Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/lNcOYHdvXt6YhO-vf3YqwS5ODgs.roa
File: lNcOYHdvXt6YhO-vf3YqwS5ODgs.roa (raw, json)
Hash identifier: VnWJUkJEvSDvVYR9/9lTCdh8aK3cfvSd70UNRnHmmd0=
Subject key identifier: 94:D7:0E:60:77:6F:5E:DE:98:84:EF:AF:7F:76:2A:C1:2E:4E:0E:0B
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 0191706AF257A84C9FDF5FB7176A39BC3323
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/lNcOYHdvXt6YhO-vf3YqwS5ODgs.roa
Signing time: Tue 20 Aug 2024 15:32:22 +0000
ROA not before: Tue 20 Aug 2024 15:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200590
IP address blocks: 45.66.52.0/24 maxlen: 24
45.156.114.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:70:6a:f2:57:a8:4c:9f:df:5f:b7:17:6a:39:bc:33:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Aug 20 15:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94d70e60776f5ede9884efaf7f762ac12e4e0e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a3:e6:1e:bb:c1:24:9c:1a:f4:d4:84:c6:65:
bb:9f:36:17:9e:76:20:f8:39:1a:e9:3a:bd:af:41:
64:e5:c2:db:bf:f5:65:92:db:15:57:7b:d7:fd:f2:
bf:3f:7d:22:f8:92:73:03:b3:ca:9c:29:6e:72:4e:
a8:bc:53:dd:c3:77:8a:62:b9:4d:f7:10:a5:72:79:
f9:80:6b:ba:d5:7b:7e:04:59:e5:8a:dd:44:aa:f4:
f8:3f:5a:ef:02:a2:72:36:d8:0b:f5:63:1c:cc:8a:
c8:28:b5:a2:63:b5:76:e5:81:42:7b:07:6c:21:4e:
40:65:21:57:4d:ea:30:26:e6:16:44:62:72:9f:06:
88:d2:a1:7b:ff:52:93:c5:13:46:03:3a:dc:30:c5:
4a:3b:e4:47:4c:9a:b8:94:2f:af:18:ad:f3:c8:96:
20:c1:07:f6:17:70:e6:71:b3:59:ee:c1:de:e8:f8:
3d:e1:9f:6a:60:ec:8a:d0:b1:07:cb:f8:2a:fb:c7:
9e:4c:28:71:20:ea:00:71:32:84:29:a9:35:bf:ea:
79:7a:b6:87:20:d4:f9:45:6a:0b:29:33:31:41:41:
e0:0d:ef:34:e5:49:52:27:ae:52:0d:e3:40:2d:f7:
f6:e3:89:8d:c3:4c:0b:c1:85:26:b9:88:91:8a:23:
bd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D7:0E:60:77:6F:5E:DE:98:84:EF:AF:7F:76:2A:C1:2E:4E:0E:0B
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/lNcOYHdvXt6YhO-vf3YqwS5ODgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.52.0/24
45.156.114.0/23
Signature Algorithm: sha256WithRSAEncryption
77:f5:ba:f3:6a:63:c0:3f:02:0b:f3:26:38:68:e0:be:d0:86:
29:fd:2d:c5:09:39:c0:18:d9:a6:96:9d:95:4d:33:f4:a4:42:
52:5f:15:68:b5:2c:7a:50:44:3d:7d:3d:9e:49:ee:b2:d8:db:
38:42:45:fd:24:61:f0:f9:c4:1d:2a:03:9e:6c:4a:b2:d3:fc:
cd:ec:a8:d3:a6:72:d9:a8:67:e9:05:8c:51:16:68:10:42:b2:
f8:60:0c:f2:f6:1f:d1:94:fc:c5:0d:2d:91:cd:31:fe:c8:bc:
1d:72:b7:34:5b:bb:cf:64:04:e5:6e:fd:fb:2d:ac:55:a5:98:
67:be:c5:c2:cf:43:cd:79:1a:89:63:f7:b8:2a:e1:fa:a6:8e:
a5:c2:28:ac:3a:a7:b5:13:e4:65:84:c1:17:46:a4:0c:03:e9:
25:1f:93:ab:20:74:92:0f:06:c5:10:12:46:41:cb:52:4f:52:
dc:a7:9f:24:c0:61:3e:a7:9e:ac:22:c5:32:af:44:bb:6a:90:
38:59:aa:5b:d1:c7:f2:53:56:66:f5:67:90:b6:01:ae:e3:05:
22:ad:51:87:0a:44:52:89:87:36:56:cb:09:b1:6e:ab:0c:2a:
7c:f9:4c:c7:71:67:05:4e:8d:0a:c2:54:35:ff:ba:00:40:7d:
ee:eb:5c:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFwavJXqEyf31+3F2o5vDMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQwODIwMTUzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ3MGU2MDc3NmY1ZWRlOTg4NGVmYWY3Zjc2MmFjMTJlNGUwZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKPmHrvBJJwa9NSExmW7nzYXnnYg
+Dka6Tq9r0Fk5cLbv/VlktsVV3vX/fK/P30i+JJzA7PKnCluck6ovFPdw3eKYrlN
9xClcnn5gGu61Xt+BFnlit1EqvT4P1rvAqJyNtgL9WMczIrIKLWiY7V25YFCewds
IU5AZSFXTeowJuYWRGJynwaI0qF7/1KTxRNGAzrcMMVKO+RHTJq4lC+vGK3zyJYg
wQf2F3DmcbNZ7sHe6Pg94Z9qYOyK0LEHy/gq+8eeTChxIOoAcTKEKak1v+p5eraH
INT5RWoLKTMxQUHgDe805UlSJ65SDeNALff244mNw0wLwYUmuYiRiiO9qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJTXDmB3b17emITvr392KsEuTg4LMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvbE5jT1lIZHZYdDZZaE8tdmYzWXF3UzVPRGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUI0AwQB
LZxyMA0GCSqGSIb3DQEBCwUAA4IBAQB39brzamPAPwIL8yY4aOC+0IYp/S3FCTnA
GNmmlp2VTTP0pEJSXxVotSx6UEQ9fT2eSe6y2Ns4QkX9JGHw+cQdKgOebEqy0/zN
7KjTpnLZqGfpBYxRFmgQQrL4YAzy9h/RlPzFDS2RzTH+yLwdcrc0W7vPZATlbv37
LaxVpZhnvsXCz0PNeRqJY/e4KuH6po6lwiisOqe1E+RlhMEXRqQMA+klH5OrIHSS
DwbFEBJGQctST1Lcp58kwGE+p56sIsUyr0S7apA4Wapb0cfyU1Zm9WeQtgGu4wUi
rVGHCkRSiYc2VssJsW6rDCp8+UzHcWcFTo0KwlQ1/7oAQH3u61zr
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:56:08 2024 by rpki-client on console-ams.rpki-client.org