Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rJ_WpuylkgilDh2PLjzN9pycDV8.roa
File: rJ_WpuylkgilDh2PLjzN9pycDV8.roa (raw, json)
Hash identifier: IUpW4weBuPlwvYkKERdYj3S6z/51BgSVIq2P033R0Jw=
Subject key identifier: AC:9F:D6:A6:EC:A5:92:08:A5:0E:1D:8F:2E:3C:CD:F6:9C:9C:0D:5F
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B4F278013E836BF47993E9DE7AA1B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rJ_WpuylkgilDh2PLjzN9pycDV8.roa
Signing time: Tue 02 Jan 2024 12:34:45 +0000
ROA not before: Tue 02 Jan 2024 12:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30707
IP address blocks: 45.141.246.0/24 maxlen: 24
5.253.136.0/24 maxlen: 24
2a06:7247::/45 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:4f:27:80:13:e8:36:bf:47:99:3e:9d:e7:aa:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac9fd6a6eca59208a50e1d8f2e3ccdf69c9c0d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c5:e5:7f:9f:f6:03:ff:e0:23:96:15:b2:3d:
6c:92:a0:41:42:06:58:bb:3f:2a:67:1d:b4:f7:de:
d4:dd:f8:23:2b:eb:3a:1b:11:5e:88:64:e3:ff:03:
66:43:b6:0d:76:15:c7:a8:b5:9d:a0:ab:8e:d3:5d:
28:98:bf:9e:93:ef:54:33:21:de:15:d4:45:85:70:
6b:dd:cd:df:65:d1:fc:68:c6:e4:25:bf:3d:e5:7c:
0e:01:e9:26:ce:ee:26:ec:fb:ed:11:14:a8:4b:37:
cc:84:ec:8b:e2:37:0e:ff:8a:8f:aa:59:02:37:37:
1c:c2:6f:37:52:e7:a4:cc:3c:d6:92:18:ea:1e:ec:
ba:b1:4f:da:3a:99:22:c5:c2:93:8d:24:99:d1:03:
4f:df:74:74:e8:64:6c:21:77:18:ce:73:6c:07:c8:
8a:e3:6a:fa:36:df:97:30:92:f2:cd:23:2e:78:2e:
83:25:28:39:7e:05:51:8f:1c:b2:ac:32:10:79:d7:
94:51:45:16:11:8d:43:ff:02:53:e2:f5:3c:18:d0:
12:ef:ff:79:bd:b0:38:97:a4:d0:f8:d4:fa:bd:82:
a3:ab:4e:9a:8e:77:8a:3d:ab:f1:13:a3:ac:79:cf:
b7:56:fe:04:11:4d:c9:86:bb:56:ac:b3:00:5e:cb:
9e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9F:D6:A6:EC:A5:92:08:A5:0E:1D:8F:2E:3C:CD:F6:9C:9C:0D:5F
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/rJ_WpuylkgilDh2PLjzN9pycDV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.136.0/24
45.141.246.0/24
IPv6:
2a06:7247::/45
Signature Algorithm: sha256WithRSAEncryption
60:a5:c7:c3:74:3b:23:dd:0e:e4:3f:b3:30:1a:7d:0d:5d:d6:
39:02:45:67:a6:8c:0b:ea:1a:36:8c:60:a6:98:60:51:37:57:
9a:62:08:4b:35:8a:35:6b:6c:1a:38:81:1f:7a:65:73:78:79:
0c:7a:c3:c5:88:33:92:1a:90:15:ff:cf:e9:42:04:99:ae:38:
e9:75:c7:dc:3a:f8:91:6f:05:ed:8e:7b:0a:3f:54:dc:3e:72:
7c:b7:fc:ce:1e:a8:45:d2:54:a1:c6:5d:1a:b2:0a:7c:c4:1e:
09:2f:be:30:3e:22:4d:6a:cb:5e:e7:97:ae:bd:7e:e7:a2:4a:
22:01:d8:64:a9:90:6a:a3:32:cb:83:b8:33:0f:56:72:bd:da:
6f:ef:5b:43:b0:3b:71:d0:06:65:67:77:06:ae:ca:81:a6:9e:
69:61:1d:56:7a:05:fd:00:bc:45:d4:45:91:47:90:4c:ca:3c:
c9:90:a4:9c:14:dd:94:f1:73:73:85:c8:f1:ac:10:a1:8c:1d:
40:69:d6:ef:61:12:b1:86:b4:45:00:fc:4d:16:d1:11:0b:49:
29:03:92:fb:26:8c:08:30:12:1f:ef:64:42:84:d4:ff:71:e6:
b7:f4:47:e7:30:9d:02:ed:37:64:aa:f4:72:7f:50:30:1e:f3:
12:7c:ed:89
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKK08ngBPoNr9HmT6d56obMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzlmZDZhNmVjYTU5MjA4YTUwZTFkOGYyZTNjY2RmNjljOWMwZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMXlf5/2A//gI5YVsj1skqBBQgZY
uz8qZx20997U3fgjK+s6GxFeiGTj/wNmQ7YNdhXHqLWdoKuO010omL+ek+9UMyHe
FdRFhXBr3c3fZdH8aMbkJb895XwOAekmzu4m7PvtERSoSzfMhOyL4jcO/4qPqlkC
Nzccwm83UuekzDzWkhjqHuy6sU/aOpkixcKTjSSZ0QNP33R06GRsIXcYznNsB8iK
42r6Nt+XMJLyzSMueC6DJSg5fgVRjxyyrDIQedeUUUUWEY1D/wJT4vU8GNAS7/95
vbA4l6TQ+NT6vYKjq06ajneKPavxE6Osec+3Vv4EEU3JhrtWrLMAXsuejQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKyf1qbspZIIpQ4djy48zfacnA1fMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvckpfV3B1eWxrZ2lsRGgyUExqek45cHljRFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABf2IAwQA
LY32MA8EAgACMAkDBwMqBnJHAAAwDQYJKoZIhvcNAQELBQADggEBAGClx8N0OyPd
DuQ/szAafQ1d1jkCRWemjAvqGjaMYKaYYFE3V5piCEs1ijVrbBo4gR96ZXN4eQx6
w8WIM5IakBX/z+lCBJmuOOl1x9w6+JFvBe2Oewo/VNw+cny3/M4eqEXSVKHGXRqy
CnzEHgkvvjA+Ik1qy17nl669fueiSiIB2GSpkGqjMsuDuDMPVnK92m/vW0OwO3HQ
BmVndwauyoGmnmlhHVZ6Bf0AvEXURZFHkEzKPMmQpJwU3ZTxc3OFyPGsEKGMHUBp
1u9hErGGtEUA/E0W0RELSSkDkvsmjAgwEh/vZEKE1P9x5rf0R+cwnQLtN2Sq9HJ/
UDAe8xJ87Yk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:43:13 2024 by rpki-client on console-ams.rpki-client.org