Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0s2BV-ZFcGQi3gIShsauWoMInpc.roa
File: 0s2BV-ZFcGQi3gIShsauWoMInpc.roa (raw, json)
Hash identifier: rCtDAA5DogGM4u5m1LREzvAtLsKYVG9Vt3TuM45woU0=
Subject key identifier: D2:CD:81:57:E6:45:70:64:22:DE:02:12:86:C6:AE:5A:83:08:9E:97
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DCD4551E5FCD3F538351A023690ECC069
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0s2BV-ZFcGQi3gIShsauWoMInpc.roa
Signing time: Wed 21 Feb 2024 20:04:48 +0000
ROA not before: Wed 21 Feb 2024 20:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203576
IP address blocks: 45.144.154.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cd:45:51:e5:fc:d3:f5:38:35:1a:02:36:90:ec:c0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 21 20:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2cd8157e645706422de021286c6ae5a83089e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:74:45:73:08:9b:b1:8a:c0:04:08:86:d3:c3:
f3:3a:56:48:a4:f6:f1:a9:79:1b:ec:2a:d1:64:f3:
dd:51:58:83:e7:db:02:5b:81:b3:a0:65:33:76:ae:
ea:05:58:7e:61:cb:1c:e5:7e:66:72:37:e7:3a:51:
bb:88:72:8c:f5:a9:9c:f4:d7:3c:ff:22:8e:df:62:
e2:ae:c5:e5:41:18:25:de:41:52:09:d2:82:e5:dd:
58:36:9f:34:50:59:6e:00:a4:ab:7b:39:08:20:b6:
59:90:db:64:43:bd:3c:a1:16:ac:16:8b:ff:cd:d8:
4b:01:61:c3:93:7f:a1:46:26:7f:f9:15:10:9d:04:
47:53:94:41:36:67:7c:9b:18:0a:47:d9:ce:cf:5d:
6b:05:57:5a:d1:e3:7c:54:fb:14:37:4c:cb:7b:bc:
e8:fd:40:49:dd:84:66:87:87:22:18:68:38:5a:5b:
b1:1a:25:7c:ea:00:75:36:50:9d:d1:30:46:47:61:
b0:e2:be:22:e9:50:36:09:e6:12:38:10:b8:06:04:
48:6c:d3:e3:68:40:86:4f:c2:2f:0c:9c:72:3a:05:
88:28:b5:bd:50:eb:40:48:0a:cd:16:54:ca:f1:00:
45:65:6d:82:72:6f:e9:c2:b2:f9:24:a2:ff:b5:55:
92:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:CD:81:57:E6:45:70:64:22:DE:02:12:86:C6:AE:5A:83:08:9E:97
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0s2BV-ZFcGQi3gIShsauWoMInpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.154.0/24
45.151.88.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:33:83:6a:bc:c5:fa:1f:9e:d8:3c:1b:44:9b:03:11:d0:63:
cb:87:fb:65:3b:6a:05:74:b6:f1:a3:64:91:4b:f6:cc:35:ba:
ff:3e:c3:9d:72:ce:e4:ac:8c:a5:06:cd:7d:aa:57:b3:93:ca:
2a:8a:24:29:86:e9:9a:8e:2f:57:18:17:d2:77:4b:40:8c:77:
7d:b4:3f:dc:bd:44:a0:df:12:20:0e:b9:38:49:5c:7c:7e:34:
d8:71:28:4e:5d:10:70:27:62:54:5c:4d:96:39:f5:14:34:da:
ae:cd:be:5e:c3:46:25:cc:5b:10:0a:f2:ba:67:67:17:31:23:
84:48:95:61:82:57:b4:26:fe:a4:32:ee:d7:62:33:ca:9c:da:
13:17:11:93:58:ca:d3:73:67:08:a3:1f:15:81:e0:9f:0a:1a:
a3:35:3b:a7:1a:4f:7e:f8:96:36:c9:e0:5f:69:b8:2c:04:92:
3f:ae:6f:fe:22:1c:40:8d:57:df:11:c4:03:d5:c5:cc:74:b6:
95:4a:eb:b7:7e:40:04:17:ba:9e:25:22:b1:c2:fa:95:08:e4:
4d:25:95:9d:5e:3d:c0:3a:5e:90:61:93:a0:9b:a2:4b:bc:fe:
6a:6c:4e:ee:35:36:f7:37:93:cf:0d:ef:71:d2:2b:bb:4e:7a:
98:a0:18:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3NRVHl/NP1ODUaAjaQ7MBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIxMjAwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmNkODE1N2U2NDU3MDY0MjJkZTAyMTI4NmM2YWU1YTgzMDg5ZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXRFcwibsYrABAiG08PzOlZIpPbx
qXkb7CrRZPPdUViD59sCW4GzoGUzdq7qBVh+Ycsc5X5mcjfnOlG7iHKM9amc9Nc8
/yKO32LirsXlQRgl3kFSCdKC5d1YNp80UFluAKSrezkIILZZkNtkQ708oRasFov/
zdhLAWHDk3+hRiZ/+RUQnQRHU5RBNmd8mxgKR9nOz11rBVda0eN8VPsUN0zLe7zo
/UBJ3YRmh4ciGGg4WluxGiV86gB1NlCd0TBGR2Gw4r4i6VA2CeYSOBC4BgRIbNPj
aECGT8IvDJxyOgWIKLW9UOtASArNFlTK8QBFZW2Ccm/pwrL5JKL/tVWScwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNLNgVfmRXBkIt4CEobGrlqDCJ6XMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMHMyQlYtWkZjR1FpM2dJU2hzYXVXb01JbnBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZCaAwQA
LZdYMA0GCSqGSIb3DQEBCwUAA4IBAQCxM4NqvMX6H57YPBtEmwMR0GPLh/tlO2oF
dLbxo2SRS/bMNbr/PsOdcs7krIylBs19qlezk8oqiiQphumaji9XGBfSd0tAjHd9
tD/cvUSg3xIgDrk4SVx8fjTYcShOXRBwJ2JUXE2WOfUUNNquzb5ew0YlzFsQCvK6
Z2cXMSOESJVhgle0Jv6kMu7XYjPKnNoTFxGTWMrTc2cIox8VgeCfChqjNTunGk9+
+JY2yeBfabgsBJI/rm/+IhxAjVffEcQD1cXMdLaVSuu3fkAEF7qeJSKxwvqVCORN
JZWdXj3AOl6QYZOgm6JLvP5qbE7uNTb3N5PPDe9x0iu7TnqYoBi0
-----END CERTIFICATE-----
Generated at Sun Apr 28 10:04:18 2024 by rpki-client on console-ams.rpki-client.org