Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/DEtFTLyhCZrz_ZFlK3LPe67oBBY.roa
File: DEtFTLyhCZrz_ZFlK3LPe67oBBY.roa (raw, json)
Hash identifier: LhMG8+saryk2/SIY4SbDPKLFxjCO8OtH3KfSuhSz1KE=
Subject key identifier: 0C:4B:45:4C:BC:A1:09:9A:F3:FD:91:65:2B:72:CF:7B:AE:E8:04:16
Certificate issuer: /CN=3b544ca0e2be18e9fd74e281324a30b0ea2d1d52
Certificate serial: 018CC4246AC5DB79556EB7F5B12FE1B32C32
Authority key identifier: 3B:54:4C:A0:E2:BE:18:E9:FD:74:E2:81:32:4A:30:B0:EA:2D:1D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/DEtFTLyhCZrz_ZFlK3LPe67oBBY.roa
Signing time: Mon 01 Jan 2024 08:29:30 +0000
ROA not before: Mon 01 Jan 2024 08:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 145.224.32.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:6a:c5:db:79:55:6e:b7:f5:b1:2f:e1:b3:2c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b544ca0e2be18e9fd74e281324a30b0ea2d1d52
Validity
Not Before: Jan 1 08:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c4b454cbca1099af3fd91652b72cf7baee80416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d1:e7:39:2e:df:e1:4a:27:ff:94:31:af:bc:
64:55:68:40:1b:48:e3:ff:a7:8b:03:ee:c9:cd:1b:
0d:81:1e:41:fb:77:49:bb:27:9f:67:6e:e8:a9:c3:
3b:a3:2d:69:40:10:cc:11:48:a1:46:ab:b7:10:84:
62:3a:83:79:aa:28:5b:79:cc:3a:7a:b4:c0:ca:91:
ab:94:94:36:df:ae:48:c6:ee:98:21:99:82:67:9e:
9c:08:77:96:af:60:ba:da:6a:a2:ad:8a:27:98:b9:
70:17:3d:a9:1c:4a:ae:7b:64:94:b1:4d:16:1c:e8:
89:59:46:2d:44:ec:d7:b5:3a:d1:3d:67:1d:a9:41:
1d:5b:c4:9b:97:f5:89:22:70:6b:ab:21:a3:35:f6:
0f:e0:fc:8f:3a:64:81:56:1e:54:16:43:78:8e:54:
86:88:3f:72:d5:15:ed:38:5d:45:ce:2a:b5:61:d4:
00:48:14:54:de:af:c7:85:af:9a:a4:44:76:3a:18:
a8:f4:ff:23:c3:22:ba:d9:76:91:31:b4:09:a3:71:
46:60:9a:c0:f2:d9:f9:d0:b6:03:d9:53:dd:d6:e8:
da:7b:46:3a:33:ca:1d:15:4a:4f:d3:23:89:7f:27:
13:b7:3c:e8:06:51:ba:2e:05:74:16:62:88:3d:25:
e4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:4B:45:4C:BC:A1:09:9A:F3:FD:91:65:2B:72:CF:7B:AE:E8:04:16
X509v3 Authority Key Identifier:
keyid:3B:54:4C:A0:E2:BE:18:E9:FD:74:E2:81:32:4A:30:B0:EA:2D:1D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/DEtFTLyhCZrz_ZFlK3LPe67oBBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.32.0/23
Signature Algorithm: sha256WithRSAEncryption
26:68:f3:55:2e:6d:5c:6a:64:f8:ce:5a:cc:1d:2e:02:1f:86:
c7:c8:b1:90:63:8a:57:fb:b0:77:c6:6b:ce:44:d3:ad:14:a4:
6e:4f:e6:ad:c3:75:57:cc:cf:d7:24:b7:91:a0:78:1e:b3:85:
91:70:cb:e5:0d:67:2d:de:c4:e7:92:62:7a:5e:9d:a6:90:82:
54:80:25:e2:fd:a2:43:29:0e:cd:c6:ea:da:3f:17:91:76:0b:
61:eb:92:5c:b8:e5:e9:64:d4:59:a3:ca:bd:dc:f3:00:d7:30:
d7:09:46:47:13:61:2f:c4:46:94:bd:ff:80:08:1a:b2:ac:69:
56:aa:58:b9:94:23:38:fd:b5:0a:04:a5:26:96:4d:f2:51:97:
7d:f4:93:3b:34:7f:d9:49:d9:e3:8a:d5:a3:0c:5c:88:99:1a:
3d:7c:12:1c:f9:c6:6e:ad:0f:1f:6c:c1:b4:0f:1f:e0:59:95:
25:d2:55:af:0c:29:5a:4e:16:42:8d:c1:3e:b7:1d:68:56:01:
d1:df:58:ea:d7:41:44:07:e9:b5:07:83:14:30:52:09:9a:0e:
b1:2d:8f:98:4c:f8:d2:01:7d:30:63:80:37:96:91:0f:f6:cc:
fb:91:a5:89:36:bf:28:b3:66:92:f1:23:37:7a:81:c4:f3:1f:
1f:85:18:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJGrF23lVbrf1sS/hsywyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTQ0Y2EwZTJiZTE4ZTlmZDc0ZTI4MTMyNGEzMGIwZWEy
ZDFkNTIwHhcNMjQwMTAxMDgyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzRiNDU0Y2JjYTEwOTlhZjNmZDkxNjUyYjcyY2Y3YmFlZTgwNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtHnOS7f4Uon/5Qxr7xkVWhAG0jj
/6eLA+7JzRsNgR5B+3dJuyefZ27oqcM7oy1pQBDMEUihRqu3EIRiOoN5qihbecw6
erTAypGrlJQ2365Ixu6YIZmCZ56cCHeWr2C62mqirYonmLlwFz2pHEque2SUsU0W
HOiJWUYtROzXtTrRPWcdqUEdW8Sbl/WJInBrqyGjNfYP4PyPOmSBVh5UFkN4jlSG
iD9y1RXtOF1Fziq1YdQASBRU3q/Hha+apER2Ohio9P8jwyK62XaRMbQJo3FGYJrA
8tn50LYD2VPd1ujae0Y6M8odFUpP0yOJfycTtzzoBlG6LgV0FmKIPSXk5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxLRUy8oQma8/2RZStyz3uu6AQWMB8GA1UdIwQY
MBaAFDtUTKDivhjp/XTigTJKMLDqLR1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFSTW9PSy1HT245ZE9LQk1rb3dzT290SFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zMDMwYmItNDJjMi00ZTNjLTg1OWEt
ODc2YTlkNzYyOWY2LzEvREV0RlRMeWhDWnJ6X1pGbEszTFBlNjdvQkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zMDMwYmItNDJjMi00ZTNjLTg1OWEtODc2YTlkNzYyOWY2
LzEvTzFSTW9PSy1HT245ZE9LQk1rb3dzT290SFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkeAgMA0G
CSqGSIb3DQEBCwUAA4IBAQAmaPNVLm1camT4zlrMHS4CH4bHyLGQY4pX+7B3xmvO
RNOtFKRuT+atw3VXzM/XJLeRoHges4WRcMvlDWct3sTnkmJ6Xp2mkIJUgCXi/aJD
KQ7NxuraPxeRdgth65JcuOXpZNRZo8q93PMA1zDXCUZHE2EvxEaUvf+ACBqyrGlW
qli5lCM4/bUKBKUmlk3yUZd99JM7NH/ZSdnjitWjDFyImRo9fBIc+cZurQ8fbMG0
Dx/gWZUl0lWvDClaThZCjcE+tx1oVgHR31jq10FEB+m1B4MUMFIJmg6xLY+YTPjS
AX0wY4A3lpEP9sz7kaWJNr8os2aS8SM3eoHE8x8fhRgT
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:40:53 2024 by rpki-client on console-ams.rpki-client.org