Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/nsOo67P1pOxIhOHap1kvjAR1RMk.roa
File: nsOo67P1pOxIhOHap1kvjAR1RMk.roa (raw, json)
Hash identifier: tXPzP2r5oOkRIIGaSeFIaz/0I3DrQz8utyF4G0BMg9Q=
Subject key identifier: 9E:C3:A8:EB:B3:F5:A4:EC:48:84:E1:DA:A7:59:2F:8C:04:75:44:C9
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 018CC9BC63A267AC87BE3E961762AA39B90B
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/nsOo67P1pOxIhOHap1kvjAR1RMk.roa
Signing time: Tue 02 Jan 2024 10:33:35 +0000
ROA not before: Tue 02 Jan 2024 10:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210411
IP address blocks: 45.94.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 19:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:63:a2:67:ac:87:be:3e:96:17:62:aa:39:b9:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Jan 2 10:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ec3a8ebb3f5a4ec4884e1daa7592f8c047544c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:02:bf:0a:1b:76:4a:34:f1:29:96:5a:50:47:
eb:0d:45:4e:35:04:ba:ef:ef:09:46:fa:68:d1:ea:
cc:7d:d5:03:33:f0:2d:d8:a6:ed:3d:22:9b:54:21:
c1:5c:37:e2:72:1b:7e:8f:1f:ba:0f:0e:31:6a:e1:
14:e7:24:44:b9:7b:97:4b:26:f2:95:ae:de:36:55:
f7:c8:f8:ff:4f:3f:e1:a4:08:b0:cb:38:c4:f9:d0:
23:b2:95:30:40:cf:5c:7d:80:62:78:26:f9:97:ae:
25:a9:5c:3f:5a:6d:0f:4c:6b:03:3f:e2:22:45:50:
dd:47:aa:0c:db:bc:74:6f:28:f6:79:b9:d3:08:6d:
41:96:4b:a1:fb:9b:60:34:91:57:86:3e:ea:6b:ce:
86:0b:5b:16:a5:a1:95:c5:33:98:4f:8e:06:4a:26:
77:c5:71:81:8c:4f:fa:6d:13:eb:b3:42:d4:a3:69:
fa:61:95:1a:56:e4:55:5f:f5:fb:78:51:bf:b3:08:
d7:95:51:f9:d9:51:7f:db:9c:9f:2e:e4:81:43:ee:
c4:ac:3c:a9:92:72:9d:cd:1b:e7:d2:66:c5:50:b7:
1b:14:44:36:13:c4:a6:da:28:8d:ce:e8:cb:47:a2:
13:26:d3:a8:1c:5c:af:93:e5:76:3a:c5:00:4c:f9:
12:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C3:A8:EB:B3:F5:A4:EC:48:84:E1:DA:A7:59:2F:8C:04:75:44:C9
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/nsOo67P1pOxIhOHap1kvjAR1RMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.52.0/24
Signature Algorithm: sha256WithRSAEncryption
12:b7:6a:c3:0f:03:50:79:25:72:c4:2c:e2:4c:32:e4:fc:80:
12:63:7d:f7:3c:4a:3b:63:d2:54:53:ce:15:33:76:2d:ec:79:
af:9b:22:df:71:28:5e:75:0d:46:06:c4:28:2c:81:f5:d5:7a:
85:dd:2c:4d:fb:81:df:e2:58:41:15:7c:a8:cd:85:21:38:bc:
13:83:6e:b2:b2:a4:0c:8a:83:dc:6c:69:12:93:ac:0d:26:fd:
0c:7e:1a:36:b8:be:9f:bf:3c:5c:48:1b:ff:4d:50:db:9c:c0:
98:61:58:15:89:75:bf:11:d8:48:54:1d:66:c6:8e:d8:ed:9c:
c4:8d:28:a1:9c:41:de:a8:71:22:f9:4c:1a:9d:f9:27:32:3c:
0c:c4:6e:22:91:8d:ed:01:52:4b:34:53:d9:94:bb:b8:cd:dd:
dc:d4:88:12:9d:af:43:bb:34:d5:d4:b0:32:4c:4d:e1:8d:2b:
34:e7:28:72:59:6f:a4:9f:6e:d6:b2:1a:10:a3:7e:fc:c8:ba:
e8:a8:16:f0:e7:53:07:4f:5d:dc:46:12:ae:3f:90:56:a1:63:
5a:c4:69:ce:07:a7:f6:52:de:55:34:6d:55:53:f3:0f:aa:d4:
93:ca:7e:de:93:9c:63:fd:d8:25:1b:dd:a9:51:6c:45:e6:e4:
3c:ec:29:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvGOiZ6yHvj6WF2KqObkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwMTAyMTAzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWMzYThlYmIzZjVhNGVjNDg4NGUxZGFhNzU5MmY4YzA0NzU0NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwK/Cht2SjTxKZZaUEfrDUVONQS6
7+8JRvpo0erMfdUDM/At2KbtPSKbVCHBXDficht+jx+6Dw4xauEU5yREuXuXSyby
la7eNlX3yPj/Tz/hpAiwyzjE+dAjspUwQM9cfYBieCb5l64lqVw/Wm0PTGsDP+Ii
RVDdR6oM27x0byj2ebnTCG1Blkuh+5tgNJFXhj7qa86GC1sWpaGVxTOYT44GSiZ3
xXGBjE/6bRPrs0LUo2n6YZUaVuRVX/X7eFG/swjXlVH52VF/25yfLuSBQ+7ErDyp
knKdzRvn0mbFULcbFEQ2E8Sm2iiNzujLR6ITJtOoHFyvk+V2OsUATPkSgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7DqOuz9aTsSITh2qdZL4wEdUTJMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvbnNPbzY3UDFwT3hJaE9IYXAxa3ZqQVIxUk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV40MA0G
CSqGSIb3DQEBCwUAA4IBAQASt2rDDwNQeSVyxCziTDLk/IASY333PEo7Y9JUU84V
M3Yt7HmvmyLfcShedQ1GBsQoLIH11XqF3SxN+4Hf4lhBFXyozYUhOLwTg26ysqQM
ioPcbGkSk6wNJv0Mfho2uL6fvzxcSBv/TVDbnMCYYVgViXW/EdhIVB1mxo7Y7ZzE
jSihnEHeqHEi+UwanfknMjwMxG4ikY3tAVJLNFPZlLu4zd3c1IgSna9DuzTV1LAy
TE3hjSs05yhyWW+kn27WshoQo378yLroqBbw51MHT13cRhKuP5BWoWNaxGnOB6f2
Ut5VNG1VU/MPqtSTyn7ek5xj/dglG92pUWxF5uQ87Cnb
-----END CERTIFICATE-----
Generated at Mon May 13 02:05:06 2024 by rpki-client on console-fra.rpki-client.org