Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/9R3GI_wsCgE9KEtHrhUzUKR1sz4.roa
File: 9R3GI_wsCgE9KEtHrhUzUKR1sz4.roa (raw, json)
Hash identifier: 1qKZuMNb6WiF10VabbYpC1787i0jEzoTGW8MFJKqUWs=
Subject key identifier: F5:1D:C6:23:FC:2C:0A:01:3D:28:4B:47:AE:15:33:50:A4:75:B3:3E
Certificate issuer: /CN=f97fdecadb3261334387cf091d02e0713b781d31
Certificate serial: 018CC348FD8209D678FB370D2F7F1BFA75FB
Authority key identifier: F9:7F:DE:CA:DB:32:61:33:43:87:CF:09:1D:02:E0:71:3B:78:1D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-X_eytsyYTNDh88JHQLgcTt4HTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/9R3GI_wsCgE9KEtHrhUzUKR1sz4.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212700
IP address blocks: 45.13.146.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/1-X_eytsyYTNDh88JHQLgcTt4HTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/1-X_eytsyYTNDh88JHQLgcTt4HTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-X_eytsyYTNDh88JHQLgcTt4HTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fd:82:09:d6:78:fb:37:0d:2f:7f:1b:fa:75:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f97fdecadb3261334387cf091d02e0713b781d31
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f51dc623fc2c0a013d284b47ae153350a475b33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:60:68:f4:96:f4:22:10:07:7c:c8:25:00:fb:
b1:ce:f7:85:ac:28:81:bc:7a:51:1e:19:a8:b3:a2:
95:6b:61:61:45:0e:00:c2:63:0b:5e:59:91:91:c6:
2b:64:d9:aa:cf:f8:52:04:8d:c4:09:d9:42:9c:9c:
3d:7b:ba:b8:b0:f4:eb:a9:3b:59:43:a9:81:20:1d:
89:fd:46:ef:8c:37:9b:3e:1c:46:ea:14:fd:42:be:
57:08:29:99:cb:e0:30:80:52:8f:dc:1d:98:95:69:
03:19:4f:33:3c:ae:45:32:91:d5:81:fe:ba:00:11:
7c:d1:7f:f6:53:39:f2:05:d1:5c:a6:4e:c5:ed:35:
cb:d8:35:3d:0f:5c:4d:97:73:76:0c:37:17:50:12:
d5:6d:72:85:42:5f:4a:19:7f:72:28:69:79:af:43:
07:22:2b:df:41:a6:c1:15:e3:43:b7:c5:94:2a:0d:
a0:75:fa:f2:6f:4d:7c:0e:a8:da:70:a2:76:13:6c:
97:31:ef:90:0b:77:c9:43:e1:d0:d5:40:bf:8b:24:
0a:a8:e8:11:a7:e1:57:e8:29:ce:8b:c4:82:d0:49:
19:f4:5a:2f:06:78:7f:08:d4:7e:fb:95:6e:9e:3f:
a9:94:8f:4e:10:de:a8:b7:1c:7e:d2:b2:c4:20:aa:
04:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1D:C6:23:FC:2C:0A:01:3D:28:4B:47:AE:15:33:50:A4:75:B3:3E
X509v3 Authority Key Identifier:
keyid:F9:7F:DE:CA:DB:32:61:33:43:87:CF:09:1D:02:E0:71:3B:78:1D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-X_eytsyYTNDh88JHQLgcTt4HTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/9R3GI_wsCgE9KEtHrhUzUKR1sz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a8a364-7430-4da6-8f43-eb7bf2bddd08/1/1-X_eytsyYTNDh88JHQLgcTt4HTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.146.0/23
Signature Algorithm: sha256WithRSAEncryption
61:f5:d9:85:39:4d:5d:68:36:f7:5e:96:04:1e:21:9f:84:49:
13:7a:fa:5b:99:43:3f:1a:99:73:a3:78:a3:ca:2e:10:1b:73:
e4:be:17:d3:cb:d2:ef:ce:c0:c7:8f:bb:e0:55:6c:ec:e3:c8:
c1:88:46:71:78:cf:6e:af:ec:7c:1d:61:6b:fe:ec:ad:7a:6e:
11:2e:81:cc:aa:36:a0:1f:05:59:58:57:f6:77:06:79:37:2c:
a6:29:0b:1b:b8:3e:75:26:74:38:55:91:bc:f5:36:c1:6f:b2:
41:21:8a:97:44:73:e7:c6:03:1d:71:e4:ad:7c:a7:61:6f:94:
e4:0e:14:a0:bf:eb:93:c4:68:b8:8e:01:3c:b7:71:17:76:0c:
52:d1:b0:f5:fe:a2:d9:59:b3:54:ea:62:3d:ce:ea:19:0b:12:
60:be:71:bb:81:f3:32:87:6a:fb:0e:c3:0a:ab:7d:0e:a0:c8:
03:de:22:7b:f0:23:36:e9:3e:1c:7c:ca:0b:fa:6c:b2:e5:18:
c6:07:1f:e4:e6:b3:7a:00:db:f5:bd:19:95:d2:fe:4e:2b:3a:
74:cb:0e:4c:ad:e6:1d:e1:d0:0d:83:7a:f3:fb:f5:5a:b0:69:
59:58:40:cd:68:a7:27:ac:df:34:90:6f:21:e6:89:a9:a3:a2:
42:83:3a:0a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzDSP2CCdZ4+zcNL38b+nX7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5N2ZkZWNhZGIzMjYxMzM0Mzg3Y2YwOTFkMDJlMDcxM2I3
ODFkMzEwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFkYzYyM2ZjMmMwYTAxM2QyODRiNDdhZTE1MzM1MGE0NzViMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWBo9Jb0IhAHfMglAPuxzveFrCiB
vHpRHhmos6KVa2FhRQ4AwmMLXlmRkcYrZNmqz/hSBI3ECdlCnJw9e7q4sPTrqTtZ
Q6mBIB2J/UbvjDebPhxG6hT9Qr5XCCmZy+AwgFKP3B2YlWkDGU8zPK5FMpHVgf66
ABF80X/2UznyBdFcpk7F7TXL2DU9D1xNl3N2DDcXUBLVbXKFQl9KGX9yKGl5r0MH
IivfQabBFeNDt8WUKg2gdfryb018DqjacKJ2E2yXMe+QC3fJQ+HQ1UC/iyQKqOgR
p+FX6CnOi8SC0EkZ9FovBnh/CNR++5Vunj+plI9OEN6otxx+0rLEIKoEewIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPUdxiP8LAoBPShLR64VM1CkdbM+MB8GA1UdIwQY
MBaAFPl/3srbMmEzQ4fPCR0C4HE7eB0xMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YX2V5dHN5WVRORGg4OEpIUUxnY1R0NEhURS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYThhMzY0LTc0MzAtNGRhNi04ZjQz
LWViN2JmMmJkZGQwOC8xLzlSM0dJX3dzQ2dFOUtFdEhyaFV6VUtSMXN6NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYThhMzY0LTc0MzAtNGRhNi04ZjQzLWViN2JmMmJkZGQw
OC8xLzEtWF9leXRzeVlUTkRoODhKSFFMZ2NUdDRIVEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtDZIw
DQYJKoZIhvcNAQELBQADggEBAGH12YU5TV1oNvdelgQeIZ+ESRN6+luZQz8amXOj
eKPKLhAbc+S+F9PL0u/OwMePu+BVbOzjyMGIRnF4z26v7HwdYWv+7K16bhEugcyq
NqAfBVlYV/Z3Bnk3LKYpCxu4PnUmdDhVkbz1NsFvskEhipdEc+fGAx1x5K18p2Fv
lOQOFKC/65PEaLiOATy3cRd2DFLRsPX+otlZs1TqYj3O6hkLEmC+cbuB8zKHavsO
wwqrfQ6gyAPeInvwIzbpPhx8ygv6bLLlGMYHH+Tms3oA2/W9GZXS/k4rOnTLDkyt
5h3h0A2DevP79VqwaVlYQM1opyes3zSQbyHmiamjokKDOgo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:57 2024 by rpki-client on console-fra.rpki-client.org