Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/2zu1wJ8wfnve2lCsbhddhlT076I.roa
File: 2zu1wJ8wfnve2lCsbhddhlT076I.roa (raw, json)
Hash identifier: BqvHOGZH8/w3gGFl8qZuFtcL2aDShJCRzn7dsd8nZlg=
Subject key identifier: DB:3B:B5:C0:9F:30:7E:7B:DE:DA:50:AC:6E:17:5D:86:54:F4:EF:A2
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0190B539AD5EA3FB83B173FB593BEC1CE567
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/2zu1wJ8wfnve2lCsbhddhlT076I.roa
Signing time: Mon 15 Jul 2024 07:09:34 +0000
ROA not before: Mon 15 Jul 2024 07:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13886
IP address blocks: 45.43.165.0/24 maxlen: 24
45.150.32.0/22 maxlen: 22
64.137.51.0/24 maxlen: 24
204.52.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b5:39:ad:5e:a3:fb:83:b1:73:fb:59:3b:ec:1c:e5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jul 15 07:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db3bb5c09f307e7bdeda50ac6e175d8654f4efa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:21:e6:7d:38:7c:33:bf:d4:9d:17:2b:84:19:
25:cf:c4:5e:c3:01:b3:7e:50:f6:b9:26:11:f3:c5:
6f:f8:e3:07:d6:77:ba:b7:38:38:32:90:a6:e6:a5:
cb:ed:5f:fa:39:70:4d:89:e7:24:fb:1a:9e:80:9e:
c7:18:6e:7c:08:55:d9:29:cc:7d:3d:4a:43:b5:00:
2a:eb:6f:6f:ce:a3:7d:61:4d:ea:a8:24:19:89:6d:
90:b2:e2:80:93:84:35:b7:98:bb:15:ee:fa:90:5c:
8d:02:1c:69:1a:1e:5d:6e:4c:2b:c5:ee:0b:08:f2:
25:36:1a:3b:ca:c7:bb:9b:a7:be:76:a6:af:65:d4:
a4:95:d1:7c:88:60:52:ff:27:8c:3a:f0:a8:de:d7:
99:67:95:15:8f:3b:37:fc:92:da:7e:f3:35:35:0e:
63:66:70:99:44:ce:55:d0:9c:5f:8e:24:41:4f:20:
70:fc:07:25:3d:62:49:76:b9:66:80:41:a2:25:e8:
c2:0a:84:4e:f1:ce:83:98:1f:50:56:ae:f1:92:d7:
52:d4:c6:be:c1:b0:80:42:0c:38:3d:7b:0d:99:d7:
3d:5f:7c:5a:c3:ab:7e:1e:c1:fd:ad:81:bf:3e:c2:
02:a1:04:b9:7e:9d:c4:0b:c8:f8:4a:6b:fe:03:e3:
a9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3B:B5:C0:9F:30:7E:7B:DE:DA:50:AC:6E:17:5D:86:54:F4:EF:A2
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/2zu1wJ8wfnve2lCsbhddhlT076I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
45.150.32.0/22
64.137.51.0/24
204.52.112.0/24
Signature Algorithm: sha256WithRSAEncryption
95:a2:76:a1:4b:eb:4d:5f:f4:ab:b6:40:a2:70:9d:6b:aa:a6:
f8:20:17:22:58:66:5e:93:94:4f:35:25:f2:a8:63:a5:55:1e:
5e:90:d8:22:9b:c5:2e:ca:1e:59:e9:62:4f:06:18:59:c9:1b:
09:37:e2:72:89:82:61:78:89:0a:84:10:67:e3:57:12:2c:06:
13:70:e0:4f:1e:f9:13:bf:51:98:11:9c:7f:9b:d3:2b:87:24:
b2:2b:2e:2c:aa:7c:87:be:37:05:fd:c0:dd:67:10:45:b0:49:
98:a3:72:45:ba:e2:3e:d9:d6:30:dc:68:f1:d9:14:89:8a:f1:
56:62:38:4b:36:1a:9a:96:9f:7a:11:16:5a:dc:9f:20:2c:65:
ca:8b:73:10:42:40:ea:60:98:cd:b0:63:4b:26:57:80:1b:20:
36:1a:d3:3d:90:0d:8d:05:18:5c:af:f5:a7:69:8a:61:35:a8:
ab:6d:3d:2a:b4:53:65:43:38:42:ed:26:4d:24:dd:90:34:f0:
75:aa:2a:e5:b9:1e:c6:1c:d3:99:cc:22:d5:48:42:42:1b:20:
04:c8:cc:40:8e:2f:63:95:7f:7d:26:8f:44:db:ff:1a:3c:07:
81:b4:e6:2e:d5:41:38:fa:f0:34:6d:46:8d:41:23:ca:d8:05:
81:45:70:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZC1Oa1eo/uDsXP7WTvsHOVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNzE1MDcwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNiYjVjMDlmMzA3ZTdiZGVkYTUwYWM2ZTE3NWQ4NjU0ZjRlZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSHmfTh8M7/UnRcrhBklz8RewwGz
flD2uSYR88Vv+OMH1ne6tzg4MpCm5qXL7V/6OXBNieck+xqegJ7HGG58CFXZKcx9
PUpDtQAq629vzqN9YU3qqCQZiW2QsuKAk4Q1t5i7Fe76kFyNAhxpGh5dbkwrxe4L
CPIlNho7yse7m6e+dqavZdSkldF8iGBS/yeMOvCo3teZZ5UVjzs3/JLafvM1NQ5j
ZnCZRM5V0JxfjiRBTyBw/AclPWJJdrlmgEGiJejCCoRO8c6DmB9QVq7xktdS1Ma+
wbCAQgw4PXsNmdc9X3xaw6t+HsH9rYG/PsICoQS5fp3EC8j4Smv+A+OpMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNs7tcCfMH573tpQrG4XXYZU9O+iMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvMnp1MXdKOHdmbnZlMmxDc2JoZGRobFQwNzZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALSulAwQC
LZYgAwQAQIkzAwQAzDRwMA0GCSqGSIb3DQEBCwUAA4IBAQCVonahS+tNX/SrtkCi
cJ1rqqb4IBciWGZek5RPNSXyqGOlVR5ekNgim8Uuyh5Z6WJPBhhZyRsJN+JyiYJh
eIkKhBBn41cSLAYTcOBPHvkTv1GYEZx/m9MrhySyKy4sqnyHvjcF/cDdZxBFsEmY
o3JFuuI+2dYw3Gjx2RSJivFWYjhLNhqalp96ERZa3J8gLGXKi3MQQkDqYJjNsGNL
JleAGyA2GtM9kA2NBRhcr/WnaYphNairbT0qtFNlQzhC7SZNJN2QNPB1qirluR7G
HNOZzCLVSEJCGyAEyMxAji9jlX99Jo9E2/8aPAeBtOYu1UE4+vA0bUaNQSPK2AWB
RXBw
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:13:40 2024 by rpki-client on console-fra.rpki-client.org