Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/tUETqraq1-uH_FR570bkfeZRs-I.roa
File: tUETqraq1-uH_FR570bkfeZRs-I.roa (raw, json)
Hash identifier: D0+nlUWeQeAL7gJg0CxC3UIKtj9TK6z929ygKlmON/w=
Subject key identifier: B5:41:13:AA:B6:AA:D7:EB:87:FC:54:79:EF:46:E4:7D:E6:51:B3:E2
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC8017DDFF3E89592B15E068DF10C9240
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/tUETqraq1-uH_FR570bkfeZRs-I.roa
Signing time: Tue 02 Jan 2024 02:29:50 +0000
ROA not before: Tue 02 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212815
IP address blocks: 45.154.96.0/24 maxlen: 24
45.13.117.0/24 maxlen: 24
45.13.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:7d:df:f3:e8:95:92:b1:5e:06:8d:f1:0c:92:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b54113aab6aad7eb87fc5479ef46e47de651b3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2c:b1:9d:17:a1:6e:81:68:98:97:38:8d:1f:
1e:2d:3a:ca:62:0f:3c:78:a5:96:0f:cd:55:bd:eb:
30:a4:85:2a:b8:0b:e0:b0:6e:65:4a:db:b5:22:43:
fc:dc:7c:ab:1f:4c:17:6c:7c:bf:d8:5d:fe:b5:f5:
ac:dd:82:d1:b6:d1:7f:44:88:36:9a:31:a0:73:d9:
85:48:35:04:36:60:23:16:20:b3:97:a5:a1:d9:76:
e9:e0:60:95:4e:6a:c7:08:33:1d:06:87:b5:f9:f3:
d2:88:92:43:d4:1b:69:e6:35:e4:88:0a:8f:b9:90:
78:fd:99:5c:43:9c:7d:c4:30:29:7f:d3:16:1d:ba:
e3:91:07:c0:ec:03:f2:7f:d2:d7:f9:ba:30:73:44:
c2:24:b5:89:44:63:33:3c:88:fa:e6:c9:5d:d4:4e:
70:91:14:16:34:61:c1:b3:7c:1d:07:6f:4f:d7:32:
2d:13:9e:16:25:65:5a:40:e6:12:23:c5:59:8c:a1:
df:03:2e:5f:e6:f5:02:f0:da:a8:96:41:d6:c6:9b:
d9:51:e4:be:be:7a:12:e8:44:74:81:d0:b0:b3:0d:
73:f2:e6:9a:62:f7:ff:c3:3e:55:a4:ee:5d:fd:61:
e6:11:0c:d4:0d:bb:db:55:93:e1:f1:c0:7f:c5:77:
9d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:41:13:AA:B6:AA:D7:EB:87:FC:54:79:EF:46:E4:7D:E6:51:B3:E2
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/tUETqraq1-uH_FR570bkfeZRs-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.117.0/24
45.13.119.0/24
45.154.96.0/24
Signature Algorithm: sha256WithRSAEncryption
21:33:2d:62:97:94:bf:58:8f:ee:f6:ae:12:3e:98:ce:ef:55:
de:5a:ab:99:42:00:9c:b9:29:c3:9d:af:43:f9:34:88:82:f5:
e5:52:06:10:0d:33:c8:d3:d1:9b:84:9b:4a:3b:ec:32:1d:9e:
83:ef:8d:b0:3c:4c:d5:4b:a6:46:82:fa:87:2b:ad:9d:c3:28:
32:33:b7:11:ea:f5:ea:d3:21:3c:b2:2c:85:c4:fb:69:59:69:
39:34:8b:e5:e2:89:cb:7e:69:0f:f6:f2:bd:6a:97:9a:ee:f4:
25:b8:48:ea:3b:52:fe:48:04:e0:76:5f:ac:da:c8:1e:c4:1f:
6c:02:7d:67:c2:6e:09:89:a1:fe:9e:9a:cd:c2:9d:07:ae:7a:
86:9a:35:d6:f5:47:0e:f8:e5:e7:67:47:d0:68:09:a7:f0:06:
1e:6f:39:4a:0e:d2:f4:fe:b7:d8:04:bc:5d:7b:d8:22:da:28:
d2:f4:8c:bf:be:af:d9:c4:49:a5:5f:73:fc:23:dc:bf:1e:dd:
57:8d:2a:18:64:41:2a:c0:52:e4:d8:43:51:4e:31:81:34:24:
69:17:f2:46:f6:24:d2:c5:a7:4f:23:1d:62:34:7c:81:c1:64:
2c:b8:0a:07:25:de:a5:25:a7:07:4e:17:c2:6a:47:ec:46:12:
e3:4c:4e:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAX3f8+iVkrFeBo3xDJJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQxMTNhYWI2YWFkN2ViODdmYzU0NzllZjQ2ZTQ3ZGU2NTFiM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSyxnRehboFomJc4jR8eLTrKYg88
eKWWD81VveswpIUquAvgsG5lStu1IkP83HyrH0wXbHy/2F3+tfWs3YLRttF/RIg2
mjGgc9mFSDUENmAjFiCzl6Wh2Xbp4GCVTmrHCDMdBoe1+fPSiJJD1Btp5jXkiAqP
uZB4/ZlcQ5x9xDApf9MWHbrjkQfA7APyf9LX+bowc0TCJLWJRGMzPIj65sld1E5w
kRQWNGHBs3wdB29P1zItE54WJWVaQOYSI8VZjKHfAy5f5vUC8NqolkHWxpvZUeS+
vnoS6ER0gdCwsw1z8uaaYvf/wz5VpO5d/WHmEQzUDbvbVZPh8cB/xXedzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLVBE6q2qtfrh/xUee9G5H3mUbPiMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvdFVFVHFyYXExLXVIX0ZSNTcwYmtmZVpScy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ11AwQA
LQ13AwQALZpgMA0GCSqGSIb3DQEBCwUAA4IBAQAhMy1il5S/WI/u9q4SPpjO71Xe
WquZQgCcuSnDna9D+TSIgvXlUgYQDTPI09GbhJtKO+wyHZ6D742wPEzVS6ZGgvqH
K62dwygyM7cR6vXq0yE8siyFxPtpWWk5NIvl4onLfmkP9vK9apea7vQluEjqO1L+
SATgdl+s2sgexB9sAn1nwm4JiaH+nprNwp0HrnqGmjXW9UcO+OXnZ0fQaAmn8AYe
bzlKDtL0/rfYBLxde9gi2ijS9Iy/vq/ZxEmlX3P8I9y/Ht1XjSoYZEEqwFLk2ENR
TjGBNCRpF/JG9iTSxadPIx1iNHyBwWQsuAoHJd6lJacHThfCakfsRhLjTE5S
-----END CERTIFICATE-----
Generated at Sat May 4 08:45:26 2024 by rpki-client on console-fra.rpki-client.org