Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/lRnPs1I47AaVBHetem50cN-N1rc.roa
File: lRnPs1I47AaVBHetem50cN-N1rc.roa (raw, json)
Hash identifier: RrwoBbU+dZTWc8siwD6Ur6HWVvBcKfKLArLWeVhU/vQ=
Subject key identifier: 95:19:CF:B3:52:38:EC:06:95:04:77:AD:7A:6E:74:70:DF:8D:D6:B7
Certificate issuer: /CN=ebbd22afb80dfada2003d40e546dafd37ff869fd
Certificate serial: 018FA3AB4A72E9C8C0EAF591729DBE28D569
Authority key identifier: EB:BD:22:AF:B8:0D:FA:DA:20:03:D4:0E:54:6D:AF:D3:7F:F8:69:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/670ir7gN-togA9QOVG2v03_4af0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/lRnPs1I47AaVBHetem50cN-N1rc.roa
Signing time: Thu 23 May 2024 04:17:42 +0000
ROA not before: Thu 23 May 2024 04:17:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 45.88.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/670ir7gN-togA9QOVG2v03_4af0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/670ir7gN-togA9QOVG2v03_4af0.mft
rsync://rpki.ripe.net/repository/DEFAULT/670ir7gN-togA9QOVG2v03_4af0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a3:ab:4a:72:e9:c8:c0:ea:f5:91:72:9d:be:28:d5:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebbd22afb80dfada2003d40e546dafd37ff869fd
Validity
Not Before: May 23 04:17:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9519cfb35238ec06950477ad7a6e7470df8dd6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f9:f4:6c:34:2e:f1:47:6f:ed:5e:76:60:c2:
48:eb:6f:9a:7a:43:69:4f:dd:67:07:24:24:24:fb:
44:6d:e7:1c:99:5b:88:56:c5:4f:52:62:be:72:92:
90:7a:39:9c:2f:65:0c:ec:06:3f:bc:0e:9d:e4:cd:
fd:a0:35:d5:8c:f0:d9:77:de:22:3b:e3:7d:55:72:
35:7e:67:c2:73:d8:14:4f:d9:0e:33:d6:ed:e5:0d:
3a:4e:e5:6d:83:3c:b7:6a:ac:f2:1b:ba:f8:cb:5b:
57:f1:d3:80:16:0a:b6:5c:7b:8b:1d:09:d1:de:31:
e3:3b:47:b0:25:f3:2a:da:aa:2c:c4:db:ad:bf:3c:
f3:b5:2c:50:fb:9e:b4:5a:f3:51:a6:19:1a:24:89:
12:93:29:f6:7f:95:20:43:91:ae:bf:b0:25:8c:86:
62:ea:36:b2:30:f6:9c:26:02:9b:84:71:be:f4:5e:
29:e9:f4:f9:48:1b:06:89:f0:05:4d:1c:75:9b:c6:
1b:e7:bb:df:b1:f5:21:6a:ce:16:c0:88:47:92:f0:
aa:92:ea:bd:0a:01:78:a7:cc:e6:54:d0:40:9b:fa:
89:28:42:32:00:38:36:34:b2:b6:46:51:43:47:d9:
eb:6f:e2:83:22:8a:46:62:fd:45:1a:bc:05:88:0c:
f6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:19:CF:B3:52:38:EC:06:95:04:77:AD:7A:6E:74:70:DF:8D:D6:B7
X509v3 Authority Key Identifier:
keyid:EB:BD:22:AF:B8:0D:FA:DA:20:03:D4:0E:54:6D:AF:D3:7F:F8:69:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/670ir7gN-togA9QOVG2v03_4af0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/lRnPs1I47AaVBHetem50cN-N1rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7d3565-7b00-4d81-9ab3-919eaba61b94/1/670ir7gN-togA9QOVG2v03_4af0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.225.0/24
Signature Algorithm: sha256WithRSAEncryption
98:d7:b4:8f:d7:c4:8c:c6:32:fe:8c:00:b7:7b:bc:86:d6:0a:
70:af:46:c0:e9:f0:20:55:bd:61:01:20:8b:b2:2a:de:3f:81:
39:f2:02:bc:83:e2:2e:65:0a:1e:00:f4:57:72:a6:77:71:48:
48:36:39:52:a3:29:f4:dc:b5:0b:5a:cf:35:6a:81:94:15:e2:
2a:27:8d:ba:b1:ca:17:8c:f2:5b:6f:b4:c1:8c:90:29:43:87:
b6:54:86:a1:b7:07:3a:46:5e:0e:85:01:f2:75:ca:6b:91:cf:
a8:83:6c:6d:38:4e:5d:18:98:31:58:bd:fa:c3:c4:ee:b9:a7:
92:86:68:b7:8f:83:f8:5d:1e:a2:ae:c8:8a:d8:ca:19:55:2c:
63:d3:e8:6e:e1:ee:70:a1:cc:07:12:28:36:1f:bb:98:7a:d5:
cd:f7:68:89:b7:23:4f:bd:fe:df:a8:b5:08:5b:2b:fe:7f:c7:
f7:28:a3:b4:62:9c:46:dc:98:2b:32:5f:ab:eb:b1:23:3c:9c:
6c:74:02:ab:c9:5e:be:4e:5a:a9:df:1c:6d:f9:09:21:6d:a2:
43:63:5d:fa:b5:8b:95:b8:a4:03:32:24:8e:50:4b:d1:a6:89:
b1:cf:ef:b7:9b:f2:c5:bd:29:ab:05:69:07:4b:b2:b6:90:cd:
da:80:c1:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+jq0py6cjA6vWRcp2+KNVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYmQyMmFmYjgwZGZhZGEyMDAzZDQwZTU0NmRhZmQzN2Zm
ODY5ZmQwHhcNMjQwNTIzMDQxNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTE5Y2ZiMzUyMzhlYzA2OTUwNDc3YWQ3YTZlNzQ3MGRmOGRkNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPn0bDQu8Udv7V52YMJI62+aekNp
T91nByQkJPtEbeccmVuIVsVPUmK+cpKQejmcL2UM7AY/vA6d5M39oDXVjPDZd94i
O+N9VXI1fmfCc9gUT9kOM9bt5Q06TuVtgzy3aqzyG7r4y1tX8dOAFgq2XHuLHQnR
3jHjO0ewJfMq2qosxNutvzzztSxQ+560WvNRphkaJIkSkyn2f5UgQ5Guv7AljIZi
6jayMPacJgKbhHG+9F4p6fT5SBsGifAFTRx1m8Yb57vfsfUhas4WwIhHkvCqkuq9
CgF4p8zmVNBAm/qJKEIyADg2NLK2RlFDR9nrb+KDIopGYv1FGrwFiAz2awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUZz7NSOOwGlQR3rXpudHDfjda3MB8GA1UdIwQY
MBaAFOu9Iq+4DfraIAPUDlRtr9N/+Gn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjcwaXI3Z04tdG9nQTlRT1ZHMnYwM180YWYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83ZDM1NjUtN2IwMC00ZDgxLTlhYjMt
OTE5ZWFiYTYxYjk0LzEvbFJuUHMxSTQ3QWFWQkhldGVtNTBjTi1OMXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83ZDM1NjUtN2IwMC00ZDgxLTlhYjMtOTE5ZWFiYTYxYjk0
LzEvNjcwaXI3Z04tdG9nQTlRT1ZHMnYwM180YWYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVjhMA0G
CSqGSIb3DQEBCwUAA4IBAQCY17SP18SMxjL+jAC3e7yG1gpwr0bA6fAgVb1hASCL
sireP4E58gK8g+IuZQoeAPRXcqZ3cUhINjlSoyn03LULWs81aoGUFeIqJ426scoX
jPJbb7TBjJApQ4e2VIahtwc6Rl4OhQHydcprkc+og2xtOE5dGJgxWL36w8TuuaeS
hmi3j4P4XR6irsiK2MoZVSxj0+hu4e5wocwHEig2H7uYetXN92iJtyNPvf7fqLUI
Wyv+f8f3KKO0YpxG3JgrMl+r67EjPJxsdAKryV6+Tlqp3xxt+QkhbaJDY136tYuV
uKQDMiSOUEvRpomxz++3m/LFvSmrBWkHS7K2kM3agMGk
-----END CERTIFICATE-----
Generated at Wed Dec 11 02:22:16 2024 by rpki-client on console-ams.rpki-client.org