Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/nHffKuK7mE6imw6HYzga5uYCipM.roa
File: nHffKuK7mE6imw6HYzga5uYCipM.roa (raw, json)
Hash identifier: BO61yLgJXZrMWp80f/sBDSLkSV2DwHKyxDCBSxespaY=
Subject key identifier: 9C:77:DF:2A:E2:BB:98:4E:A2:9B:0E:87:63:38:1A:E6:E6:02:8A:93
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01932FA8C5837EC44D67898437D4F86AF849
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/nHffKuK7mE6imw6HYzga5uYCipM.roa
Signing time: Fri 15 Nov 2024 11:50:10 +0000
ROA not before: Fri 15 Nov 2024 11:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197731
IP address blocks: 45.137.196.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:a8:c5:83:7e:c4:4d:67:89:84:37:d4:f8:6a:f8:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Nov 15 11:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c77df2ae2bb984ea29b0e8763381ae6e6028a93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:1d:1d:83:85:5b:a3:49:e3:f0:98:ce:d5:
65:bb:08:f9:60:5a:9f:fa:0f:2f:6e:2b:37:a3:c2:
08:9f:d2:b3:56:01:bb:d8:7e:f7:21:8d:5b:0c:18:
ab:a3:b2:3e:71:f4:a7:23:30:ff:88:ea:e7:69:ce:
da:01:52:51:32:b6:ba:44:d1:8b:7b:f9:13:98:2a:
3d:43:af:21:1a:75:e1:eb:bc:73:5f:30:be:bf:44:
50:a1:78:3d:81:5e:13:52:be:a3:06:4d:62:41:72:
71:65:af:d4:f8:10:35:1d:e1:99:2d:75:7e:e5:aa:
1c:fe:bf:de:19:d9:4d:41:17:e8:2d:c2:f2:83:69:
36:89:9c:8c:c0:64:6e:83:bd:24:35:1c:c9:46:e8:
f5:84:08:12:f2:d8:f0:90:c7:66:f4:fe:de:62:c0:
f8:51:11:20:33:b7:a6:0b:b1:23:57:28:16:7f:6f:
78:b3:1e:e2:1c:c7:c2:63:a5:dc:60:65:44:c9:27:
fe:06:6c:5b:bf:50:a2:1b:b5:6a:de:7b:89:e1:68:
62:45:7b:96:b6:e0:ad:13:51:a3:43:38:91:46:34:
48:6d:77:c8:f7:5f:c6:35:d4:be:d1:11:79:be:de:
4c:7d:f0:7b:37:0b:7d:e9:2f:76:42:f9:b4:8e:af:
b2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:77:DF:2A:E2:BB:98:4E:A2:9B:0E:87:63:38:1A:E6:E6:02:8A:93
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/nHffKuK7mE6imw6HYzga5uYCipM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.196.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:27:3e:81:64:03:d6:53:b2:e5:f1:fd:c6:fc:1e:52:1c:8f:
21:51:f6:0e:5d:04:5c:76:58:4b:f6:78:7c:3d:ea:14:df:1f:
73:43:df:42:3d:72:d3:b6:e2:8c:6d:50:9e:d8:9e:95:56:77:
7c:12:5e:37:14:41:d5:5e:23:1a:84:89:de:c5:59:49:95:c6:
0a:47:d6:ee:2c:0c:40:76:5f:3f:c0:8a:ac:38:5b:ac:78:cd:
2f:cd:c7:5e:6e:c3:11:06:1e:83:ed:98:3c:a5:54:41:ee:e6:
01:db:47:8a:72:82:3a:2d:0b:41:02:19:67:2d:bd:5e:76:eb:
61:b8:7b:c3:9b:67:8d:05:ac:a1:01:77:6f:d7:81:2c:a1:5c:
5f:8c:3a:a7:06:9a:e7:f1:c8:e6:75:01:22:57:72:15:f5:6b:
39:7d:ac:e7:0c:e6:34:57:56:2b:1b:df:5d:27:48:40:18:eb:
4d:07:f1:92:bd:bc:6b:80:75:ae:2f:91:62:a8:23:9c:50:42:
86:e2:e0:8a:b3:5c:ce:f1:bd:16:e3:df:95:59:8c:dd:30:0a:
4b:97:15:66:34:90:2d:51:b2:4e:f9:eb:22:0f:77:53:03:d4:
bc:38:1b:a5:51:89:6a:73:c2:7d:07:1c:0f:ed:a5:58:e2:23:
25:11:82:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMvqMWDfsRNZ4mEN9T4avhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQxMTE1MTE1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzc3ZGYyYWUyYmI5ODRlYTI5YjBlODc2MzM4MWFlNmU2MDI4YTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1MdHYOFW6NJ4/CYztVluwj5YFqf
+g8vbis3o8IIn9KzVgG72H73IY1bDBiro7I+cfSnIzD/iOrnac7aAVJRMra6RNGL
e/kTmCo9Q68hGnXh67xzXzC+v0RQoXg9gV4TUr6jBk1iQXJxZa/U+BA1HeGZLXV+
5aoc/r/eGdlNQRfoLcLyg2k2iZyMwGRug70kNRzJRuj1hAgS8tjwkMdm9P7eYsD4
UREgM7emC7EjVygWf294sx7iHMfCY6XcYGVEySf+Bmxbv1CiG7Vq3nuJ4WhiRXuW
tuCtE1GjQziRRjRIbXfI91/GNdS+0RF5vt5MffB7Nwt96S92Qvm0jq+ynwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJx33yriu5hOopsOh2M4GubmAoqTMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbkhmZkt1SzdtRTZpbXc2SFl6Z2E1dVlDaXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYnEMA0G
CSqGSIb3DQEBCwUAA4IBAQBbJz6BZAPWU7Ll8f3G/B5SHI8hUfYOXQRcdlhL9nh8
PeoU3x9zQ99CPXLTtuKMbVCe2J6VVnd8El43FEHVXiMahInexVlJlcYKR9buLAxA
dl8/wIqsOFuseM0vzcdebsMRBh6D7Zg8pVRB7uYB20eKcoI6LQtBAhlnLb1eduth
uHvDm2eNBayhAXdv14EsoVxfjDqnBprn8cjmdQEiV3IV9Ws5faznDOY0V1YrG99d
J0hAGOtNB/GSvbxrgHWuL5FiqCOcUEKG4uCKs1zO8b0W49+VWYzdMApLlxVmNJAt
UbJO+esiD3dTA9S8OBulUYlqc8J9BxwP7aVY4iMlEYLu
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:38:48 2024 by rpki-client on console-ams.rpki-client.org