Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/ec2833-bb0f-4924-8517-f3df6177a2bb/1/DVyN9e6ORl2zOHceE77l_alvFzg.roa
File: DVyN9e6ORl2zOHceE77l_alvFzg.roa (raw, json)
Hash identifier: PQHphM6aTK0efjXdHxe5Us2RUeh6lovYx2piHqOR8lw=
Subject key identifier: 0D:5C:8D:F5:EE:8E:46:5D:B3:38:77:1E:13:BE:E5:FD:A9:6F:17:38
Certificate issuer: /CN=45d58323e7d4f91c37297cd1926566033b3f8aba
Certificate serial: 018EC73CD4AFE07DAC923BA95F1EECE8D7A6
Authority key identifier: 45:D5:83:23:E7:D4:F9:1C:37:29:7C:D1:92:65:66:03:3B:3F:8A:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RdWDI-fU-Rw3KXzRkmVmAzs_iro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/ec2833-bb0f-4924-8517-f3df6177a2bb/1/DVyN9e6ORl2zOHceE77l_alvFzg.roa
Signing time: Wed 10 Apr 2024 09:00:36 +0000
ROA not before: Wed 10 Apr 2024 09:00:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60609
IP address blocks: 2.57.100.0/24 maxlen: 24
2.57.101.0/24 maxlen: 24
2.57.102.0/24 maxlen: 24
2.57.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/ec2833-bb0f-4924-8517-f3df6177a2bb/1/RdWDI-fU-Rw3KXzRkmVmAzs_iro.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/ec2833-bb0f-4924-8517-f3df6177a2bb/1/RdWDI-fU-Rw3KXzRkmVmAzs_iro.mft
rsync://rpki.ripe.net/repository/DEFAULT/RdWDI-fU-Rw3KXzRkmVmAzs_iro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 13:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:3c:d4:af:e0:7d:ac:92:3b:a9:5f:1e:ec:e8:d7:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45d58323e7d4f91c37297cd1926566033b3f8aba
Validity
Not Before: Apr 10 09:00:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d5c8df5ee8e465db338771e13bee5fda96f1738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:db:af:59:4c:07:a9:e1:dd:a1:d6:6c:d3:52:
7a:05:c4:2c:76:c9:13:62:18:39:60:6b:1f:71:b5:
00:19:73:0b:72:d3:be:95:b8:6d:f7:ee:ca:4f:d0:
89:06:03:e7:ae:16:87:67:d9:d4:ef:ed:14:bf:4f:
37:c7:5c:1b:57:b5:c7:96:a3:d7:71:e7:f5:64:a3:
91:a8:87:64:f6:2c:6d:a8:09:09:5a:61:03:0e:f5:
72:af:40:46:cb:65:3b:d3:07:ca:20:03:63:a4:42:
42:bd:66:70:03:f7:44:1a:c2:ac:2b:f0:86:71:0e:
5d:3a:e3:c5:a4:73:50:ee:2f:38:64:13:8d:4b:e0:
10:83:dc:38:e9:de:28:6a:47:41:8d:86:6d:70:6a:
7d:3d:29:3c:e8:82:e6:11:24:f8:b1:b5:6e:1b:f4:
4d:27:d5:26:b0:b1:01:b5:88:c2:47:a0:fe:22:43:
06:e1:c1:0c:ae:69:3d:d0:1e:aa:b0:f4:70:f5:06:
55:c6:3f:69:07:1b:b1:11:ef:96:66:f8:57:c2:2b:
2a:35:79:88:0c:72:ad:90:a1:71:16:d9:b7:2e:cb:
83:2e:3b:32:e2:be:29:65:28:9d:98:e2:a8:dc:ff:
7e:a2:a2:0f:b3:58:68:f0:9a:ae:ae:25:27:8a:d3:
33:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:5C:8D:F5:EE:8E:46:5D:B3:38:77:1E:13:BE:E5:FD:A9:6F:17:38
X509v3 Authority Key Identifier:
keyid:45:D5:83:23:E7:D4:F9:1C:37:29:7C:D1:92:65:66:03:3B:3F:8A:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RdWDI-fU-Rw3KXzRkmVmAzs_iro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/ec2833-bb0f-4924-8517-f3df6177a2bb/1/DVyN9e6ORl2zOHceE77l_alvFzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/ec2833-bb0f-4924-8517-f3df6177a2bb/1/RdWDI-fU-Rw3KXzRkmVmAzs_iro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.100.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:78:ae:4a:30:f4:7f:f1:d5:fc:55:4c:a1:f2:1b:ab:6e:aa:
02:11:f3:b1:c8:c5:97:b7:10:b3:d5:34:59:02:3e:fd:60:b9:
43:0f:10:4b:e5:bd:88:25:92:75:5d:6f:83:07:62:51:02:97:
01:fb:3b:f7:ff:e8:cc:f8:0d:ac:97:16:c2:b8:f4:34:bb:87:
56:2a:bc:a5:c0:87:ee:01:dd:e8:57:f6:a5:49:21:ca:97:0c:
c1:70:1f:be:78:d0:19:76:68:20:23:d8:24:ef:9b:9b:43:77:
92:e9:f5:2a:f2:fb:38:c5:04:22:72:e0:f6:e9:1f:3b:9a:fa:
f3:c0:66:72:61:bf:f8:05:e7:ee:35:54:f9:32:98:fd:d3:00:
e0:2e:74:bc:30:0d:45:af:68:13:ee:b8:2e:1a:e2:b3:bb:f2:
d5:a3:6a:05:f1:83:41:47:e7:29:10:d0:a7:74:33:53:70:07:
66:11:04:65:94:36:af:e6:3f:5e:8d:e8:bc:24:3f:c3:ce:25:
aa:34:e4:fd:cd:11:ca:29:2e:80:ac:1c:13:ec:d7:6c:cf:45:
26:6b:a6:a0:9e:25:41:ac:c1:77:ab:79:72:b3:a3:76:d2:e6:
40:c6:74:19:5c:95:e2:7a:88:42:be:0a:11:c2:36:1b:d9:ca:
52:b3:58:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7HPNSv4H2skjupXx7s6NemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZDU4MzIzZTdkNGY5MWMzNzI5N2NkMTkyNjU2NjAzM2Iz
ZjhhYmEwHhcNMjQwNDEwMDkwMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDVjOGRmNWVlOGU0NjVkYjMzODc3MWUxM2JlZTVmZGE5NmYxNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtuvWUwHqeHdodZs01J6BcQsdskT
Yhg5YGsfcbUAGXMLctO+lbht9+7KT9CJBgPnrhaHZ9nU7+0Uv083x1wbV7XHlqPX
cef1ZKORqIdk9ixtqAkJWmEDDvVyr0BGy2U70wfKIANjpEJCvWZwA/dEGsKsK/CG
cQ5dOuPFpHNQ7i84ZBONS+AQg9w46d4oakdBjYZtcGp9PSk86ILmEST4sbVuG/RN
J9UmsLEBtYjCR6D+IkMG4cEMrmk90B6qsPRw9QZVxj9pBxuxEe+WZvhXwisqNXmI
DHKtkKFxFtm3LsuDLjsy4r4pZSidmOKo3P9+oqIPs1ho8JquriUnitMzqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1cjfXujkZdszh3HhO+5f2pbxc4MB8GA1UdIwQY
MBaAFEXVgyPn1PkcNyl80ZJlZgM7P4q6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmRXREktZlUtUnczS1h6UmttVm1BenNfaXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9lYzI4MzMtYmIwZi00OTI0LTg1MTct
ZjNkZjYxNzdhMmJiLzEvRFZ5TjllNk9SbDJ6T0hjZUU3N2xfYWx2RnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9lYzI4MzMtYmIwZi00OTI0LTg1MTctZjNkZjYxNzdhMmJi
LzEvUmRXREktZlUtUnczS1h6UmttVm1BenNfaXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjlkMA0G
CSqGSIb3DQEBCwUAA4IBAQCNeK5KMPR/8dX8VUyh8hurbqoCEfOxyMWXtxCz1TRZ
Aj79YLlDDxBL5b2IJZJ1XW+DB2JRApcB+zv3/+jM+A2slxbCuPQ0u4dWKrylwIfu
Ad3oV/alSSHKlwzBcB++eNAZdmggI9gk75ubQ3eS6fUq8vs4xQQicuD26R87mvrz
wGZyYb/4BefuNVT5Mpj90wDgLnS8MA1Fr2gT7rguGuKzu/LVo2oF8YNBR+cpENCn
dDNTcAdmEQRllDav5j9ejei8JD/DziWqNOT9zRHKKS6ArBwT7Ndsz0Uma6agniVB
rMF3q3lys6N20uZAxnQZXJXieohCvgoRwjYb2cpSs1gl
-----END CERTIFICATE-----
Generated at Tue Apr 30 19:58:33 2024 by rpki-client on console-ams.rpki-client.org