Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/yaHK7cFGRYCF6tJnYbVs9rWzMUQ.roa
File: yaHK7cFGRYCF6tJnYbVs9rWzMUQ.roa (raw, json)
Hash identifier: wSSQft45x2pN7/UGqoj3MMYGRqgoZZO7eY4lFP3Fz98=
Subject key identifier: C9:A1:CA:ED:C1:46:45:80:85:EA:D2:67:61:B5:6C:F6:B5:B3:31:44
Certificate issuer: /CN=bf56ba98c6745a63026d78fc284722399d2eb849
Certificate serial: 019257BE6693C21F646D7E26AA91A2AD4DFB
Authority key identifier: BF:56:BA:98:C6:74:5A:63:02:6D:78:FC:28:47:22:39:9D:2E:B8:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/yaHK7cFGRYCF6tJnYbVs9rWzMUQ.roa
Signing time: Fri 04 Oct 2024 13:35:48 +0000
ROA not before: Fri 04 Oct 2024 13:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50959
IP address blocks: 45.15.43.0/24 maxlen: 24
91.216.134.0/24 maxlen: 24
2a07:4900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:57:be:66:93:c2:1f:64:6d:7e:26:aa:91:a2:ad:4d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf56ba98c6745a63026d78fc284722399d2eb849
Validity
Not Before: Oct 4 13:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9a1caedc146458085ead26761b56cf6b5b33144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a6:fd:b8:27:6c:8d:7b:78:b8:ae:af:1d:0d:
83:c5:05:0d:55:97:8d:8c:7a:77:09:a7:07:89:62:
35:10:d5:5c:db:d9:94:57:c9:5f:c4:79:d7:e5:ec:
92:28:2b:8a:0e:e7:55:82:26:df:b2:dd:23:79:9e:
ce:07:97:13:21:53:f0:23:49:a3:0d:ef:d7:ec:60:
6e:2a:d5:bd:bd:14:68:43:f4:04:15:e3:96:d0:07:
83:66:7d:8e:34:20:9d:55:c0:3b:f3:8e:f6:b4:71:
35:23:7a:bd:f6:25:be:42:56:10:01:e3:61:92:ba:
13:6a:87:8c:fc:66:5c:a6:6a:b0:52:30:19:af:2d:
89:be:01:80:a6:6f:2f:53:68:a8:ab:7a:82:00:92:
0b:29:e7:60:ed:2a:e5:4a:41:67:e0:19:1f:dc:26:
12:8d:ea:a6:65:35:c9:02:e0:c2:cb:4a:75:0b:36:
e4:a3:9f:20:30:8f:9c:bc:01:ad:06:da:36:23:e5:
72:99:fc:ee:9a:58:42:4c:a4:c4:28:f7:74:3d:a4:
7d:2b:dc:57:d8:3c:11:0b:38:2e:55:82:8d:8b:1e:
52:4b:94:b2:33:5e:2b:be:31:40:c3:87:39:b0:ec:
fc:84:f4:e8:29:ec:8f:8d:ec:7e:0c:47:20:57:55:
f7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A1:CA:ED:C1:46:45:80:85:EA:D2:67:61:B5:6C:F6:B5:B3:31:44
X509v3 Authority Key Identifier:
keyid:BF:56:BA:98:C6:74:5A:63:02:6D:78:FC:28:47:22:39:9D:2E:B8:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/yaHK7cFGRYCF6tJnYbVs9rWzMUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.43.0/24
91.216.134.0/24
IPv6:
2a07:4900::/29
Signature Algorithm: sha256WithRSAEncryption
4c:8b:ff:19:21:98:00:92:e0:f0:1c:c6:eb:41:6c:d3:95:b2:
ab:44:bb:fb:37:98:d2:0e:2c:de:3a:1e:55:a1:e3:17:52:b8:
11:b9:38:7f:41:90:4e:71:b4:c8:2a:c1:ee:68:78:79:4e:d6:
76:53:f8:ee:dc:64:52:d1:a0:a9:89:a2:91:05:e4:8c:df:03:
7b:3e:e9:44:3d:46:37:65:70:8b:9e:fd:3f:70:5e:14:4e:80:
a1:52:20:48:ce:a2:ba:66:9e:4e:8a:e3:1f:52:a6:1f:b6:5a:
cf:41:0c:82:4c:61:35:6a:b7:df:1d:04:eb:2d:51:58:84:a6:
f6:7c:c4:88:97:f1:4c:9b:61:fc:0d:0d:27:6e:9a:78:44:ec:
ab:1c:d5:fa:58:e3:fa:17:79:3b:a4:ac:6c:28:43:46:95:09:
03:99:df:ac:fb:14:08:5e:7c:78:39:c5:91:65:50:b1:87:64:
86:d2:f1:63:22:cc:37:14:ad:ea:7e:a7:f2:ca:26:10:b1:52:
c0:ee:39:19:5f:33:a3:ea:48:e3:b4:4d:52:7f:7a:72:ef:13:
07:d3:8a:bc:bf:3f:58:4b:49:ad:53:c1:77:0c:8d:3a:35:a7:
88:24:f4:73:51:3b:84:e6:70:b9:e6:2b:84:30:91:0b:09:5d:
8d:9a:57:e1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZJXvmaTwh9kbX4mqpGirU37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTZiYTk4YzY3NDVhNjMwMjZkNzhmYzI4NDcyMjM5OWQy
ZWI4NDkwHhcNMjQxMDA0MTMzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWExY2FlZGMxNDY0NTgwODVlYWQyNjc2MWI1NmNmNmI1YjMzMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqb9uCdsjXt4uK6vHQ2DxQUNVZeN
jHp3CacHiWI1ENVc29mUV8lfxHnX5eySKCuKDudVgibfst0jeZ7OB5cTIVPwI0mj
De/X7GBuKtW9vRRoQ/QEFeOW0AeDZn2ONCCdVcA78472tHE1I3q99iW+QlYQAeNh
kroTaoeM/GZcpmqwUjAZry2JvgGApm8vU2ioq3qCAJILKedg7SrlSkFn4Bkf3CYS
jeqmZTXJAuDCy0p1Czbko58gMI+cvAGtBto2I+VymfzumlhCTKTEKPd0PaR9K9xX
2DwRCzguVYKNix5SS5SyM14rvjFAw4c5sOz8hPToKeyPjex+DEcgV1X3ZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMmhyu3BRkWAherSZ2G1bPa1szFEMB8GA1UdIwQY
MBaAFL9WupjGdFpjAm14/ChHIjmdLrhJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFhNm1NWjBXbU1DYlhqOEtFY2lPWjB1dUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zMzQzZDItNTI1My00MjQzLWEwMWYt
NTg3ZmM4NGFjZWZlLzEveWFISzdjRkdSWUNGNnRKblliVnM5cld6TVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zMzQzZDItNTI1My00MjQzLWEwMWYtNTg3ZmM4NGFjZWZl
LzEvdjFhNm1NWjBXbU1DYlhqOEtFY2lPWjB1dUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQ8rAwQA
W9iGMA0EAgACMAcDBQMqB0kAMA0GCSqGSIb3DQEBCwUAA4IBAQBMi/8ZIZgAkuDw
HMbrQWzTlbKrRLv7N5jSDizeOh5VoeMXUrgRuTh/QZBOcbTIKsHuaHh5TtZ2U/ju
3GRS0aCpiaKRBeSM3wN7PulEPUY3ZXCLnv0/cF4UToChUiBIzqK6Zp5OiuMfUqYf
tlrPQQyCTGE1arffHQTrLVFYhKb2fMSIl/FMm2H8DQ0nbpp4ROyrHNX6WOP6F3k7
pKxsKENGlQkDmd+s+xQIXnx4OcWRZVCxh2SG0vFjIsw3FK3qfqfyyiYQsVLA7jkZ
XzOj6kjjtE1Sf3py7xMH04q8vz9YS0mtU8F3DI06NaeIJPRzUTuE5nC55iuEMJEL
CV2Nmlfh
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:43:51 2024 by rpki-client on console-fra.rpki-client.org