Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d79d2c-4cb4-4a74-b6ac-d7c6ff933c23/1/fm99mZCGNYJ-5ocZr2ScpU80fcQ.roa
File: fm99mZCGNYJ-5ocZr2ScpU80fcQ.roa (raw, json)
Hash identifier: QPMPg9oqetsk+c03DvnSnqoKoKuVBNHLAklyZCc4edM=
Subject key identifier: 7E:6F:7D:99:90:86:35:82:7E:E6:87:19:AF:64:9C:A5:4F:34:7D:C4
Certificate issuer: /CN=05a991acd7b2273d9e1865afa2755e6f5e672e55
Certificate serial: 018F8CBC58F8CF8C83B352EEF59CE27978D9
Authority key identifier: 05:A9:91:AC:D7:B2:27:3D:9E:18:65:AF:A2:75:5E:6F:5E:67:2E:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BamRrNeyJz2eGGWvonVeb15nLlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d79d2c-4cb4-4a74-b6ac-d7c6ff933c23/1/fm99mZCGNYJ-5ocZr2ScpU80fcQ.roa
Signing time: Sat 18 May 2024 17:25:04 +0000
ROA not before: Sat 18 May 2024 17:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208439
IP address blocks: 45.136.164.0/22 maxlen: 22
2a0e:9ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d79d2c-4cb4-4a74-b6ac-d7c6ff933c23/1/BamRrNeyJz2eGGWvonVeb15nLlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d79d2c-4cb4-4a74-b6ac-d7c6ff933c23/1/BamRrNeyJz2eGGWvonVeb15nLlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/BamRrNeyJz2eGGWvonVeb15nLlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8c:bc:58:f8:cf:8c:83:b3:52:ee:f5:9c:e2:79:78:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05a991acd7b2273d9e1865afa2755e6f5e672e55
Validity
Not Before: May 18 17:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e6f7d99908635827ee68719af649ca54f347dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:35:46:fa:7e:fe:50:c7:c4:cc:f2:d2:99:98:
c9:df:54:40:c1:81:d5:0e:77:f9:0c:1c:70:7c:d3:
c0:91:6a:e2:42:8a:09:8b:2b:c1:dc:57:9f:d3:05:
cb:9b:e8:2d:a6:a1:94:70:b9:7c:8c:70:7a:f5:15:
a0:e5:53:b4:37:32:61:e3:14:8f:a1:51:34:d9:18:
7c:06:99:75:f4:8d:fb:18:b7:fa:af:79:58:dd:4b:
ed:87:f9:63:04:d6:f6:65:12:0b:e1:43:ea:4d:20:
ee:cc:1a:af:8e:48:d5:ce:48:9c:54:e7:f5:6c:ca:
02:59:9c:48:59:c3:46:4f:0c:5f:97:40:0f:13:eb:
bf:ed:a4:e2:14:ad:79:df:3c:e6:7e:1c:6f:5c:96:
77:94:82:bb:36:c7:83:fa:3e:3a:92:8b:a4:ed:65:
86:59:2f:da:9c:80:67:45:ec:fc:47:ce:d3:03:ad:
c5:3e:05:f3:a1:ab:0b:b8:fe:8d:fd:d9:b4:90:e9:
56:ec:4b:dc:d4:37:17:9a:d3:f0:bf:07:4e:af:7f:
e9:e0:2a:94:05:93:4a:91:34:e1:26:65:d4:bb:9f:
92:78:db:fc:d6:c7:b3:01:83:e3:8d:59:cf:c8:5c:
01:a3:67:28:2b:60:80:34:f3:d8:b2:68:47:e4:a0:
f3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:6F:7D:99:90:86:35:82:7E:E6:87:19:AF:64:9C:A5:4F:34:7D:C4
X509v3 Authority Key Identifier:
keyid:05:A9:91:AC:D7:B2:27:3D:9E:18:65:AF:A2:75:5E:6F:5E:67:2E:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BamRrNeyJz2eGGWvonVeb15nLlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d79d2c-4cb4-4a74-b6ac-d7c6ff933c23/1/fm99mZCGNYJ-5ocZr2ScpU80fcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d79d2c-4cb4-4a74-b6ac-d7c6ff933c23/1/BamRrNeyJz2eGGWvonVeb15nLlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.164.0/22
IPv6:
2a0e:9ec0::/29
Signature Algorithm: sha256WithRSAEncryption
85:72:0d:01:1e:63:39:a8:a2:32:f9:f2:48:44:16:4c:a1:74:
08:7a:bd:fb:98:e2:f6:20:dd:53:7d:aa:26:9d:6b:ed:c6:6e:
59:b4:3b:ed:fa:50:63:ad:9e:20:d8:74:52:a8:d7:d5:c1:f0:
94:df:b5:db:45:90:93:df:1b:26:9c:88:9f:d6:9a:e1:d1:10:
53:c6:73:9d:fb:07:0a:1b:49:4f:2a:80:e0:8f:96:9a:9d:7b:
54:81:74:f2:df:06:40:b2:41:81:59:34:b9:ef:a7:1e:2b:54:
bd:b6:2b:d2:ac:a7:db:1d:61:fa:7f:a0:2e:e6:a3:d6:0d:f6:
bd:17:ac:73:7a:02:89:d7:d1:b1:27:ee:cc:25:da:b7:be:44:
62:93:f2:51:3e:3e:80:54:7c:72:48:35:e6:f7:24:74:8a:8d:
e0:39:56:d4:61:9c:6d:c5:24:ba:44:9e:0e:10:b9:e8:9e:b7:
fb:c5:69:83:ed:fd:0e:7b:dc:0b:47:cd:20:37:aa:02:b9:5e:
27:ad:3c:26:33:a4:ec:13:ae:bf:9e:52:19:5f:a5:2c:cb:90:
84:6d:b7:d2:8f:04:f0:06:4b:a2:7c:20:02:ae:a9:2c:6d:33:
06:80:0c:8b:2b:86:d4:ef:ed:4c:ac:9e:5f:d8:f2:52:1f:5f:
b5:77:5b:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+MvFj4z4yDs1Lu9ZzieXjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YTk5MWFjZDdiMjI3M2Q5ZTE4NjVhZmEyNzU1ZTZmNWU2
NzJlNTUwHhcNMjQwNTE4MTcyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTZmN2Q5OTkwODYzNTgyN2VlNjg3MTlhZjY0OWNhNTRmMzQ3ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzVG+n7+UMfEzPLSmZjJ31RAwYHV
Dnf5DBxwfNPAkWriQooJiyvB3Fef0wXLm+gtpqGUcLl8jHB69RWg5VO0NzJh4xSP
oVE02Rh8Bpl19I37GLf6r3lY3Uvth/ljBNb2ZRIL4UPqTSDuzBqvjkjVzkicVOf1
bMoCWZxIWcNGTwxfl0APE+u/7aTiFK153zzmfhxvXJZ3lIK7NseD+j46kouk7WWG
WS/anIBnRez8R87TA63FPgXzoasLuP6N/dm0kOlW7Evc1DcXmtPwvwdOr3/p4CqU
BZNKkTThJmXUu5+SeNv81sezAYPjjVnPyFwBo2coK2CANPPYsmhH5KDz6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH5vfZmQhjWCfuaHGa9knKVPNH3EMB8GA1UdIwQY
MBaAFAWpkazXsic9nhhlr6J1Xm9eZy5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmFtUnJOZXlKejJlR0dXdm9uVmViMTVuTGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNzlkMmMtNGNiNC00YTc0LWI2YWMt
ZDdjNmZmOTMzYzIzLzEvZm05OW1aQ0dOWUotNW9jWnIyU2NwVTgwZmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNzlkMmMtNGNiNC00YTc0LWI2YWMtZDdjNmZmOTMzYzIz
LzEvQmFtUnJOZXlKejJlR0dXdm9uVmViMTVuTGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYikMA0E
AgACMAcDBQMqDp7AMA0GCSqGSIb3DQEBCwUAA4IBAQCFcg0BHmM5qKIy+fJIRBZM
oXQIer37mOL2IN1TfaomnWvtxm5ZtDvt+lBjrZ4g2HRSqNfVwfCU37XbRZCT3xsm
nIif1prh0RBTxnOd+wcKG0lPKoDgj5aanXtUgXTy3wZAskGBWTS576ceK1S9tivS
rKfbHWH6f6Au5qPWDfa9F6xzegKJ19GxJ+7MJdq3vkRik/JRPj6AVHxySDXm9yR0
io3gOVbUYZxtxSS6RJ4OELnonrf7xWmD7f0Oe9wLR80gN6oCuV4nrTwmM6TsE66/
nlIZX6Usy5CEbbfSjwTwBkuifCACrqksbTMGgAyLK4bU7+1MrJ5f2PJSH1+1d1so
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:17:10 2024 by rpki-client on console-ams.rpki-client.org