Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/FDDIx9KhLAsg6zHqxdAb7TxzVk4.roa
File: FDDIx9KhLAsg6zHqxdAb7TxzVk4.roa (raw, json)
Hash identifier: wG0s0SWMxXHMZgZr1IdtwEydq3mvcNJrOezrPwllGqU=
Subject key identifier: 14:30:C8:C7:D2:A1:2C:0B:20:EB:31:EA:C5:D0:1B:ED:3C:73:56:4E
Certificate issuer: /CN=d94284b94325f5060f8a0e87c1be2827788f18f9
Certificate serial: 018CC4245217A3889E618552BFD358D8254D
Authority key identifier: D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/FDDIx9KhLAsg6zHqxdAb7TxzVk4.roa
Signing time: Mon 01 Jan 2024 08:29:23 +0000
ROA not before: Mon 01 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201193
IP address blocks: 45.143.84.0/24 maxlen: 24
45.143.84.0/22 maxlen: 24
45.143.85.0/24 maxlen: 24
45.143.87.0/24 maxlen: 24
45.143.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 19:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:52:17:a3:88:9e:61:85:52:bf:d3:58:d8:25:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94284b94325f5060f8a0e87c1be2827788f18f9
Validity
Not Before: Jan 1 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1430c8c7d2a12c0b20eb31eac5d01bed3c73564e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:95:23:8f:93:7f:67:74:32:29:08:6b:18:2e:
2c:5c:fd:c7:2d:65:3d:03:e4:69:e8:03:52:62:54:
05:40:57:ae:26:46:5b:bf:76:f7:47:4d:5f:16:63:
3c:5c:73:ed:d0:9d:8c:4f:73:04:47:70:ee:9f:cb:
cb:dc:9e:12:c2:33:e5:9e:3e:1b:fe:a1:16:01:03:
fd:80:9e:56:ba:fe:b0:9d:50:a0:63:7d:37:1f:42:
09:1e:86:83:ba:52:61:31:d9:b0:e6:28:cd:7b:f1:
5e:2b:25:f3:09:b7:08:41:ab:04:e6:5f:49:84:b3:
94:ba:d7:86:94:b4:26:63:82:39:32:5e:81:fe:5f:
ab:b5:dd:c7:43:0c:02:8d:00:bf:7d:52:4a:a7:9b:
1c:50:a3:aa:23:3c:a1:17:0b:d9:b5:14:ed:ab:57:
c7:f7:cb:28:bf:6a:2b:45:a6:59:e4:54:e9:33:79:
da:81:ea:55:30:98:54:58:6c:d7:1e:3d:34:7b:46:
63:a5:a7:26:5a:87:06:0f:56:f3:07:6a:2e:b1:7e:
1d:9e:e8:a7:14:b7:38:2a:55:fb:51:59:d4:89:16:
ae:b2:1d:70:57:db:f4:80:54:5d:7c:66:bf:ab:1d:
21:6f:3d:99:d7:36:10:fd:5b:db:2b:57:90:e0:d7:
74:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:30:C8:C7:D2:A1:2C:0B:20:EB:31:EA:C5:D0:1B:ED:3C:73:56:4E
X509v3 Authority Key Identifier:
keyid:D9:42:84:B9:43:25:F5:06:0F:8A:0E:87:C1:BE:28:27:78:8F:18:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/FDDIx9KhLAsg6zHqxdAb7TxzVk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/a24095-0908-4884-9244-95d59465e9a8/1/2UKEuUMl9QYPig6Hwb4oJ3iPGPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.84.0/22
Signature Algorithm: sha256WithRSAEncryption
47:04:4b:1b:36:fe:20:c9:3b:26:c9:b5:81:77:be:38:19:6e:
1e:b1:ee:0b:17:39:ca:46:c7:4c:da:50:9a:fa:5a:54:64:76:
3c:b4:cd:e6:5f:34:97:a7:67:c2:6e:39:9c:97:7c:29:de:0c:
ea:2b:9f:01:14:0e:49:50:96:10:1a:a6:f5:cc:a9:7d:c7:e5:
ca:49:4e:7d:b6:14:f4:6e:91:2c:ba:5c:86:9b:cd:50:2a:7a:
84:c1:53:8f:e6:a7:95:94:dd:e4:b7:67:84:b8:4c:89:e9:95:
ee:15:cf:56:1a:18:ed:f4:e3:3a:00:31:0a:c3:34:54:31:1b:
9e:84:a6:79:ff:87:71:b8:d3:99:c1:73:0e:0d:60:88:1b:7d:
fa:4c:9f:65:d9:d7:38:33:85:83:3b:b0:7e:a2:e4:5d:43:fa:
76:2f:9e:6c:7d:c5:6d:2d:76:ae:46:0c:5f:21:ca:b5:3d:95:
ef:4d:fb:4d:ce:44:32:97:69:5a:78:f9:40:19:df:e1:09:cf:
9e:b6:a2:df:26:64:0a:90:cc:6e:52:63:9b:6a:4e:86:68:ea:
96:ce:ce:88:be:e8:12:f6:bb:12:5d:68:2a:f9:62:6d:d8:e5:
c7:a8:01:79:d1:1c:a7:e6:b9:52:2b:11:a0:6e:6e:8f:60:96:
e9:40:48:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFIXo4ieYYVSv9NY2CVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NDI4NGI5NDMyNWY1MDYwZjhhMGU4N2MxYmUyODI3Nzg4
ZjE4ZjkwHhcNMjQwMTAxMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDMwYzhjN2QyYTEyYzBiMjBlYjMxZWFjNWQwMWJlZDNjNzM1NjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5Ujj5N/Z3QyKQhrGC4sXP3HLWU9
A+Rp6ANSYlQFQFeuJkZbv3b3R01fFmM8XHPt0J2MT3MER3Dun8vL3J4SwjPlnj4b
/qEWAQP9gJ5Wuv6wnVCgY303H0IJHoaDulJhMdmw5ijNe/FeKyXzCbcIQasE5l9J
hLOUuteGlLQmY4I5Ml6B/l+rtd3HQwwCjQC/fVJKp5scUKOqIzyhFwvZtRTtq1fH
98sov2orRaZZ5FTpM3nagepVMJhUWGzXHj00e0ZjpacmWocGD1bzB2ousX4dnuin
FLc4KlX7UVnUiRaush1wV9v0gFRdfGa/qx0hbz2Z1zYQ/VvbK1eQ4Nd00wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBQwyMfSoSwLIOsx6sXQG+08c1ZOMB8GA1UdIwQY
MBaAFNlChLlDJfUGD4oOh8G+KCd4jxj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQt
OTVkNTk0NjVlOWE4LzEvRkRESXg5S2hMQXNnNnpIcXhkQWI3VHh6Vms0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hMjQwOTUtMDkwOC00ODg0LTkyNDQtOTVkNTk0NjVlOWE4
LzEvMlVLRXVVTWw5UVlQaWc2SHdiNG9KM2lQR1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY9UMA0G
CSqGSIb3DQEBCwUAA4IBAQBHBEsbNv4gyTsmybWBd744GW4ese4LFznKRsdM2lCa
+lpUZHY8tM3mXzSXp2fCbjmcl3wp3gzqK58BFA5JUJYQGqb1zKl9x+XKSU59thT0
bpEsulyGm81QKnqEwVOP5qeVlN3kt2eEuEyJ6ZXuFc9WGhjt9OM6ADEKwzRUMRue
hKZ5/4dxuNOZwXMODWCIG336TJ9l2dc4M4WDO7B+ouRdQ/p2L55sfcVtLXauRgxf
Icq1PZXvTftNzkQyl2laePlAGd/hCc+etqLfJmQKkMxuUmObak6GaOqWzs6IvugS
9rsSXWgq+WJt2OXHqAF50Ryn5rlSKxGgbm6PYJbpQEjv
-----END CERTIFICATE-----
Generated at Sat May 18 22:31:42 2024 by rpki-client on console-fra.rpki-client.org