Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/lXgSczTkFIkpNbaoQCqomje1kKA.roa
File: lXgSczTkFIkpNbaoQCqomje1kKA.roa (raw, json)
Hash identifier: 9HFHtys3sKzBpf1lwVdjNkTbGuyrk+lFHMW4TU1+v3E=
Subject key identifier: 95:78:12:73:34:E4:14:89:29:35:B6:A8:40:2A:A8:9A:37:B5:90:A0
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018CC7947C5AD4C9D49CAF7D242E0E5DCB57
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/lXgSczTkFIkpNbaoQCqomje1kKA.roa
Signing time: Tue 02 Jan 2024 00:30:46 +0000
ROA not before: Tue 02 Jan 2024 00:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 45.145.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.mft
rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:7c:5a:d4:c9:d4:9c:af:7d:24:2e:0e:5d:cb:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Jan 2 00:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9578127334e414892935b6a8402aa89a37b590a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fa:5c:73:a7:80:2a:92:c1:f8:6a:93:25:e0:
86:c8:8f:d8:bc:78:95:e7:69:40:67:93:ed:80:c4:
c1:11:c3:c8:d0:72:21:a9:f3:f4:f6:af:61:1b:59:
9e:fa:67:20:2c:85:5e:45:65:d1:d0:76:b3:35:d1:
27:44:f3:7f:ea:18:ca:8f:20:03:c7:47:21:a3:c2:
30:9f:e6:cc:65:57:0d:2a:65:53:5a:ee:89:22:c0:
4b:6d:22:77:63:b0:ab:1f:90:dc:d8:5f:9e:5f:43:
07:96:92:d1:52:77:3f:f7:84:06:95:88:ce:a4:97:
1e:2e:33:8e:eb:97:bb:9a:3f:08:6c:50:a2:03:81:
ac:4a:66:ad:74:4f:9c:3a:45:76:ff:1b:eb:75:6b:
ae:06:90:a4:ee:e6:dd:b1:19:65:21:d0:a5:f7:c2:
a0:7b:a6:33:15:f3:a3:62:0b:36:ea:b7:41:1b:44:
de:a9:3d:4a:2c:25:8b:97:91:95:d3:a8:e1:0b:a0:
e8:9a:a1:7d:d4:e8:27:62:3b:1d:7b:06:08:ce:a8:
6d:7e:38:a4:e8:a1:94:72:19:2d:dd:20:88:1f:29:
6e:cc:a2:1e:da:d7:3a:39:f1:79:df:ee:10:65:3a:
93:09:54:d4:9d:0f:8a:73:7f:ed:a9:64:55:b7:42:
47:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:78:12:73:34:E4:14:89:29:35:B6:A8:40:2A:A8:9A:37:B5:90:A0
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/lXgSczTkFIkpNbaoQCqomje1kKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.155.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:96:75:ee:04:11:6e:d3:80:44:73:e4:d1:da:e5:f6:75:6a:
56:07:de:64:c4:86:e6:7d:2b:1d:fb:e8:e0:88:ee:5e:d5:e1:
51:29:e5:6b:54:4f:b5:f0:10:e9:68:81:94:91:3c:94:76:66:
92:30:39:43:31:7f:c8:fe:2f:6c:67:e3:65:3f:42:cd:80:17:
ea:f2:55:41:23:df:1c:e4:5c:db:90:6f:6c:f7:40:6c:33:da:
a2:f7:c4:82:05:44:b1:4d:fb:cc:aa:a7:58:f4:e1:57:72:e7:
73:b4:23:85:4d:f0:ec:04:c5:bb:2c:b3:27:26:03:2d:96:56:
be:24:c5:23:c7:20:f4:ac:85:09:e5:95:a0:28:7c:b3:0f:f1:
67:a8:02:9a:8e:98:c8:04:00:8d:e7:57:ce:d5:62:e6:5e:68:
6f:71:a7:32:82:83:8d:a9:ea:19:ae:19:99:60:39:d6:30:f0:
18:19:f3:7a:e2:22:e0:a7:b7:0e:13:e9:61:22:84:b2:bd:88:
2c:c8:d8:b5:7d:56:2d:09:12:76:bc:30:46:40:69:32:54:63:
f5:d3:74:1a:74:6b:42:d5:e6:e1:4a:32:ea:59:40:da:58:d5:
18:b9:67:ba:58:fb:23:96:0e:df:1a:9f:f5:07:7a:15:94:d8:
c2:a4:53:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlHxa1MnUnK99JC4OXctXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjQwMTAyMDAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTc4MTI3MzM0ZTQxNDg5MjkzNWI2YTg0MDJhYTg5YTM3YjU5MGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/pcc6eAKpLB+GqTJeCGyI/YvHiV
52lAZ5PtgMTBEcPI0HIhqfP09q9hG1me+mcgLIVeRWXR0HazNdEnRPN/6hjKjyAD
x0cho8Iwn+bMZVcNKmVTWu6JIsBLbSJ3Y7CrH5Dc2F+eX0MHlpLRUnc/94QGlYjO
pJceLjOO65e7mj8IbFCiA4GsSmatdE+cOkV2/xvrdWuuBpCk7ubdsRllIdCl98Kg
e6YzFfOjYgs26rdBG0TeqT1KLCWLl5GV06jhC6DomqF91OgnYjsdewYIzqhtfjik
6KGUchkt3SCIHyluzKIe2tc6OfF53+4QZTqTCVTUnQ+Kc3/tqWRVt0JH7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJV4EnM05BSJKTW2qEAqqJo3tZCgMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvbFhnU2N6VGtGSWtwTmJhb1FDcW9tamUxa0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZGbMA0G
CSqGSIb3DQEBCwUAA4IBAQCPlnXuBBFu04BEc+TR2uX2dWpWB95kxIbmfSsd++jg
iO5e1eFRKeVrVE+18BDpaIGUkTyUdmaSMDlDMX/I/i9sZ+NlP0LNgBfq8lVBI98c
5FzbkG9s90BsM9qi98SCBUSxTfvMqqdY9OFXcudztCOFTfDsBMW7LLMnJgMtlla+
JMUjxyD0rIUJ5ZWgKHyzD/FnqAKajpjIBACN51fO1WLmXmhvcacygoONqeoZrhmZ
YDnWMPAYGfN64iLgp7cOE+lhIoSyvYgsyNi1fVYtCRJ2vDBGQGkyVGP103QadGtC
1ebhSjLqWUDaWNUYuWe6WPsjlg7fGp/1B3oVlNjCpFPV
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:37:39 2024 by rpki-client on console-fra.rpki-client.org