Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/m8I-h5S2NRZxnnAM7Xjxbt_FKXQ.roa
File: m8I-h5S2NRZxnnAM7Xjxbt_FKXQ.roa (raw, json)
Hash identifier: JDFuqhfIXvt17+QCu8N9eU5h43hY/B4m/Y/oYIdeHrI=
Subject key identifier: 9B:C2:3E:87:94:B6:35:16:71:9E:70:0C:ED:78:F1:6E:DF:C5:29:74
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B5C633D351D3A90475C7275335103
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/m8I-h5S2NRZxnnAM7Xjxbt_FKXQ.roa
Signing time: Tue 02 Jan 2024 12:34:48 +0000
ROA not before: Tue 02 Jan 2024 12:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132335
IP address blocks: 45.132.15.0/24 maxlen: 24
92.119.149.0/24 maxlen: 32
2a06:7a02::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:5c:63:3d:35:1d:3a:90:47:5c:72:75:33:51:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bc23e8794b63516719e700ced78f16edfc52974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:15:5c:fc:d5:2a:94:c6:a3:53:d1:55:f3:c5:
3b:7a:94:36:9d:a0:df:71:dd:52:ba:c8:2c:c9:d7:
64:58:1f:ea:ff:69:cf:2b:cf:5c:22:f7:38:99:96:
a2:1c:af:ae:7e:ca:d6:cb:46:fd:8b:78:ff:98:4c:
82:28:eb:01:e9:0a:00:e3:ad:32:19:de:0f:d6:0b:
49:79:ea:5b:54:1f:a1:84:7f:f1:4d:cb:8a:3d:1e:
0d:1c:fb:69:ff:d2:ba:fc:ca:4c:1a:69:d5:9a:45:
6f:a6:2f:b7:45:66:8e:a9:3f:24:41:0b:89:05:20:
cd:e4:5a:dc:a6:76:ad:df:d8:3e:3c:25:d8:cc:dd:
cb:33:b4:a3:6f:4f:a9:99:2f:d5:6a:4e:8c:d2:13:
ad:1b:fc:4e:c7:07:37:1e:e1:ed:c6:40:b1:aa:f9:
9d:41:f8:41:39:ae:1b:40:e7:ad:ee:26:0e:93:f6:
2e:79:8b:19:e1:29:92:07:c8:3c:7c:22:10:c3:91:
66:8d:4c:b9:44:a4:e5:40:da:23:6b:9b:30:67:71:
bd:ca:a5:e7:f9:71:82:85:7b:80:48:35:51:0a:48:
4e:e4:da:cc:d3:2c:2c:81:81:fb:bb:c2:fa:db:49:
bf:f4:3b:c4:14:8e:97:03:44:c2:a2:5a:c7:be:fa:
5a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C2:3E:87:94:B6:35:16:71:9E:70:0C:ED:78:F1:6E:DF:C5:29:74
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/m8I-h5S2NRZxnnAM7Xjxbt_FKXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.15.0/24
92.119.149.0/24
IPv6:
2a06:7a02::/48
Signature Algorithm: sha256WithRSAEncryption
4f:f4:cd:f9:6b:6b:50:e5:36:67:2d:f0:e5:a9:d6:99:33:1c:
ca:c1:34:fb:c2:f6:1b:df:af:31:27:65:37:a4:c2:6e:1c:e1:
7a:98:f2:a3:7f:98:61:f9:5d:db:17:7e:02:12:bd:4d:d1:98:
90:3f:5e:df:e3:13:cd:bd:a0:cd:a9:56:4e:81:a2:4c:01:94:
2a:1e:1e:a1:67:43:60:46:38:af:bc:7c:ea:31:61:0c:0d:98:
52:8a:04:34:a0:ba:2a:5d:61:b2:c6:6c:a9:bc:3e:7a:af:26:
9d:3a:85:7c:42:3d:28:c2:3a:b4:6b:3d:1e:96:02:29:4d:f0:
e0:89:3f:18:5a:8e:80:a5:42:6a:79:2b:ce:ab:c4:9d:6d:45:
c9:7a:f9:7d:7d:ff:77:49:f6:be:1d:32:c6:51:51:7e:50:7d:
14:78:66:cc:47:d3:87:25:09:5f:71:dd:ff:e8:bf:ab:17:36:
75:0c:fd:67:00:17:94:db:d2:53:ab:f4:00:6a:fc:34:51:1a:
5a:0e:ef:9d:43:39:d6:67:8b:88:63:e3:a1:98:00:b8:cb:13:
83:99:34:c9:4e:ed:91:b3:07:2b:85:19:1b:84:7b:2b:d4:e6:
b4:f6:b7:f2:c8:60:a0:17:9e:3e:d1:af:49:69:25:07:0f:64:
7c:b3:66:64
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKK1xjPTUdOpBHXHJ1M1EDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmMyM2U4Nzk0YjYzNTE2NzE5ZTcwMGNlZDc4ZjE2ZWRmYzUyOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hVc/NUqlMajU9FV88U7epQ2naDf
cd1SusgsyddkWB/q/2nPK89cIvc4mZaiHK+ufsrWy0b9i3j/mEyCKOsB6QoA460y
Gd4P1gtJeepbVB+hhH/xTcuKPR4NHPtp/9K6/MpMGmnVmkVvpi+3RWaOqT8kQQuJ
BSDN5Frcpnat39g+PCXYzN3LM7Sjb0+pmS/Vak6M0hOtG/xOxwc3HuHtxkCxqvmd
QfhBOa4bQOet7iYOk/YueYsZ4SmSB8g8fCIQw5FmjUy5RKTlQNoja5swZ3G9yqXn
+XGChXuASDVRCkhO5NrM0ywsgYH7u8L620m/9DvEFI6XA0TColrHvvpaVwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJvCPoeUtjUWcZ5wDO148W7fxSl0MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvbThJLWg1UzJOUlp4bm5BTTdYanhidF9GS1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALYQPAwQA
XHeVMA8EAgACMAkDBwAqBnoCAAAwDQYJKoZIhvcNAQELBQADggEBAE/0zflra1Dl
Nmct8OWp1pkzHMrBNPvC9hvfrzEnZTekwm4c4XqY8qN/mGH5XdsXfgISvU3RmJA/
Xt/jE829oM2pVk6BokwBlCoeHqFnQ2BGOK+8fOoxYQwNmFKKBDSguipdYbLGbKm8
PnqvJp06hXxCPSjCOrRrPR6WAilN8OCJPxhajoClQmp5K86rxJ1tRcl6+X19/3dJ
9r4dMsZRUX5QfRR4ZsxH04clCV9x3f/ov6sXNnUM/WcAF5Tb0lOr9ABq/DRRGloO
751DOdZni4hj46GYALjLE4OZNMlO7ZGzByuFGRuEeyvU5rT2t/LIYKAXnj7Rr0lp
JQcPZHyzZmQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:43:13 2024 by rpki-client on console-ams.rpki-client.org