Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/g3i57TOI_fin9KYWvXWR-253wKU.roa
File: g3i57TOI_fin9KYWvXWR-253wKU.roa (raw, json)
Hash identifier: 51F5hCiin6mMWNtwtMkbB4jP5Bs2TXtyU/UkVZmj9eU=
Subject key identifier: 83:78:B9:ED:33:88:FD:F8:A7:F4:A6:16:BD:75:91:FB:6E:77:C0:A5
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 018CC8DE4987595EE513A092428DAC5291D5
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/g3i57TOI_fin9KYWvXWR-253wKU.roa
Signing time: Tue 02 Jan 2024 06:31:00 +0000
ROA not before: Tue 02 Jan 2024 06:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 45.134.158.0/24 maxlen: 24
45.134.159.0/24 maxlen: 24
185.232.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:49:87:59:5e:e5:13:a0:92:42:8d:ac:52:91:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jan 2 06:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8378b9ed3388fdf8a7f4a616bd7591fb6e77c0a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:61:97:1d:2f:06:32:ea:1c:60:05:19:be:2b:
07:16:24:dd:4b:b7:3a:d2:8d:7a:ff:fd:db:b6:3a:
b1:c6:5c:d7:b5:76:91:62:e6:db:d2:55:25:cc:37:
78:24:36:51:f3:ad:b4:72:f7:e5:27:12:45:f8:49:
72:ec:43:73:e5:78:92:95:26:8f:45:c2:91:16:f3:
3b:94:d2:71:af:39:52:28:98:93:4d:7d:01:c0:fe:
29:0c:d5:6f:32:7f:95:5d:85:53:25:24:69:70:b2:
f3:bc:51:f8:a1:5e:67:af:76:c6:8f:19:c0:a9:bf:
a9:07:d4:29:73:1e:ea:1e:d4:5b:e3:58:87:a3:7b:
ad:3c:19:87:a7:30:d7:f7:ef:7d:4c:a6:77:f3:22:
f8:f6:28:df:0f:be:fe:f4:f5:76:58:03:12:85:8e:
59:36:ce:b4:45:7f:8b:bd:95:3d:6b:4a:26:ba:ab:
c9:26:ad:60:87:d6:f3:0e:ac:a4:12:06:06:15:9f:
73:c8:9a:97:2b:43:30:5c:db:db:16:4c:d5:a1:a2:
8b:37:e7:fb:86:69:ec:ab:01:d5:06:5e:ec:fe:45:
a6:92:6a:7b:e9:72:40:4f:1b:de:d3:4c:03:20:94:
80:ea:7c:6b:0f:f5:25:73:8b:a0:5d:db:14:58:07:
30:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:78:B9:ED:33:88:FD:F8:A7:F4:A6:16:BD:75:91:FB:6E:77:C0:A5
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/g3i57TOI_fin9KYWvXWR-253wKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.158.0/23
185.232.16.0/24
Signature Algorithm: sha256WithRSAEncryption
51:fa:87:0f:a6:3d:30:eb:f0:5a:f0:f3:22:d8:eb:e4:64:dd:
c6:85:9b:d3:b1:94:1d:28:54:e1:67:08:8f:00:34:cc:92:c5:
52:5f:fd:ee:45:ad:da:c5:bd:df:c3:80:f4:5d:66:ab:56:34:
4c:d7:2c:1d:d8:2d:ca:47:6f:7d:5e:d5:d7:b9:c0:10:11:2c:
f7:02:4c:c2:fc:64:a7:5b:9d:45:6e:d8:5b:dc:10:40:4d:73:
37:07:4b:38:ab:69:58:67:26:8d:48:4a:70:60:86:cb:bd:44:
59:c2:8a:41:de:59:58:a5:4c:de:1f:09:7c:2a:74:65:81:36:
68:9b:fd:8c:a3:14:e4:d4:1f:a9:da:64:fb:4e:f2:3e:60:49:
d0:0e:fe:12:12:49:ec:43:15:80:1a:59:54:fe:8d:9c:62:df:
4c:af:0c:05:9a:ff:5a:34:40:65:78:eb:f1:c1:fc:b2:d6:80:
1d:d2:c2:63:76:a4:4d:7e:1f:d3:67:32:e9:7a:4c:7f:6a:9b:
63:f8:47:1c:9a:1c:6d:8e:5d:57:60:ef:41:ba:8b:fa:90:a7:
b7:8a:6d:f2:07:8b:51:34:2d:2f:55:74:30:5b:49:da:2b:22:
28:b9:8b:f6:c5:9b:c2:49:32:c0:a5:25:5a:24:6b:2f:a1:2e:
0d:7b:07:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3kmHWV7lE6CSQo2sUpHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjQwMTAyMDYzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzc4YjllZDMzODhmZGY4YTdmNGE2MTZiZDc1OTFmYjZlNzdjMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2GXHS8GMuocYAUZvisHFiTdS7c6
0o16//3btjqxxlzXtXaRYubb0lUlzDd4JDZR8620cvflJxJF+Ely7ENz5XiSlSaP
RcKRFvM7lNJxrzlSKJiTTX0BwP4pDNVvMn+VXYVTJSRpcLLzvFH4oV5nr3bGjxnA
qb+pB9Qpcx7qHtRb41iHo3utPBmHpzDX9+99TKZ38yL49ijfD77+9PV2WAMShY5Z
Ns60RX+LvZU9a0omuqvJJq1gh9bzDqykEgYGFZ9zyJqXK0MwXNvbFkzVoaKLN+f7
hmnsqwHVBl7s/kWmkmp76XJATxve00wDIJSA6nxrD/Ulc4ugXdsUWAcwbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIN4ue0ziP34p/SmFr11kftud8ClMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvZzNpNTdUT0lfZmluOUtZV3ZYV1ItMjUzd0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYaeAwQA
uegQMA0GCSqGSIb3DQEBCwUAA4IBAQBR+ocPpj0w6/Ba8PMi2OvkZN3GhZvTsZQd
KFThZwiPADTMksVSX/3uRa3axb3fw4D0XWarVjRM1ywd2C3KR299XtXXucAQESz3
AkzC/GSnW51Fbthb3BBATXM3B0s4q2lYZyaNSEpwYIbLvURZwopB3llYpUzeHwl8
KnRlgTZom/2MoxTk1B+p2mT7TvI+YEnQDv4SEknsQxWAGllU/o2cYt9MrwwFmv9a
NEBleOvxwfyy1oAd0sJjdqRNfh/TZzLpekx/aptj+Eccmhxtjl1XYO9Buov6kKe3
im3yB4tRNC0vVXQwW0naKyIouYv2xZvCSTLApSVaJGsvoS4NewcZ
-----END CERTIFICATE-----
Generated at Sun May 19 21:13:55 2024 by rpki-client on console-ams.rpki-client.org