Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/1-OLkcCSi7aXpZmeRMtmUAbfJFX4.roa
File: 1-OLkcCSi7aXpZmeRMtmUAbfJFX4.roa (raw, json)
Hash identifier: ri77vUz+yxyxxQMF0mWvd5w4t08WnuRKggSg6wOs3T4=
Subject key identifier: F8:E2:E4:70:24:A2:ED:A5:E9:66:67:91:32:D9:94:01:B7:C9:15:7E
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 018CC26D4AB4B240AF2B0EA78A068EEEC9B0
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/1-OLkcCSi7aXpZmeRMtmUAbfJFX4.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39801
IP address blocks: 45.146.32.0/22 maxlen: 24
77.95.68.0/23 maxlen: 24
2a00:a4c0:c000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4a:b4:b2:40:af:2b:0e:a7:8a:06:8e:ee:c9:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8e2e47024a2eda5e966679132d99401b7c9157e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:35:a7:d0:e0:5f:b0:09:f7:cf:f2:db:4d:8f:
a0:76:dc:88:9b:37:38:98:39:bd:3d:45:7a:c3:c6:
e6:7e:46:28:da:ff:1f:f7:ef:8b:12:62:d4:3a:53:
24:e3:3d:f2:c6:27:ad:92:15:08:3c:d5:c1:03:ba:
13:27:f9:71:b2:d6:b0:72:bc:2c:ab:85:47:dd:64:
de:19:9a:9e:8b:88:e6:51:fd:fd:64:dd:a2:df:62:
07:e8:9e:46:e3:80:c4:77:f4:30:1d:14:ec:f1:c7:
81:9c:80:80:29:b1:35:ee:18:1a:3f:44:b2:d5:00:
8b:d0:6e:98:ef:92:d4:6b:e0:10:c8:05:ed:85:82:
74:b0:bb:b5:e5:f0:53:aa:3b:73:58:8f:31:4f:1e:
cc:2f:7b:88:23:b4:3a:12:6e:fa:c6:04:fe:b0:75:
d1:d8:f1:15:66:aa:0b:a1:bc:fe:a0:a9:04:a1:d6:
d3:d9:40:d5:f8:c1:31:e8:fd:5d:4e:cf:48:6d:96:
26:8f:cc:92:53:b7:55:bc:df:fd:f5:1c:a0:ce:3e:
c6:6d:5e:48:8e:95:76:53:37:86:23:e5:f6:38:a5:
b7:41:a2:03:97:7d:5d:ae:2a:43:20:1f:47:7e:96:
d3:49:f6:da:be:94:b8:14:07:17:26:c2:d7:af:fb:
7c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E2:E4:70:24:A2:ED:A5:E9:66:67:91:32:D9:94:01:B7:C9:15:7E
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/1-OLkcCSi7aXpZmeRMtmUAbfJFX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.32.0/22
77.95.68.0/23
IPv6:
2a00:a4c0:c000::/36
Signature Algorithm: sha256WithRSAEncryption
bb:8b:0a:3c:85:30:fb:78:c8:fa:73:59:34:af:15:53:16:bc:
60:98:5b:c6:13:37:dd:a8:b9:0c:b7:7e:30:1e:fd:7c:95:da:
4f:35:b1:0e:59:32:10:c5:d0:67:43:34:a1:9b:f0:fb:28:77:
32:c9:4f:b7:58:da:c7:de:74:85:40:68:fc:31:b4:64:d8:f5:
fa:da:13:0a:3f:91:ec:3b:27:76:ea:ab:08:60:6d:27:bb:88:
ba:3f:c4:a7:b3:00:5d:dd:43:4b:4c:95:2a:5d:96:dc:6e:43:
c5:4e:dc:57:5c:e9:36:54:52:b2:98:9f:0d:b0:32:a9:59:e8:
7a:6c:c5:6f:47:f9:a5:66:bd:11:2e:ef:0b:66:59:04:d6:67:
e0:2c:77:8f:6f:95:c7:65:1d:c6:ab:1c:73:bc:df:e9:ae:46:
50:2a:a0:5d:bf:a6:c0:ad:4c:0d:1c:bb:db:73:ad:b0:4c:19:
89:e1:c4:6a:5b:ca:40:89:cd:2f:df:e0:43:98:69:a8:18:03:
b6:16:f9:e7:c0:76:ef:a8:a5:c2:79:d6:a8:84:ea:83:d4:15:
a8:8a:fa:9f:d2:d2:05:df:cd:af:86:ec:da:00:86:b1:3d:89:
35:61:84:cf:b9:52:1c:81:b6:7b:2b:c0:b1:62:59:8e:27:18:
12:f7:73:fb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzCbUq0skCvKw6nigaO7smwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGUyZTQ3MDI0YTJlZGE1ZTk2NjY3OTEzMmQ5OTQwMWI3YzkxNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTWn0OBfsAn3z/LbTY+gdtyImzc4
mDm9PUV6w8bmfkYo2v8f9++LEmLUOlMk4z3yxietkhUIPNXBA7oTJ/lxstawcrws
q4VH3WTeGZqei4jmUf39ZN2i32IH6J5G44DEd/QwHRTs8ceBnICAKbE17hgaP0Sy
1QCL0G6Y75LUa+AQyAXthYJ0sLu15fBTqjtzWI8xTx7ML3uII7Q6Em76xgT+sHXR
2PEVZqoLobz+oKkEodbT2UDV+MEx6P1dTs9IbZYmj8ySU7dVvN/99Rygzj7GbV5I
jpV2UzeGI+X2OKW3QaIDl31dripDIB9HfpbTSfbavpS4FAcXJsLXr/t8LwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPji5HAkou2l6WZnkTLZlAG3yRV+MB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvMS1PTGtjQ1NpN2FYcFptZVJNdG1VQWJmSkZYNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvNTc2ODhlLWE5NjQtNDkzMy04NjMxLTg1MGYzNDkwNjIy
OS8xL01SMWl0XzJmejhoOV9xbUhVVmRueURqaUc3ay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEAi2SIAME
AU1fRDAOBAIAAjAIAwYEKgCkwMAwDQYJKoZIhvcNAQELBQADggEBALuLCjyFMPt4
yPpzWTSvFVMWvGCYW8YTN92ouQy3fjAe/XyV2k81sQ5ZMhDF0GdDNKGb8PsodzLJ
T7dY2sfedIVAaPwxtGTY9fraEwo/kew7J3bqqwhgbSe7iLo/xKezAF3dQ0tMlSpd
ltxuQ8VO3Fdc6TZUUrKYnw2wMqlZ6HpsxW9H+aVmvREu7wtmWQTWZ+Asd49vlcdl
HcarHHO83+muRlAqoF2/psCtTA0cu9tzrbBMGYnhxGpbykCJzS/f4EOYaagYA7YW
+efAdu+opcJ51qiE6oPUFaiK+p/S0gXfza+G7NoAhrE9iTVhhM+5UhyBtnsrwLFi
WY4nGBL3c/s=
-----END CERTIFICATE-----
Generated at Sun May 19 22:56:28 2024 by rpki-client on console-fra.rpki-client.org