Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/5cb544-504f-48bf-b105-22028a786f60/1/tAgFVLKq14RliA3yqAak1zt_wm8.roa
File: tAgFVLKq14RliA3yqAak1zt_wm8.roa (raw, json)
Hash identifier: B2OZKeAk7G52S3ywNHjYWSL7Me+KwW1XFvcfpZW2ErY=
Subject key identifier: B4:08:05:54:B2:AA:D7:84:65:88:0D:F2:A8:06:A4:D7:3B:7F:C2:6F
Certificate issuer: /CN=12c45bd38d4bdc68e3d79de0244df06d2ecb6609
Certificate serial: 018CC86F001A74E7EFA52A126E1906A7F11B
Authority key identifier: 12:C4:5B:D3:8D:4B:DC:68:E3:D7:9D:E0:24:4D:F0:6D:2E:CB:66:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsRb041L3Gjj153gJE3wbS7LZgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/5cb544-504f-48bf-b105-22028a786f60/1/tAgFVLKq14RliA3yqAak1zt_wm8.roa
Signing time: Tue 02 Jan 2024 04:29:26 +0000
ROA not before: Tue 02 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39591
IP address blocks: 45.84.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/5cb544-504f-48bf-b105-22028a786f60/1/EsRb041L3Gjj153gJE3wbS7LZgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/5cb544-504f-48bf-b105-22028a786f60/1/EsRb041L3Gjj153gJE3wbS7LZgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsRb041L3Gjj153gJE3wbS7LZgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:00:1a:74:e7:ef:a5:2a:12:6e:19:06:a7:f1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c45bd38d4bdc68e3d79de0244df06d2ecb6609
Validity
Not Before: Jan 2 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4080554b2aad78465880df2a806a4d73b7fc26f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6a:46:20:e9:a2:cc:10:35:be:1a:11:3f:f2:
2a:41:28:75:d0:97:c9:9d:5b:6f:20:e8:5f:17:3f:
45:17:95:37:3f:b2:59:35:4d:03:b5:5c:0b:43:de:
45:30:2b:fa:09:83:0d:8f:f7:21:3f:76:3d:23:fc:
f8:4f:75:56:46:7c:73:fc:65:d4:05:66:a3:1f:3e:
41:e2:24:6f:b1:49:2b:ae:fb:28:9b:c8:10:58:3c:
55:3c:8e:89:75:cc:34:2f:f3:66:5b:d3:ef:20:58:
48:e4:e5:a0:b2:c2:a6:a4:ec:e0:6f:b4:70:fb:dc:
cf:4c:c0:9c:0e:42:7a:db:1c:c0:ab:ba:bb:f2:ff:
8b:06:b2:89:e4:97:3c:e0:90:bc:d1:8e:73:c2:46:
f8:37:ed:93:44:3e:a9:10:9a:b1:c6:cf:a4:ae:ba:
28:e7:36:8d:50:3d:4c:e5:5a:1f:99:87:33:46:10:
94:2b:83:32:c9:fb:e4:fd:67:80:9e:32:cc:72:d5:
41:66:36:bb:ad:23:2c:5e:97:f1:06:10:d7:48:d5:
97:de:0c:b9:22:9f:cb:2c:a5:be:26:1d:57:fc:0f:
c5:4e:39:b3:86:87:d6:38:b6:47:f8:39:e7:38:f5:
06:b2:b4:d4:c4:ab:11:03:2c:2b:cd:fa:99:25:96:
94:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:08:05:54:B2:AA:D7:84:65:88:0D:F2:A8:06:A4:D7:3B:7F:C2:6F
X509v3 Authority Key Identifier:
keyid:12:C4:5B:D3:8D:4B:DC:68:E3:D7:9D:E0:24:4D:F0:6D:2E:CB:66:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsRb041L3Gjj153gJE3wbS7LZgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/5cb544-504f-48bf-b105-22028a786f60/1/tAgFVLKq14RliA3yqAak1zt_wm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/5cb544-504f-48bf-b105-22028a786f60/1/EsRb041L3Gjj153gJE3wbS7LZgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.4.0/22
Signature Algorithm: sha256WithRSAEncryption
57:06:cc:d5:b7:5a:1b:ea:d4:ad:d7:ac:ab:93:51:36:58:da:
b7:3c:2b:ff:64:27:11:e5:e6:8e:7d:b1:d7:27:2a:db:a0:29:
71:ef:c2:15:17:8b:3f:02:e5:bb:f5:df:f3:15:0e:bf:1d:84:
55:77:ce:64:af:7b:53:14:dd:18:0f:86:86:82:02:dd:be:69:
84:ac:09:41:0c:1d:c5:41:ed:54:b2:1c:8b:45:48:65:76:97:
8f:22:72:4a:06:92:42:5b:d8:c5:b5:54:b4:bf:5c:57:17:c0:
2a:87:44:87:b0:f3:16:b7:49:88:1e:b5:1b:53:1c:31:02:a3:
93:cf:60:a3:ef:e8:10:90:03:ac:ef:ad:ea:54:72:63:96:7f:
e4:0f:5d:99:e0:23:19:25:90:21:36:00:50:00:12:b2:9d:65:
d0:56:1b:51:dd:1f:e2:c2:c5:8a:e1:35:a0:7d:ed:d5:d6:f9:
76:5f:19:0a:0c:2d:9e:92:24:56:16:92:ed:e7:d2:12:b3:9f:
3a:fb:2a:46:e1:00:d8:90:48:bf:c8:b0:90:80:28:fc:d5:38:
0f:7b:79:a3:21:11:ef:0a:1f:b2:0d:98:d9:fc:c8:fd:69:fc:
83:6b:06:1c:0f:24:42:4a:33:65:8e:93:f1:27:34:03:55:a1:
2d:da:d5:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbwAadOfvpSoSbhkGp/EbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYzQ1YmQzOGQ0YmRjNjhlM2Q3OWRlMDI0NGRmMDZkMmVj
YjY2MDkwHhcNMjQwMTAyMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDA4MDU1NGIyYWFkNzg0NjU4ODBkZjJhODA2YTRkNzNiN2ZjMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWpGIOmizBA1vhoRP/IqQSh10JfJ
nVtvIOhfFz9FF5U3P7JZNU0DtVwLQ95FMCv6CYMNj/chP3Y9I/z4T3VWRnxz/GXU
BWajHz5B4iRvsUkrrvsom8gQWDxVPI6Jdcw0L/NmW9PvIFhI5OWgssKmpOzgb7Rw
+9zPTMCcDkJ62xzAq7q78v+LBrKJ5Jc84JC80Y5zwkb4N+2TRD6pEJqxxs+krroo
5zaNUD1M5VofmYczRhCUK4Myyfvk/WeAnjLMctVBZja7rSMsXpfxBhDXSNWX3gy5
Ip/LLKW+Jh1X/A/FTjmzhofWOLZH+DnnOPUGsrTUxKsRAywrzfqZJZaUgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQIBVSyqteEZYgN8qgGpNc7f8JvMB8GA1UdIwQY
MBaAFBLEW9ONS9xo49ed4CRN8G0uy2YJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXNSYjA0MUwzR2pqMTUzZ0pFM3diUzdMWmdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS81Y2I1NDQtNTA0Zi00OGJmLWIxMDUt
MjIwMjhhNzg2ZjYwLzEvdEFnRlZMS3ExNFJsaUEzeXFBYWsxenRfd204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS81Y2I1NDQtNTA0Zi00OGJmLWIxMDUtMjIwMjhhNzg2ZjYw
LzEvRXNSYjA0MUwzR2pqMTUzZ0pFM3diUzdMWmdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVQEMA0G
CSqGSIb3DQEBCwUAA4IBAQBXBszVt1ob6tSt16yrk1E2WNq3PCv/ZCcR5eaOfbHX
JyrboClx78IVF4s/AuW79d/zFQ6/HYRVd85kr3tTFN0YD4aGggLdvmmErAlBDB3F
Qe1UshyLRUhldpePInJKBpJCW9jFtVS0v1xXF8Aqh0SHsPMWt0mIHrUbUxwxAqOT
z2Cj7+gQkAOs763qVHJjln/kD12Z4CMZJZAhNgBQABKynWXQVhtR3R/iwsWK4TWg
fe3V1vl2XxkKDC2ekiRWFpLt59ISs586+ypG4QDYkEi/yLCQgCj81TgPe3mjIRHv
Ch+yDZjZ/Mj9afyDawYcDyRCSjNljpPxJzQDVaEt2tWu
-----END CERTIFICATE-----
Generated at Sun May 19 21:58:19 2024 by rpki-client on console-ams.rpki-client.org