Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/9l7-fZYz97wf4Q-0cQHSh3BqrlQ.roa
File: 9l7-fZYz97wf4Q-0cQHSh3BqrlQ.roa (raw, json)
Hash identifier: qkZyRkt12ynyHjwKsR/UbbXIwnO8srjJaFCMtgR2cko=
Subject key identifier: F6:5E:FE:7D:96:33:F7:BC:1F:E1:0F:B4:71:01:D2:87:70:6A:AE:54
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 018FD7461EC6C62429785FFA0364AA53FA96
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/9l7-fZYz97wf4Q-0cQHSh3BqrlQ.roa
Signing time: Sun 02 Jun 2024 04:47:27 +0000
ROA not before: Sun 02 Jun 2024 04:47:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204646
IP address blocks: 45.82.222.0/24 maxlen: 24
2a0d:2080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d7:46:1e:c6:c6:24:29:78:5f:fa:03:64:aa:53:fa:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jun 2 04:47:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f65efe7d9633f7bc1fe10fb47101d287706aae54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4d:e7:13:8f:a8:26:a4:2a:e6:9d:42:c8:34:
e1:c9:25:b3:87:a8:cc:ea:b9:0c:5c:20:b8:8b:6f:
41:d8:3f:f5:47:0a:a6:af:d5:78:17:92:6f:e9:31:
c2:f4:2a:fe:37:b7:d1:e6:f8:03:8f:bb:f6:b2:04:
74:bb:55:99:4e:05:0a:f1:3c:93:e3:7c:a6:ef:be:
1f:1f:64:16:34:36:d2:6e:01:6a:cf:b2:9f:b1:92:
73:37:1d:da:00:cc:49:f9:17:ce:25:bf:a6:d1:04:
84:d4:c3:10:e8:50:09:a4:e6:ef:3e:06:70:95:7f:
cf:38:fd:d2:28:c2:a5:c6:4c:c1:36:54:6d:4d:53:
1e:6f:16:2e:f2:97:c5:d7:8a:61:5e:aa:13:0c:6a:
ec:3b:7a:f7:8a:67:f7:c0:76:1a:7d:78:60:07:e0:
80:73:06:9d:25:5b:5f:a7:ee:ea:3a:e3:bf:ea:d4:
78:aa:bd:5c:7f:18:bf:8c:ed:71:4d:53:ff:5b:3b:
65:66:b8:7c:4d:7a:9a:19:3c:2e:6d:ff:f9:f2:1b:
79:79:8b:6f:e6:3a:f8:dd:c5:32:4d:91:d9:3c:55:
1a:fa:f4:eb:e7:6c:51:d3:2b:69:0f:1a:7e:82:b9:
ab:e4:21:72:9c:61:fc:60:23:41:50:6b:1f:3d:2b:
12:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5E:FE:7D:96:33:F7:BC:1F:E1:0F:B4:71:01:D2:87:70:6A:AE:54
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/9l7-fZYz97wf4Q-0cQHSh3BqrlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.222.0/24
IPv6:
2a0d:2080::/29
Signature Algorithm: sha256WithRSAEncryption
7d:c3:ef:2f:2b:2d:86:0a:ae:3a:ee:e2:8d:49:1e:77:bd:c2:
4b:99:d4:42:43:18:92:17:be:55:95:85:76:12:e9:f5:3b:04:
b9:06:59:6d:3f:af:4c:20:5d:12:1b:64:0e:92:36:39:10:2f:
f0:2b:37:3e:44:ba:f4:b9:63:27:7d:cc:7b:57:c0:ca:f5:a2:
57:dd:86:a2:94:64:d7:0b:85:0a:5a:b9:36:b4:3c:3e:c3:cb:
39:77:1f:b5:6f:78:60:0e:52:9f:85:76:01:a7:d1:76:10:93:
2d:09:0c:f5:7d:50:d7:bc:39:36:0b:da:ff:e9:d9:ff:6f:27:
71:23:0a:71:b7:18:06:14:47:12:4b:ed:1a:f5:65:c5:67:7a:
5c:5e:dc:67:76:81:05:54:c4:be:c4:9b:55:37:01:b6:74:4c:
2a:0f:70:9f:4f:13:15:70:a6:d9:58:e3:f8:35:c8:af:a2:dc:
8d:d3:af:9b:98:fd:25:a8:e7:cc:a9:89:37:1c:64:64:b5:07:
6b:7d:97:b4:88:d8:48:ee:8e:79:bc:66:55:fa:a6:ca:50:49:
79:c7:c8:85:68:ad:fa:ef:3b:cc:f6:e6:c6:7d:db:23:40:e0:
ca:af:8a:29:81:51:68:dd:dd:cd:7f:43:ff:45:48:89:ee:32:
72:93:6d:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/XRh7GxiQpeF/6A2SqU/qWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjQwNjAyMDQ0NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjVlZmU3ZDk2MzNmN2JjMWZlMTBmYjQ3MTAxZDI4NzcwNmFhZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E3nE4+oJqQq5p1CyDThySWzh6jM
6rkMXCC4i29B2D/1Rwqmr9V4F5Jv6THC9Cr+N7fR5vgDj7v2sgR0u1WZTgUK8TyT
43ym774fH2QWNDbSbgFqz7KfsZJzNx3aAMxJ+RfOJb+m0QSE1MMQ6FAJpObvPgZw
lX/POP3SKMKlxkzBNlRtTVMebxYu8pfF14phXqoTDGrsO3r3imf3wHYafXhgB+CA
cwadJVtfp+7qOuO/6tR4qr1cfxi/jO1xTVP/WztlZrh8TXqaGTwubf/58ht5eYtv
5jr43cUyTZHZPFUa+vTr52xR0ytpDxp+grmr5CFynGH8YCNBUGsfPSsSOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPZe/n2WM/e8H+EPtHEB0odwaq5UMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvOWw3LWZaWXo5N3dmNFEtMGNRSFNoM0JxcmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVLeMA0E
AgACMAcDBQMqDSCAMA0GCSqGSIb3DQEBCwUAA4IBAQB9w+8vKy2GCq467uKNSR53
vcJLmdRCQxiSF75VlYV2Eun1OwS5BlltP69MIF0SG2QOkjY5EC/wKzc+RLr0uWMn
fcx7V8DK9aJX3YailGTXC4UKWrk2tDw+w8s5dx+1b3hgDlKfhXYBp9F2EJMtCQz1
fVDXvDk2C9r/6dn/bydxIwpxtxgGFEcSS+0a9WXFZ3pcXtxndoEFVMS+xJtVNwG2
dEwqD3CfTxMVcKbZWOP4NcivotyN06+bmP0lqOfMqYk3HGRktQdrfZe0iNhI7o55
vGZV+qbKUEl5x8iFaK367zvM9ubGfdsjQODKr4opgVFo3d3Nf0P/RUiJ7jJyk20s
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:43:14 2024 by rpki-client on console-ams.rpki-client.org