Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/j5HfVQMSo9_4OsLMFkUHu0LQqyM.roa
File: j5HfVQMSo9_4OsLMFkUHu0LQqyM.roa (raw, json)
Hash identifier: nykwO0FnLdpcE68ukqaEBA3CrYWnJ9S/RBgTv69Pmdk=
Subject key identifier: 8F:91:DF:55:03:12:A3:DF:F8:3A:C2:CC:16:45:07:BB:42:D0:AB:23
Certificate issuer: /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial: 018CC72752FB14030322D1D75C93704AF6A6
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/j5HfVQMSo9_4OsLMFkUHu0LQqyM.roa
Signing time: Mon 01 Jan 2024 22:31:32 +0000
ROA not before: Mon 01 Jan 2024 22:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60767
IP address blocks: 45.95.204.0/24 maxlen: 24
2a0e:3940:f000::/36 maxlen: 44
2a0e:3940:1000::/36 maxlen: 44
2a0e:3940:2000::/36 maxlen: 44
2a0e:3940:d000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:52:fb:14:03:03:22:d1:d7:5c:93:70:4a:f6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Validity
Not Before: Jan 1 22:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f91df550312a3dff83ac2cc164507bb42d0ab23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c9:79:fc:02:ce:3c:41:cc:de:c3:36:27:6b:
a1:ec:b7:b5:43:04:eb:56:0f:2e:0f:eb:73:cd:c3:
70:55:f8:14:aa:e7:f0:68:c3:32:25:67:96:bd:13:
9e:a5:9a:6b:69:ca:b5:2f:97:3f:f4:3a:bd:c9:33:
06:f3:78:57:7f:e4:9b:29:07:2c:e8:0e:a3:58:b6:
d2:be:2a:38:c7:b9:05:5b:4e:d9:c8:f6:5b:ac:1d:
ee:c4:67:60:d9:53:c0:15:47:ac:7a:cf:43:1f:e8:
b8:ef:ee:67:a9:0e:27:3d:9e:4f:29:52:6b:db:ff:
9a:e5:10:5d:17:0e:9d:7b:38:bf:03:b6:63:5c:29:
cc:5e:fc:95:bf:97:94:72:4a:08:71:ae:a8:72:9e:
f9:d3:ef:7c:bc:cc:6b:06:b1:42:66:13:e5:99:e8:
72:25:cc:44:11:c6:a1:f8:a7:fb:80:87:89:71:7d:
a1:d1:88:4b:e2:a1:88:aa:de:79:72:ed:4e:5a:1d:
2c:3b:c9:de:ad:78:4a:44:5a:94:4e:5c:81:eb:25:
3d:28:38:2b:70:39:76:eb:60:fd:48:f0:e8:34:63:
4b:5c:c1:19:96:69:59:53:2b:c0:51:56:02:95:cd:
30:4a:49:f2:c3:d5:f1:1c:73:13:31:ab:8e:d4:35:
ef:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:91:DF:55:03:12:A3:DF:F8:3A:C2:CC:16:45:07:BB:42:D0:AB:23
X509v3 Authority Key Identifier:
keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/j5HfVQMSo9_4OsLMFkUHu0LQqyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.204.0/24
IPv6:
2a0e:3940:1000::-2a0e:3940:2fff:ffff:ffff:ffff:ffff:ffff
2a0e:3940:d000::/36
2a0e:3940:f000::/36
Signature Algorithm: sha256WithRSAEncryption
5d:49:58:3c:92:a4:01:4c:a0:b5:d0:0e:22:d6:7d:19:10:67:
60:a5:d6:16:cb:17:f1:f2:47:83:70:71:89:5f:fb:e2:cc:78:
87:65:82:38:82:a2:fa:46:93:68:03:d7:1d:37:db:ab:25:c6:
19:fd:90:a2:ae:93:c7:11:aa:39:e2:b9:36:40:cb:67:36:89:
f1:85:ae:b0:ab:11:d7:60:5e:81:69:7f:61:dd:f3:5b:39:d5:
34:31:95:70:1b:55:e9:bc:f8:18:eb:a6:a8:a6:a1:8a:aa:2d:
59:c9:bc:cc:80:00:8d:7b:2b:9b:a6:2c:0e:11:3d:5f:40:9e:
f4:7a:a0:35:1d:48:38:de:e2:54:dc:5e:46:24:7f:dc:cc:1b:
d7:40:f6:79:ec:69:f3:4f:90:7e:35:e2:df:77:51:ae:f3:23:
5d:2f:eb:7e:8e:29:9b:85:ff:0e:4d:96:1f:28:75:07:bc:47:
74:92:ff:0c:81:ed:96:8f:bd:05:aa:1b:1c:b0:79:10:e4:d4:
96:fe:3a:75:25:4b:ca:0f:b3:98:66:bf:be:85:f6:e1:4e:44:
05:7b:f7:ab:69:dc:e8:bd:68:59:20:6c:25:94:89:2f:b3:ab:
ef:e8:a4:79:c4:b5:09:b8:56:50:08:c7:9a:3a:cd:27:43:19:
ec:85:45:d8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzHJ1L7FAMDItHXXJNwSvamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjkxZGY1NTAzMTJhM2RmZjgzYWMyY2MxNjQ1MDdiYjQyZDBhYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sl5/ALOPEHM3sM2J2uh7Le1QwTr
Vg8uD+tzzcNwVfgUqufwaMMyJWeWvROepZpracq1L5c/9Dq9yTMG83hXf+SbKQcs
6A6jWLbSvio4x7kFW07ZyPZbrB3uxGdg2VPAFUeses9DH+i47+5nqQ4nPZ5PKVJr
2/+a5RBdFw6dezi/A7ZjXCnMXvyVv5eUckoIca6ocp750+98vMxrBrFCZhPlmehy
JcxEEcah+Kf7gIeJcX2h0YhL4qGIqt55cu1OWh0sO8nerXhKRFqUTlyB6yU9KDgr
cDl262D9SPDoNGNLXMEZlmlZUyvAUVYClc0wSknyw9XxHHMTMauO1DXvLQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFI+R31UDEqPf+DrCzBZFB7tC0KsjMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvajVIZlZRTVNvOV80T3NMTUZrVUh1MExRcXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAMBAIAATAGAwQALV/MMCgE
AgACMCIwEAMGBCoOOUAQAwYEKg45QCADBgQqDjlA0AMGBCoOOUDwMA0GCSqGSIb3
DQEBCwUAA4IBAQBdSVg8kqQBTKC10A4i1n0ZEGdgpdYWyxfx8keDcHGJX/vizHiH
ZYI4gqL6RpNoA9cdN9urJcYZ/ZCirpPHEao54rk2QMtnNonxha6wqxHXYF6BaX9h
3fNbOdU0MZVwG1XpvPgY66aopqGKqi1ZybzMgACNeyubpiwOET1fQJ70eqA1HUg4
3uJU3F5GJH/czBvXQPZ57GnzT5B+NeLfd1Gu8yNdL+t+jimbhf8OTZYfKHUHvEd0
kv8Mge2Wj70FqhscsHkQ5NSW/jp1JUvKD7OYZr++hfbhTkQFe/eradzovWhZIGwl
lIkvs6vv6KR5xLUJuFZQCMeaOs0nQxnshUXY
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:58:45 2024 by rpki-client on console-ams.rpki-client.org