Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/0HH_EbAi-PZBQduCLr56RDFpRu8.roa
File: 0HH_EbAi-PZBQduCLr56RDFpRu8.roa (raw, json)
Hash identifier: Dtkq5g7TyEESRr2tLb8sw+anUS95X8d+KVIbTG4bFMI=
Subject key identifier: D0:71:FF:11:B0:22:F8:F6:41:41:DB:82:2E:BE:7A:44:31:69:46:EF
Certificate issuer: /CN=39732dcd0c35426144f9f026754179dfaebe8958
Certificate serial: 018CC8DF9FE2562CCDBB379F77168B9CD3D3
Authority key identifier: 39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/0HH_EbAi-PZBQduCLr56RDFpRu8.roa
Signing time: Tue 02 Jan 2024 06:32:27 +0000
ROA not before: Tue 02 Jan 2024 06:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61075
IP address blocks: 45.90.78.0/24 maxlen: 24
45.90.76.0/22 maxlen: 24
2a0c:b5c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/OXMtzQw1QmFE-fAmdUF5366-iVg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/OXMtzQw1QmFE-fAmdUF5366-iVg.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:9f:e2:56:2c:cd:bb:37:9f:77:16:8b:9c:d3:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39732dcd0c35426144f9f026754179dfaebe8958
Validity
Not Before: Jan 2 06:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d071ff11b022f8f64141db822ebe7a44316946ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b9:80:3a:e0:07:b2:1f:e1:94:2f:f2:79:8f:
62:b3:d0:d4:29:4b:d3:9c:00:d9:cf:c0:bd:55:e0:
29:c5:7c:6c:b4:98:12:9a:ba:ec:09:e9:5b:bd:7b:
2d:15:c4:f5:2f:e0:ce:b5:3f:77:49:27:8d:c2:26:
6d:e9:63:8d:b4:6a:86:28:f3:6b:e8:23:8f:52:6d:
16:e7:c0:7b:5d:67:82:5f:37:03:85:0d:1b:00:fa:
84:03:e4:87:2c:57:d8:9f:5f:de:d9:4c:c2:75:fc:
70:c1:76:03:18:f8:bf:d6:12:a5:6e:80:62:98:6f:
70:ad:5c:95:ed:43:e7:0b:f2:c9:af:8a:88:f8:a3:
f5:3e:ec:2c:f0:eb:05:68:82:e7:ee:1a:8e:80:d5:
b2:2e:be:4f:20:63:24:2b:3f:0b:57:04:a7:8c:70:
0b:0e:ec:4f:08:e9:6e:64:3b:3f:13:a7:d8:d6:83:
93:c8:51:51:c6:cd:72:6e:42:d6:96:c8:be:10:23:
90:80:b1:2c:00:0f:2e:b3:a6:8e:40:25:83:b3:f9:
a5:97:d7:de:6f:f1:e4:20:af:05:9d:51:b7:ba:aa:
03:a4:ff:37:da:21:64:ec:7f:79:08:1a:0e:27:0f:
0c:1f:81:60:b0:9d:65:19:7b:56:40:8c:67:ff:6c:
30:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:71:FF:11:B0:22:F8:F6:41:41:DB:82:2E:BE:7A:44:31:69:46:EF
X509v3 Authority Key Identifier:
keyid:39:73:2D:CD:0C:35:42:61:44:F9:F0:26:75:41:79:DF:AE:BE:89:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXMtzQw1QmFE-fAmdUF5366-iVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/0HH_EbAi-PZBQduCLr56RDFpRu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/237106-d08d-4aa0-ac82-f60af2a82060/1/OXMtzQw1QmFE-fAmdUF5366-iVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.76.0/22
IPv6:
2a0c:b5c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:a9:2f:2d:21:3e:1a:ee:b0:6b:6e:be:9c:45:46:b2:7f:bf:
80:ea:60:70:37:ac:42:0e:f8:c7:d3:e4:2d:2c:a1:98:70:f1:
85:1c:2a:4d:ed:bc:c7:d3:d3:0c:f5:d0:e4:51:aa:35:47:6c:
70:56:0c:62:c0:63:60:e8:7b:18:90:bd:1b:33:81:91:c5:20:
bb:48:55:15:1d:63:a1:18:69:55:be:5b:aa:6d:ba:0d:c7:38:
a9:37:ac:d0:01:ef:09:62:f6:c7:78:66:71:6c:94:66:24:53:
70:5f:cd:58:8c:e4:ac:97:01:f9:5f:af:63:83:07:de:31:52:
81:a9:d9:49:11:22:8f:fc:15:f5:9a:1f:92:8a:75:a0:5d:9c:
53:f5:a0:75:d1:76:36:ea:be:9c:bd:da:9b:1b:d7:94:39:03:
e1:06:a3:dc:95:1d:fe:5a:c9:98:0c:54:a9:e5:82:f6:b6:88:
4b:28:bf:8c:73:12:0a:46:35:d4:a0:9a:ad:d8:1f:78:c9:17:
0e:38:32:8f:14:04:01:bb:72:8c:1d:7c:d7:d6:f7:62:37:c9:
13:05:fc:3f:df:a6:a5:72:c2:fb:bc:8e:0e:64:0e:f6:db:77:
13:af:ca:7e:12:e7:21:18:75:79:c8:fc:ae:a9:fe:3a:6e:e6:
dc:b5:c1:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI35/iVizNuzefdxaLnNPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzMyZGNkMGMzNTQyNjE0NGY5ZjAyNjc1NDE3OWRmYWVi
ZTg5NTgwHhcNMjQwMTAyMDYzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDcxZmYxMWIwMjJmOGY2NDE0MWRiODIyZWJlN2E0NDMxNjk0NmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7mAOuAHsh/hlC/yeY9is9DUKUvT
nADZz8C9VeApxXxstJgSmrrsCelbvXstFcT1L+DOtT93SSeNwiZt6WONtGqGKPNr
6COPUm0W58B7XWeCXzcDhQ0bAPqEA+SHLFfYn1/e2UzCdfxwwXYDGPi/1hKlboBi
mG9wrVyV7UPnC/LJr4qI+KP1Puws8OsFaILn7hqOgNWyLr5PIGMkKz8LVwSnjHAL
DuxPCOluZDs/E6fY1oOTyFFRxs1ybkLWlsi+ECOQgLEsAA8us6aOQCWDs/mll9fe
b/HkIK8FnVG3uqoDpP832iFk7H95CBoOJw8MH4FgsJ1lGXtWQIxn/2ww4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNBx/xGwIvj2QUHbgi6+ekQxaUbvMB8GA1UdIwQY
MBaAFDlzLc0MNUJhRPnwJnVBed+uvolYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hNdHpRdzFRbUZFLWZBbWRVRjUzNjYtaVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMzcxMDYtZDA4ZC00YWEwLWFjODIt
ZjYwYWYyYTgyMDYwLzEvMEhIX0ViQWktUFpCUWR1Q0xyNTZSREZwUnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMzcxMDYtZDA4ZC00YWEwLWFjODItZjYwYWYyYTgyMDYw
LzEvT1hNdHpRdzFRbUZFLWZBbWRVRjUzNjYtaVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVpMMA0E
AgACMAcDBQMqDLXAMA0GCSqGSIb3DQEBCwUAA4IBAQCGqS8tIT4a7rBrbr6cRUay
f7+A6mBwN6xCDvjH0+QtLKGYcPGFHCpN7bzH09MM9dDkUao1R2xwVgxiwGNg6HsY
kL0bM4GRxSC7SFUVHWOhGGlVvluqbboNxzipN6zQAe8JYvbHeGZxbJRmJFNwX81Y
jOSslwH5X69jgwfeMVKBqdlJESKP/BX1mh+SinWgXZxT9aB10XY26r6cvdqbG9eU
OQPhBqPclR3+WsmYDFSp5YL2tohLKL+McxIKRjXUoJqt2B94yRcOODKPFAQBu3KM
HXzX1vdiN8kTBfw/36alcsL7vI4OZA7223cTr8p+EuchGHV5yPyuqf46bubctcGL
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:20 2024 by rpki-client on console-fra.rpki-client.org