Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/TYQeQD1ysn5li6VJeZeQK_3erL0.roa
File: TYQeQD1ysn5li6VJeZeQK_3erL0.roa (raw, json)
Hash identifier: dzi+R7+ToyVVvJOw2iGEvYCWff6UR0ILPu26gb5MVQE=
Subject key identifier: 4D:84:1E:40:3D:72:B2:7E:65:8B:A5:49:79:97:90:2B:FD:DE:AC:BD
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018F5D86592DDD0A88C0F18FC9DA637A97AF
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/TYQeQD1ysn5li6VJeZeQK_3erL0.roa
Signing time: Thu 09 May 2024 13:23:56 +0000
ROA not before: Thu 09 May 2024 13:23:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.43.140.0/24 maxlen: 24
45.43.141.0/24 maxlen: 24
104.239.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5d:86:59:2d:dd:0a:88:c0:f1:8f:c9:da:63:7a:97:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 9 13:23:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d841e403d72b27e658ba5497997902bfddeacbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:81:e0:76:d3:f4:44:ba:b4:ce:66:b7:5a:73:
b0:00:a5:ff:6b:7e:9c:38:19:d3:d1:1a:db:9c:c1:
d5:04:e5:96:7e:2b:4b:c7:2e:40:fb:1f:ba:ef:7b:
c2:32:78:9d:f9:cb:46:f3:57:e1:ab:3d:f5:32:5f:
43:4e:36:21:82:92:10:73:77:7e:db:ff:75:e5:fb:
0d:fb:07:90:00:e8:80:d2:3e:87:ab:1f:0b:34:7d:
b6:39:50:3e:76:d1:a8:dc:95:45:65:cb:54:dd:57:
4b:1d:e0:a6:68:2a:11:82:df:ff:8d:84:53:0f:6b:
c9:52:64:22:f0:1b:70:9d:53:1d:c1:40:51:dd:15:
f0:a6:2a:32:e7:10:a2:4c:1f:fb:c5:c0:26:3f:46:
ad:43:e2:44:32:95:56:60:15:e9:bc:bc:0e:7e:28:
75:b8:92:32:02:cc:96:99:a5:05:2e:ad:1a:1c:9e:
1e:06:c4:86:9c:a2:ff:4f:61:d3:7f:87:34:87:2e:
26:1e:5f:9a:0b:b1:fd:47:0c:ed:c9:71:ad:16:49:
3d:70:fc:35:48:74:89:88:69:04:ef:ad:2f:54:63:
4b:2e:c3:c9:b9:ca:68:e6:0e:3e:d9:a0:96:d8:6c:
11:d7:80:32:8f:00:98:e5:f6:cb:ee:68:4e:5b:25:
ca:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:84:1E:40:3D:72:B2:7E:65:8B:A5:49:79:97:90:2B:FD:DE:AC:BD
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/TYQeQD1ysn5li6VJeZeQK_3erL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.140.0/23
104.239.67.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:b2:2b:86:1e:4a:02:b8:cc:cb:e2:ce:85:0b:68:84:dc:2d:
c7:91:4a:e5:56:f9:9e:4d:aa:1d:6c:c2:59:88:1e:53:b8:d2:
f5:dd:3f:20:64:ee:ec:e5:fe:d9:94:99:3b:ed:34:ea:12:e1:
aa:69:8e:06:d3:72:5b:e7:37:01:0e:80:b8:5b:f8:8c:9f:5d:
31:b3:24:d9:02:ae:10:e0:c0:85:e6:fd:3d:bb:29:f8:81:15:
24:18:42:e6:38:ae:2c:77:28:af:eb:a3:73:35:29:1b:b6:6a:
b6:9f:96:4a:d7:11:19:72:35:01:35:01:92:80:5f:dd:bb:ae:
59:cb:8f:f1:2a:7e:64:61:d3:a8:a3:fb:2f:f5:9f:8e:a3:0d:
e0:4d:08:02:83:97:3d:3b:4d:22:00:13:0b:ac:f8:18:f8:f0:
3e:53:d7:08:29:16:16:2a:ae:f4:1f:4e:0f:7d:ed:02:58:12:
3c:97:37:a1:83:00:e9:71:d5:ff:0e:ae:41:46:3f:16:a5:07:
df:e9:3c:57:ee:a9:f7:5b:44:63:8d:a1:fe:a6:e8:44:5e:7a:
ef:a6:ce:fb:09:ee:3d:b8:fe:50:89:54:bc:61:7f:c6:5b:30:
8d:9f:01:18:48:4f:f3:c1:31:2c:93:9e:71:cf:e0:77:1c:29:
35:b5:86:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9dhlkt3QqIwPGPydpjepevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNTA5MTMyMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDg0MWU0MDNkNzJiMjdlNjU4YmE1NDk3OTk3OTAyYmZkZGVhY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYHgdtP0RLq0zma3WnOwAKX/a36c
OBnT0RrbnMHVBOWWfitLxy5A+x+673vCMnid+ctG81fhqz31Ml9DTjYhgpIQc3d+
2/915fsN+weQAOiA0j6Hqx8LNH22OVA+dtGo3JVFZctU3VdLHeCmaCoRgt//jYRT
D2vJUmQi8BtwnVMdwUBR3RXwpioy5xCiTB/7xcAmP0atQ+JEMpVWYBXpvLwOfih1
uJIyAsyWmaUFLq0aHJ4eBsSGnKL/T2HTf4c0hy4mHl+aC7H9RwztyXGtFkk9cPw1
SHSJiGkE760vVGNLLsPJucpo5g4+2aCW2GwR14AyjwCY5fbL7mhOWyXKDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE2EHkA9crJ+ZYulSXmXkCv93qy9MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvVFlRZVFEMXlzbjVsaTZWSmVaZVFLXzNlckwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLSuMAwQA
aO9DMA0GCSqGSIb3DQEBCwUAA4IBAQB8siuGHkoCuMzL4s6FC2iE3C3HkUrlVvme
TaodbMJZiB5TuNL13T8gZO7s5f7ZlJk77TTqEuGqaY4G03Jb5zcBDoC4W/iMn10x
syTZAq4Q4MCF5v09uyn4gRUkGELmOK4sdyiv66NzNSkbtmq2n5ZK1xEZcjUBNQGS
gF/du65Zy4/xKn5kYdOoo/sv9Z+Oow3gTQgCg5c9O00iABMLrPgY+PA+U9cIKRYW
Kq70H04Pfe0CWBI8lzehgwDpcdX/Dq5BRj8WpQff6TxX7qn3W0RjjaH+puhEXnrv
ps77Ce49uP5QiVS8YX/GWzCNnwEYSE/zwTEsk55xz+B3HCk1tYZV
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:33:36 2024 by rpki-client on console-fra.rpki-client.org