Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/7Qfc23fEaqRCsWl44gG9zcfmosg.roa
File: 7Qfc23fEaqRCsWl44gG9zcfmosg.roa (raw, json)
Hash identifier: ezYlqkFBc52bxpI3vPDySOwJ8D7QXvSI0lKXbZfETwU=
Subject key identifier: ED:07:DC:DB:77:C4:6A:A4:42:B1:69:78:E2:01:BD:CD:C7:E6:A2:C8
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 018EA2577861A21C76D90CDBD08DEB68F56B
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/7Qfc23fEaqRCsWl44gG9zcfmosg.roa
Signing time: Wed 03 Apr 2024 05:03:45 +0000
ROA not before: Wed 03 Apr 2024 05:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.135.168.0/24 maxlen: 24
45.141.212.0/23 maxlen: 24
79.143.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:57:78:61:a2:1c:76:d9:0c:db:d0:8d:eb:68:f5:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Apr 3 05:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed07dcdb77c46aa442b16978e201bdcdc7e6a2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:72:d4:95:95:ed:16:2d:59:dd:c3:d2:d8:27:
35:57:48:e6:c3:76:75:28:f2:bf:5a:cb:ff:7e:0d:
4e:23:a0:f3:31:63:8e:65:12:0a:77:d2:08:e7:58:
8e:0f:02:8a:14:25:51:e9:37:a1:e8:f3:2a:d0:76:
de:61:12:07:b9:41:87:60:3f:df:04:4a:73:84:dc:
e4:1f:e2:4f:34:52:b5:d4:ca:a9:f9:d4:af:d1:c1:
84:00:1c:02:eb:16:fd:e7:1b:fb:b9:fb:f2:9f:04:
3c:f0:d9:da:29:e2:74:66:8d:08:17:73:c7:8e:e1:
6c:e5:b0:85:95:0f:53:8e:ca:26:4e:10:53:8e:4d:
eb:74:8a:c8:9b:67:d5:7c:d0:4a:87:42:f2:f6:66:
ea:66:4c:18:8c:cd:00:12:15:d4:60:55:10:91:f0:
69:ee:eb:e0:74:80:ba:23:f1:b7:e2:8b:70:05:1d:
14:fe:8e:e1:41:f3:84:14:cc:b7:21:d7:40:2c:7d:
c2:a6:95:f6:ee:ae:9b:6d:53:e1:45:6c:1c:55:bf:
ee:07:79:6e:0d:04:2c:4d:fd:10:e0:74:31:61:b0:
9a:a8:ba:28:53:e9:55:c4:b9:55:02:8f:d3:60:13:
3c:8a:40:fa:a2:02:76:b1:31:3f:92:88:7a:5a:e2:
fa:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:07:DC:DB:77:C4:6A:A4:42:B1:69:78:E2:01:BD:CD:C7:E6:A2:C8
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/7Qfc23fEaqRCsWl44gG9zcfmosg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.168.0/24
45.141.212.0/23
79.143.136.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:52:45:b1:ed:4f:91:46:c2:6b:aa:7d:c9:e2:f1:93:57:35:
2e:f8:6a:47:06:8f:d4:04:93:4e:62:32:4f:56:b9:31:76:16:
93:e1:56:1c:bc:64:c7:14:da:eb:33:fd:dc:94:2a:78:fe:af:
ed:a4:7a:43:05:87:14:65:af:3d:3b:e9:fd:de:e4:8a:33:0b:
2e:76:20:94:33:5e:c2:7b:d1:f0:8c:8d:c4:a1:c4:fd:b5:53:
68:0a:c0:ad:41:3f:1a:4a:b8:f7:ef:69:ae:8d:54:82:50:ef:
b4:93:c0:75:0c:e2:02:48:b0:e9:4e:f7:94:dd:2c:71:0c:c4:
0b:78:9d:a6:6b:1c:6c:59:48:4e:a7:a0:ab:3c:74:88:ed:4f:
b8:a5:58:f6:de:be:13:ec:53:29:e8:a5:4e:92:b3:2b:b7:0f:
c3:55:d5:87:c9:bd:40:eb:70:92:ee:a4:da:ab:37:c7:4e:c4:
53:3a:d0:07:59:f1:d3:01:81:33:36:4b:ec:ef:3f:6e:ac:c5:
46:ef:49:55:a8:a3:06:bd:cd:14:ef:29:dd:70:a5:e8:80:9c:
98:76:c4:a9:ad:c8:74:78:bb:f5:a9:70:f0:2f:db:a6:de:43:
29:ec:a5:c5:1f:61:e1:21:e2:ba:f1:9c:c6:e9:ca:bf:38:13:
10:9b:74:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6iV3hhohx22Qzb0I3raPVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFm
OWYwN2UwHhcNMjQwNDAzMDUwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA3ZGNkYjc3YzQ2YWE0NDJiMTY5NzhlMjAxYmRjZGM3ZTZhMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnLUlZXtFi1Z3cPS2Cc1V0jmw3Z1
KPK/Wsv/fg1OI6DzMWOOZRIKd9II51iODwKKFCVR6Teh6PMq0HbeYRIHuUGHYD/f
BEpzhNzkH+JPNFK11Mqp+dSv0cGEABwC6xb95xv7ufvynwQ88NnaKeJ0Zo0IF3PH
juFs5bCFlQ9TjsomThBTjk3rdIrIm2fVfNBKh0Ly9mbqZkwYjM0AEhXUYFUQkfBp
7uvgdIC6I/G34otwBR0U/o7hQfOEFMy3IddALH3CppX27q6bbVPhRWwcVb/uB3lu
DQQsTf0Q4HQxYbCaqLooU+lVxLlVAo/TYBM8ikD6ogJ2sTE/koh6WuL6IwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO0H3Nt3xGqkQrFpeOIBvc3H5qLIMB8GA1UdIwQY
MBaAFLqqe0wB6SnDiSOYGrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUt
ZTY4ZjZjZjJjMGQyLzEvN1FmYzIzZkVhcVJDc1dsNDRnRzl6Y2Ztb3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQy
LzEvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYeoAwQB
LY3UAwQAT4+IMA0GCSqGSIb3DQEBCwUAA4IBAQCjUkWx7U+RRsJrqn3J4vGTVzUu
+GpHBo/UBJNOYjJPVrkxdhaT4VYcvGTHFNrrM/3clCp4/q/tpHpDBYcUZa89O+n9
3uSKMwsudiCUM17Ce9HwjI3EocT9tVNoCsCtQT8aSrj372mujVSCUO+0k8B1DOIC
SLDpTveU3SxxDMQLeJ2maxxsWUhOp6CrPHSI7U+4pVj23r4T7FMp6KVOkrMrtw/D
VdWHyb1A63CS7qTaqzfHTsRTOtAHWfHTAYEzNkvs7z9urMVG70lVqKMGvc0U7ynd
cKXogJyYdsSprch0eLv1qXDwL9um3kMp7KXFH2HhIeK68ZzG6cq/OBMQm3RD
-----END CERTIFICATE-----
Generated at Fri May 10 00:43:23 2024 by rpki-client on console-ams.rpki-client.org