwTGlZNGFBcnk3ay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzkvYTAzN2QxLWVhN2MtNGM4NS04MTI4LWQ0ZDBhYWI3MDFi
Zi8xLzEteEx3WDgxWl9SYUctU25HZS0zTzlaNVZEZkkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAIthiAw
DQQCAAIwBwMFAyoOfsAwDQYJKoZIhvcNAQELBQADggEBADd2MIS4nhXhEHVcmHLf
K5w1gmZWXut7X1P+PrlKoRDL/iJZ4ipHRqPuy4yRvV7CCkkOy3ujU6IfPEKaTEoQ
AdAwZfQZXtqQ5FJioLOZ6TrRBC0NHu48R4Iy9LILPjoLJwKPdKK5ZweAHbte6o2F
C9EMMszsDKaa7H/VA+1N97A+5t49uO46UZA+4MQ8yQYa9/QT3XF/O7r1rNtRoc8m
cYF5DJzAnKREwrkVEQ2lVomIbMuqifMZqBYSEfAMcB7lacOe4DCHKH3cUfZXcKuR
YMqNoAHyOul1lj5yqoBi6wjXCWlZ9mAZcYZp5ryuDNTw1ZKEyLIV2zoxR+Yl7lVd
mig=
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:38:33 2024 by rpki-client on console-ams.rpki-client.org