Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/VxuwoKjGQsXdiSThaQ16yd9avxc.roa
File: VxuwoKjGQsXdiSThaQ16yd9avxc.roa (raw, json)
Hash identifier: uPvpPxjZ0wlSzSMGN8+26RAVQ+e7H7rKbAuyvH60uUk=
Subject key identifier: 57:1B:B0:A0:A8:C6:42:C5:DD:89:24:E1:69:0D:7A:C9:DF:5A:BF:17
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E85C7274720657AF94788BD20CA2411CA
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/VxuwoKjGQsXdiSThaQ16yd9avxc.roa
Signing time: Thu 28 Mar 2024 15:56:45 +0000
ROA not before: Thu 28 Mar 2024 15:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 45.91.236.0/24 maxlen: 24
45.91.237.0/24 maxlen: 24
45.91.238.0/24 maxlen: 24
212.107.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:c7:27:47:20:65:7a:f9:47:88:bd:20:ca:24:11:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 15:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=571bb0a0a8c642c5dd8924e1690d7ac9df5abf17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cc:5d:63:09:98:3f:4b:81:b1:a8:5b:3b:a5:
0d:26:df:cf:e6:61:1e:20:57:24:12:19:40:8e:b5:
63:25:c5:25:18:e0:a8:b5:0a:87:db:ce:37:c7:89:
65:e2:5f:87:df:ae:ef:78:c5:e2:7b:0c:71:b7:24:
8b:f2:f2:f3:f2:e4:bf:4d:84:01:fc:bb:6e:cb:23:
07:d6:e3:85:eb:48:70:19:fd:36:0c:73:ec:78:20:
8d:86:7d:79:6d:7d:d4:d9:45:50:ac:22:5b:61:f7:
d5:d3:02:c4:c2:05:5e:9a:1b:84:dd:13:22:40:b7:
53:84:26:57:86:4d:2b:af:6d:62:82:58:70:0a:c9:
c1:c0:61:4f:ab:09:d0:a9:f9:ab:4e:2b:77:4a:41:
19:d7:a3:59:a0:dd:d7:fe:d7:7c:ed:74:7a:f6:7c:
f0:99:17:f3:2b:3f:51:09:97:bd:c7:0f:23:1a:73:
00:d2:cc:94:84:97:b3:21:13:0d:5c:90:26:ab:41:
61:92:71:00:53:99:c4:20:9d:72:06:ea:8a:3d:8f:
a0:1c:14:34:5d:88:0d:8c:3e:26:d4:1c:2e:bb:a1:
18:44:8e:40:d9:1c:d8:65:a3:71:8a:15:38:60:74:
62:8f:bf:ee:2b:9e:af:0f:33:20:5b:13:bd:50:fa:
a8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:1B:B0:A0:A8:C6:42:C5:DD:89:24:E1:69:0D:7A:C9:DF:5A:BF:17
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/VxuwoKjGQsXdiSThaQ16yd9avxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.236.0-45.91.238.255
212.107.27.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:36:7e:c8:f6:ce:47:8a:e4:18:ad:6b:99:19:92:bf:dd:75:
d1:44:51:b4:44:c6:59:fb:52:fa:f9:57:ff:4e:38:26:0c:b4:
9e:59:28:fd:9a:37:71:cc:45:4a:23:f5:df:48:f8:75:d2:63:
f0:3d:c0:32:8c:7c:29:70:19:30:22:08:b8:f0:49:00:70:42:
0e:35:a9:3d:4e:85:79:17:2a:c6:f2:e3:71:68:8b:a6:22:d5:
d5:e2:f2:e5:7f:78:5c:c7:ba:a4:cc:62:a1:f7:62:b9:90:6d:
fa:9c:fb:a6:1c:6d:35:34:de:d5:24:59:b9:3b:93:72:b2:f2:
98:6c:70:88:a7:94:6b:be:8c:fe:91:f6:38:65:0d:43:3d:e1:
72:1e:fc:86:8d:60:6d:1d:96:da:50:58:8b:91:a2:a1:36:54:
43:1c:a2:5d:ef:c1:35:3d:57:91:66:42:5d:0c:37:30:13:6c:
7e:17:85:9a:6a:eb:62:37:2e:07:79:26:96:97:61:b4:2e:cc:
86:f3:04:58:a3:69:52:31:dd:08:fb:53:1c:b4:38:10:e6:f3:
d1:33:08:1c:9c:5d:d3:7f:dd:ae:4c:4b:4b:f5:24:b6:66:fd:
b0:63:ca:2a:bb:8a:5b:57:61:8a:2c:e6:0e:4f:e1:74:bc:12:
14:08:12:d2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY6FxydHIGV6+UeIvSDKJBHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTU1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzFiYjBhMGE4YzY0MmM1ZGQ4OTI0ZTE2OTBkN2FjOWRmNWFiZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcxdYwmYP0uBsahbO6UNJt/P5mEe
IFckEhlAjrVjJcUlGOCotQqH2843x4ll4l+H367veMXiewxxtySL8vLz8uS/TYQB
/LtuyyMH1uOF60hwGf02DHPseCCNhn15bX3U2UVQrCJbYffV0wLEwgVemhuE3RMi
QLdThCZXhk0rr21iglhwCsnBwGFPqwnQqfmrTit3SkEZ16NZoN3X/td87XR69nzw
mRfzKz9RCZe9xw8jGnMA0syUhJezIRMNXJAmq0FhknEAU5nEIJ1yBuqKPY+gHBQ0
XYgNjD4m1Bwuu6EYRI5A2RzYZaNxihU4YHRij7/uK56vDzMgWxO9UPqoWwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFcbsKCoxkLF3Ykk4WkNesnfWr8XMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvVnh1d29LakdRc1hkaVNUaGFRMTZ5ZDlhdnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAItW+wD
BAAtW+4DBADUaxswDQYJKoZIhvcNAQELBQADggEBAI82fsj2zkeK5Bita5kZkr/d
ddFEUbRExln7Uvr5V/9OOCYMtJ5ZKP2aN3HMRUoj9d9I+HXSY/A9wDKMfClwGTAi
CLjwSQBwQg41qT1OhXkXKsby43Foi6Yi1dXi8uV/eFzHuqTMYqH3YrmQbfqc+6Yc
bTU03tUkWbk7k3Ky8phscIinlGu+jP6R9jhlDUM94XIe/IaNYG0dltpQWIuRoqE2
VEMcol3vwTU9V5FmQl0MNzATbH4XhZpq62I3Lgd5JpaXYbQuzIbzBFijaVIx3Qj7
Uxy0OBDm89EzCBycXdN/3a5MS0v1JLZm/bBjyiq7iltXYYos5g5P4XS8EhQIEtI=
-----END CERTIFICATE-----
Generated at Sun May 19 21:14:34 2024 by rpki-client on console-ams.rpki-client.org