Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/34eQ23MiCAS8KsXt30F4JzbKeBE.roa
File: 34eQ23MiCAS8KsXt30F4JzbKeBE.roa (raw, json)
Hash identifier: yKlnVtVREToSEv2vMoiK5D+Hw2/KViguqFyI6WUqzmc=
Subject key identifier: DF:87:90:DB:73:22:08:04:BC:2A:C5:ED:DF:41:78:27:36:CA:78:11
Certificate issuer: /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial: 018CC7271054D959FEEE0232544D3A303A08
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/34eQ23MiCAS8KsXt30F4JzbKeBE.roa
Signing time: Mon 01 Jan 2024 22:31:15 +0000
ROA not before: Mon 01 Jan 2024 22:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.140.211.0/24 maxlen: 24
45.140.210.0/24 maxlen: 24
45.140.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:10:54:d9:59:fe:ee:02:32:54:4d:3a:30:3a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
Validity
Not Before: Jan 1 22:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df8790db73220804bc2ac5eddf41782736ca7811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0f:c8:9f:a6:c4:07:2b:43:44:26:7a:9f:e4:
cf:d4:85:bc:99:a1:81:21:b8:37:3d:f7:74:93:d1:
4a:a7:0f:45:6b:ce:7f:34:41:56:9e:f7:82:8a:c3:
83:d7:43:bf:e0:de:ea:7c:67:40:44:34:19:8b:f9:
03:ea:0a:a6:17:af:48:f5:49:a3:7b:08:ac:c9:75:
57:88:4a:a2:34:b0:eb:44:5d:6a:56:2b:f0:bb:29:
b8:4e:0f:f5:51:74:e3:ab:b2:bc:76:1f:8e:c2:21:
c0:c0:13:4a:c4:68:a0:5d:ca:88:29:70:b7:3a:66:
d3:01:5f:df:2a:c7:7b:28:83:bc:73:d8:1f:aa:81:
6d:89:74:31:ff:ae:ef:29:06:7e:23:04:24:8f:f1:
2c:ee:42:78:03:fb:29:7c:29:cb:99:50:d3:44:1a:
72:96:41:b7:fe:4e:64:cb:ce:6b:66:af:0f:0c:74:
c2:e2:7a:ea:f1:91:08:c0:fa:fc:e3:69:0e:a7:08:
b5:a3:6a:b8:60:55:58:1c:7a:cc:e1:71:67:93:b7:
36:75:cf:ad:52:9e:a4:c3:07:37:25:ce:a8:94:3f:
c6:7a:21:a6:3f:c5:95:5c:b7:a7:1b:b2:ca:7e:7f:
71:62:97:54:37:48:04:ca:f1:ff:97:03:d7:5e:89:
bf:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:87:90:DB:73:22:08:04:BC:2A:C5:ED:DF:41:78:27:36:CA:78:11
X509v3 Authority Key Identifier:
keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/34eQ23MiCAS8KsXt30F4JzbKeBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.209.0-45.140.211.255
Signature Algorithm: sha256WithRSAEncryption
50:f0:34:1d:d5:e8:c1:e5:c2:e5:5f:99:88:e8:da:94:59:cd:
e1:8a:71:30:68:87:35:fe:81:6b:ab:4a:3e:95:29:d9:ca:70:
a8:de:25:81:d5:6d:77:12:34:20:29:b3:64:f3:51:bd:24:7d:
13:3a:18:0f:e5:ed:be:7e:50:09:9e:e6:f8:2f:e7:7f:26:6e:
08:2f:c3:2f:d6:ee:d6:c2:70:22:68:4c:12:37:59:1c:2b:b5:
73:ea:dd:2c:32:fd:69:e9:4d:b0:fc:f6:4f:57:19:9b:1c:7c:
39:49:42:ba:45:1b:1f:9c:c5:e0:dd:ec:76:ac:f4:42:3a:dc:
bb:bb:c7:89:1a:dc:e7:5b:39:e7:fa:30:c5:e6:71:60:80:04:
e6:96:f6:42:25:56:39:6c:a3:93:6a:da:88:98:8e:ba:63:65:
85:bd:50:ab:61:03:a1:c5:2a:ac:05:06:48:31:aa:de:3d:d3:
a2:54:97:30:17:25:ab:8e:bc:66:f9:37:8c:ae:b7:55:d2:e6:
f9:ea:34:02:3d:37:7a:d2:a9:3d:76:ab:c4:54:20:0a:83:b0:
43:23:93:b9:cd:a0:e6:40:58:9f:42:78:a1:15:71:1d:57:74:
2d:d3:31:ed:06:6a:d8:16:f6:20:b9:d5:c7:06:64:17:46:72:
81:9c:d3:ba
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHJxBU2Vn+7gIyVE06MDoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGM2NWU2OTliNTc2YWIxMTNhNzliZTg4Mjg5NDhmMWU2
Y2MyNjAwHhcNMjQwMTAxMjIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjg3OTBkYjczMjIwODA0YmMyYWM1ZWRkZjQxNzgyNzM2Y2E3ODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q/In6bEBytDRCZ6n+TP1IW8maGB
Ibg3Pfd0k9FKpw9Fa85/NEFWnveCisOD10O/4N7qfGdARDQZi/kD6gqmF69I9Umj
ewisyXVXiEqiNLDrRF1qVivwuym4Tg/1UXTjq7K8dh+OwiHAwBNKxGigXcqIKXC3
OmbTAV/fKsd7KIO8c9gfqoFtiXQx/67vKQZ+IwQkj/Es7kJ4A/spfCnLmVDTRBpy
lkG3/k5ky85rZq8PDHTC4nrq8ZEIwPr842kOpwi1o2q4YFVYHHrM4XFnk7c2dc+t
Up6kwwc3Jc6olD/GeiGmP8WVXLenG7LKfn9xYpdUN0gEyvH/lwPXXom/QwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN+HkNtzIggEvCrF7d9BeCc2yngRMB8GA1UdIwQY
MBaAFMaMZeaZtXarETp5vogolI8ebMJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYt
NjA3ZDRmMzdmNTlmLzEvMzRlUTIzTWlDQVM4S3NYdDMwRjRKemJLZUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYtNjA3ZDRmMzdmNTlm
LzEveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtjNED
BAItjNAwDQYJKoZIhvcNAQELBQADggEBAFDwNB3V6MHlwuVfmYjo2pRZzeGKcTBo
hzX+gWurSj6VKdnKcKjeJYHVbXcSNCAps2TzUb0kfRM6GA/l7b5+UAme5vgv538m
bggvwy/W7tbCcCJoTBI3WRwrtXPq3Swy/WnpTbD89k9XGZscfDlJQrpFGx+cxeDd
7Has9EI63Lu7x4ka3OdbOef6MMXmcWCABOaW9kIlVjlso5Nq2oiYjrpjZYW9UKth
A6HFKqwFBkgxqt4906JUlzAXJauOvGb5N4yut1XS5vnqNAI9N3rSqT12q8RUIAqD
sEMjk7nNoOZAWJ9CeKEVcR1XdC3TMe0GatgW9iC51ccGZBdGcoGc07o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:27:57 2024 by rpki-client on console-fra.rpki-client.org