Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/SxgXHyZrFDT1RMQcCT9DZu8gabU.roa
File: SxgXHyZrFDT1RMQcCT9DZu8gabU.roa (raw, json)
Hash identifier: ISP0X77wigSuhDdL3aCtZyc64iWuO0yUifYP8UG7P8s=
Subject key identifier: 4B:18:17:1F:26:6B:14:34:F5:44:C4:1C:09:3F:43:66:EF:20:69:B5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019015B1D6A604D56815153EF0535D718510
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/SxgXHyZrFDT1RMQcCT9DZu8gabU.roa
Signing time: Fri 14 Jun 2024 07:41:34 +0000
ROA not before: Fri 14 Jun 2024 07:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 45.151.3.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
2a07:9200::/32 maxlen: 32
2a07:9205::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a582::/32 maxlen: 32
2a0c:a583::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:15:b1:d6:a6:04:d5:68:15:15:3e:f0:53:5d:71:85:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 14 07:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b18171f266b1434f544c41c093f4366ef2069b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0e:3e:d1:48:1a:60:c4:bf:83:a3:80:db:13:
f9:33:c8:ff:65:69:4c:79:44:06:34:73:ca:25:e0:
85:7e:70:aa:c9:a5:78:e1:77:0d:e6:c7:e6:fc:46:
04:dd:f6:a4:1b:36:84:26:fa:73:65:65:a0:50:4f:
7f:89:ce:cf:f9:7a:e5:5c:66:6b:27:a8:22:05:c3:
87:c1:54:c7:2a:95:c9:24:85:e9:08:19:33:fc:16:
cc:05:09:35:1d:d8:7e:6a:83:7b:a9:4e:c5:22:3e:
e8:c9:45:c0:ff:15:0f:fa:27:79:6b:06:62:ec:ca:
92:a2:35:3f:31:04:ac:c3:00:00:6a:87:85:70:24:
00:5c:d1:57:8d:34:3e:c4:7d:c0:da:77:c3:d1:5f:
e9:42:64:2d:64:33:ae:55:ef:01:d5:b4:67:22:78:
62:cc:42:22:93:64:ed:78:36:9b:d7:4d:68:42:73:
85:1a:e7:cd:80:11:5e:a1:1c:3f:94:ac:e5:0d:1a:
ef:8c:f7:63:4e:8d:40:c3:75:5a:0c:45:c8:0c:03:
b5:4a:a1:4c:9e:d2:34:ed:7b:6e:2f:e1:45:4e:48:
a7:5e:09:f6:24:e6:c1:55:a2:18:41:44:c9:47:1e:
27:07:ae:99:b2:fa:cb:f7:c1:1a:71:9f:cb:75:ee:
a8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:18:17:1F:26:6B:14:34:F5:44:C4:1C:09:3F:43:66:EF:20:69:B5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/SxgXHyZrFDT1RMQcCT9DZu8gabU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.3.0/24
146.19.125.0/24
IPv6:
2a07:9200::/32
2a07:9205::-2a07:9207:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:a580::/30
Signature Algorithm: sha256WithRSAEncryption
a9:69:7c:c9:17:c9:ea:f6:ac:fe:77:d4:c6:bd:34:c7:34:e8:
5f:59:e1:d4:7a:b8:9f:5f:0c:d2:3e:c7:e2:57:d9:ad:00:60:
a5:90:cd:7d:d4:68:08:ee:26:c7:f5:1c:f5:2e:70:6d:14:46:
1b:a5:ed:ac:29:4e:82:b1:ad:73:f9:d0:93:85:6c:82:5b:44:
20:b9:71:77:9f:6e:69:f1:56:0c:5a:0b:67:3a:89:dd:ca:60:
77:20:21:43:a8:6a:83:31:75:4b:fd:d8:81:69:83:b6:7a:56:
cf:b5:2a:47:9e:b4:2b:cb:d1:e3:9b:2c:cf:b7:67:73:80:90:
33:5a:f3:8b:a1:67:9e:65:94:44:5b:31:36:74:4b:8b:d8:41:
30:4d:ba:70:08:ba:ae:54:95:c3:40:a1:fa:fe:96:f4:9d:27:
c0:4f:8d:61:73:72:b8:00:56:c2:0a:10:75:50:46:1c:40:76:
d4:c7:3b:f2:0f:d2:57:46:ec:9a:5c:f9:44:8f:5d:87:86:af:
b7:d6:e7:89:39:c8:7a:2c:24:e3:dd:bd:c3:ed:b9:a0:59:9e:
12:7c:f2:71:25:ab:16:1b:7b:89:8d:9b:76:7e:39:97:47:ac:
60:59:20:f4:34:42:0e:47:b9:de:70:03:a0:a3:58:d9:9c:f7:
c6:4b:25:cc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZAVsdamBNVoFRU+8FNdcYUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNjE0MDc0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjE4MTcxZjI2NmIxNDM0ZjU0NGM0MWMwOTNmNDM2NmVmMjA2OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg4+0UgaYMS/g6OA2xP5M8j/ZWlM
eUQGNHPKJeCFfnCqyaV44XcN5sfm/EYE3fakGzaEJvpzZWWgUE9/ic7P+XrlXGZr
J6giBcOHwVTHKpXJJIXpCBkz/BbMBQk1Hdh+aoN7qU7FIj7oyUXA/xUP+id5awZi
7MqSojU/MQSswwAAaoeFcCQAXNFXjTQ+xH3A2nfD0V/pQmQtZDOuVe8B1bRnInhi
zEIik2TteDab101oQnOFGufNgBFeoRw/lKzlDRrvjPdjTo1Aw3VaDEXIDAO1SqFM
ntI07XtuL+FFTkinXgn2JObBVaIYQUTJRx4nB66ZsvrL98EacZ/Lde6o/QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEsYFx8maxQ09UTEHAk/Q2bvIGm1MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvU3hnWEh5WnJGRFQxUk1RY0NUOURadThnYWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjASBAIAATAMAwQALZcDAwQA
khN9MCQEAgACMB4DBQAqB5IAMA4DBQAqB5IFAwUDKgeSAAMFAioMpYAwDQYJKoZI
hvcNAQELBQADggEBAKlpfMkXyer2rP531Ma9NMc06F9Z4dR6uJ9fDNI+x+JX2a0A
YKWQzX3UaAjuJsf1HPUucG0URhul7awpToKxrXP50JOFbIJbRCC5cXefbmnxVgxa
C2c6id3KYHcgIUOoaoMxdUv92IFpg7Z6Vs+1KkeetCvL0eObLM+3Z3OAkDNa84uh
Z55llERbMTZ0S4vYQTBNunAIuq5UlcNAofr+lvSdJ8BPjWFzcrgAVsIKEHVQRhxA
dtTHO/IP0ldG7Jpc+USPXYeGr7fW54k5yHosJOPdvcPtuaBZnhJ88nElqxYbe4mN
m3Z+OZdHrGBZIPQ0Qg5Hud5wA6CjWNmc98ZLJcw=
-----END CERTIFICATE-----
Generated at Tue Jun 25 04:48:37 2024 by rpki-client on console-ams.rpki-client.org