Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/ChORsy3QU_JsKVmoAfD_lSMbrOM.roa
File: ChORsy3QU_JsKVmoAfD_lSMbrOM.roa (raw, json)
Hash identifier: UT/Ni+i+MsE3JKXlPwY7j0pYRfh87tK2nqm9GX6dS4E=
Subject key identifier: 0A:13:91:B3:2D:D0:53:F2:6C:29:59:A8:01:F0:FF:95:23:1B:AC:E3
Certificate issuer: /CN=974661cb1c38e63bd78bd6b2b1d68686a5415bf5
Certificate serial: 018CC94DD9C926ABAF128BBEE46BCF0416F0
Authority key identifier: 97:46:61:CB:1C:38:E6:3B:D7:8B:D6:B2:B1:D6:86:86:A5:41:5B:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/ChORsy3QU_JsKVmoAfD_lSMbrOM.roa
Signing time: Tue 02 Jan 2024 08:32:51 +0000
ROA not before: Tue 02 Jan 2024 08:32:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30823
IP address blocks: 160.20.145.0/24 maxlen: 24
160.20.144.0/24 maxlen: 24
160.20.146.0/24 maxlen: 24
160.20.147.0/24 maxlen: 24
45.11.16.0/22 maxlen: 22
45.153.240.0/22 maxlen: 22
152.89.244.0/22 maxlen: 22
152.89.247.0/24 maxlen: 24
91.200.100.0/22 maxlen: 22
45.147.228.0/22 maxlen: 22
45.138.172.0/24 maxlen: 24
45.138.172.0/22 maxlen: 22
45.138.174.0/24 maxlen: 24
45.138.175.0/24 maxlen: 24
45.138.173.0/24 maxlen: 24
2a0c:6a41:f230::/48 maxlen: 48
2a0e:b540:ff03::/48 maxlen: 48
2a0e:b540::/29 maxlen: 29
2a0c:6a40::/29 maxlen: 29
2a09:38c0::/29 maxlen: 29
2a0d:4cc0::/29 maxlen: 29
2a10:9c00::/29 maxlen: 29
2a0e:5100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/l0Zhyxw45jvXi9aysdaGhqVBW_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/l0Zhyxw45jvXi9aysdaGhqVBW_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:d9:c9:26:ab:af:12:8b:be:e4:6b:cf:04:16:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=974661cb1c38e63bd78bd6b2b1d68686a5415bf5
Validity
Not Before: Jan 2 08:32:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a1391b32dd053f26c2959a801f0ff95231bace3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d6:9c:34:e7:54:c0:c3:80:10:d0:48:1d:0a:
c5:9c:ba:3c:55:7d:8f:79:2b:f3:3b:25:fe:f8:20:
fb:1e:57:9f:c0:91:ec:bc:6e:04:41:52:e2:26:01:
84:d2:20:7c:7f:e4:4f:18:1d:6f:1a:9c:22:58:de:
e2:5a:36:d9:bb:a1:5e:83:34:41:54:1a:e6:28:c8:
b4:2c:35:95:a7:7b:8f:6e:23:70:78:53:37:34:28:
29:48:e0:3e:9f:0c:9c:29:8e:5a:2a:33:f5:81:93:
3e:54:c1:8a:fa:74:54:c0:64:98:52:9b:f5:7d:da:
c3:e1:bf:f3:db:16:ee:60:44:de:ea:d3:17:ba:2a:
df:ed:5d:23:9c:29:5b:60:c1:09:c6:3f:be:4d:55:
08:3b:14:c2:27:e0:4c:d8:ce:6f:4c:af:08:4e:43:
f9:03:6d:10:3d:53:d5:3d:dd:60:00:90:cf:c5:4d:
bd:44:9c:b4:67:f1:f0:c7:e2:9a:76:46:98:3a:48:
59:60:01:ea:f6:74:2d:1b:6b:b9:08:8b:82:3c:00:
f1:92:2a:72:16:2d:82:cd:a3:ab:63:9d:e3:ac:26:
0c:dd:97:f1:15:ce:31:6e:9d:3b:61:9a:79:7d:55:
7f:cd:6a:ee:2d:ae:e6:9e:21:58:0f:a2:f1:d8:0b:
4f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:13:91:B3:2D:D0:53:F2:6C:29:59:A8:01:F0:FF:95:23:1B:AC:E3
X509v3 Authority Key Identifier:
keyid:97:46:61:CB:1C:38:E6:3B:D7:8B:D6:B2:B1:D6:86:86:A5:41:5B:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/ChORsy3QU_JsKVmoAfD_lSMbrOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/l0Zhyxw45jvXi9aysdaGhqVBW_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.16.0/22
45.138.172.0/22
45.147.228.0/22
45.153.240.0/22
91.200.100.0/22
152.89.244.0/22
160.20.144.0/22
IPv6:
2a09:38c0::/29
2a0c:6a40::/29
2a0d:4cc0::/29
2a0e:5100::/29
2a0e:b540::/29
2a10:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
7c:a4:2f:10:04:c1:e9:9b:70:68:8d:c9:46:18:d6:f6:c0:6f:
e1:f6:4b:0a:86:00:7c:6b:c2:c2:8e:70:79:bc:89:44:cf:14:
d5:d8:ce:d9:e7:00:82:db:98:f7:01:0d:dc:88:75:1f:9b:ce:
0d:0a:84:3d:95:3e:40:8a:2c:fc:96:86:1b:d0:20:c9:67:f3:
65:7d:c7:e9:8f:79:90:b5:f3:86:bf:e1:31:12:bf:3a:69:31:
17:d3:8b:ec:9d:35:98:27:cd:64:c4:b2:c3:e0:6a:6c:76:6c:
cc:26:e4:b3:0d:7d:00:92:2a:fb:90:68:06:ab:4c:22:6b:7a:
02:58:12:72:f4:5f:ee:19:97:0b:92:fd:a9:e6:49:2b:24:60:
d1:5e:e4:db:1a:dd:b1:81:c3:23:e9:73:ee:bf:c2:bd:31:aa:
ca:d4:8f:f7:0d:94:66:b1:c9:f1:c1:92:21:89:25:54:30:0c:
3a:40:3b:1e:07:99:ef:a5:20:33:0b:c3:8d:f3:52:da:de:51:
67:a1:aa:59:fe:e7:34:55:7e:4a:f3:78:77:51:fd:43:a3:1b:
0f:cd:49:4c:8a:8c:ed:bd:e3:8e:b8:b6:94:bc:0c:7d:d8:75:
c9:37:ed:54:dd:37:19:60:b5:d9:05:16:e7:85:bb:ea:85:05:
cf:56:6c:c3
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYzJTdnJJquvEou+5GvPBBbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDY2MWNiMWMzOGU2M2JkNzhiZDZiMmIxZDY4Njg2YTU0
MTViZjUwHhcNMjQwMTAyMDgzMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTEzOTFiMzJkZDA1M2YyNmMyOTU5YTgwMWYwZmY5NTIzMWJhY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdacNOdUwMOAENBIHQrFnLo8VX2P
eSvzOyX++CD7HlefwJHsvG4EQVLiJgGE0iB8f+RPGB1vGpwiWN7iWjbZu6FegzRB
VBrmKMi0LDWVp3uPbiNweFM3NCgpSOA+nwycKY5aKjP1gZM+VMGK+nRUwGSYUpv1
fdrD4b/z2xbuYETe6tMXuirf7V0jnClbYMEJxj++TVUIOxTCJ+BM2M5vTK8ITkP5
A20QPVPVPd1gAJDPxU29RJy0Z/Hwx+KadkaYOkhZYAHq9nQtG2u5CIuCPADxkipy
Fi2CzaOrY53jrCYM3ZfxFc4xbp07YZp5fVV/zWruLa7mniFYD6Lx2AtPUQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFAoTkbMt0FPybClZqAHw/5UjG6zjMB8GA1UdIwQY
MBaAFJdGYcscOOY714vWsrHWhoalQVv1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBaaHl4dzQ1anZYaTlheXNkYUdocVZCV19VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMGJmM2UtMzY0NS00ZTE2LWJjYTkt
OGFkYWMxN2U5MGFlLzEvQ2hPUnN5M1FVX0pzS1Ztb0FmRF9sU01ick9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMGJmM2UtMzY0NS00ZTE2LWJjYTktOGFkYWMxN2U5MGFl
LzEvbDBaaHl4dzQ1anZYaTlheXNkYUdocVZCV19VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDAwBAIAATAqAwQCLQsQAwQC
LYqsAwQCLZPkAwQCLZnwAwQCW8hkAwQCmFn0AwQCoBSQMDAEAgACMCoDBQMqCTjA
AwUDKgxqQAMFAyoNTMADBQMqDlEAAwUDKg61QAMFAyoQnAAwDQYJKoZIhvcNAQEL
BQADggEBAHykLxAEwembcGiNyUYY1vbAb+H2SwqGAHxrwsKOcHm8iUTPFNXYztnn
AILbmPcBDdyIdR+bzg0KhD2VPkCKLPyWhhvQIMln82V9x+mPeZC184a/4TESvzpp
MRfTi+ydNZgnzWTEssPgamx2bMwm5LMNfQCSKvuQaAarTCJregJYEnL0X+4ZlwuS
/anmSSskYNFe5Nsa3bGBwyPpc+6/wr0xqsrUj/cNlGaxyfHBkiGJJVQwDDpAOx4H
me+lIDMLw43zUtreUWehqln+5zRVfkrzeHdR/UOjGw/NSUyKjO294464tpS8DH3Y
dck37VTdNxlgtdkFFueFu+qFBc9WbMM=
-----END CERTIFICATE-----
Generated at Fri May 3 10:57:20 2024 by rpki-client on console-ams.rpki-client.org