Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/02N6o_lh0gRQnPBaVYtK6J7SIEw.roa
File: 02N6o_lh0gRQnPBaVYtK6J7SIEw.roa (raw, json)
Hash identifier: n/ORkdW4WFx/NcHo0MttH2zZzpEjfIkZykV3u7Tu10g=
Subject key identifier: D3:63:7A:A3:F9:61:D2:04:50:9C:F0:5A:55:8B:4A:E8:9E:D2:20:4C
Certificate issuer: /CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Certificate serial: 018CC8011A1FD98A73FAA12D1567C193EC1F
Authority key identifier: 42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/02N6o_lh0gRQnPBaVYtK6J7SIEw.roa
Signing time: Tue 02 Jan 2024 02:29:24 +0000
ROA not before: Tue 02 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.91.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1a:1f:d9:8a:73:fa:a1:2d:15:67:c1:93:ec:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Validity
Not Before: Jan 2 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3637aa3f961d204509cf05a558b4ae89ed2204c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a5:63:a1:d2:c1:69:d0:0b:89:39:fe:90:af:
46:23:71:66:b8:ca:50:c9:39:cd:ba:d4:12:a9:15:
7b:a5:98:c0:f9:16:8d:52:80:25:2c:55:84:d8:e5:
7a:14:25:f2:b0:1e:3f:ea:78:58:c2:b8:44:5e:9b:
b6:51:22:37:61:a4:10:fc:cd:36:7f:57:3f:68:9c:
d9:d3:57:8c:12:34:f4:ff:2f:a3:96:65:ea:60:55:
b1:37:19:1d:9b:e6:11:c6:e2:f5:97:1d:84:36:9f:
40:a4:5d:ce:7d:f8:d8:d8:77:3f:fb:9c:33:08:50:
7a:83:b9:e3:fc:a0:a6:67:a5:dc:b7:4e:c0:57:73:
0c:c7:eb:e7:0b:76:f2:d6:9c:d3:ec:b6:5d:e1:d4:
7e:43:08:56:81:a9:f7:3c:bd:7b:b5:0d:dc:bf:2b:
19:8b:5c:29:83:27:79:8d:f9:7c:19:6a:9b:ae:4c:
30:29:ff:83:d1:61:f3:5c:0b:11:34:0c:9e:7f:0c:
58:38:12:c1:58:53:45:43:52:11:0b:93:48:d0:0c:
0f:5d:bd:98:56:37:a4:de:85:c9:28:93:cf:76:80:
cd:4f:5b:ab:ec:aa:7b:27:00:86:8a:b0:48:19:9a:
7e:b3:06:c4:e5:d3:60:d5:e3:ba:2a:11:93:32:94:
f9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:63:7A:A3:F9:61:D2:04:50:9C:F0:5A:55:8B:4A:E8:9E:D2:20:4C
X509v3 Authority Key Identifier:
keyid:42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/02N6o_lh0gRQnPBaVYtK6J7SIEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.78.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ff:5f:d5:de:9c:ba:b8:76:85:a0:9a:c6:50:c1:c7:d7:e1:
59:d0:a9:0d:f7:33:ff:b5:c3:23:f4:8d:7e:c2:2e:d0:d6:3a:
86:dc:3d:49:eb:e8:d8:ff:9a:a8:e0:ad:81:00:5e:5f:1a:54:
af:3d:c7:c1:bc:2f:b2:06:79:c0:e7:3d:bc:2d:bb:fc:57:65:
40:82:9f:7c:3d:27:f8:56:ec:8a:6b:6c:04:f8:5c:cf:ba:89:
21:c0:4a:ca:6c:91:36:fe:d5:5f:1e:d8:72:8b:8c:f2:e5:4f:
dd:63:95:f3:0e:b6:94:01:c0:d9:3b:23:8f:92:8e:80:c4:3c:
df:d8:07:b2:e3:51:30:db:19:e7:f2:6f:db:3f:05:e2:25:6f:
51:96:19:a0:8e:4d:b6:67:9e:06:fa:d3:26:48:a3:fd:47:06:
10:e6:bf:27:1f:42:d6:ed:39:b5:d1:64:12:4c:1f:96:f3:a7:
30:21:69:1f:69:d8:bb:25:f3:38:66:f5:70:7a:ee:b9:9f:16:
2c:ff:eb:d9:4e:83:18:49:f4:08:08:3e:56:31:33:fd:35:b4:
b6:72:3a:ea:2b:0a:eb:01:ce:18:12:36:36:ba:e4:c7:6a:b2:
47:63:dc:b5:f7:a3:16:7b:53:4d:44:d0:f5:6f:28:64:c8:18:
1b:a5:35:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIARof2Ypz+qEtFWfBk+wfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWM1NGJlMWRhN2U3MzhlM2M5NmZmYjQxZjFlYTM5MDBh
NjdiZTgwHhcNMjQwMTAyMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzYzN2FhM2Y5NjFkMjA0NTA5Y2YwNWE1NThiNGFlODllZDIyMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaVjodLBadALiTn+kK9GI3FmuMpQ
yTnNutQSqRV7pZjA+RaNUoAlLFWE2OV6FCXysB4/6nhYwrhEXpu2USI3YaQQ/M02
f1c/aJzZ01eMEjT0/y+jlmXqYFWxNxkdm+YRxuL1lx2ENp9ApF3OffjY2Hc/+5wz
CFB6g7nj/KCmZ6Xct07AV3MMx+vnC3by1pzT7LZd4dR+QwhWgan3PL17tQ3cvysZ
i1wpgyd5jfl8GWqbrkwwKf+D0WHzXAsRNAyefwxYOBLBWFNFQ1IRC5NI0AwPXb2Y
Vjek3oXJKJPPdoDNT1ur7Kp7JwCGirBIGZp+swbE5dNg1eO6KhGTMpT5AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNjeqP5YdIEUJzwWlWLSuie0iBMMB8GA1UdIwQY
MBaAFEKcVL4dp+c448lv+0Hx6jkApnvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEt
M2Q4NTg0Y2Y1M2ZlLzEvMDJONm9fbGgwZ1JRblBCYVZZdEs2SjdTSUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEtM2Q4NTg0Y2Y1M2Zl
LzEvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVtOMA0G
CSqGSIb3DQEBCwUAA4IBAQBy/1/V3py6uHaFoJrGUMHH1+FZ0KkN9zP/tcMj9I1+
wi7Q1jqG3D1J6+jY/5qo4K2BAF5fGlSvPcfBvC+yBnnA5z28Lbv8V2VAgp98PSf4
VuyKa2wE+FzPuokhwErKbJE2/tVfHthyi4zy5U/dY5XzDraUAcDZOyOPko6AxDzf
2Aey41Ew2xnn8m/bPwXiJW9Rlhmgjk22Z54G+tMmSKP9RwYQ5r8nH0LW7Tm10WQS
TB+W86cwIWkfadi7JfM4ZvVweu65nxYs/+vZToMYSfQICD5WMTP9NbS2cjrqKwrr
Ac4YEjY2uuTHarJHY9y196MWe1NNRND1byhkyBgbpTWI
-----END CERTIFICATE-----
Generated at Sat May 4 04:58:33 2024 by rpki-client on console-fra.rpki-client.org