Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Mcr2grpdZ6ceJcF7dJAFb5qY09c.roa
File: Mcr2grpdZ6ceJcF7dJAFb5qY09c.roa (raw, json)
Hash identifier: qz8niuYFBYG7dAq3MamzEb9NmZfRLOCRyXOmOfohvVI=
Subject key identifier: 31:CA:F6:82:BA:5D:67:A7:1E:25:C1:7B:74:90:05:6F:9A:98:D3:D7
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018CC5003319945877ED1E8CECD49A444B65
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Mcr2grpdZ6ceJcF7dJAFb5qY09c.roa
Signing time: Mon 01 Jan 2024 12:29:33 +0000
ROA not before: Mon 01 Jan 2024 12:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 45.83.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:33:19:94:58:77:ed:1e:8c:ec:d4:9a:44:4b:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jan 1 12:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31caf682ba5d67a71e25c17b7490056f9a98d3d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dd:e2:44:0e:02:6b:4a:d6:97:64:75:53:7e:
18:99:28:a3:04:af:52:e9:9a:9a:e4:92:fa:77:ea:
0c:30:80:04:95:c1:bc:e0:f1:52:a8:2f:8f:1e:fa:
3b:50:da:be:fd:f1:48:24:a1:a4:17:c2:2a:78:37:
59:d5:51:ad:dc:31:65:7b:db:78:f4:82:0c:27:f3:
4e:a7:26:4a:7e:be:a0:cd:8c:17:7f:a6:72:60:5b:
27:20:73:d7:dd:ff:e6:cd:4f:4b:b2:94:f8:02:e2:
33:f3:00:d1:82:34:89:ed:f3:5b:a8:8d:79:3b:9a:
15:76:a6:a9:7c:7a:8a:36:a6:e3:f5:ad:f7:92:eb:
32:06:3c:4e:be:09:61:3b:a8:e0:29:78:57:0e:7d:
f9:c6:9a:79:44:02:b2:50:90:1e:d0:1d:a1:43:4b:
a6:fd:75:3e:8a:79:13:d3:32:5e:e6:dc:5c:d3:56:
64:c5:03:2b:67:48:e8:27:82:ea:a0:c9:df:58:2e:
2c:fd:8a:26:3d:1e:ff:66:67:a1:b8:58:08:06:60:
a5:3d:66:d9:f7:b5:b4:f4:a4:8f:11:2a:e9:b6:f1:
50:ba:cc:0d:13:50:81:46:22:b5:0d:a9:d1:95:a8:
45:fd:8c:8a:82:e0:ef:e7:f4:18:ac:66:dc:a2:4a:
56:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CA:F6:82:BA:5D:67:A7:1E:25:C1:7B:74:90:05:6F:9A:98:D3:D7
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Mcr2grpdZ6ceJcF7dJAFb5qY09c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.238.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:56:56:17:9b:16:5a:36:9f:d4:d0:5e:9c:3b:cb:76:4a:9d:
db:e7:b7:e5:06:26:8d:f2:5d:82:39:e8:fa:2a:bd:ca:22:84:
df:71:22:34:f4:99:a6:cd:d8:a6:be:a7:01:02:b9:39:85:36:
c6:b7:94:d3:5d:6a:e5:a8:0d:29:af:12:4e:54:5c:f2:82:f6:
0d:22:d0:18:eb:27:bd:9f:ca:b8:4f:dd:d6:27:e2:dc:cf:0f:
d4:bd:3f:56:87:dd:cb:c1:88:b4:88:6c:bc:95:1e:bc:86:0d:
e6:0b:c7:4f:42:4f:08:77:6d:be:4e:c6:ee:8b:f4:c0:7c:a6:
12:08:bd:d8:c9:84:ab:0d:8b:d5:4e:54:3c:a6:f5:6a:22:85:
e6:5f:63:8f:ad:57:4d:c9:7a:31:5a:d4:a8:f5:a0:4b:52:a7:
a8:08:94:40:dc:10:57:f9:a3:a1:d2:13:9e:80:76:85:ab:1a:
7d:fd:d4:e4:5c:5d:55:02:cc:25:90:fe:07:69:09:b0:b2:84:
b5:ee:ac:ec:4e:e9:35:58:b7:09:34:79:a4:78:3c:f5:ee:60:
88:cb:31:4a:61:33:15:cf:dc:6a:4f:13:c9:c9:19:f3:28:4b:
1d:be:fc:26:f5:6b:97:7b:70:74:01:62:cc:b2:b1:dd:95:e1:
26:de:16:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFADMZlFh37R6M7NSaREtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjQwMTAxMTIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNhZjY4MmJhNWQ2N2E3MWUyNWMxN2I3NDkwMDU2ZjlhOThkM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt3iRA4Ca0rWl2R1U34YmSijBK9S
6Zqa5JL6d+oMMIAElcG84PFSqC+PHvo7UNq+/fFIJKGkF8IqeDdZ1VGt3DFle9t4
9IIMJ/NOpyZKfr6gzYwXf6ZyYFsnIHPX3f/mzU9LspT4AuIz8wDRgjSJ7fNbqI15
O5oVdqapfHqKNqbj9a33kusyBjxOvglhO6jgKXhXDn35xpp5RAKyUJAe0B2hQ0um
/XU+inkT0zJe5txc01ZkxQMrZ0joJ4LqoMnfWC4s/YomPR7/ZmehuFgIBmClPWbZ
97W09KSPESrptvFQuswNE1CBRiK1DanRlahF/YyKguDv5/QYrGbcokpWIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHK9oK6XWenHiXBe3SQBW+amNPXMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvTWNyMmdycGRaNmNlSmNGN2RKQUZiNXFZMDljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVPuMA0G
CSqGSIb3DQEBCwUAA4IBAQCyVlYXmxZaNp/U0F6cO8t2Sp3b57flBiaN8l2COej6
Kr3KIoTfcSI09JmmzdimvqcBArk5hTbGt5TTXWrlqA0prxJOVFzygvYNItAY6ye9
n8q4T93WJ+Lczw/UvT9Wh93LwYi0iGy8lR68hg3mC8dPQk8Id22+Tsbui/TAfKYS
CL3YyYSrDYvVTlQ8pvVqIoXmX2OPrVdNyXoxWtSo9aBLUqeoCJRA3BBX+aOh0hOe
gHaFqxp9/dTkXF1VAswlkP4HaQmwsoS17qzsTuk1WLcJNHmkeDz17mCIyzFKYTMV
z9xqTxPJyRnzKEsdvvwm9WuXe3B0AWLMsrHdleEm3hZA
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:34:41 2024 by rpki-client on console-fra.rpki-client.org