Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/cb8265-c632-4813-b858-def386743f32/1/lw8AeLZ5-Q0ycFuYVi_9RJ7CmGU.roa
File: lw8AeLZ5-Q0ycFuYVi_9RJ7CmGU.roa (raw, json)
Hash identifier: lp3i9z+Eu6m1KjC3XAzQibkU6uCPUQ1cDzlCShPa4OE=
Subject key identifier: 97:0F:00:78:B6:79:F9:0D:32:70:5B:98:56:2F:FD:44:9E:C2:98:65
Certificate issuer: /CN=4e78b6d00614f5565d9d8af8247cc72ea9b8833d
Certificate serial: 018EA88B7C4D093EBCE8B0F5947424BFF920
Authority key identifier: 4E:78:B6:D0:06:14:F5:56:5D:9D:8A:F8:24:7C:C7:2E:A9:B8:83:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tni20AYU9VZdnYr4JHzHLqm4gz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/cb8265-c632-4813-b858-def386743f32/1/lw8AeLZ5-Q0ycFuYVi_9RJ7CmGU.roa
Signing time: Thu 04 Apr 2024 09:58:17 +0000
ROA not before: Thu 04 Apr 2024 09:58:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203976
IP address blocks: 45.88.36.0/24 maxlen: 24
45.88.37.0/24 maxlen: 24
45.88.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/cb8265-c632-4813-b858-def386743f32/1/Tni20AYU9VZdnYr4JHzHLqm4gz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/cb8265-c632-4813-b858-def386743f32/1/Tni20AYU9VZdnYr4JHzHLqm4gz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tni20AYU9VZdnYr4JHzHLqm4gz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:8b:7c:4d:09:3e:bc:e8:b0:f5:94:74:24:bf:f9:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e78b6d00614f5565d9d8af8247cc72ea9b8833d
Validity
Not Before: Apr 4 09:58:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=970f0078b679f90d32705b98562ffd449ec29865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6b:71:61:5a:be:cf:8b:c1:7b:0e:5a:0d:40:
d5:a8:be:df:3c:c5:f6:3c:ae:b1:ea:09:2d:6c:cd:
8d:ba:09:58:36:f2:6d:30:91:3d:05:70:34:6b:c1:
a9:03:87:04:b1:8e:ca:5d:91:cb:63:e2:84:6c:0c:
b4:4c:41:2c:7e:27:06:1c:eb:0b:b2:7e:32:ba:4a:
76:35:91:6f:7a:61:1e:0e:32:2d:50:a1:25:3e:d4:
8c:62:c6:c1:c0:d9:0c:e8:33:b1:4f:d7:96:ba:90:
7f:4b:10:d2:09:9f:05:9d:89:ce:aa:52:1f:52:8f:
4b:c4:b8:7f:1d:85:94:8f:11:0f:98:69:e7:bf:20:
d3:69:60:7e:b5:ac:f5:a6:24:82:48:c8:f2:18:69:
0b:71:6a:da:73:92:ae:38:e7:be:c9:ea:3a:8f:14:
ba:5d:7b:00:f7:39:3c:e0:f2:89:da:77:38:86:35:
84:b0:d2:55:ca:fb:2e:19:6e:02:89:07:4e:0c:b8:
66:ed:87:9e:67:60:0d:cd:4b:7f:55:87:a1:2c:61:
3a:f3:9a:aa:9a:5a:77:0b:62:b5:bb:aa:ef:2a:ad:
fa:90:56:8c:98:9c:c2:be:b1:ec:b4:b0:80:23:a0:
5a:45:71:01:14:e1:65:ce:3d:dc:7e:c6:af:01:4d:
bf:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:0F:00:78:B6:79:F9:0D:32:70:5B:98:56:2F:FD:44:9E:C2:98:65
X509v3 Authority Key Identifier:
keyid:4E:78:B6:D0:06:14:F5:56:5D:9D:8A:F8:24:7C:C7:2E:A9:B8:83:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tni20AYU9VZdnYr4JHzHLqm4gz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/cb8265-c632-4813-b858-def386743f32/1/lw8AeLZ5-Q0ycFuYVi_9RJ7CmGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/cb8265-c632-4813-b858-def386743f32/1/Tni20AYU9VZdnYr4JHzHLqm4gz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.36.0-45.88.38.255
Signature Algorithm: sha256WithRSAEncryption
4a:7f:7c:09:eb:6c:74:6f:46:e6:92:73:64:f1:b8:75:da:b0:
64:52:8b:d5:96:06:f7:d1:0c:c1:1a:26:40:29:73:5f:a2:86:
a7:2a:a9:e7:d9:04:88:29:f5:57:6b:bd:3f:69:89:94:68:c5:
18:ec:48:4e:25:f1:e5:67:ee:29:e1:a6:12:8e:b5:72:a3:59:
ae:2f:64:d8:ab:b4:22:87:de:51:bb:5e:c7:b5:8e:cb:ac:0d:
d4:a8:1a:e3:d0:5b:50:70:51:b2:12:63:ec:6b:b9:5a:8e:8c:
67:f5:17:8c:61:45:07:e9:a6:9d:29:df:9e:f2:5d:50:f1:16:
2d:2b:c6:9c:05:be:58:3a:0d:c9:f3:05:50:ac:47:60:4f:17:
98:aa:53:a4:85:e6:7c:f5:95:90:2e:53:f9:d9:1c:58:0b:1d:
87:16:82:68:bd:25:5c:44:4b:53:d9:57:2d:bf:eb:84:b2:02:
08:d9:60:7e:e4:10:9b:29:b2:61:35:b3:64:1b:1b:77:af:3f:
dd:88:7e:bd:d5:f6:b0:d8:9a:a0:1d:40:24:24:a0:20:1f:c9:
d6:67:98:9b:b1:ee:30:66:27:38:d6:ac:af:24:eb:05:5d:2f:
4d:20:12:e0:87:78:3e:0e:a0:1b:93:60:30:19:82:1a:81:ca:
80:3c:cd:f9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6oi3xNCT686LD1lHQkv/kgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNzhiNmQwMDYxNGY1NTY1ZDlkOGFmODI0N2NjNzJlYTli
ODgzM2QwHhcNMjQwNDA0MDk1ODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzBmMDA3OGI2NzlmOTBkMzI3MDViOTg1NjJmZmQ0NDllYzI5ODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02txYVq+z4vBew5aDUDVqL7fPMX2
PK6x6gktbM2NuglYNvJtMJE9BXA0a8GpA4cEsY7KXZHLY+KEbAy0TEEsficGHOsL
sn4yukp2NZFvemEeDjItUKElPtSMYsbBwNkM6DOxT9eWupB/SxDSCZ8FnYnOqlIf
Uo9LxLh/HYWUjxEPmGnnvyDTaWB+taz1piSCSMjyGGkLcWrac5KuOOe+yeo6jxS6
XXsA9zk84PKJ2nc4hjWEsNJVyvsuGW4CiQdODLhm7YeeZ2ANzUt/VYehLGE685qq
mlp3C2K1u6rvKq36kFaMmJzCvrHstLCAI6BaRXEBFOFlzj3cfsavAU2/kwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJcPAHi2efkNMnBbmFYv/USewphlMB8GA1UdIwQY
MBaAFE54ttAGFPVWXZ2K+CR8xy6puIM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG5pMjBBWVU5VlpkbllyNEpIekhMcW00Z3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jYjgyNjUtYzYzMi00ODEzLWI4NTgt
ZGVmMzg2NzQzZjMyLzEvbHc4QWVMWjUtUTB5Y0Z1WVZpXzlSSjdDbUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9jYjgyNjUtYzYzMi00ODEzLWI4NTgtZGVmMzg2NzQzZjMy
LzEvVG5pMjBBWVU5VlpkbllyNEpIekhMcW00Z3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItWCQD
BAAtWCYwDQYJKoZIhvcNAQELBQADggEBAEp/fAnrbHRvRuaSc2TxuHXasGRSi9WW
BvfRDMEaJkApc1+ihqcqqefZBIgp9VdrvT9piZRoxRjsSE4l8eVn7inhphKOtXKj
Wa4vZNirtCKH3lG7Xse1jsusDdSoGuPQW1BwUbISY+xruVqOjGf1F4xhRQfppp0p
357yXVDxFi0rxpwFvlg6DcnzBVCsR2BPF5iqU6SF5nz1lZAuU/nZHFgLHYcWgmi9
JVxES1PZVy2/64SyAgjZYH7kEJspsmE1s2QbG3evP92Ifr3V9rDYmqAdQCQkoCAf
ydZnmJux7jBmJzjWrK8k6wVdL00gEuCHeD4OoBuTYDAZghqByoA8zfk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:49:45 2024 by rpki-client on console-ams.rpki-client.org