Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/D3WzhW5e32dB73n1YltMIVN53XA.roa
File: D3WzhW5e32dB73n1YltMIVN53XA.roa (raw, json)
Hash identifier: u53XDFNLJuSm8BYKMNAiXEFkzp9jSaLpIdYX3GZzy7g=
Subject key identifier: 0F:75:B3:85:6E:5E:DF:67:41:EF:79:F5:62:5B:4C:21:53:79:DD:70
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018CC5012AFDE1C7D9A9F34C7BD1C0173375
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/D3WzhW5e32dB73n1YltMIVN53XA.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5650
IP address blocks: 45.81.160.0/24 maxlen: 24
2.56.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2a:fd:e1:c7:d9:a9:f3:4c:7b:d1:c0:17:33:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f75b3856e5edf6741ef79f5625b4c215379dd70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a5:22:a2:7d:d2:86:e8:7f:a0:3a:a1:71:6f:
2e:8b:cc:59:19:2b:94:05:be:8c:15:e5:93:ed:82:
ad:76:ba:64:c7:52:87:d6:d9:d3:35:d9:f9:dc:f7:
27:cd:84:22:c6:3c:70:68:cd:19:ee:44:49:3e:04:
6d:dd:6c:eb:0e:ec:61:e3:aa:3b:2d:7f:23:6e:f9:
be:88:48:38:37:09:ea:94:73:e0:0e:86:62:56:79:
67:cb:1a:89:93:a4:ed:a0:98:38:53:a8:c5:6a:7f:
c8:b2:47:23:a6:e2:a9:f2:6f:c1:de:67:6d:10:5c:
c7:32:b2:8d:1a:6a:36:26:90:a5:e3:26:ec:cb:f0:
d4:81:71:15:43:43:55:4d:31:db:f9:56:78:c7:4e:
95:a3:93:13:a5:ba:2b:fa:62:9f:83:db:a0:9a:29:
b2:91:0d:a5:31:a6:54:e5:77:30:e8:52:23:49:09:
9f:63:13:2b:34:ca:3e:3e:90:7e:00:4f:65:75:97:
f7:71:79:4c:a7:94:5d:84:76:c8:63:c7:30:68:1d:
59:61:ae:d3:df:79:a0:0e:34:be:06:4d:07:66:7d:
1a:fe:f0:30:19:71:58:bc:e7:20:15:94:01:eb:f9:
a2:da:36:ff:16:c5:14:1f:6f:79:80:95:d2:4f:fd:
82:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:75:B3:85:6E:5E:DF:67:41:EF:79:F5:62:5B:4C:21:53:79:DD:70
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/D3WzhW5e32dB73n1YltMIVN53XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.32.0/22
45.81.160.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:72:af:e7:89:c6:5c:15:9e:52:97:15:fb:6e:36:cf:03:8f:
d0:bb:b1:26:4e:46:55:cf:0f:7a:29:20:3e:07:e7:5e:53:65:
c6:22:74:e0:ed:b4:9c:23:e8:da:53:e2:00:f8:f1:37:42:cb:
0c:b2:22:d1:38:9d:aa:ef:6f:7d:22:0a:c5:b5:86:69:1f:88:
55:8f:b0:ff:9b:75:50:48:72:74:28:eb:70:d0:ec:6d:6f:8c:
6c:6b:df:ba:09:05:4a:92:11:da:f4:c4:6c:3a:5b:9d:2b:2b:
c9:3d:b9:94:5f:06:ef:f4:06:da:6d:2d:15:89:4e:f4:55:7d:
59:3f:fb:5c:9f:f3:57:69:17:13:d6:93:f0:d6:99:2d:2f:91:
fc:c8:7e:1b:f5:85:b3:9e:6f:c1:2d:78:4d:05:1d:fb:55:c4:
55:99:e3:aa:44:72:4d:bb:09:44:05:9f:43:23:17:3b:5d:b9:
f7:2f:10:0b:30:72:84:a7:39:bf:2f:d6:05:f6:db:b3:0a:71:
5d:d0:56:74:73:c2:92:fb:e5:a2:48:77:fa:bc:3b:0e:2a:4c:
d9:7e:d0:d1:c6:ed:85:a2:85:12:54:73:81:bc:d5:51:ff:57:
91:37:e1:4e:3d:4f:19:14:09:f4:03:55:4e:a4:31:0f:37:5c:
15:db:71:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFASr94cfZqfNMe9HAFzN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjc1YjM4NTZlNWVkZjY3NDFlZjc5ZjU2MjViNGMyMTUzNzlkZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKUion3Shuh/oDqhcW8ui8xZGSuU
Bb6MFeWT7YKtdrpkx1KH1tnTNdn53PcnzYQixjxwaM0Z7kRJPgRt3WzrDuxh46o7
LX8jbvm+iEg4NwnqlHPgDoZiVnlnyxqJk6TtoJg4U6jFan/IskcjpuKp8m/B3mdt
EFzHMrKNGmo2JpCl4ybsy/DUgXEVQ0NVTTHb+VZ4x06Vo5MTpbor+mKfg9ugmimy
kQ2lMaZU5Xcw6FIjSQmfYxMrNMo+PpB+AE9ldZf3cXlMp5RdhHbIY8cwaB1ZYa7T
33mgDjS+Bk0HZn0a/vAwGXFYvOcgFZQB6/mi2jb/FsUUH295gJXST/2CrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA91s4VuXt9nQe959WJbTCFTed1wMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvRDNXemhXNWUzMmRCNzNuMVlsdE1JVk41M1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjggAwQA
LVGgMA0GCSqGSIb3DQEBCwUAA4IBAQAdcq/nicZcFZ5SlxX7bjbPA4/Qu7EmTkZV
zw96KSA+B+deU2XGInTg7bScI+jaU+IA+PE3QssMsiLROJ2q7299IgrFtYZpH4hV
j7D/m3VQSHJ0KOtw0Oxtb4xsa9+6CQVKkhHa9MRsOludKyvJPbmUXwbv9AbabS0V
iU70VX1ZP/tcn/NXaRcT1pPw1pktL5H8yH4b9YWznm/BLXhNBR37VcRVmeOqRHJN
uwlEBZ9DIxc7Xbn3LxALMHKEpzm/L9YF9tuzCnFd0FZ0c8KS++WiSHf6vDsOKkzZ
ftDRxu2FooUSVHOBvNVR/1eRN+FOPU8ZFAn0A1VOpDEPN1wV23Fn
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:08:06 2024 by rpki-client on console-ams.rpki-client.org