Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/lrSlZrN2rrqrPjIdB5QVBD44fa8.roa
File: lrSlZrN2rrqrPjIdB5QVBD44fa8.roa (raw, json)
Hash identifier: EknMZ7YDaaFWvON2lk27/q2Wpb9Ut5cnAomwx/V1NKk=
Subject key identifier: 96:B4:A5:66:B3:76:AE:BA:AB:3E:32:1D:07:94:15:04:3E:38:7D:AF
Certificate issuer: /CN=a66246b806e89aba40e7e58888f3576513a3934a
Certificate serial: 018CC348F3E9D5D6B9118F009AFC2508CAE0
Authority key identifier: A6:62:46:B8:06:E8:9A:BA:40:E7:E5:88:88:F3:57:65:13:A3:93:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pmJGuAbomrpA5-WIiPNXZROjk0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/lrSlZrN2rrqrPjIdB5QVBD44fa8.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208821
IP address blocks: 45.83.33.0/24 maxlen: 24
45.83.35.0/24 maxlen: 24
45.83.32.0/24 maxlen: 24
45.83.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/pmJGuAbomrpA5-WIiPNXZROjk0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/pmJGuAbomrpA5-WIiPNXZROjk0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/pmJGuAbomrpA5-WIiPNXZROjk0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f3:e9:d5:d6:b9:11:8f:00:9a:fc:25:08:ca:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a66246b806e89aba40e7e58888f3576513a3934a
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96b4a566b376aebaab3e321d079415043e387daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:23:a0:36:d3:a1:31:d9:db:e8:4e:a5:4c:17:
e9:33:96:9f:ce:d0:f5:31:bc:28:da:c5:4f:89:b9:
53:c8:6c:ea:5e:10:a1:e8:aa:54:62:10:03:d1:c6:
78:c3:bc:79:81:0a:66:37:a4:95:c1:ed:3b:03:05:
1c:5f:03:c8:8f:87:cc:91:d5:1c:9e:09:2a:86:da:
0b:09:d4:df:42:21:a7:b4:59:aa:2d:a2:a5:53:39:
15:6d:60:9a:13:4c:70:85:9e:fc:59:93:13:c5:85:
47:70:e2:a5:3f:ef:ac:52:0f:41:8b:2f:de:92:69:
1a:a0:4d:90:c7:05:0d:fd:96:5e:1a:4c:e4:18:a4:
1c:99:00:89:e2:e4:0d:43:fa:93:79:e8:0d:71:86:
12:9a:e3:9b:04:e2:49:e6:de:01:06:e5:74:82:2d:
84:46:fb:42:f1:40:69:d4:00:cf:0d:4c:a7:92:37:
3e:17:1d:84:f9:f3:3b:33:a1:fd:b0:57:7e:bc:e2:
1d:9c:8f:19:9a:aa:2d:90:e5:79:5e:86:ac:8b:81:
99:50:68:80:d4:9e:2a:e2:fa:64:ed:74:55:9b:01:
d2:da:e7:62:bf:b3:47:1c:5e:59:17:7a:ef:fd:e1:
ce:9a:ef:89:c1:a3:b1:84:0b:86:3e:ab:ba:a9:69:
0e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B4:A5:66:B3:76:AE:BA:AB:3E:32:1D:07:94:15:04:3E:38:7D:AF
X509v3 Authority Key Identifier:
keyid:A6:62:46:B8:06:E8:9A:BA:40:E7:E5:88:88:F3:57:65:13:A3:93:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pmJGuAbomrpA5-WIiPNXZROjk0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/lrSlZrN2rrqrPjIdB5QVBD44fa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/555221-000d-49f6-8335-4fd28c6619ae/1/pmJGuAbomrpA5-WIiPNXZROjk0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.32.0/22
Signature Algorithm: sha256WithRSAEncryption
88:b7:92:47:61:72:22:fc:90:42:e4:9f:94:63:0f:75:67:b4:
c3:68:3f:6d:56:82:20:fb:61:c8:53:4b:8d:2e:d7:68:26:d5:
f5:bd:4c:88:26:49:fc:6f:ec:7e:4f:52:38:77:68:10:4c:3b:
83:66:03:d9:93:e4:b6:84:f8:af:76:af:1f:63:a4:47:b7:39:
e9:71:9a:6d:af:27:1b:be:24:dd:61:99:88:92:0c:41:97:86:
fc:6e:86:ac:10:05:6b:16:2e:f8:be:c0:c1:62:9c:41:69:00:
9d:2b:bb:78:f2:6c:7d:91:48:98:90:3a:f3:09:26:3e:3c:7f:
2d:5e:51:4f:a4:b0:69:eb:bf:3c:16:c6:85:0d:3e:a6:58:f9:
8e:67:5d:17:0a:ef:f8:af:bf:eb:3b:37:b2:d0:70:1f:0e:e0:
f5:49:e3:a0:d8:83:ef:2c:c7:7b:9c:82:b1:47:04:df:72:59:
61:4a:b1:c8:27:e2:d3:40:de:43:0a:c4:43:c6:48:b0:08:18:
2b:72:ce:2b:5c:ed:7f:50:9f:2d:3b:d9:25:df:7b:24:5d:2c:
e3:08:f3:49:06:0c:df:d4:82:e0:b4:d3:5f:3d:4d:7c:6f:16:
30:8b:1b:3b:9a:69:d9:98:f6:a1:3d:ef:4a:b6:2f:5b:50:47:
b6:d8:48:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPPp1da5EY8AmvwlCMrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NjI0NmI4MDZlODlhYmE0MGU3ZTU4ODg4ZjM1NzY1MTNh
MzkzNGEwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmI0YTU2NmIzNzZhZWJhYWIzZTMyMWQwNzk0MTUwNDNlMzg3ZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCOgNtOhMdnb6E6lTBfpM5afztD1
Mbwo2sVPiblTyGzqXhCh6KpUYhAD0cZ4w7x5gQpmN6SVwe07AwUcXwPIj4fMkdUc
ngkqhtoLCdTfQiGntFmqLaKlUzkVbWCaE0xwhZ78WZMTxYVHcOKlP++sUg9Biy/e
kmkaoE2QxwUN/ZZeGkzkGKQcmQCJ4uQNQ/qTeegNcYYSmuObBOJJ5t4BBuV0gi2E
RvtC8UBp1ADPDUynkjc+Fx2E+fM7M6H9sFd+vOIdnI8ZmqotkOV5Xoasi4GZUGiA
1J4q4vpk7XRVmwHS2udiv7NHHF5ZF3rv/eHOmu+JwaOxhAuGPqu6qWkOPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJa0pWazdq66qz4yHQeUFQQ+OH2vMB8GA1UdIwQY
MBaAFKZiRrgG6Jq6QOfliIjzV2UTo5NKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG1KR3VBYm9tcnBBNS1XSWlQTlhaUk9qazBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81NTUyMjEtMDAwZC00OWY2LTgzMzUt
NGZkMjhjNjYxOWFlLzEvbHJTbFpyTjJycnFyUGpJZEI1UVZCRDQ0ZmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81NTUyMjEtMDAwZC00OWY2LTgzMzUtNGZkMjhjNjYxOWFl
LzEvcG1KR3VBYm9tcnBBNS1XSWlQTlhaUk9qazBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVMgMA0G
CSqGSIb3DQEBCwUAA4IBAQCIt5JHYXIi/JBC5J+UYw91Z7TDaD9tVoIg+2HIU0uN
LtdoJtX1vUyIJkn8b+x+T1I4d2gQTDuDZgPZk+S2hPivdq8fY6RHtznpcZptrycb
viTdYZmIkgxBl4b8boasEAVrFi74vsDBYpxBaQCdK7t48mx9kUiYkDrzCSY+PH8t
XlFPpLBp6788FsaFDT6mWPmOZ10XCu/4r7/rOzey0HAfDuD1SeOg2IPvLMd7nIKx
RwTfcllhSrHIJ+LTQN5DCsRDxkiwCBgrcs4rXO1/UJ8tO9kl33skXSzjCPNJBgzf
1ILgtNNfPU18bxYwixs7mmnZmPahPe9Kti9bUEe22Ejh
-----END CERTIFICATE-----
Generated at Mon May 20 17:55:03 2024 by rpki-client on console-ams.rpki-client.org