Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/USRUohu6774wo4GtQsMTtI9j4fk.roa
File: USRUohu6774wo4GtQsMTtI9j4fk.roa (raw, json)
Hash identifier: MWZs4H7j8DxPlzHQkkV2O/uXJMhVvuaEm8tFqweyMm8=
Subject key identifier: 51:24:54:A2:1B:BA:EF:BE:30:A3:81:AD:42:C3:13:B4:8F:63:E1:F9
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 018CC8DE39110C46A6F8AD71E0D07E12279F
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/USRUohu6774wo4GtQsMTtI9j4fk.roa
Signing time: Tue 02 Jan 2024 06:30:55 +0000
ROA not before: Tue 02 Jan 2024 06:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.87.161.0/24 maxlen: 24
45.87.162.0/24 maxlen: 24
45.87.163.0/24 maxlen: 24
45.87.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:39:11:0c:46:a6:f8:ad:71:e0:d0:7e:12:27:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Jan 2 06:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=512454a21bbaefbe30a381ad42c313b48f63e1f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:05:a8:8e:3e:d0:c0:34:c3:1c:6e:29:ca:cd:
1d:65:ad:69:fe:60:b4:80:29:fd:df:5d:db:00:f4:
25:8c:dd:40:b6:07:5b:49:d0:4a:39:ab:66:c2:b9:
e1:1f:df:3e:f4:7d:5a:70:fa:7b:67:96:45:29:05:
32:46:20:07:be:d7:43:6a:73:1c:d6:e6:a1:b8:eb:
af:91:6b:88:8e:43:46:b1:41:68:2e:a7:ad:1a:df:
8c:aa:7b:b5:99:4d:6e:9c:90:9b:8e:3a:c5:ab:03:
54:c7:8e:d8:0f:c6:a9:91:cf:56:6d:63:a5:bf:6a:
e8:83:c7:d9:2b:fa:c7:dd:c4:79:1e:7f:eb:96:ad:
05:bd:c1:e8:26:29:12:2b:8b:1d:55:c4:2a:27:84:
fc:c0:19:10:3f:90:4e:71:e6:49:f4:b3:4b:53:3a:
43:41:6f:3a:f3:3e:fa:70:07:07:e6:c8:22:4d:41:
a1:e3:02:f0:88:55:8b:ea:c2:1a:f2:34:a4:73:42:
17:56:ce:37:27:83:e8:e0:8b:fa:3d:ee:e5:2f:b3:
dc:9a:4e:3a:97:e5:4a:6b:e4:68:23:65:d0:f2:a9:
57:17:12:86:7e:de:0f:07:0b:53:92:d0:2d:37:b3:
8d:44:67:a7:db:a9:5a:9b:c2:49:d5:c1:ab:00:ad:
59:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:24:54:A2:1B:BA:EF:BE:30:A3:81:AD:42:C3:13:B4:8F:63:E1:F9
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/USRUohu6774wo4GtQsMTtI9j4fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.160.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:f1:a1:2d:4f:a8:99:e9:b4:15:39:32:ec:1a:fb:ff:ab:cd:
26:ac:4c:ba:9d:b3:7a:fe:88:39:26:fe:38:c9:6a:86:08:c7:
3e:17:f5:c2:31:a9:ea:f2:ee:28:37:be:2d:e5:58:27:80:c2:
02:31:82:27:5c:98:05:b9:14:68:a9:94:13:4d:26:2c:89:f5:
13:0c:83:88:5c:19:3b:2e:96:4c:fc:16:fd:9f:25:de:33:1c:
d0:78:22:50:fc:e5:4a:72:fe:a8:3b:0b:d8:a0:ec:58:80:43:
e1:ad:f9:ab:8e:64:cb:69:02:3a:3c:ff:56:9b:20:63:2e:a6:
2b:c8:83:e7:0b:6e:2b:e9:b2:d8:b8:01:f2:97:06:3f:ed:9b:
56:1e:a5:0f:45:f9:8f:57:b3:5f:00:93:e4:16:b1:b1:ee:98:
21:8a:e6:ea:12:f1:e3:92:e0:fa:2f:70:77:07:b3:3c:0d:e9:
85:6c:fc:7d:9a:92:24:a3:bc:77:98:d0:f2:37:96:d3:97:eb:
23:5d:f4:8a:f3:56:9b:17:b8:93:6e:9b:55:4f:94:97:fc:10:
dd:ee:03:94:df:ca:b9:07:02:b4:7e:db:66:4e:31:25:55:79:
13:65:4a:22:57:c6:c9:c2:4b:e3:8c:6f:75:16:86:7a:a1:ec:
03:d0:0c:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3jkRDEam+K1x4NB+EiefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjQwMTAyMDYzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTI0NTRhMjFiYmFlZmJlMzBhMzgxYWQ0MmMzMTNiNDhmNjNlMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwWojj7QwDTDHG4pys0dZa1p/mC0
gCn9313bAPQljN1AtgdbSdBKOatmwrnhH98+9H1acPp7Z5ZFKQUyRiAHvtdDanMc
1uahuOuvkWuIjkNGsUFoLqetGt+Mqnu1mU1unJCbjjrFqwNUx47YD8apkc9WbWOl
v2rog8fZK/rH3cR5Hn/rlq0FvcHoJikSK4sdVcQqJ4T8wBkQP5BOceZJ9LNLUzpD
QW868z76cAcH5sgiTUGh4wLwiFWL6sIa8jSkc0IXVs43J4Po4Iv6Pe7lL7Pcmk46
l+VKa+RoI2XQ8qlXFxKGft4PBwtTktAtN7ONRGen26lam8JJ1cGrAK1ZoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEkVKIbuu++MKOBrULDE7SPY+H5MB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEvVVNSVW9odTY3NzR3bzRHdFFzTVR0STlqNGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVegMA0G
CSqGSIb3DQEBCwUAA4IBAQCN8aEtT6iZ6bQVOTLsGvv/q80mrEy6nbN6/og5Jv44
yWqGCMc+F/XCManq8u4oN74t5VgngMICMYInXJgFuRRoqZQTTSYsifUTDIOIXBk7
LpZM/Bb9nyXeMxzQeCJQ/OVKcv6oOwvYoOxYgEPhrfmrjmTLaQI6PP9WmyBjLqYr
yIPnC24r6bLYuAHylwY/7ZtWHqUPRfmPV7NfAJPkFrGx7pghiubqEvHjkuD6L3B3
B7M8DemFbPx9mpIko7x3mNDyN5bTl+sjXfSK81abF7iTbptVT5SX/BDd7gOU38q5
BwK0fttmTjElVXkTZUoiV8bJwkvjjG91FoZ6oewD0Az8
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:11:12 2024 by rpki-client on console-ams.rpki-client.org