Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/lO05xTKDIixWp_wTm0U0CkxTRFc.roa
File: lO05xTKDIixWp_wTm0U0CkxTRFc.roa (raw, json)
Hash identifier: 2tMzyMdKNOTAqqMYKj0b5p/qYDnWblosOOiNhUxi16Y=
Subject key identifier: 94:ED:39:C5:32:83:22:2C:56:A7:FC:13:9B:45:34:0A:4C:53:44:57
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018F06475AAADB34D76475BFA6382368B3F0
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/lO05xTKDIixWp_wTm0U0CkxTRFc.roa
Signing time: Mon 22 Apr 2024 14:48:10 +0000
ROA not before: Mon 22 Apr 2024 14:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399641
IP address blocks: 45.155.66.0/24 maxlen: 24
45.155.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 21:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:47:5a:aa:db:34:d7:64:75:bf:a6:38:23:68:b3:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 22 14:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94ed39c53283222c56a7fc139b45340a4c534457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8d:c8:4f:39:42:66:48:e0:73:8b:ea:29:de:
98:f1:3b:d2:26:02:99:79:a7:e2:ff:9b:cc:5a:b7:
ab:cf:e8:52:c3:40:74:19:12:d6:99:74:67:00:51:
a8:d2:11:5c:c9:e7:e1:2d:b8:fa:a5:68:82:ec:eb:
d0:59:84:69:b0:70:05:db:7a:9d:d5:23:2e:43:cb:
51:f3:7d:f0:5c:ac:0b:e8:1e:9e:18:74:e8:d0:0d:
f9:78:d3:33:74:df:e5:04:c3:a7:75:05:a4:37:84:
a3:1e:1a:05:77:e5:69:d3:e9:5d:47:53:fe:e1:bb:
03:8b:8e:8a:eb:92:c9:14:09:f2:3c:58:9d:7c:01:
77:53:59:94:2b:77:06:72:d2:48:27:08:15:16:2e:
d3:a9:34:41:7c:6c:61:5e:bf:a7:aa:5a:62:79:1f:
44:51:a4:9a:ad:06:3d:97:80:84:cb:5b:a1:bd:e7:
c6:ad:0e:65:58:1d:26:a6:cc:67:14:eb:29:c1:96:
70:ad:c5:d8:14:ff:ec:cc:12:ea:29:b2:ab:c6:5d:
ac:e6:d5:f4:15:8c:15:c0:a1:ec:15:ba:c0:a3:38:
af:f7:4c:a1:88:f9:17:39:4e:c3:73:b2:dc:69:42:
95:a4:64:d1:54:0d:89:40:bf:06:18:81:77:bd:ca:
3f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:ED:39:C5:32:83:22:2C:56:A7:FC:13:9B:45:34:0A:4C:53:44:57
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/lO05xTKDIixWp_wTm0U0CkxTRFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.66.0/23
Signature Algorithm: sha256WithRSAEncryption
49:81:4d:c5:39:c7:66:ad:fe:7a:d2:41:bc:e0:ac:28:bb:60:
5a:df:8e:0e:49:14:b6:3e:f0:52:d7:3b:ab:62:16:df:5d:5e:
d5:3e:a3:55:8c:16:d6:27:26:2c:1c:01:18:f6:43:b3:06:7d:
72:c9:44:cb:d2:d4:41:f9:7c:b2:e6:d6:a6:89:00:46:18:6c:
f9:da:5b:be:c7:08:17:bb:b1:10:23:31:04:18:ab:26:23:39:
02:a7:f0:0f:af:89:60:54:da:6c:d4:a4:a3:29:5a:2f:d1:0b:
1f:24:6d:17:31:40:0f:d2:b6:19:ae:86:c6:14:28:28:5e:d0:
1f:3e:ac:30:da:39:54:50:e9:c7:23:3b:91:5a:da:f0:4e:89:
ec:4d:39:73:d9:6c:f5:6b:8d:81:fd:45:ab:44:19:39:e3:00:
a2:80:be:b3:0a:8a:da:43:16:94:9f:9a:e2:a9:ad:2d:3b:ed:
68:af:16:fc:ee:12:16:af:ac:26:2e:65:e0:85:cd:4c:9e:e6:
df:11:6c:98:4c:1b:38:a0:9b:f1:dc:9a:7d:6e:9e:5b:f4:c1:
eb:cf:bd:f6:37:32:e5:68:10:ea:d1:a0:d4:4f:1b:3c:ab:88:
b1:f1:0d:dc:82:b1:7b:c6:56:d8:16:d0:a3:de:ec:9f:f4:97:
10:f6:4c:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8GR1qq2zTXZHW/pjgjaLPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNDIyMTQ0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGVkMzljNTMyODMyMjJjNTZhN2ZjMTM5YjQ1MzQwYTRjNTM0NDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY3ITzlCZkjgc4vqKd6Y8TvSJgKZ
eafi/5vMWrerz+hSw0B0GRLWmXRnAFGo0hFcyefhLbj6pWiC7OvQWYRpsHAF23qd
1SMuQ8tR833wXKwL6B6eGHTo0A35eNMzdN/lBMOndQWkN4SjHhoFd+Vp0+ldR1P+
4bsDi46K65LJFAnyPFidfAF3U1mUK3cGctJIJwgVFi7TqTRBfGxhXr+nqlpieR9E
UaSarQY9l4CEy1uhvefGrQ5lWB0mpsxnFOspwZZwrcXYFP/szBLqKbKrxl2s5tX0
FYwVwKHsFbrAoziv90yhiPkXOU7Dc7LcaUKVpGTRVA2JQL8GGIF3vco//wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTtOcUygyIsVqf8E5tFNApMU0RXMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbE8wNXhUS0RJaXhXcF93VG0wVTBDa3hUUkZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZtCMA0G
CSqGSIb3DQEBCwUAA4IBAQBJgU3FOcdmrf560kG84Kwou2Ba344OSRS2PvBS1zur
YhbfXV7VPqNVjBbWJyYsHAEY9kOzBn1yyUTL0tRB+Xyy5tamiQBGGGz52lu+xwgX
u7EQIzEEGKsmIzkCp/APr4lgVNps1KSjKVov0QsfJG0XMUAP0rYZrobGFCgoXtAf
Pqww2jlUUOnHIzuRWtrwTonsTTlz2Wz1a42B/UWrRBk54wCigL6zCoraQxaUn5ri
qa0tO+1orxb87hIWr6wmLmXghc1MnubfEWyYTBs4oJvx3Jp9bp5b9MHrz732NzLl
aBDq0aDUTxs8q4ix8Q3cgrF7xlbYFtCj3uyf9JcQ9ky+
-----END CERTIFICATE-----
Generated at Mon May 6 06:37:44 2024 by rpki-client on console-fra.rpki-client.org