Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/yhKefwCtsXXDcBhHrJpaPd3VqKA.roa
File: yhKefwCtsXXDcBhHrJpaPd3VqKA.roa (raw, json)
Hash identifier: pa+CSaGRn/tWI6+BYwDmO3eTl5FRQCs4+dyYBsdgioE=
Subject key identifier: CA:12:9E:7F:00:AD:B1:75:C3:70:18:47:AC:9A:5A:3D:DD:D5:A8:A0
Certificate issuer: /CN=5d0a0d396f769369365f2b983c531afeca9710a7
Certificate serial: 0191EBA5AB50BA7B86F6759AB797ECE35322
Authority key identifier: 5D:0A:0D:39:6F:76:93:69:36:5F:2B:98:3C:53:1A:FE:CA:97:10:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XQoNOW92k2k2XyuYPFMa_sqXEKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/yhKefwCtsXXDcBhHrJpaPd3VqKA.roa
Signing time: Fri 13 Sep 2024 13:49:48 +0000
ROA not before: Fri 13 Sep 2024 13:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214204
IP address blocks: 45.148.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/XQoNOW92k2k2XyuYPFMa_sqXEKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/XQoNOW92k2k2XyuYPFMa_sqXEKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XQoNOW92k2k2XyuYPFMa_sqXEKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:a5:ab:50:ba:7b:86:f6:75:9a:b7:97:ec:e3:53:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d0a0d396f769369365f2b983c531afeca9710a7
Validity
Not Before: Sep 13 13:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca129e7f00adb175c3701847ac9a5a3dddd5a8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:87:eb:93:f3:03:b9:1e:96:d3:41:45:22:5a:
06:dc:53:7c:64:e4:d9:28:96:f9:a4:17:22:77:67:
7a:18:06:be:22:a7:af:31:81:da:80:3d:f0:bb:b6:
84:e4:45:5f:08:85:22:2b:cd:27:96:0f:8c:4a:23:
77:04:a7:91:16:ae:db:84:c9:02:8c:b7:ea:02:96:
a8:6f:df:ae:b8:c3:92:fa:c3:b0:33:38:37:dc:65:
d7:65:36:93:8e:4c:49:ed:e1:cf:37:32:c8:8d:4a:
a4:47:9e:a9:c0:ed:3c:86:8f:5e:51:7c:74:77:8c:
2d:92:c6:2e:81:bb:85:84:b8:ee:ff:b5:ee:4d:a7:
0e:ec:a0:24:f1:be:62:0e:15:b5:b4:ba:81:4c:96:
93:52:fb:9c:25:69:be:12:6d:83:ec:51:26:ba:8e:
68:d0:56:ef:df:5f:49:87:db:d9:b2:50:74:e9:32:
bc:ac:41:54:64:20:51:70:cc:f2:95:c2:5d:37:56:
82:99:8d:e6:2e:62:84:ef:50:0d:be:08:e6:95:eb:
0c:da:46:30:5a:02:83:95:2a:6c:d1:eb:7a:fc:48:
a1:56:41:9f:aa:40:6a:aa:75:32:1f:f1:9a:71:55:
45:53:7e:ee:b5:0e:87:1f:07:18:c6:0f:94:f5:f2:
c6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:12:9E:7F:00:AD:B1:75:C3:70:18:47:AC:9A:5A:3D:DD:D5:A8:A0
X509v3 Authority Key Identifier:
keyid:5D:0A:0D:39:6F:76:93:69:36:5F:2B:98:3C:53:1A:FE:CA:97:10:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XQoNOW92k2k2XyuYPFMa_sqXEKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/yhKefwCtsXXDcBhHrJpaPd3VqKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/223d8f-58ac-4df7-bf1e-442010b579ef/1/XQoNOW92k2k2XyuYPFMa_sqXEKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.239.0/24
Signature Algorithm: sha256WithRSAEncryption
54:97:6c:6a:8a:84:2e:d9:96:20:27:63:fb:28:6e:11:9f:bf:
f3:6c:4d:56:87:07:cd:da:e0:77:38:1f:6c:25:b7:76:a5:d3:
10:27:46:c8:00:13:c3:af:fd:1f:24:5b:aa:00:8c:42:3d:0b:
e0:93:ab:f2:25:a5:9c:37:0c:b5:1a:45:e2:b1:8d:c2:7c:ea:
e4:13:61:c7:fc:8e:2e:23:05:38:74:36:30:04:8c:01:e5:96:
12:68:73:52:ff:ac:dd:78:93:48:7e:4c:8e:97:d9:b4:b7:c6:
52:f7:7e:de:c4:5b:bb:d2:db:81:8f:2a:1d:cc:3d:f2:e9:bf:
2e:14:e8:86:fa:92:c5:03:86:1c:4d:40:2a:48:1c:06:bc:ca:
bd:4f:28:96:94:67:da:5e:80:41:65:0d:4c:a3:81:21:a2:19:
42:00:ed:fc:ce:71:95:e5:84:e8:4f:9d:02:9c:63:54:a1:a3:
fb:0c:04:f4:bb:8b:ee:cf:d7:ae:80:b0:cc:1f:31:98:a4:fc:
ca:f2:1f:90:65:7a:10:b4:81:85:49:a8:e0:56:58:f5:51:b0:
9e:60:a7:ac:3a:4d:5e:58:cc:4d:cb:ea:56:fe:51:ff:ab:c6:
b4:c3:74:26:5b:bb:4f:4b:ff:92:cc:28:ca:b0:95:bf:3d:64:
42:a4:3d:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHrpatQunuG9nWat5fs41MiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMGEwZDM5NmY3NjkzNjkzNjVmMmI5ODNjNTMxYWZlY2E5
NzEwYTcwHhcNMjQwOTEzMTM0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTEyOWU3ZjAwYWRiMTc1YzM3MDE4NDdhYzlhNWEzZGRkZDVhOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYfrk/MDuR6W00FFIloG3FN8ZOTZ
KJb5pBcid2d6GAa+IqevMYHagD3wu7aE5EVfCIUiK80nlg+MSiN3BKeRFq7bhMkC
jLfqApaob9+uuMOS+sOwMzg33GXXZTaTjkxJ7eHPNzLIjUqkR56pwO08ho9eUXx0
d4wtksYugbuFhLju/7XuTacO7KAk8b5iDhW1tLqBTJaTUvucJWm+Em2D7FEmuo5o
0Fbv319Jh9vZslB06TK8rEFUZCBRcMzylcJdN1aCmY3mLmKE71ANvgjmlesM2kYw
WgKDlSps0et6/EihVkGfqkBqqnUyH/GacVVFU37utQ6HHwcYxg+U9fLGCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoSnn8ArbF1w3AYR6yaWj3d1aigMB8GA1UdIwQY
MBaAFF0KDTlvdpNpNl8rmDxTGv7KlxCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFFvTk9XOTJrMmsyWHl1WVBGTWFfc3FYRUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yMjNkOGYtNThhYy00ZGY3LWJmMWUt
NDQyMDEwYjU3OWVmLzEveWhLZWZ3Q3RzWFhEY0JoSHJKcGFQZDNWcUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yMjNkOGYtNThhYy00ZGY3LWJmMWUtNDQyMDEwYjU3OWVm
LzEvWFFvTk9XOTJrMmsyWHl1WVBGTWFfc3FYRUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZTvMA0G
CSqGSIb3DQEBCwUAA4IBAQBUl2xqioQu2ZYgJ2P7KG4Rn7/zbE1WhwfN2uB3OB9s
Jbd2pdMQJ0bIABPDr/0fJFuqAIxCPQvgk6vyJaWcNwy1GkXisY3CfOrkE2HH/I4u
IwU4dDYwBIwB5ZYSaHNS/6zdeJNIfkyOl9m0t8ZS937exFu70tuBjyodzD3y6b8u
FOiG+pLFA4YcTUAqSBwGvMq9TyiWlGfaXoBBZQ1Mo4EhohlCAO38znGV5YToT50C
nGNUoaP7DAT0u4vuz9eugLDMHzGYpPzK8h+QZXoQtIGFSajgVlj1UbCeYKesOk1e
WMxNy+pW/lH/q8a0w3QmW7tPS/+SzCjKsJW/PWRCpD1R
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:15:02 2024 by rpki-client on console-fra.rpki-client.org