Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/9XL3dFcncdTVunXQYu7X25f9fpY.roa
File: 9XL3dFcncdTVunXQYu7X25f9fpY.roa (raw, json)
Hash identifier: uoINFd7ZeVEqbiBuW2nOwB387pah9uWGIJOb1dnrbNE=
Subject key identifier: F5:72:F7:74:57:27:71:D4:D5:BA:75:D0:62:EE:D7:DB:97:FD:7E:96
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801E11FA42CE0D7ED48A257A3BEECD3
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/9XL3dFcncdTVunXQYu7X25f9fpY.roa
Signing time: Tue 02 Jan 2024 02:30:15 +0000
ROA not before: Tue 02 Jan 2024 02:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210937
IP address blocks: 45.143.0.0/22 maxlen: 24
45.153.244.0/22 maxlen: 24
2a09:4::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:e1:1f:a4:2c:e0:d7:ed:48:a2:57:a3:be:ec:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f572f774572771d4d5ba75d062eed7db97fd7e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:77:1a:b6:64:66:e8:c2:b4:39:ec:b7:2e:15:
bc:33:d2:7f:a9:d2:62:c8:c3:b4:ac:38:d0:08:ae:
1f:bf:ba:ab:9f:8f:7c:c8:4f:a5:1d:9d:0a:8f:60:
48:a4:32:a8:d2:26:6d:39:49:0d:22:0e:8e:be:31:
fd:d4:93:db:2b:fb:12:56:1a:1d:d2:07:78:d2:f0:
1f:eb:60:7b:17:21:76:43:2d:0d:aa:60:50:72:d7:
e2:eb:b3:1b:b3:7f:46:b7:cf:db:78:43:44:ce:32:
ab:8c:e7:84:7b:e7:42:a7:c3:d3:9a:ed:2c:70:1a:
be:77:bc:10:27:de:75:63:70:01:b8:b1:62:81:d9:
58:de:6f:22:83:4a:5c:31:fd:e7:d0:55:6f:86:78:
a1:81:2a:d8:18:4c:fb:86:1d:18:b0:be:00:e6:a5:
b4:8c:3f:60:25:aa:d3:a6:33:82:3e:b4:e0:bd:1e:
2f:9e:18:91:e4:7e:aa:cb:e1:41:1b:93:b3:38:6d:
53:ba:55:27:d5:d8:0b:80:64:2c:38:f0:83:dc:1a:
26:cf:aa:7b:88:32:56:a5:92:1a:1b:a9:c3:ed:b5:
44:43:02:06:69:44:26:6f:08:ac:52:ce:09:39:b8:
cf:f1:2c:75:f4:ef:54:91:46:52:9c:e7:c3:81:4b:
3d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:72:F7:74:57:27:71:D4:D5:BA:75:D0:62:EE:D7:DB:97:FD:7E:96
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/9XL3dFcncdTVunXQYu7X25f9fpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.0.0/22
45.153.244.0/22
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
Signature Algorithm: sha256WithRSAEncryption
3f:0d:13:7f:68:9b:4a:47:b1:35:d3:a5:9f:33:e4:26:cc:a4:
a9:b3:c1:ce:1e:60:41:6f:e8:dd:e2:94:f0:a4:a9:19:be:6e:
ee:fb:6e:a7:33:c2:49:4e:c7:0c:a0:60:3e:50:59:44:79:55:
93:6d:82:19:09:bf:87:92:85:c8:44:86:0f:01:16:17:f7:d0:
41:d6:a1:72:7b:72:35:2c:43:b8:5f:10:44:ff:6a:00:3f:e8:
de:b0:d4:3c:15:61:15:c8:4e:92:dd:8d:9a:7b:17:23:6b:c9:
d8:6c:6e:05:ce:7d:77:0c:2d:85:7a:b0:17:30:b3:7f:05:aa:
5a:dc:d5:85:8a:96:10:77:60:62:aa:f8:a9:43:80:8c:6e:29:
f5:66:6d:4f:55:22:44:34:1f:58:d9:f7:c1:79:c1:0a:64:85:
c2:91:fb:90:65:8b:1a:69:67:45:d4:1c:87:d3:42:88:06:03:
49:6d:40:10:60:b3:c3:c9:ab:02:36:86:52:5f:d1:10:ce:6f:
d6:ea:71:c7:32:77:87:65:5a:37:92:61:f4:91:50:ca:10:7f:
f9:f8:56:b0:95:da:12:39:9e:b3:b7:f2:ef:af:1b:6c:12:ca:
fc:19:0b:55:3a:34:20:07:27:f8:45:81:b3:54:79:7e:dd:53:
59:0c:4b:49
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzIAeEfpCzg1+1IolejvuzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTcyZjc3NDU3Mjc3MWQ0ZDViYTc1ZDA2MmVlZDdkYjk3ZmQ3ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXcatmRm6MK0Oey3LhW8M9J/qdJi
yMO0rDjQCK4fv7qrn498yE+lHZ0Kj2BIpDKo0iZtOUkNIg6OvjH91JPbK/sSVhod
0gd40vAf62B7FyF2Qy0NqmBQctfi67Mbs39Gt8/beENEzjKrjOeEe+dCp8PTmu0s
cBq+d7wQJ951Y3ABuLFigdlY3m8ig0pcMf3n0FVvhnihgSrYGEz7hh0YsL4A5qW0
jD9gJarTpjOCPrTgvR4vnhiR5H6qy+FBG5OzOG1TulUn1dgLgGQsOPCD3Bomz6p7
iDJWpZIaG6nD7bVEQwIGaUQmbwisUs4JObjP8Sx19O9UkUZSnOfDgUs9pQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFPVy93RXJ3HU1bp10GLu19uX/X6WMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvOVhMM2RGY25jZFRWdW5YUVl1N1gyNWY5ZnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQCLY8AAwQC
LZn0MDMEAgACMC0DBwAqCQABAAADBwAqCQACAAADBwAqCQADAAADBwAqCQAEAAAD
BwAqCQAFAAAwDQYJKoZIhvcNAQELBQADggEBAD8NE39om0pHsTXTpZ8z5CbMpKmz
wc4eYEFv6N3ilPCkqRm+bu77bqczwklOxwygYD5QWUR5VZNtghkJv4eShchEhg8B
Fhf30EHWoXJ7cjUsQ7hfEET/agA/6N6w1DwVYRXITpLdjZp7FyNrydhsbgXOfXcM
LYV6sBcws38Fqlrc1YWKlhB3YGKq+KlDgIxuKfVmbU9VIkQ0H1jZ98F5wQpkhcKR
+5BlixppZ0XUHIfTQogGA0ltQBBgs8PJqwI2hlJf0RDOb9bqcccyd4dlWjeSYfSR
UMoQf/n4VrCV2hI5nrO38u+vG2wSyvwZC1U6NCAHJ/hFgbNUeX7dU1kMS0k=
-----END CERTIFICATE-----
Generated at Sat May 18 22:39:54 2024 by rpki-client on console-fra.rpki-client.org