Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/PUuFE1rC8BfLjq3Js3zFgFUZpAI.roa
File: PUuFE1rC8BfLjq3Js3zFgFUZpAI.roa (raw, json)
Hash identifier: viWhLObqvAvlBYUGfTcG9ZaxwfuA+gsRisb6+4IBKn4=
Subject key identifier: 3D:4B:85:13:5A:C2:F0:17:CB:8E:AD:C9:B3:7C:C5:80:55:19:A4:02
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018CC5014FBD3964877D05BDCC8DAC7F137C
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/PUuFE1rC8BfLjq3Js3zFgFUZpAI.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 45.89.63.0/24 maxlen: 32
45.144.232.0/24 maxlen: 32
45.144.233.0/24 maxlen: 32
45.144.235.0/24 maxlen: 32
45.144.234.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4f:bd:39:64:87:7d:05:bd:cc:8d:ac:7f:13:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d4b85135ac2f017cb8eadc9b37cc5805519a402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f5:06:af:f6:bd:4f:51:87:4f:a7:c4:e1:2c:
3d:d3:a0:a1:fe:19:5c:02:fb:7d:88:aa:db:29:50:
12:ce:7b:6e:ea:cb:1c:47:c8:e0:98:27:21:fb:cc:
a3:a9:53:b1:69:a8:96:cd:3a:30:06:40:4f:0f:d3:
31:75:cd:4f:2a:34:99:23:b7:63:f2:72:e1:b0:5c:
97:a5:17:de:93:3d:b2:2d:57:73:8a:15:f0:c3:48:
ba:bc:69:66:65:24:56:54:01:aa:b8:cf:0e:09:89:
70:3c:c8:09:a9:86:b2:23:3f:4f:ac:ad:4a:99:6b:
99:bf:ce:98:54:88:e4:93:18:b2:56:df:0c:71:87:
51:ff:91:ee:23:7e:9b:72:33:3d:18:d1:77:5d:30:
00:10:c3:a4:38:07:51:29:27:2d:1a:15:5c:dd:93:
38:a8:34:10:9e:a1:6a:bd:e1:22:de:bb:8f:12:9b:
8d:31:f3:31:49:de:5f:29:f9:d1:47:22:cb:ac:53:
19:0d:61:8c:5f:a5:cf:a9:1a:9e:c7:79:5f:dc:a2:
44:38:aa:ac:07:36:51:97:e4:e8:92:06:c6:6b:2f:
55:16:49:77:6c:a1:c7:af:e1:32:e9:6c:dd:11:92:
64:da:3c:e7:7e:31:74:a5:34:da:db:51:39:78:a9:
fe:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4B:85:13:5A:C2:F0:17:CB:8E:AD:C9:B3:7C:C5:80:55:19:A4:02
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/PUuFE1rC8BfLjq3Js3zFgFUZpAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.63.0/24
45.144.232.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:e5:02:26:c8:e2:f8:42:dd:42:47:85:fd:01:65:01:9a:98:
cd:09:bc:9a:b9:a8:f3:3c:9f:e9:3e:32:75:97:76:c5:4f:10:
02:98:29:ce:b2:4f:f0:19:fe:d4:40:37:f7:7d:ff:29:66:ca:
f6:5e:53:54:d3:31:7e:1f:ee:fd:84:7d:4f:cc:cc:d3:25:98:
5d:a8:6e:d3:52:7d:96:f6:b3:76:51:4e:c0:32:eb:1d:5a:70:
05:6a:e7:67:a1:5a:51:69:21:af:f1:75:fa:a9:02:a8:ab:9b:
dd:62:3a:8f:40:ef:ea:db:84:00:2d:a3:88:9e:21:57:49:21:
20:d0:db:e4:38:b3:aa:4b:92:27:e6:65:a0:77:db:12:e3:f8:
69:b0:87:9c:ec:4f:81:9b:17:f3:9e:0f:e7:8d:7b:6d:db:dd:
90:f9:1f:aa:92:a8:f2:85:89:fc:2d:f2:ed:4d:88:fd:5d:28:
cf:db:8a:c5:a1:46:42:5f:18:86:b3:7d:4a:9c:9a:38:95:dc:
fb:9d:ec:7d:78:36:b9:32:7f:40:4a:36:ca:6c:ff:52:aa:f0:
95:66:a7:f0:9a:90:09:fb:39:50:5c:be:b0:47:20:4f:cc:54:
e4:a7:f7:d2:ae:aa:15:58:af:ae:27:e8:22:48:61:b2:e8:fe:
f2:1f:d1:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAU+9OWSHfQW9zI2sfxN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRiODUxMzVhYzJmMDE3Y2I4ZWFkYzliMzdjYzU4MDU1MTlhNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PUGr/a9T1GHT6fE4Sw906Ch/hlc
Avt9iKrbKVASzntu6sscR8jgmCch+8yjqVOxaaiWzTowBkBPD9Mxdc1PKjSZI7dj
8nLhsFyXpRfekz2yLVdzihXww0i6vGlmZSRWVAGquM8OCYlwPMgJqYayIz9PrK1K
mWuZv86YVIjkkxiyVt8McYdR/5HuI36bcjM9GNF3XTAAEMOkOAdRKSctGhVc3ZM4
qDQQnqFqveEi3ruPEpuNMfMxSd5fKfnRRyLLrFMZDWGMX6XPqRqex3lf3KJEOKqs
BzZRl+TokgbGay9VFkl3bKHHr+Ey6WzdEZJk2jznfjF0pTTa21E5eKn+RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD1LhRNawvAXy46tybN8xYBVGaQCMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvUFV1RkUxckM4QmZManEzSnMzekZnRlVacEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVk/AwQC
LZDoMA0GCSqGSIb3DQEBCwUAA4IBAQDN5QImyOL4Qt1CR4X9AWUBmpjNCbyauajz
PJ/pPjJ1l3bFTxACmCnOsk/wGf7UQDf3ff8pZsr2XlNU0zF+H+79hH1PzMzTJZhd
qG7TUn2W9rN2UU7AMusdWnAFaudnoVpRaSGv8XX6qQKoq5vdYjqPQO/q24QALaOI
niFXSSEg0NvkOLOqS5In5mWgd9sS4/hpsIec7E+Bmxfzng/njXtt292Q+R+qkqjy
hYn8LfLtTYj9XSjP24rFoUZCXxiGs31KnJo4ldz7nex9eDa5Mn9ASjbKbP9SqvCV
ZqfwmpAJ+zlQXL6wRyBPzFTkp/fSrqoVWK+uJ+giSGGy6P7yH9EO
-----END CERTIFICATE-----
Generated at Tue May 7 12:01:09 2024 by rpki-client on console-ams.rpki-client.org