Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Os5W01NBOZpXdNt7oCVCfUKFDno.roa
File: Os5W01NBOZpXdNt7oCVCfUKFDno.roa (raw, json)
Hash identifier: ZKFXB3/Q2H/ISS1J0/LhTgYrpj4LjVAR8pAAdpP7MHw=
Subject key identifier: 3A:CE:56:D3:53:41:39:9A:57:74:DB:7B:A0:25:42:7D:42:85:0E:7A
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018CC5015064FFD8DD66A2E0F4AE4D610F84
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Os5W01NBOZpXdNt7oCVCfUKFDno.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47720
IP address blocks: 45.140.144.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:50:64:ff:d8:dd:66:a2:e0:f4:ae:4d:61:0f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ace56d35341399a5774db7ba025427d42850e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:98:5c:81:88:1d:a7:60:ed:de:c9:e7:74:04:
c4:a2:90:94:06:b1:41:eb:b7:75:99:c4:ef:0e:89:
9d:ed:f5:b3:25:08:ac:ae:bb:5f:eb:d3:ca:8f:b2:
21:87:28:ca:1b:39:5e:4f:4d:c9:5b:5f:e9:8e:3e:
3c:77:a2:3e:25:5c:57:ea:7e:de:b5:81:28:c8:72:
e0:a7:27:1f:e4:d4:ce:31:8a:b4:4f:59:a7:97:c3:
b6:25:73:ce:ef:89:04:0c:5f:93:18:09:dc:89:89:
57:24:6a:23:3d:f3:87:2d:dd:1c:4a:71:c1:a8:a5:
a5:75:15:ef:2e:d1:78:e3:90:bd:4b:e3:1d:5d:d3:
81:30:70:7e:74:41:df:3f:cb:93:7c:6e:84:9d:2c:
55:43:65:6b:a9:60:5b:c5:bd:6c:ff:7d:57:79:0b:
1c:83:12:e7:f1:42:4a:c3:6e:f3:1c:f7:08:94:b0:
56:f2:43:8f:16:b3:ca:73:75:19:2c:dc:95:79:91:
90:1b:0b:5f:c5:bd:34:7b:51:0b:9a:72:e8:b8:99:
2e:6f:01:bf:df:1b:ee:04:1f:03:d9:f1:4e:ab:15:
dd:da:d6:f7:c2:9b:5e:64:b6:f3:c2:02:44:99:87:
b0:42:fc:a5:23:62:98:83:b8:d1:9b:d0:d1:14:7a:
da:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CE:56:D3:53:41:39:9A:57:74:DB:7B:A0:25:42:7D:42:85:0E:7A
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Os5W01NBOZpXdNt7oCVCfUKFDno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.144.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:8f:25:1a:46:4f:71:a4:41:f8:71:63:9d:28:c5:b9:6d:b4:
99:e7:f8:f3:d7:e7:7d:28:a5:cf:fc:dd:02:15:79:6f:c5:22:
9c:53:c7:27:32:0a:73:d7:db:17:39:22:cb:29:87:95:af:76:
1f:aa:66:59:6e:6d:3c:fd:e5:5c:27:4a:67:ca:49:9f:c7:f9:
f8:64:e8:6f:49:b3:06:2c:4b:01:da:11:9e:bc:91:1f:07:c7:
29:79:47:f9:98:bd:b3:d8:50:ff:40:06:d5:b6:d0:8a:d2:74:
23:8e:65:83:a0:6b:c8:6c:6e:70:30:5c:97:b6:25:ac:55:96:
74:27:25:cd:b2:fa:80:fc:04:b9:ed:4a:85:7c:b0:f1:28:fc:
34:bd:af:7e:d4:6e:e7:06:c7:7f:24:53:00:83:bc:01:c6:36:
40:70:ef:2b:d1:cb:45:26:fd:6a:66:df:56:a3:0b:c4:fc:28:
8c:73:b2:85:ab:94:6f:cc:8a:70:80:b2:86:f9:ce:54:60:b7:
ab:c8:58:a5:7d:ae:3d:8d:6d:66:4f:23:68:6e:cb:4b:45:68:
d9:bb:d5:4c:ba:6d:a7:ee:b9:a8:4a:df:20:b3:63:5f:d9:a8:
f4:93:31:dc:c5:42:ae:55:e4:08:db:64:8d:90:35:e3:ca:36:
81:a3:4e:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAVBk/9jdZqLg9K5NYQ+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWNlNTZkMzUzNDEzOTlhNTc3NGRiN2JhMDI1NDI3ZDQyODUwZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkphcgYgdp2Dt3snndATEopCUBrFB
67d1mcTvDomd7fWzJQisrrtf69PKj7IhhyjKGzleT03JW1/pjj48d6I+JVxX6n7e
tYEoyHLgpycf5NTOMYq0T1mnl8O2JXPO74kEDF+TGAnciYlXJGojPfOHLd0cSnHB
qKWldRXvLtF445C9S+MdXdOBMHB+dEHfP8uTfG6EnSxVQ2VrqWBbxb1s/31XeQsc
gxLn8UJKw27zHPcIlLBW8kOPFrPKc3UZLNyVeZGQGwtfxb00e1ELmnLouJkubwG/
3xvuBB8D2fFOqxXd2tb3wpteZLbzwgJEmYewQvylI2KYg7jRm9DRFHraawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrOVtNTQTmaV3Tbe6AlQn1ChQ56MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvT3M1VzAxTkJPWnBYZE50N29DVkNmVUtGRG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYyQMA0G
CSqGSIb3DQEBCwUAA4IBAQCgjyUaRk9xpEH4cWOdKMW5bbSZ5/jz1+d9KKXP/N0C
FXlvxSKcU8cnMgpz19sXOSLLKYeVr3YfqmZZbm08/eVcJ0pnykmfx/n4ZOhvSbMG
LEsB2hGevJEfB8cpeUf5mL2z2FD/QAbVttCK0nQjjmWDoGvIbG5wMFyXtiWsVZZ0
JyXNsvqA/AS57UqFfLDxKPw0va9+1G7nBsd/JFMAg7wBxjZAcO8r0ctFJv1qZt9W
owvE/CiMc7KFq5RvzIpwgLKG+c5UYLeryFilfa49jW1mTyNobstLRWjZu9VMum2n
7rmoSt8gs2Nf2aj0kzHcxUKuVeQI22SNkDXjyjaBo07h
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:14:37 2024 by rpki-client on console-fra.rpki-client.org