Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/2U3l7FVrNCLru7z4jHz5Z7pr3Ic.roa
File: 2U3l7FVrNCLru7z4jHz5Z7pr3Ic.roa (raw, json)
Hash identifier: jak4dS2u2mLQiK2k8XUFL1xHKy5XXJRmMbp0stteTdM=
Subject key identifier: D9:4D:E5:EC:55:6B:34:22:EB:BB:BC:F8:8C:7C:F9:67:BA:6B:DC:87
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA36621FEEA856C07D35BF54035A0
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/2U3l7FVrNCLru7z4jHz5Z7pr3Ic.roa
Signing time: Tue 02 Jan 2024 04:30:08 +0000
ROA not before: Tue 02 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.138.17.0/24 maxlen: 24
2a0f:e380::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a3:66:21:fe:ea:85:6c:07:d3:5b:f5:40:35:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d94de5ec556b3422ebbbbcf88c7cf967ba6bdc87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b7:b0:1a:93:db:6e:57:36:6f:91:66:f4:73:
a7:ad:eb:34:da:bb:e9:b9:19:5a:49:63:2e:ee:89:
1a:dd:fd:75:39:c5:f7:99:88:a8:2e:c5:24:9d:dd:
a5:aa:ce:d8:e0:c4:09:b3:5a:39:06:d2:9b:a4:7c:
d1:40:cd:da:f1:b2:c3:07:6c:57:dd:4f:05:15:f5:
c1:ab:2a:60:27:88:e3:49:b2:cc:4e:c6:81:71:b3:
3b:35:88:95:be:39:53:99:cc:e2:b1:93:00:76:60:
5e:a8:b7:10:22:9f:18:f6:81:b2:9c:96:cb:f5:e9:
5e:58:d9:87:3d:e8:3f:48:de:fe:cb:3a:92:07:a9:
79:5d:75:d9:aa:f2:49:16:37:33:ed:61:f2:e2:b4:
e0:c3:c1:13:a7:5b:f8:2b:50:c1:35:62:36:f3:9f:
5f:e9:4f:9f:64:e0:46:93:05:f8:8b:96:ff:db:dc:
4c:a9:7e:0f:3f:01:83:90:50:18:04:17:df:9f:c6:
18:a3:d9:d3:97:cd:5d:57:00:46:6d:04:2e:83:5f:
94:9c:d4:1d:11:84:a3:df:27:59:14:ca:61:70:cb:
c9:a2:4f:4a:59:03:49:7f:f7:42:bb:e3:52:db:2e:
e5:7a:7e:f5:0e:b5:28:53:7b:5d:61:18:2c:e4:f7:
23:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4D:E5:EC:55:6B:34:22:EB:BB:BC:F8:8C:7C:F9:67:BA:6B:DC:87
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/2U3l7FVrNCLru7z4jHz5Z7pr3Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.17.0/24
IPv6:
2a0f:e380::/32
Signature Algorithm: sha256WithRSAEncryption
72:7e:ad:2f:bc:2a:06:aa:d8:77:fc:7c:e0:3f:3a:04:e2:de:
db:50:ea:9a:8b:f4:3e:b0:84:44:43:22:cd:d3:93:8c:d9:8a:
28:7f:2f:a3:f3:25:0a:69:54:f8:80:ba:18:21:a0:70:2e:39:
0c:f2:18:0d:46:a8:68:f6:1e:a9:c7:2f:2d:ce:85:af:78:6b:
e9:17:55:73:ce:ca:38:a7:a6:3d:ef:17:a8:68:67:a7:6d:3f:
f0:48:cd:4f:10:29:70:2d:86:4a:ab:7a:09:08:a6:90:e1:ce:
bb:88:b8:bc:df:c5:42:9f:be:4a:ce:26:46:17:fc:7b:35:1c:
21:8a:8d:12:c0:8d:34:c7:94:d2:b0:c9:2b:06:2a:29:0b:be:
e5:df:cc:81:4b:2d:95:58:e9:f4:76:0d:ab:09:ed:35:ef:b1:
03:80:07:1e:84:9b:83:63:55:00:dc:7b:97:3b:94:79:a5:65:
ad:fd:20:c1:ec:29:77:89:31:46:64:bd:65:0e:bc:37:7e:a1:
72:b4:a0:63:35:b2:9f:e6:23:05:e7:eb:de:43:c4:15:04:d7:
b9:a2:07:4f:5b:4c:a8:46:47:2f:5d:f2:5f:a1:26:a7:5d:95:
3a:15:6a:49:f1:71:ed:b4:bc:79:14:2c:6a:89:6f:ac:c7:56:
04:4c:7e:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb6NmIf7qhWwH01v1QDWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTRkZTVlYzU1NmIzNDIyZWJiYmJjZjg4YzdjZjk2N2JhNmJkYzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7ewGpPbblc2b5Fm9HOnres02rvp
uRlaSWMu7oka3f11OcX3mYioLsUknd2lqs7Y4MQJs1o5BtKbpHzRQM3a8bLDB2xX
3U8FFfXBqypgJ4jjSbLMTsaBcbM7NYiVvjlTmczisZMAdmBeqLcQIp8Y9oGynJbL
9eleWNmHPeg/SN7+yzqSB6l5XXXZqvJJFjcz7WHy4rTgw8ETp1v4K1DBNWI2859f
6U+fZOBGkwX4i5b/29xMqX4PPwGDkFAYBBffn8YYo9nTl81dVwBGbQQug1+UnNQd
EYSj3ydZFMphcMvJok9KWQNJf/dCu+NS2y7len71DrUoU3tdYRgs5Pcj5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNlN5exVazQi67u8+Ix8+We6a9yHMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvMlUzbDdGVnJOQ0xydTd6NGpIejVaN3ByM0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYoRMA0E
AgACMAcDBQAqD+OAMA0GCSqGSIb3DQEBCwUAA4IBAQByfq0vvCoGqth3/HzgPzoE
4t7bUOqai/Q+sIREQyLN05OM2Yoofy+j8yUKaVT4gLoYIaBwLjkM8hgNRqho9h6p
xy8tzoWveGvpF1Vzzso4p6Y97xeoaGenbT/wSM1PEClwLYZKq3oJCKaQ4c67iLi8
38VCn75KziZGF/x7NRwhio0SwI00x5TSsMkrBiopC77l38yBSy2VWOn0dg2rCe01
77EDgAcehJuDY1UA3HuXO5R5pWWt/SDB7Cl3iTFGZL1lDrw3fqFytKBjNbKf5iMF
5+veQ8QVBNe5ogdPW0yoRkcvXfJfoSanXZU6FWpJ8XHttLx5FCxqiW+sx1YETH7g
-----END CERTIFICATE-----
Generated at Thu May 2 03:35:32 2024 by rpki-client on console-ams.rpki-client.org