Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/DFbOA_6O1BHSZo9XVfv8K6SHiqw.roa
File: DFbOA_6O1BHSZo9XVfv8K6SHiqw.roa (raw, json)
Hash identifier: 4VWVTvG4HmSQBw2Or3C3UtMfR2pGN2R4O7p12GSbA/s=
Subject key identifier: 0C:56:CE:03:FE:8E:D4:11:D2:66:8F:57:55:FB:FC:2B:A4:87:8A:AC
Certificate issuer: /CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Certificate serial: 018E76197B5BC32DF0299C7C3F609132422E
Authority key identifier: ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/DFbOA_6O1BHSZo9XVfv8K6SHiqw.roa
Signing time: Mon 25 Mar 2024 14:52:45 +0000
ROA not before: Mon 25 Mar 2024 14:52:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.89.128.0/22 maxlen: 22
2a0b:a200::/48 maxlen: 48
2a0b:a200:1::/48 maxlen: 48
2a0b:a200:2::/48 maxlen: 48
2a0b:a200:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:19:7b:5b:c3:2d:f0:29:9c:7c:3f:60:91:32:42:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Validity
Not Before: Mar 25 14:52:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c56ce03fe8ed411d2668f5755fbfc2ba4878aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b1:bf:ad:b6:ac:af:99:24:f2:ca:d0:99:8a:
7b:a9:f8:8b:80:03:34:18:ed:42:b2:f0:23:84:6d:
8b:b4:2f:0a:20:08:e1:45:88:03:f1:97:e8:47:53:
c4:fe:e7:1c:9a:a7:7b:ea:e4:ed:4c:50:35:06:3f:
1a:ac:bc:60:2e:42:ff:fc:c6:78:20:1b:37:b7:71:
1e:9f:3f:1a:07:49:21:3b:1b:93:2b:ce:03:65:cd:
5f:8e:98:e2:9f:b2:f1:26:cb:ed:e9:ad:24:e4:31:
fd:bd:77:fc:19:01:be:3d:54:91:25:84:1f:f4:5e:
90:22:b3:19:7e:97:14:da:c2:1d:9b:9c:e1:b3:41:
8d:bf:a5:30:56:82:66:1d:15:6b:82:c2:2e:85:f6:
ed:21:dd:8f:e0:df:25:c7:e5:76:b2:9d:61:26:2a:
fb:d9:d2:f0:d7:c3:d5:a7:15:84:1c:3c:b2:1e:94:
b4:8c:3b:98:c4:0b:d7:7c:4e:a0:f4:a6:77:f1:fd:
e0:b1:63:6c:14:ac:9e:cf:3b:5b:af:38:48:b6:7f:
71:1c:df:ba:db:62:be:0b:12:8a:23:3b:f5:8d:3d:
9d:c5:f5:ee:56:35:9b:11:29:7a:c7:d8:56:97:a8:
a6:a3:8a:6a:91:26:99:ac:55:9f:13:12:35:c6:a8:
20:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:56:CE:03:FE:8E:D4:11:D2:66:8F:57:55:FB:FC:2B:A4:87:8A:AC
X509v3 Authority Key Identifier:
keyid:ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/DFbOA_6O1BHSZo9XVfv8K6SHiqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.128.0/22
IPv6:
2a0b:a200::/46
Signature Algorithm: sha256WithRSAEncryption
06:fd:11:26:58:de:32:d9:2c:e2:4e:c2:b4:03:75:91:26:3c:
dd:d3:42:12:76:76:71:87:40:97:a9:59:80:19:5b:8e:c7:05:
92:dc:ab:45:a9:0c:af:86:14:1c:42:64:eb:af:f7:23:1d:6b:
89:19:75:2e:91:dc:20:25:b7:82:3c:9e:db:40:a4:6e:7c:84:
e0:30:0c:85:90:a1:65:9e:ef:2e:f7:81:32:24:c1:09:f2:0e:
dd:51:db:a4:a2:d0:dd:b2:6c:f2:e2:ea:f3:e3:5d:2d:2f:2d:
af:62:2e:83:3e:62:7c:5d:d7:16:dc:1d:c9:71:4e:a4:cc:cb:
bc:45:89:97:f3:8c:2c:2a:62:30:0f:93:01:24:9d:0b:c3:0d:
6a:7a:ba:69:5f:dd:ab:53:ce:a1:e1:a1:ba:17:f8:71:b6:23:
8f:ff:03:20:e4:f0:3a:d1:2f:e2:ec:04:6b:7d:3f:5c:a0:a3:
5a:b2:e6:31:93:1f:3d:aa:26:a1:5a:0d:ba:54:fd:95:32:3d:
86:40:16:4d:27:84:87:6b:93:cf:0a:9b:3a:e2:be:26:f7:1a:
cb:c9:94:c7:a0:39:ae:88:96:e8:a2:fb:ba:28:90:2f:0b:34:
2b:7b:4f:0a:bb:7e:36:f4:d4:7a:0e:43:59:92:96:cb:74:ac:
49:bb:f0:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY52GXtbwy3wKZx8P2CRMkIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjI0YzU5MDAyN2E1YThjOWVlYjM2OTcyNmU0YTYzMGNk
ZjQxNGMwHhcNMjQwMzI1MTQ1MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzU2Y2UwM2ZlOGVkNDExZDI2NjhmNTc1NWZiZmMyYmE0ODc4YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrG/rbasr5kk8srQmYp7qfiLgAM0
GO1CsvAjhG2LtC8KIAjhRYgD8ZfoR1PE/uccmqd76uTtTFA1Bj8arLxgLkL//MZ4
IBs3t3Eenz8aB0khOxuTK84DZc1fjpjin7LxJsvt6a0k5DH9vXf8GQG+PVSRJYQf
9F6QIrMZfpcU2sIdm5zhs0GNv6UwVoJmHRVrgsIuhfbtId2P4N8lx+V2sp1hJir7
2dLw18PVpxWEHDyyHpS0jDuYxAvXfE6g9KZ38f3gsWNsFKyezztbrzhItn9xHN+6
22K+CxKKIzv1jT2dxfXuVjWbESl6x9hWl6imo4pqkSaZrFWfExI1xqggEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAxWzgP+jtQR0maPV1X7/Cukh4qsMB8GA1UdIwQY
MBaAFO1iTFkAJ6Woye6zaXJuSmMM30FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5Nzgt
YTdiZTVmYTBmZjY1LzEvREZiT0FfNk8xQkhTWm85WFZmdjhLNlNIaXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5NzgtYTdiZTVmYTBmZjY1
LzEvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLVmAMA8E
AgACMAkDBwIqC6IAAAAwDQYJKoZIhvcNAQELBQADggEBAAb9ESZY3jLZLOJOwrQD
dZEmPN3TQhJ2dnGHQJepWYAZW47HBZLcq0WpDK+GFBxCZOuv9yMda4kZdS6R3CAl
t4I8nttApG58hOAwDIWQoWWe7y73gTIkwQnyDt1R26Si0N2ybPLi6vPjXS0vLa9i
LoM+Ynxd1xbcHclxTqTMy7xFiZfzjCwqYjAPkwEknQvDDWp6umlf3atTzqHhoboX
+HG2I4//AyDk8DrRL+LsBGt9P1ygo1qy5jGTHz2qJqFaDbpU/ZUyPYZAFk0nhIdr
k88Kmzrivib3GsvJlMegOa6Iluii+7ookC8LNCt7Twq7fjb01HoOQ1mSlst0rEm7
8Nk=
-----END CERTIFICATE-----
Generated at Thu May 2 16:06:50 2024 by rpki-client on console-ams.rpki-client.org