Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/cMSMdjE8Vxzjj3DlevfGI4xTKUk.roa
File: cMSMdjE8Vxzjj3DlevfGI4xTKUk.roa (raw, json)
Hash identifier: B+TPB6/d8J7oALkl7qKQjtwvCVR3Tu2zTZMlVM1Iz8Y=
Subject key identifier: 70:C4:8C:76:31:3C:57:1C:E3:8F:70:E5:7A:F7:C6:23:8C:53:29:49
Certificate issuer: /CN=159d30b70b9a83cb8ed5501f554a7feca382f959
Certificate serial: 018CC8705371DBCEC4C4912A21770F8DE33B
Authority key identifier: 15:9D:30:B7:0B:9A:83:CB:8E:D5:50:1F:55:4A:7F:EC:A3:82:F9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FZ0wtwuag8uO1VAfVUp_7KOC-Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/cMSMdjE8Vxzjj3DlevfGI4xTKUk.roa
Signing time: Tue 02 Jan 2024 04:30:53 +0000
ROA not before: Tue 02 Jan 2024 04:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199703
IP address blocks: 45.157.144.0/22 maxlen: 22
2a13:f000::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/FZ0wtwuag8uO1VAfVUp_7KOC-Vk.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/FZ0wtwuag8uO1VAfVUp_7KOC-Vk.mft
rsync://rpki.ripe.net/repository/DEFAULT/FZ0wtwuag8uO1VAfVUp_7KOC-Vk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:53:71:db:ce:c4:c4:91:2a:21:77:0f:8d:e3:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=159d30b70b9a83cb8ed5501f554a7feca382f959
Validity
Not Before: Jan 2 04:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70c48c76313c571ce38f70e57af7c6238c532949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:40:64:38:48:ed:ac:fa:3b:db:dd:2c:2c:dd:
6e:21:52:cd:f0:42:03:05:d1:f5:09:c2:22:82:2c:
3b:de:ae:1e:c2:45:3f:11:1b:6a:11:67:7b:89:06:
79:e6:e2:83:11:cf:fc:c7:cd:1b:8e:01:30:f2:1e:
ec:4f:cc:b1:2c:b6:56:33:7e:fd:3e:ab:94:6b:5f:
68:c3:aa:c7:3a:4e:b6:c0:b4:eb:bb:fb:08:7c:6c:
68:85:ff:0d:eb:d0:15:b7:90:6b:c8:f5:87:d3:bf:
60:64:f0:7c:4c:bc:c8:8e:ed:79:37:41:b2:bd:0e:
4d:9d:7a:d8:8b:fd:de:be:15:4e:04:62:7f:78:12:
6f:c5:c8:83:43:04:bf:a7:eb:87:e3:f7:b6:1b:b7:
67:22:7c:67:2e:0a:a2:72:de:c5:28:9a:da:c8:7f:
03:bd:7b:13:24:fc:78:50:45:81:c7:97:77:10:06:
6d:06:d6:29:92:6b:e0:a0:28:58:50:2e:5d:1e:5d:
e8:5f:40:56:a4:a1:c7:6b:17:0f:2e:5f:f8:11:8a:
64:46:aa:ea:81:1b:a6:ed:69:17:83:02:fb:93:16:
3f:ea:16:1e:ec:5f:54:c6:86:ae:94:60:82:9c:0f:
ff:2a:94:71:a8:48:59:aa:f1:c3:15:f3:38:9f:38:
b7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C4:8C:76:31:3C:57:1C:E3:8F:70:E5:7A:F7:C6:23:8C:53:29:49
X509v3 Authority Key Identifier:
keyid:15:9D:30:B7:0B:9A:83:CB:8E:D5:50:1F:55:4A:7F:EC:A3:82:F9:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FZ0wtwuag8uO1VAfVUp_7KOC-Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/cMSMdjE8Vxzjj3DlevfGI4xTKUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/FZ0wtwuag8uO1VAfVUp_7KOC-Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.144.0/22
IPv6:
2a13:f000::/32
Signature Algorithm: sha256WithRSAEncryption
2a:62:c2:e2:ea:a9:d7:33:19:a8:a8:eb:f4:5a:03:b6:d6:fe:
5f:55:2b:0c:d8:5b:95:fc:84:e1:d7:1c:de:0f:d6:93:59:52:
b3:ce:bb:28:e4:de:19:b9:f4:7e:47:ba:07:a6:3f:97:0d:72:
2d:75:23:29:95:22:55:a2:24:00:d1:d8:ff:b3:8f:dd:24:82:
6a:f3:8e:85:30:7a:b8:63:88:f5:03:1b:b3:fc:26:c6:74:07:
03:ff:b7:ed:2e:57:51:ce:0f:6f:64:0e:3b:70:83:05:55:fc:
f2:5f:58:f3:f5:07:80:76:c4:c5:7d:8d:87:be:6f:69:e9:cf:
21:97:ad:29:3a:6c:b3:64:cc:38:e9:0b:53:ce:d9:dd:c3:1c:
40:33:76:d0:f7:14:29:49:0f:ef:e6:50:e7:b8:f6:d2:c1:03:
31:02:4a:58:e6:84:26:3d:3b:c5:a1:d0:50:af:62:56:e9:d8:
fa:21:e1:72:f1:84:72:52:e5:b0:09:b7:26:d5:07:49:fa:15:
93:e7:e2:c8:5f:4c:ff:23:b9:3d:29:20:12:e5:d6:b1:10:0a:
8a:b4:ae:97:46:cb:ba:9c:3c:25:1c:f7:20:76:2a:21:7a:09:
3a:83:21:71:3a:d3:91:17:7c:b7:21:5d:4b:ba:18:36:aa:5b:
4c:28:23:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcFNx287ExJEqIXcPjeM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1OWQzMGI3MGI5YTgzY2I4ZWQ1NTAxZjU1NGE3ZmVjYTM4
MmY5NTkwHhcNMjQwMTAyMDQzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM0OGM3NjMxM2M1NzFjZTM4ZjcwZTU3YWY3YzYyMzhjNTMyOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkBkOEjtrPo7290sLN1uIVLN8EID
BdH1CcIigiw73q4ewkU/ERtqEWd7iQZ55uKDEc/8x80bjgEw8h7sT8yxLLZWM379
PquUa19ow6rHOk62wLTru/sIfGxohf8N69AVt5BryPWH079gZPB8TLzIju15N0Gy
vQ5NnXrYi/3evhVOBGJ/eBJvxciDQwS/p+uH4/e2G7dnInxnLgqict7FKJrayH8D
vXsTJPx4UEWBx5d3EAZtBtYpkmvgoChYUC5dHl3oX0BWpKHHaxcPLl/4EYpkRqrq
gRum7WkXgwL7kxY/6hYe7F9UxoaulGCCnA//KpRxqEhZqvHDFfM4nzi32QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHDEjHYxPFcc449w5Xr3xiOMUylJMB8GA1UdIwQY
MBaAFBWdMLcLmoPLjtVQH1VKf+yjgvlZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlowd3R3dWFnOHVPMVZBZlZVcF83S09DLVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85NTZjMzctOTkzYS00MWRlLWFiZTAt
NjVkNzIyODM3MTIxLzEvY01TTWRqRThWeHpqajNEbGV2ZkdJNHhUS1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85NTZjMzctOTkzYS00MWRlLWFiZTAtNjVkNzIyODM3MTIx
LzEvRlowd3R3dWFnOHVPMVZBZlZVcF83S09DLVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ2QMA0E
AgACMAcDBQAqE/AAMA0GCSqGSIb3DQEBCwUAA4IBAQAqYsLi6qnXMxmoqOv0WgO2
1v5fVSsM2FuV/ITh1xzeD9aTWVKzzrso5N4ZufR+R7oHpj+XDXItdSMplSJVoiQA
0dj/s4/dJIJq846FMHq4Y4j1Axuz/CbGdAcD/7ftLldRzg9vZA47cIMFVfzyX1jz
9QeAdsTFfY2Hvm9p6c8hl60pOmyzZMw46QtTztndwxxAM3bQ9xQpSQ/v5lDnuPbS
wQMxAkpY5oQmPTvFodBQr2JW6dj6IeFy8YRyUuWwCbcm1QdJ+hWT5+LIX0z/I7k9
KSAS5daxEAqKtK6XRsu6nDwlHPcgdiohegk6gyFxOtORF3y3IV1Luhg2qltMKCP+
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:14:14 2024 by rpki-client on console-ams.rpki-client.org