Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/09AhODH8jdRGyrQvy4UzUTAdhIw.roa
File: 09AhODH8jdRGyrQvy4UzUTAdhIw.roa (raw, json)
Hash identifier: pTsVz8xf43TT4PCl1IIDfU5Yae9qyKpAV6qxYLjd6HA=
Subject key identifier: D3:D0:21:38:31:FC:8D:D4:46:CA:B4:2F:CB:85:33:51:30:1D:84:8C
Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial: 018D8AC0EC43CBE50D0CBFF34E3CD54BE2C7
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/09AhODH8jdRGyrQvy4UzUTAdhIw.roa
Signing time: Thu 08 Feb 2024 22:05:15 +0000
ROA not before: Thu 08 Feb 2024 22:05:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46261
IP address blocks: 45.135.138.0/24 maxlen: 24
45.135.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8a:c0:ec:43:cb:e5:0d:0c:bf:f3:4e:3c:d5:4b:e2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Validity
Not Before: Feb 8 22:05:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3d0213831fc8dd446cab42fcb853351301d848c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9d:40:e0:96:dd:cf:1b:f8:e4:c8:19:24:98:
4e:8f:02:1f:aa:60:09:af:63:34:ed:4a:11:d4:c1:
46:41:31:81:33:28:82:bc:64:23:6e:e1:de:c6:cc:
8f:f6:fb:67:71:a2:12:a5:d3:25:27:fe:1e:15:c8:
0b:8c:ae:6d:76:c6:22:cc:1d:c7:22:c2:1e:bd:75:
bf:58:13:f4:3a:31:fc:61:00:ad:98:8b:c6:97:34:
1f:d5:1a:c1:06:1c:2a:8d:ae:0d:1d:1a:61:9e:bc:
ec:d4:21:1c:74:54:6d:37:59:bf:27:97:e4:2a:40:
ea:34:53:cf:46:fd:2d:3b:ea:7f:79:9b:94:60:81:
67:77:1a:9a:76:26:d6:60:8d:75:73:4b:e8:b1:30:
cc:09:de:de:20:d4:d1:fa:67:09:26:53:5c:6f:79:
85:ca:b2:7c:54:24:a6:36:e3:90:7b:0e:72:a1:ba:
5f:86:7b:b7:2b:bf:2e:04:64:f6:43:eb:ed:2a:03:
fa:45:29:d1:2d:d9:d6:42:f8:37:a5:df:35:99:3f:
65:4e:a4:57:ff:93:73:2f:ea:5f:0f:49:4b:9c:87:
a2:ff:06:e0:f6:f0:8e:55:8a:a6:3f:39:8a:65:bb:
fd:f6:3a:a6:2a:82:54:15:e2:8e:2f:0f:a2:df:b6:
c9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D0:21:38:31:FC:8D:D4:46:CA:B4:2F:CB:85:33:51:30:1D:84:8C
X509v3 Authority Key Identifier:
keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/09AhODH8jdRGyrQvy4UzUTAdhIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.138.0/23
Signature Algorithm: sha256WithRSAEncryption
18:0f:36:dc:f3:c6:f1:a6:8b:73:c6:37:4e:4e:5d:2d:b5:8c:
4a:9e:bb:04:df:0a:e4:78:a3:d8:db:9c:72:96:9b:a3:a6:52:
a1:99:b3:af:f0:6b:ea:4f:6f:48:30:6a:b1:5d:f8:2e:0b:77:
58:c2:04:c8:dd:7f:d1:b9:04:fe:71:ff:e7:d0:2a:6c:a3:ba:
09:6a:2c:f7:91:4c:1c:16:8c:f0:08:a5:81:ea:eb:00:47:7d:
78:7f:d5:df:af:85:84:27:f8:bd:43:f9:32:7c:c8:b9:46:f9:
0f:87:8e:9c:1c:f5:e8:7f:70:36:fb:2c:da:b1:b2:19:7f:b3:
a0:b4:68:e9:27:10:0a:51:cd:6b:8d:69:bd:66:9e:4c:4f:94:
5c:66:03:8f:82:10:b0:6a:bc:69:12:21:6f:58:14:94:c1:cf:
58:4a:f8:d7:aa:82:3f:cb:11:f4:f9:0c:f2:ab:88:24:e0:f6:
7a:63:2d:2f:a5:33:e1:36:66:89:a6:fe:b6:75:26:52:1e:71:
d5:31:27:ae:64:fc:18:47:03:29:05:19:c0:95:a2:a7:c6:ff:
08:66:dc:db:8d:d7:cf:34:eb:3b:5e:c5:49:e4:d6:57:f3:3d:
86:ad:42:6c:c4:5e:4d:fa:5e:31:93:98:21:55:23:6e:99:b4:
61:2c:b4:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2KwOxDy+UNDL/zTjzVS+LHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjQwMjA4MjIwNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2QwMjEzODMxZmM4ZGQ0NDZjYWI0MmZjYjg1MzM1MTMwMWQ4NDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAip1A4Jbdzxv45MgZJJhOjwIfqmAJ
r2M07UoR1MFGQTGBMyiCvGQjbuHexsyP9vtncaISpdMlJ/4eFcgLjK5tdsYizB3H
IsIevXW/WBP0OjH8YQCtmIvGlzQf1RrBBhwqja4NHRphnrzs1CEcdFRtN1m/J5fk
KkDqNFPPRv0tO+p/eZuUYIFndxqadibWYI11c0vosTDMCd7eINTR+mcJJlNcb3mF
yrJ8VCSmNuOQew5yobpfhnu3K78uBGT2Q+vtKgP6RSnRLdnWQvg3pd81mT9lTqRX
/5NzL+pfD0lLnIei/wbg9vCOVYqmPzmKZbv99jqmKoJUFeKOLw+i37bJwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNPQITgx/I3URsq0L8uFM1EwHYSMMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvMDlBaE9ESDhqZFJHeXJRdnk0VXpVVEFkaEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYeKMA0G
CSqGSIb3DQEBCwUAA4IBAQAYDzbc88bxpotzxjdOTl0ttYxKnrsE3wrkeKPY25xy
lpujplKhmbOv8GvqT29IMGqxXfguC3dYwgTI3X/RuQT+cf/n0Cpso7oJaiz3kUwc
FozwCKWB6usAR314f9Xfr4WEJ/i9Q/kyfMi5RvkPh46cHPXof3A2+yzasbIZf7Og
tGjpJxAKUc1rjWm9Zp5MT5RcZgOPghCwarxpEiFvWBSUwc9YSvjXqoI/yxH0+Qzy
q4gk4PZ6Yy0vpTPhNmaJpv62dSZSHnHVMSeuZPwYRwMpBRnAlaKnxv8IZtzbjdfP
NOs7XsVJ5NZX8z2GrUJsxF5N+l4xk5ghVSNumbRhLLTJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:17:10 2024 by rpki-client on console-ams.rpki-client.org