Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/NF75kuYW5eIxVQtOqxk6Xy1mcxE.roa
File: NF75kuYW5eIxVQtOqxk6Xy1mcxE.roa (raw, json)
Hash identifier: NsEWUVlAVzXFF1GQhGsmqjCvV6PBJTGc2JI7BFpqpQs=
Subject key identifier: 34:5E:F9:92:E6:16:E5:E2:31:55:0B:4E:AB:19:3A:5F:2D:66:73:11
Certificate issuer: /CN=dc102f6131ce5a746eb5981dd4c1d6b4e17b033f
Certificate serial: 018CC5DC374DBA54C0501098B2F1298DA6CD
Authority key identifier: DC:10:2F:61:31:CE:5A:74:6E:B5:98:1D:D4:C1:D6:B4:E1:7B:03:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BAvYTHOWnRutZgd1MHWtOF7Az8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/NF75kuYW5eIxVQtOqxk6Xy1mcxE.roa
Signing time: Mon 01 Jan 2024 16:29:52 +0000
ROA not before: Mon 01 Jan 2024 16:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 45.13.84.0/22 maxlen: 22
45.13.85.0/24 maxlen: 24
45.13.84.0/24 maxlen: 24
45.13.87.0/24 maxlen: 24
45.13.86.0/24 maxlen: 24
2a12:fd00::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/3BAvYTHOWnRutZgd1MHWtOF7Az8.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/3BAvYTHOWnRutZgd1MHWtOF7Az8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3BAvYTHOWnRutZgd1MHWtOF7Az8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 13:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:37:4d:ba:54:c0:50:10:98:b2:f1:29:8d:a6:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc102f6131ce5a746eb5981dd4c1d6b4e17b033f
Validity
Not Before: Jan 1 16:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=345ef992e616e5e231550b4eab193a5f2d667311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0e:c8:f3:40:9d:63:f3:bd:55:ee:fe:97:67:
bd:ec:1b:06:0e:eb:ec:ab:cb:d1:d4:3c:9e:e5:93:
21:66:4f:65:2c:a1:1e:76:71:20:d2:8c:ec:11:cd:
02:3a:32:17:e4:56:4e:2c:cb:ff:28:ab:4f:98:4a:
87:d0:8e:2d:ed:e1:a7:ed:12:5f:f5:2a:9e:78:23:
b5:84:fb:6c:c4:bd:63:3f:ee:ff:7b:46:91:ac:4f:
ac:fc:d9:4a:35:5d:4c:b7:0d:15:5a:2f:6b:41:3e:
8e:cb:a3:b4:27:5d:0f:89:6a:14:9f:de:65:4f:db:
54:66:6c:51:b0:87:50:4f:44:5a:14:6f:a0:56:51:
78:fa:d0:f3:71:ed:02:8c:a5:ee:82:91:ea:c0:aa:
5c:23:ca:ad:a3:0e:b9:b4:d8:a1:9a:5c:95:8c:be:
e5:fa:8c:b1:19:bf:8e:b8:9d:55:64:de:1f:e6:e1:
3c:49:3d:dd:6a:7d:b1:c2:21:4c:f6:2e:05:fc:61:
89:92:d5:48:74:fb:ca:e9:21:ec:ec:77:91:84:04:
a3:77:7e:a8:b9:86:51:c9:ed:3b:4b:d5:cc:ea:68:
70:cd:61:9f:2a:33:a8:e7:b8:c4:5c:54:a1:02:b3:
36:9f:f2:ce:d8:35:a3:78:e0:18:42:2e:16:bf:11:
8c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5E:F9:92:E6:16:E5:E2:31:55:0B:4E:AB:19:3A:5F:2D:66:73:11
X509v3 Authority Key Identifier:
keyid:DC:10:2F:61:31:CE:5A:74:6E:B5:98:1D:D4:C1:D6:B4:E1:7B:03:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BAvYTHOWnRutZgd1MHWtOF7Az8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/NF75kuYW5eIxVQtOqxk6Xy1mcxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/3BAvYTHOWnRutZgd1MHWtOF7Az8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.84.0/22
IPv6:
2a12:fd00::/36
Signature Algorithm: sha256WithRSAEncryption
44:af:96:26:ec:49:1a:a1:16:f9:a5:4a:1b:8f:fa:c1:81:1e:
fb:dc:ab:d1:88:ca:77:ab:4b:50:df:9a:25:93:f9:cb:a9:e6:
96:4e:1e:45:ea:12:1e:1f:a9:0f:0d:b9:1b:97:c3:ba:64:19:
bc:be:93:04:d7:ed:c0:09:1e:4f:2c:ab:2a:b7:c2:ed:0c:cc:
e0:6e:1b:b4:c7:7b:c0:b3:50:70:27:96:5f:fa:e4:85:05:bf:
3b:63:62:ec:b0:ba:a1:c2:f8:54:37:b6:2b:b4:b4:bb:3b:a5:
33:46:56:e8:06:5a:85:d1:ff:e1:85:92:07:1c:d1:c1:10:2e:
6d:96:20:16:1a:58:1a:cf:b8:02:6b:eb:48:3e:bf:19:2a:20:
57:93:c6:e2:5d:2e:3a:e8:93:ee:ae:44:2c:dc:b6:a0:3b:39:
76:66:63:7b:6c:6e:a5:f0:d3:a7:b2:bb:3a:88:92:29:6f:24:
8e:68:39:3a:f3:3d:bb:5b:e7:e3:de:69:49:6b:fa:b1:1a:b8:
be:2f:3c:18:18:c4:26:07:18:a4:5f:9a:f1:c1:52:cc:2a:cf:
2b:1a:bd:75:8b:f9:d5:21:e7:fc:8d:fc:10:f2:df:76:b5:5b:
32:c5:1e:57:02:30:88:21:23:89:a8:11:ae:9c:29:00:e7:77:
ad:2e:b3:b9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzF3DdNulTAUBCYsvEpjabNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTAyZjYxMzFjZTVhNzQ2ZWI1OTgxZGQ0YzFkNmI0ZTE3
YjAzM2YwHhcNMjQwMTAxMTYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDVlZjk5MmU2MTZlNWUyMzE1NTBiNGVhYjE5M2E1ZjJkNjY3MzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ7I80CdY/O9Ve7+l2e97BsGDuvs
q8vR1Dye5ZMhZk9lLKEednEg0ozsEc0COjIX5FZOLMv/KKtPmEqH0I4t7eGn7RJf
9SqeeCO1hPtsxL1jP+7/e0aRrE+s/NlKNV1Mtw0VWi9rQT6Oy6O0J10PiWoUn95l
T9tUZmxRsIdQT0RaFG+gVlF4+tDzce0CjKXugpHqwKpcI8qtow65tNihmlyVjL7l
+oyxGb+OuJ1VZN4f5uE8ST3dan2xwiFM9i4F/GGJktVIdPvK6SHs7HeRhASjd36o
uYZRye07S9XM6mhwzWGfKjOo57jEXFShArM2n/LO2DWjeOAYQi4WvxGMXQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDRe+ZLmFuXiMVULTqsZOl8tZnMRMB8GA1UdIwQY
MBaAFNwQL2Exzlp0brWYHdTB1rThewM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JBdllUSE9XblJ1dFpnZDFNSFd0T0Y3QXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jOGQ2NWUtZTVjOC00MTIwLWFlMWQt
YjA5N2Q5ZjhlYzIyLzEvTkY3NWt1WVc1ZUl4VlF0T3F4azZYeTFtY3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jOGQ2NWUtZTVjOC00MTIwLWFlMWQtYjA5N2Q5ZjhlYzIy
LzEvM0JBdllUSE9XblJ1dFpnZDFNSFd0T0Y3QXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLQ1UMA4E
AgACMAgDBgQqEv0AADANBgkqhkiG9w0BAQsFAAOCAQEARK+WJuxJGqEW+aVKG4/6
wYEe+9yr0YjKd6tLUN+aJZP5y6nmlk4eReoSHh+pDw25G5fDumQZvL6TBNftwAke
TyyrKrfC7QzM4G4btMd7wLNQcCeWX/rkhQW/O2Ni7LC6ocL4VDe2K7S0uzulM0ZW
6AZahdH/4YWSBxzRwRAubZYgFhpYGs+4AmvrSD6/GSogV5PG4l0uOuiT7q5ELNy2
oDs5dmZje2xupfDTp7K7OoiSKW8kjmg5OvM9u1vn495pSWv6sRq4vi88GBjEJgcY
pF+a8cFSzCrPKxq9dYv51SHn/I38EPLfdrVbMsUeVwIwiCEjiagRrpwpAOd3rS6z
uQ==
-----END CERTIFICATE-----
Generated at Wed May 8 19:07:13 2024 by rpki-client on console-fra.rpki-client.org