Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/nfWdOTtP-cCUMq03dED5PdYD6kk.roa
File: nfWdOTtP-cCUMq03dED5PdYD6kk.roa (raw, json)
Hash identifier: 9vq3NAInNQWMwY6t4fmVndgf05ap1PRSt3uJ8dgkWMw=
Subject key identifier: 9D:F5:9D:39:3B:4F:F9:C0:94:32:AD:37:74:40:F9:3D:D6:03:EA:49
Certificate issuer: /CN=f8555a7883f92b9f9ba422a96b4e397bf5fb8fc7
Certificate serial: 0192BEA8F6480E29AEF9671EC59FD1F1BC74
Authority key identifier: F8:55:5A:78:83:F9:2B:9F:9B:A4:22:A9:6B:4E:39:7B:F5:FB:8F:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-FVaeIP5K5-bpCKpa045e_X7j8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/nfWdOTtP-cCUMq03dED5PdYD6kk.roa
Signing time: Thu 24 Oct 2024 13:13:16 +0000
ROA not before: Thu 24 Oct 2024 13:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35197
IP address blocks: 45.159.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/1-FVaeIP5K5-bpCKpa045e_X7j8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/1-FVaeIP5K5-bpCKpa045e_X7j8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-FVaeIP5K5-bpCKpa045e_X7j8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:a8:f6:48:0e:29:ae:f9:67:1e:c5:9f:d1:f1:bc:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8555a7883f92b9f9ba422a96b4e397bf5fb8fc7
Validity
Not Before: Oct 24 13:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9df59d393b4ff9c09432ad377440f93dd603ea49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:d5:4b:8c:f4:b2:b8:0d:07:46:7f:4d:da:
5b:cf:33:8c:3c:e2:2d:c7:2f:9d:ce:dd:eb:c5:87:
05:be:07:8e:4e:54:32:12:eb:41:6f:53:00:69:6c:
5d:ee:c1:b4:41:fd:e5:10:c5:0a:8f:7c:d2:47:e2:
14:f0:5b:7d:5e:d4:81:92:9f:5a:53:c8:98:32:52:
59:e3:67:f9:1d:14:c5:4e:f6:25:84:0e:93:bf:b9:
28:84:91:7a:8b:eb:f2:3e:6a:df:71:61:40:fb:6d:
29:35:2d:fa:85:54:ed:d7:0e:ec:c1:e5:9c:bd:5a:
5d:74:6a:af:7d:c0:14:82:b4:d4:b0:0f:6d:f0:26:
d1:40:a7:19:20:25:e6:46:91:64:72:86:ef:d6:47:
0a:5b:19:40:04:25:09:1d:77:92:29:ca:e2:4f:aa:
85:62:62:08:31:58:cb:d8:e2:61:6f:e8:d6:64:d4:
00:f5:79:ac:65:34:9d:e1:f4:1d:65:e1:b9:f0:a4:
34:a1:58:b9:8e:da:f7:90:a6:10:31:37:84:cb:c9:
96:e9:d5:20:72:dd:30:e7:79:45:e4:40:75:c8:87:
75:5d:d6:4f:fe:24:65:9d:3d:66:9c:5d:68:99:08:
59:07:74:b9:5f:b3:8b:14:79:c2:cf:b7:12:49:fc:
23:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F5:9D:39:3B:4F:F9:C0:94:32:AD:37:74:40:F9:3D:D6:03:EA:49
X509v3 Authority Key Identifier:
keyid:F8:55:5A:78:83:F9:2B:9F:9B:A4:22:A9:6B:4E:39:7B:F5:FB:8F:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-FVaeIP5K5-bpCKpa045e_X7j8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/nfWdOTtP-cCUMq03dED5PdYD6kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/1-FVaeIP5K5-bpCKpa045e_X7j8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.187.0/24
Signature Algorithm: sha256WithRSAEncryption
00:02:7a:3f:c2:ef:8f:cf:b3:68:05:24:d1:36:0e:c3:09:d2:
e4:d4:53:53:d8:59:c4:42:65:51:f4:5c:4d:f5:68:18:a8:40:
c9:d3:b5:51:47:78:37:3e:26:3a:45:b7:31:37:a9:6a:06:ff:
fc:71:29:48:64:30:bc:fa:4e:c0:95:3e:67:92:5d:03:a0:da:
c4:56:d5:11:94:c2:b9:4b:5b:80:78:72:94:f0:55:90:1d:47:
e0:ff:a6:1d:b8:97:53:83:14:35:01:97:97:c1:2d:a1:1a:90:
a0:9e:72:3e:e0:62:4f:ab:f2:a3:bb:c3:b4:63:e8:0b:62:2a:
9f:97:42:e2:9e:48:93:82:67:13:b9:77:51:62:ed:69:92:70:
e7:8c:cf:27:47:ac:2f:54:50:1c:1c:10:f7:5a:20:c9:70:ff:
71:09:da:b7:e4:76:df:6e:27:13:cc:0a:84:ff:a7:f0:4e:89:
d6:d5:f8:4d:6b:f2:8c:fc:24:39:64:a6:75:f6:40:6f:b5:55:
5e:7f:71:75:26:6f:2b:27:5e:ed:87:b0:98:3b:34:38:76:e0:
f5:9e:44:eb:c1:bb:b3:4c:10:28:92:61:4c:7e:df:c2:07:77:
8c:ac:88:fb:96:1e:83:8e:60:a8:d7:7f:63:b6:ad:74:e7:eb:
cd:2e:53:12
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZK+qPZIDimu+WcexZ/R8bx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NTU1YTc4ODNmOTJiOWY5YmE0MjJhOTZiNGUzOTdiZjVm
YjhmYzcwHhcNMjQxMDI0MTMxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGY1OWQzOTNiNGZmOWMwOTQzMmFkMzc3NDQwZjkzZGQ2MDNlYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA3VS4z0srgNB0Z/TdpbzzOMPOIt
xy+dzt3rxYcFvgeOTlQyEutBb1MAaWxd7sG0Qf3lEMUKj3zSR+IU8Ft9XtSBkp9a
U8iYMlJZ42f5HRTFTvYlhA6Tv7kohJF6i+vyPmrfcWFA+20pNS36hVTt1w7sweWc
vVpddGqvfcAUgrTUsA9t8CbRQKcZICXmRpFkcobv1kcKWxlABCUJHXeSKcriT6qF
YmIIMVjL2OJhb+jWZNQA9XmsZTSd4fQdZeG58KQ0oVi5jtr3kKYQMTeEy8mW6dUg
ct0w53lF5EB1yId1XdZP/iRlnT1mnF1omQhZB3S5X7OLFHnCz7cSSfwjKwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJ31nTk7T/nAlDKtN3RA+T3WA+pJMB8GA1UdIwQY
MBaAFPhVWniD+Sufm6QiqWtOOXv1+4/HMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1GVmFlSVA1SzUtYnBDS3BhMDQ1ZV9YN2o4Yy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvODI0NDVmLWQxZDctNDZiMC1hZjRm
LTc2NmMwNmU1ZjA3NS8xL25mV2RPVHRQLWNDVU1xMDNkRUQ1UGRZRDZray5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2IvODI0NDVmLWQxZDctNDZiMC1hZjRmLTc2NmMwNmU1ZjA3
NS8xLzEtRlZhZUlQNUs1LWJwQ0twYTA0NWVfWDdqOGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtn7sw
DQYJKoZIhvcNAQELBQADggEBAAACej/C74/Ps2gFJNE2DsMJ0uTUU1PYWcRCZVH0
XE31aBioQMnTtVFHeDc+JjpFtzE3qWoG//xxKUhkMLz6TsCVPmeSXQOg2sRW1RGU
wrlLW4B4cpTwVZAdR+D/ph24l1ODFDUBl5fBLaEakKCecj7gYk+r8qO7w7Rj6Ati
Kp+XQuKeSJOCZxO5d1Fi7WmScOeMzydHrC9UUBwcEPdaIMlw/3EJ2rfkdt9uJxPM
CoT/p/BOidbV+E1r8oz8JDlkpnX2QG+1VV5/cXUmbysnXu2HsJg7NDh24PWeROvB
u7NMECiSYUx+38IHd4ysiPuWHoOOYKjXf2O2rXTn680uUxI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:26 2024 by rpki-client on console-ams.rpki-client.org