Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/0T-s-ncP7fxHzgUZ61OwImhh8C8.roa
File: 0T-s-ncP7fxHzgUZ61OwImhh8C8.roa (raw, json)
Hash identifier: sz7mLGqijC7c0+YD50x5Z89nUJhMEGZSHcadkRXRcJ8=
Subject key identifier: D1:3F:AC:FA:77:0F:ED:FC:47:CE:05:19:EB:53:B0:22:68:61:F0:2F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018F7D624E94B2F97A439BC448EA87A07DC8
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/0T-s-ncP7fxHzgUZ61OwImhh8C8.roa
Signing time: Wed 15 May 2024 17:52:25 +0000
ROA not before: Wed 15 May 2024 17:52:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13886
IP address blocks: 45.43.165.0/24 maxlen: 24
45.150.32.0/22 maxlen: 22
64.137.51.0/24 maxlen: 24
204.52.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7d:62:4e:94:b2:f9:7a:43:9b:c4:48:ea:87:a0:7d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 15 17:52:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d13facfa770fedfc47ce0519eb53b0226861f02f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2a:95:30:c9:29:07:01:22:90:c4:c4:b3:15:
26:60:e8:df:3a:4f:f9:17:25:9c:22:28:79:8b:6b:
60:c1:4c:c9:60:6c:40:c8:11:6c:eb:2a:9f:a2:77:
54:8a:e6:fc:77:9e:72:2c:b1:b9:fb:b1:5b:a7:3e:
9e:67:5a:cd:d0:57:c8:69:79:79:62:0e:43:89:8d:
fb:b1:67:ff:10:5c:19:42:40:6b:ec:a4:fe:bc:4e:
14:5a:31:4e:44:41:2e:6e:e3:1e:5c:0c:5f:61:f8:
bb:9c:b7:ff:17:7c:8a:8a:b2:56:56:e4:ad:77:4d:
08:34:e2:a0:dd:56:66:12:64:25:64:2a:39:9c:eb:
97:b5:d1:41:39:a5:30:70:a0:16:15:23:7d:5f:55:
8e:e6:be:49:75:fa:fb:56:47:bf:b3:d1:67:f5:ba:
2d:3a:9b:19:8f:68:a4:f2:d4:02:9e:af:d0:d4:6b:
b1:c9:66:d6:96:43:63:6b:f6:43:cf:0e:44:3a:19:
49:3b:2f:83:a4:4d:ba:5e:74:0b:6e:33:b6:2e:ce:
28:e5:58:87:33:f8:36:dd:31:31:a1:71:cd:59:06:
b4:89:2b:c8:b3:ea:13:aa:a4:8b:5a:67:41:ae:b2:
b8:0c:76:db:8c:72:84:44:b8:8c:26:03:88:e1:3b:
82:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3F:AC:FA:77:0F:ED:FC:47:CE:05:19:EB:53:B0:22:68:61:F0:2F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/0T-s-ncP7fxHzgUZ61OwImhh8C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
45.150.32.0/22
64.137.51.0/24
204.52.112.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:b2:d4:cc:7f:51:b8:6d:d2:60:86:4c:f8:0b:81:a0:41:60:
a3:d4:a0:b3:c2:14:b5:b9:58:d1:59:33:be:1d:47:ec:25:6b:
c3:1f:9b:57:5b:f8:f3:07:fe:e8:b3:3a:82:0f:f3:3c:61:b7:
3e:56:ad:f5:d3:42:9c:00:bc:1e:8b:0e:41:3a:e6:f6:21:46:
8d:60:30:d1:e0:dc:5c:8f:27:66:c2:aa:0c:ad:96:a5:78:d2:
9e:79:4b:5d:c7:54:3a:63:be:75:4a:b2:55:5c:ba:4f:47:1d:
9e:ea:24:51:f1:f4:a6:49:84:b3:a7:35:3f:ba:80:c0:39:df:
76:ec:da:f3:ea:87:2a:8b:9b:04:b5:ef:7e:9a:d9:71:1f:b0:
1e:7f:43:06:38:6b:1e:c5:2e:1f:e8:dd:de:e5:93:7e:36:ee:
ea:0c:73:9b:81:90:ae:48:92:40:5a:68:14:7d:29:59:40:72:
8a:26:20:98:95:9b:11:63:2d:62:1d:71:94:24:e1:b1:bb:33:
0c:4d:e6:f7:8a:fa:92:76:cf:42:cc:6c:c1:fe:4e:52:19:36:
22:d2:e8:5f:91:99:db:17:09:2c:92:f1:aa:5d:f4:03:95:25:
cf:12:c7:d4:1a:29:69:4e:56:a1:64:bf:9b:8c:a0:ce:5a:45:
10:85:3e:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY99Yk6Usvl6Q5vESOqHoH3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNTE1MTc1MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTNmYWNmYTc3MGZlZGZjNDdjZTA1MTllYjUzYjAyMjY4NjFmMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiqVMMkpBwEikMTEsxUmYOjfOk/5
FyWcIih5i2tgwUzJYGxAyBFs6yqfondUiub8d55yLLG5+7Fbpz6eZ1rN0FfIaXl5
Yg5DiY37sWf/EFwZQkBr7KT+vE4UWjFOREEubuMeXAxfYfi7nLf/F3yKirJWVuSt
d00INOKg3VZmEmQlZCo5nOuXtdFBOaUwcKAWFSN9X1WO5r5Jdfr7Vke/s9Fn9bot
OpsZj2ik8tQCnq/Q1GuxyWbWlkNja/ZDzw5EOhlJOy+DpE26XnQLbjO2Ls4o5ViH
M/g23TExoXHNWQa0iSvIs+oTqqSLWmdBrrK4DHbbjHKERLiMJgOI4TuCoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNE/rPp3D+38R84FGetTsCJoYfAvMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvMFQtcy1uY1A3ZnhIemdVWjYxT3dJbWhoOEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALSulAwQC
LZYgAwQAQIkzAwQAzDRwMA0GCSqGSIb3DQEBCwUAA4IBAQCMstTMf1G4bdJghkz4
C4GgQWCj1KCzwhS1uVjRWTO+HUfsJWvDH5tXW/jzB/7oszqCD/M8Ybc+Vq3100Kc
ALweiw5BOub2IUaNYDDR4NxcjydmwqoMrZaleNKeeUtdx1Q6Y751SrJVXLpPRx2e
6iRR8fSmSYSzpzU/uoDAOd927Nrz6ocqi5sEte9+mtlxH7Aef0MGOGsexS4f6N3e
5ZN+Nu7qDHObgZCuSJJAWmgUfSlZQHKKJiCYlZsRYy1iHXGUJOGxuzMMTeb3ivqS
ds9CzGzB/k5SGTYi0uhfkZnbFwkskvGqXfQDlSXPEsfUGilpTlahZL+bjKDOWkUQ
hT7K
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:47:49 2024 by rpki-client on console-ams.rpki-client.org