Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/JHih9UiGKhEy-cF6z9e5m7eTfVg.roa
File: JHih9UiGKhEy-cF6z9e5m7eTfVg.roa (raw, json)
Hash identifier: h16nWP5UP2l+GASvh9DiGb2Jlz+sJ4F8fx1hBl/r5Kg=
Subject key identifier: 24:78:A1:F5:48:86:2A:11:32:F9:C1:7A:CF:D7:B9:9B:B7:93:7D:58
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018CC5007306752D91C43D825816FA4C0155
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/JHih9UiGKhEy-cF6z9e5m7eTfVg.roa
Signing time: Mon 01 Jan 2024 12:29:50 +0000
ROA not before: Mon 01 Jan 2024 12:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204666
IP address blocks: 45.153.192.0/22 maxlen: 24
45.153.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:73:06:75:2d:91:c4:3d:82:58:16:fa:4c:01:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 12:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2478a1f548862a1132f9c17acfd7b99bb7937d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:05:d6:32:3e:d9:2f:2f:eb:4c:77:f2:13:b5:
9d:5f:8d:d2:8c:e2:19:26:93:d4:af:7d:6d:22:b7:
4c:93:23:6d:9a:ed:50:04:fc:7c:01:a8:63:1d:12:
bf:14:72:33:98:11:2e:56:9b:08:ab:4e:8f:1d:64:
e3:19:55:d3:b8:73:47:91:92:b2:b3:8e:07:98:a8:
47:86:be:08:18:0a:fc:ca:00:88:dc:02:e9:dd:8f:
7f:1a:3b:b9:26:80:63:46:82:fe:ce:e6:88:da:12:
0e:6e:0c:ff:83:e7:66:46:df:72:77:03:d1:2f:07:
b5:54:6a:db:e7:55:21:2b:b5:ad:31:fa:1d:51:be:
57:82:c5:a7:cd:84:ea:aa:8d:a0:18:28:4d:02:65:
d6:53:3a:4b:6a:2d:65:74:90:b1:df:06:28:be:4b:
9b:84:4c:ad:b6:52:97:0a:02:c8:f4:31:d4:fe:d9:
3f:0e:5c:6c:d4:54:f4:42:a2:97:80:96:87:b7:09:
25:56:6d:9f:5e:0d:65:14:91:42:54:2f:8b:c0:be:
3f:a8:fe:68:85:d7:b3:0e:4d:86:6a:49:4a:5e:f8:
0a:be:7a:50:6a:86:6f:46:a8:34:d9:ad:95:cb:1d:
f7:79:a9:7a:25:98:7f:52:8d:9a:fc:a9:b5:69:ed:
83:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:78:A1:F5:48:86:2A:11:32:F9:C1:7A:CF:D7:B9:9B:B7:93:7D:58
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/JHih9UiGKhEy-cF6z9e5m7eTfVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:11:25:59:b7:1b:3b:6e:7a:01:bd:38:55:6c:e7:41:25:fd:
7e:06:68:f8:6a:45:b4:ad:10:bd:2b:e0:1e:34:47:74:d1:26:
8d:54:c9:c9:5f:90:86:65:c4:78:0e:ba:c3:43:f5:c8:99:f7:
fb:22:51:ab:4c:26:fc:6d:f6:fd:5d:43:cb:f5:72:98:94:6a:
68:c6:49:99:b2:bd:20:6a:9a:e5:01:84:d7:9c:5b:32:a9:5a:
dc:18:ca:0e:f8:58:44:6e:c4:41:26:3d:87:11:0f:47:f3:6d:
d6:74:06:30:66:29:62:97:0f:bf:43:e2:71:76:d5:34:86:6a:
42:1e:ba:15:ce:87:e7:fb:3f:11:f6:ad:6c:dd:15:cf:73:87:
af:49:07:96:50:37:63:1c:bb:1c:b3:7c:ef:e7:3b:55:15:89:
fa:86:00:cc:3e:f1:99:b4:7b:3b:48:4b:e9:86:12:4a:c1:42:
1d:dd:20:f8:09:10:1f:95:e8:9f:5f:7c:ea:7e:78:46:fa:e9:
69:c4:16:15:9b:74:9d:86:cd:4d:18:03:aa:e5:7a:82:02:3f:
d1:34:a4:fa:10:27:e8:37:ff:31:58:bc:0e:3a:d2:8f:02:d1:
f7:5d:c2:4a:a6:bb:b5:2b:69:ef:ca:aa:b7:f7:f6:cc:db:68:
e4:45:71:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAHMGdS2RxD2CWBb6TAFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQwMTAxMTIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDc4YTFmNTQ4ODYyYTExMzJmOWMxN2FjZmQ3Yjk5YmI3OTM3ZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QXWMj7ZLy/rTHfyE7WdX43SjOIZ
JpPUr31tIrdMkyNtmu1QBPx8AahjHRK/FHIzmBEuVpsIq06PHWTjGVXTuHNHkZKy
s44HmKhHhr4IGAr8ygCI3ALp3Y9/Gju5JoBjRoL+zuaI2hIObgz/g+dmRt9ydwPR
Lwe1VGrb51UhK7WtMfodUb5XgsWnzYTqqo2gGChNAmXWUzpLai1ldJCx3wYovkub
hEyttlKXCgLI9DHU/tk/Dlxs1FT0QqKXgJaHtwklVm2fXg1lFJFCVC+LwL4/qP5o
hdezDk2GaklKXvgKvnpQaoZvRqg02a2Vyx33eal6JZh/Uo2a/Km1ae2DlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCR4ofVIhioRMvnBes/XuZu3k31YMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvSkhpaDlVaUdLaEV5LWNGNno5ZTVtN2VUZlZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZnAMA0G
CSqGSIb3DQEBCwUAA4IBAQB6ESVZtxs7bnoBvThVbOdBJf1+Bmj4akW0rRC9K+Ae
NEd00SaNVMnJX5CGZcR4DrrDQ/XImff7IlGrTCb8bfb9XUPL9XKYlGpoxkmZsr0g
aprlAYTXnFsyqVrcGMoO+FhEbsRBJj2HEQ9H823WdAYwZililw+/Q+JxdtU0hmpC
HroVzofn+z8R9q1s3RXPc4evSQeWUDdjHLscs3zv5ztVFYn6hgDMPvGZtHs7SEvp
hhJKwUId3SD4CRAfleifX3zqfnhG+ulpxBYVm3Sdhs1NGAOq5XqCAj/RNKT6ECfo
N/8xWLwOOtKPAtH3XcJKpru1K2nvyqq39/bM22jkRXGF
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:40:24 2024 by rpki-client on console-ams.rpki-client.org