Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/pn2Zi7_sUcr9YxNT3CKu6yNocf0.roa
File: pn2Zi7_sUcr9YxNT3CKu6yNocf0.roa (raw, json)
Hash identifier: 3BLB1jcWSjB4ndWoPh9zL8xj88whhTZiF8wT6Yu+MMM=
Subject key identifier: A6:7D:99:8B:BF:EC:51:CA:FD:63:13:53:DC:22:AE:EB:23:68:71:FD
Certificate issuer: /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial: 018CC8DEF694C14B6EEB4F179DF590306492
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/pn2Zi7_sUcr9YxNT3CKu6yNocf0.roa
Signing time: Tue 02 Jan 2024 06:31:44 +0000
ROA not before: Tue 02 Jan 2024 06:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208683
IP address blocks: 45.89.132.0/22 maxlen: 22
2a0b:cf00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f6:94:c1:4b:6e:eb:4f:17:9d:f5:90:30:64:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Validity
Not Before: Jan 2 06:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a67d998bbfec51cafd631353dc22aeeb236871fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:98:25:41:9b:f8:c2:2c:64:00:15:b4:bc:61:
da:ca:19:9a:32:a1:22:ec:eb:62:df:49:96:f0:ef:
9e:9d:1b:a1:ee:b9:4d:2e:52:70:54:84:0a:c5:20:
35:ac:ed:93:c9:f0:5c:51:d6:4b:0b:ad:72:cb:56:
f4:d2:b1:94:b5:8d:80:90:ee:ea:d9:28:24:98:0d:
08:78:06:15:24:9e:90:c9:67:58:90:cb:f0:ae:53:
84:c2:09:32:4b:86:e5:21:cf:41:ed:c9:0a:ba:eb:
65:f4:b2:51:2b:b1:c0:0e:92:9e:ce:86:f4:14:62:
c0:15:c2:a2:c8:99:1d:6c:b4:87:e3:6c:71:ae:e3:
1a:8b:38:4a:14:4c:cf:ae:45:78:fc:b3:7f:59:ab:
20:cd:bd:b8:a8:50:79:3b:84:ba:9f:be:17:97:d1:
93:05:f4:1a:46:12:bd:b8:48:36:95:15:6f:bb:da:
f1:e0:dc:4c:99:a9:c2:7f:c7:88:3b:db:07:32:6f:
66:cc:d1:1f:7a:66:43:15:82:53:3b:45:5c:58:4f:
b2:ea:fa:2f:01:f3:8a:fc:3d:c7:e1:89:7f:52:db:
0f:13:52:37:eb:ac:d8:3c:2e:10:db:dc:cc:ae:f0:
16:9c:69:b4:73:93:22:56:a6:61:79:30:9c:39:f7:
fd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:7D:99:8B:BF:EC:51:CA:FD:63:13:53:DC:22:AE:EB:23:68:71:FD
X509v3 Authority Key Identifier:
keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/pn2Zi7_sUcr9YxNT3CKu6yNocf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.132.0/22
IPv6:
2a0b:cf00::/32
Signature Algorithm: sha256WithRSAEncryption
6c:49:3e:e2:44:2b:82:2c:13:7c:7e:f1:7e:bf:76:c5:26:15:
34:72:3c:b7:b1:5d:75:eb:bd:70:52:78:be:c8:8c:5f:ef:bf:
52:22:39:3a:d6:c3:98:c9:a0:8f:da:34:00:77:05:0d:1a:29:
4c:df:8a:fc:75:e9:ab:c5:14:45:d5:8d:3e:2a:e4:bc:c6:e2:
ed:38:92:db:e8:a6:02:25:b2:64:09:48:63:34:7e:cf:d2:73:
b3:6f:9f:f7:4f:81:7c:65:f8:54:7a:f1:28:eb:ea:ae:91:d2:
66:63:a4:38:0e:f0:0b:0d:db:b8:ea:a2:72:bd:62:40:64:b3:
9a:aa:a2:1f:23:d7:0a:58:3e:66:2f:3f:6e:01:39:39:29:2f:
4c:a4:cf:be:7a:1c:5b:0d:79:4d:81:ec:08:4f:20:1b:30:f5:
15:b2:8e:12:59:a3:53:45:8b:e9:42:d0:1e:f7:fe:48:cc:78:
54:3d:13:a8:3c:51:91:d2:67:50:fc:91:24:1f:fe:7e:39:fa:
b5:d8:59:da:4d:c2:bc:d8:04:c0:c2:cf:3f:66:db:5d:e6:28:
33:ae:0a:b1:32:09:80:3d:73:d5:4c:5d:09:02:da:46:fb:79:
2e:c4:8f:1f:b7:84:0b:11:f2:93:c6:c0:e2:93:78:75:72:be:
ad:a2:8d:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3vaUwUtu608XnfWQMGSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmU4ZDcyNTI2ZTRlNzNhM2I1N2Q5MzYwZjNhNTFiZWI1
OWE0NWYwHhcNMjQwMTAyMDYzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjdkOTk4YmJmZWM1MWNhZmQ2MzEzNTNkYzIyYWVlYjIzNjg3MWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJglQZv4wixkABW0vGHayhmaMqEi
7Oti30mW8O+enRuh7rlNLlJwVIQKxSA1rO2TyfBcUdZLC61yy1b00rGUtY2AkO7q
2SgkmA0IeAYVJJ6QyWdYkMvwrlOEwgkyS4blIc9B7ckKuutl9LJRK7HADpKezob0
FGLAFcKiyJkdbLSH42xxruMaizhKFEzPrkV4/LN/Wasgzb24qFB5O4S6n74Xl9GT
BfQaRhK9uEg2lRVvu9rx4NxMmanCf8eIO9sHMm9mzNEfemZDFYJTO0VcWE+y6vov
AfOK/D3H4Yl/UtsPE1I366zYPC4Q29zMrvAWnGm0c5MiVqZheTCcOff9TQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKZ9mYu/7FHK/WMTU9wirusjaHH9MB8GA1UdIwQY
MBaAFFz+jXJSbk5zo7V9k2DzpRvrWaRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMt
ZTRkZGZhMzJlNTJlLzEvcG4yWmk3X3NVY3I5WXhOVDNDS3U2eU5vY2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMtZTRkZGZhMzJlNTJl
LzEvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVmEMA0E
AgACMAcDBQAqC88AMA0GCSqGSIb3DQEBCwUAA4IBAQBsST7iRCuCLBN8fvF+v3bF
JhU0cjy3sV11671wUni+yIxf779SIjk61sOYyaCP2jQAdwUNGilM34r8demrxRRF
1Y0+KuS8xuLtOJLb6KYCJbJkCUhjNH7P0nOzb5/3T4F8ZfhUevEo6+qukdJmY6Q4
DvALDdu46qJyvWJAZLOaqqIfI9cKWD5mLz9uATk5KS9MpM++ehxbDXlNgewITyAb
MPUVso4SWaNTRYvpQtAe9/5IzHhUPROoPFGR0mdQ/JEkH/5+Ofq12FnaTcK82ATA
ws8/Zttd5igzrgqxMgmAPXPVTF0JAtpG+3kuxI8ft4QLEfKTxsDik3h1cr6too0e
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:59 2024 by rpki-client on console-ams.rpki-client.org