Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/D5sPXTxAF7C_4o7Bt4vlbo_P5TU.roa
File: D5sPXTxAF7C_4o7Bt4vlbo_P5TU.roa (raw, json)
Hash identifier: GSuj11Nqcti2Syrflxs5dx/e6LdTXErsN65n+JcCoME=
Subject key identifier: 0F:9B:0F:5D:3C:40:17:B0:BF:E2:8E:C1:B7:8B:E5:6E:8F:CF:E5:35
Certificate issuer: /CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Certificate serial: 0190EFD30DA329C7D6C30686856D79442D94
Authority key identifier: BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/D5sPXTxAF7C_4o7Bt4vlbo_P5TU.roa
Signing time: Fri 26 Jul 2024 16:15:04 +0000
ROA not before: Fri 26 Jul 2024 16:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.87.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.mft
rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:d3:0d:a3:29:c7:d6:c3:06:86:85:6d:79:44:2d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf41addc9a4eea246d42f98c7c72b30b68d67a97
Validity
Not Before: Jul 26 16:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f9b0f5d3c4017b0bfe28ec1b78be56e8fcfe535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e9:f8:e3:f6:46:c7:b9:79:98:5e:d6:f7:e7:
56:7d:96:42:1a:aa:f8:da:01:39:c8:2e:7a:37:30:
0b:8d:58:a7:a2:2a:c0:f5:ea:41:0b:f2:e4:cf:e1:
3a:fb:a3:a3:59:f7:1c:3d:1c:35:7a:7d:5e:5a:2e:
a5:13:c7:e7:ba:25:b1:ab:f4:fd:6d:ad:b7:7c:f0:
de:da:54:54:d8:25:65:ec:73:b2:4d:7b:b5:ca:b7:
d9:0e:79:34:53:c6:d5:99:4b:f5:b9:74:33:73:f2:
d0:5b:e9:02:c0:b1:48:1a:c6:36:7d:a1:b6:63:3c:
3a:7a:a3:56:b3:33:93:c6:90:a1:9a:de:c1:ee:a6:
3b:ac:76:d5:a3:41:1f:66:c9:ab:00:71:f6:41:33:
2b:99:e3:2b:14:23:f2:f1:c2:4a:7e:06:81:54:76:
83:38:4c:d7:e8:6c:ea:ed:75:75:7e:24:8e:d8:27:
d4:7e:ec:fc:78:5f:4f:f1:8e:9b:f3:66:d5:7d:46:
09:1c:0e:8d:af:92:8d:e3:10:45:d8:72:7f:1a:8e:
72:28:73:ea:a1:a4:40:19:17:d1:69:bf:85:8b:c4:
01:39:2d:d1:46:08:ac:07:7d:ed:48:b6:57:7a:b0:
75:ab:57:90:2a:df:c0:92:16:de:7d:2b:3a:fa:cd:
d8:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9B:0F:5D:3C:40:17:B0:BF:E2:8E:C1:B7:8B:E5:6E:8F:CF:E5:35
X509v3 Authority Key Identifier:
keyid:BF:41:AD:DC:9A:4E:EA:24:6D:42:F9:8C:7C:72:B3:0B:68:D6:7A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0Gt3JpO6iRtQvmMfHKzC2jWepc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/D5sPXTxAF7C_4o7Bt4vlbo_P5TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/70fcb3-8302-41e4-836a-eead508be4ee/1/v0Gt3JpO6iRtQvmMfHKzC2jWepc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.101.0/24
Signature Algorithm: sha256WithRSAEncryption
42:10:0c:ba:26:f6:f0:62:30:2a:58:75:d0:ae:01:8e:fc:a8:
f1:5b:1e:6a:e7:00:a8:31:ff:fb:db:69:fe:2f:1c:fa:b9:85:
ae:63:b8:3f:bf:17:57:18:0e:0f:44:01:03:81:e5:2a:24:da:
1c:33:05:b1:e0:43:a2:80:ea:99:d1:67:75:6c:b6:ee:a3:24:
6c:af:2c:34:4e:b3:13:ad:de:29:da:77:78:93:3e:85:bd:6b:
ad:3a:15:77:68:f3:f4:67:a6:18:25:94:a0:50:ff:01:bf:1f:
c7:e0:16:f9:4c:46:ca:92:eb:0b:86:51:7b:b6:c3:40:5e:0c:
fb:45:67:5d:fb:a6:c2:7b:9b:e9:eb:4c:e4:aa:3a:9a:79:4f:
55:65:45:92:c9:95:04:fb:3e:d7:e9:82:3d:fe:28:09:c7:6c:
32:70:73:6f:dc:53:d2:98:23:4d:be:06:64:5c:6e:3b:7f:d7:
b7:3c:67:b1:d6:5a:50:37:1e:6f:88:0d:5c:a6:16:5f:72:f3:
67:54:1c:95:94:0e:9c:a2:27:1e:e0:70:9e:c3:e5:76:59:5a:
e2:a4:eb:ba:bb:68:c7:a1:d6:ef:5b:71:d8:8e:72:b4:a0:a1:
28:3d:a8:30:60:c1:a0:d6:21:4b:07:37:01:33:65:93:e1:98:
3a:19:42:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDv0w2jKcfWwwaGhW15RC2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDFhZGRjOWE0ZWVhMjQ2ZDQyZjk4YzdjNzJiMzBiNjhk
NjdhOTcwHhcNMjQwNzI2MTYxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjliMGY1ZDNjNDAxN2IwYmZlMjhlYzFiNzhiZTU2ZThmY2ZlNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOn44/ZGx7l5mF7W9+dWfZZCGqr4
2gE5yC56NzALjVinoirA9epBC/Lkz+E6+6OjWfccPRw1en1eWi6lE8fnuiWxq/T9
ba23fPDe2lRU2CVl7HOyTXu1yrfZDnk0U8bVmUv1uXQzc/LQW+kCwLFIGsY2faG2
Yzw6eqNWszOTxpChmt7B7qY7rHbVo0EfZsmrAHH2QTMrmeMrFCPy8cJKfgaBVHaD
OEzX6Gzq7XV1fiSO2CfUfuz8eF9P8Y6b82bVfUYJHA6Nr5KN4xBF2HJ/Go5yKHPq
oaRAGRfRab+Fi8QBOS3RRgisB33tSLZXerB1q1eQKt/AkhbefSs6+s3YSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+bD108QBewv+KOwbeL5W6Pz+U1MB8GA1UdIwQY
MBaAFL9BrdyaTuokbUL5jHxyswto1nqXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEt
ZWVhZDUwOGJlNGVlLzEvRDVzUFhUeEFGN0NfNG83QnQ0dmxib19QNVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83MGZjYjMtODMwMi00MWU0LTgzNmEtZWVhZDUwOGJlNGVl
LzEvdjBHdDNKcE82aVJ0UXZtTWZIS3pDMmpXZXBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVdlMA0G
CSqGSIb3DQEBCwUAA4IBAQBCEAy6JvbwYjAqWHXQrgGO/KjxWx5q5wCoMf/722n+
Lxz6uYWuY7g/vxdXGA4PRAEDgeUqJNocMwWx4EOigOqZ0Wd1bLbuoyRsryw0TrMT
rd4p2nd4kz6FvWutOhV3aPP0Z6YYJZSgUP8Bvx/H4Bb5TEbKkusLhlF7tsNAXgz7
RWdd+6bCe5vp60zkqjqaeU9VZUWSyZUE+z7X6YI9/igJx2wycHNv3FPSmCNNvgZk
XG47f9e3PGex1lpQNx5viA1cphZfcvNnVByVlA6coice4HCew+V2WVripOu6u2jH
odbvW3HYjnK0oKEoPagwYMGg1iFLBzcBM2WT4Zg6GUIG
-----END CERTIFICATE-----
Generated at Sat Sep 7 21:01:54 2024 by rpki-client on console-ams.rpki-client.org