Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/4c6cd6-37a9-4115-8366-24a8d9bf37bc/1/ygM1ZjDpIa8lerikv6xIYoFqvOw.roa
File: ygM1ZjDpIa8lerikv6xIYoFqvOw.roa (raw, json)
Hash identifier: elWMGUEoPi4d1OKvkJe/ths8/GEiOLa4TzR/FkPOzwo=
Subject key identifier: CA:03:35:66:30:E9:21:AF:25:7A:B8:A4:BF:AC:48:62:81:6A:BC:EC
Certificate issuer: /CN=450bc67f549eb049257720a000eb05b54f5d2bc0
Certificate serial: 018CC94CA7DDB461E9DA78E7089BCE1FD6C3
Authority key identifier: 45:0B:C6:7F:54:9E:B0:49:25:77:20:A0:00:EB:05:B5:4F:5D:2B:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQvGf1SesEkldyCgAOsFtU9dK8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/4c6cd6-37a9-4115-8366-24a8d9bf37bc/1/ygM1ZjDpIa8lerikv6xIYoFqvOw.roa
Signing time: Tue 02 Jan 2024 08:31:33 +0000
ROA not before: Tue 02 Jan 2024 08:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57614
IP address blocks: 81.162.48.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/4c6cd6-37a9-4115-8366-24a8d9bf37bc/1/RQvGf1SesEkldyCgAOsFtU9dK8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/4c6cd6-37a9-4115-8366-24a8d9bf37bc/1/RQvGf1SesEkldyCgAOsFtU9dK8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQvGf1SesEkldyCgAOsFtU9dK8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:a7:dd:b4:61:e9:da:78:e7:08:9b:ce:1f:d6:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=450bc67f549eb049257720a000eb05b54f5d2bc0
Validity
Not Before: Jan 2 08:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca03356630e921af257ab8a4bfac4862816abcec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fb:ee:d1:4e:60:4d:02:74:1f:0c:10:e3:f4:
53:4d:60:2e:1c:4b:47:88:af:55:2d:fc:dd:a1:fd:
52:37:ec:43:88:0b:d6:0b:0f:16:f5:3c:ba:7b:31:
26:47:1c:b1:4c:4e:cf:66:21:7e:73:78:cf:89:48:
85:43:24:d3:f0:ae:e5:ef:cb:2e:58:4d:a9:09:ed:
a0:5a:ce:0a:bf:8e:0d:ec:12:5d:b4:16:57:c6:f6:
43:82:5c:b0:6b:28:9c:21:a1:51:84:e6:41:a1:71:
46:cb:23:35:2d:3d:d3:06:0e:19:c3:f5:86:0a:8a:
98:a9:be:9b:0e:5b:ad:29:97:93:78:01:d0:68:98:
d4:13:ae:d3:7c:e4:98:fc:04:0d:eb:e2:c6:34:fe:
af:97:96:46:b4:d5:21:e9:4b:97:47:3e:20:9b:aa:
b7:ea:a5:e7:13:e4:58:17:be:10:01:6e:80:3a:31:
fb:97:eb:c4:30:67:60:91:06:72:17:2c:b9:ab:85:
d8:1d:28:d6:48:e1:08:cf:25:64:12:f3:4c:00:af:
30:f7:b5:21:71:c6:3a:1d:7a:01:4a:fd:f2:cf:5d:
6d:ff:59:26:96:7c:ee:27:c6:0d:7b:58:02:83:e3:
06:f4:f7:ee:a2:3a:1d:b6:c7:ec:65:70:5c:7c:0e:
10:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:03:35:66:30:E9:21:AF:25:7A:B8:A4:BF:AC:48:62:81:6A:BC:EC
X509v3 Authority Key Identifier:
keyid:45:0B:C6:7F:54:9E:B0:49:25:77:20:A0:00:EB:05:B5:4F:5D:2B:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQvGf1SesEkldyCgAOsFtU9dK8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4c6cd6-37a9-4115-8366-24a8d9bf37bc/1/ygM1ZjDpIa8lerikv6xIYoFqvOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4c6cd6-37a9-4115-8366-24a8d9bf37bc/1/RQvGf1SesEkldyCgAOsFtU9dK8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.162.48.0/22
Signature Algorithm: sha256WithRSAEncryption
27:64:28:48:9e:56:35:9f:08:60:8e:b6:49:58:7b:50:3f:9a:
5e:76:f1:dd:3b:20:01:64:57:70:12:f4:ec:f6:75:fd:87:08:
17:ad:6b:0f:b0:95:40:da:be:08:22:7a:d3:bf:75:ed:31:e9:
e6:17:85:df:ae:5b:c1:ad:07:50:df:6d:6e:c7:34:7d:41:b1:
a1:0b:d8:be:85:40:f1:c6:4f:5f:d5:f3:8c:39:29:c9:e8:ec:
9f:4f:59:a2:d2:4a:47:08:bb:64:f1:4e:77:de:a8:da:12:5c:
ee:c6:e7:ec:2d:ab:67:57:a9:30:ac:53:c3:42:33:1d:60:1e:
8d:28:6f:25:43:98:ea:0e:dd:23:30:bf:58:6b:c1:7c:d9:a8:
5d:90:9d:cf:90:66:e5:a2:a3:47:ab:e2:8e:84:d4:6d:da:52:
50:e5:f3:20:45:ab:0b:02:9e:8b:0c:0f:cb:7e:32:ca:94:dd:
37:cd:3c:4a:f8:4b:eb:da:64:04:11:d7:e4:87:dc:a0:69:e4:
17:fd:41:4d:e5:52:35:dd:28:3e:5b:31:b8:00:db:27:2e:8c:
0d:d0:29:57:11:a0:8a:de:07:bc:e8:e7:ba:c6:86:58:4b:e7:
83:f9:97:17:68:9c:0e:b9:77:ec:38:e6:1d:a1:70:1a:39:7a:
77:3a:1d:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTKfdtGHp2njnCJvOH9bDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MGJjNjdmNTQ5ZWIwNDkyNTc3MjBhMDAwZWIwNWI1NGY1
ZDJiYzAwHhcNMjQwMTAyMDgzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTAzMzU2NjMwZTkyMWFmMjU3YWI4YTRiZmFjNDg2MjgxNmFiY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPvu0U5gTQJ0HwwQ4/RTTWAuHEtH
iK9VLfzdof1SN+xDiAvWCw8W9Ty6ezEmRxyxTE7PZiF+c3jPiUiFQyTT8K7l78su
WE2pCe2gWs4Kv44N7BJdtBZXxvZDglywayicIaFRhOZBoXFGyyM1LT3TBg4Zw/WG
CoqYqb6bDlutKZeTeAHQaJjUE67TfOSY/AQN6+LGNP6vl5ZGtNUh6UuXRz4gm6q3
6qXnE+RYF74QAW6AOjH7l+vEMGdgkQZyFyy5q4XYHSjWSOEIzyVkEvNMAK8w97Uh
ccY6HXoBSv3yz11t/1kmlnzuJ8YNe1gCg+MG9PfuojodtsfsZXBcfA4QJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoDNWYw6SGvJXq4pL+sSGKBarzsMB8GA1UdIwQY
MBaAFEULxn9UnrBJJXcgoADrBbVPXSvAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlF2R2YxU2VzRWtsZHlDZ0FPc0Z0VTlkSzhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80YzZjZDYtMzdhOS00MTE1LTgzNjYt
MjRhOGQ5YmYzN2JjLzEveWdNMVpqRHBJYThsZXJpa3Y2eElZb0Zxdk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80YzZjZDYtMzdhOS00MTE1LTgzNjYtMjRhOGQ5YmYzN2Jj
LzEvUlF2R2YxU2VzRWtsZHlDZ0FPc0Z0VTlkSzhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUaIwMA0G
CSqGSIb3DQEBCwUAA4IBAQAnZChInlY1nwhgjrZJWHtQP5pedvHdOyABZFdwEvTs
9nX9hwgXrWsPsJVA2r4IInrTv3XtMenmF4XfrlvBrQdQ321uxzR9QbGhC9i+hUDx
xk9f1fOMOSnJ6OyfT1mi0kpHCLtk8U533qjaElzuxufsLatnV6kwrFPDQjMdYB6N
KG8lQ5jqDt0jML9Ya8F82ahdkJ3PkGbloqNHq+KOhNRt2lJQ5fMgRasLAp6LDA/L
fjLKlN03zTxK+Evr2mQEEdfkh9ygaeQX/UFN5VI13Sg+WzG4ANsnLowN0ClXEaCK
3ge86Oe6xoZYS+eD+ZcXaJwOuXfsOOYdoXAaOXp3Oh1H
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:18:56 2024 by rpki-client on console-fra.rpki-client.org