Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/Qldu5XIlS7iSFOWMVyNKARo1dQI.roa
File: Qldu5XIlS7iSFOWMVyNKARo1dQI.roa (raw, json)
Hash identifier: W0XA9aoegPuEssIL62UnUwZLoaRy+OE+vaB7L8hCjKQ=
Subject key identifier: 42:57:6E:E5:72:25:4B:B8:92:14:E5:8C:57:23:4A:01:1A:35:75:02
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018CC5DD1386355CE1D247F3124DFF0EE1B2
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/Qldu5XIlS7iSFOWMVyNKARo1dQI.roa
Signing time: Mon 01 Jan 2024 16:30:49 +0000
ROA not before: Mon 01 Jan 2024 16:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41270
IP address blocks: 45.133.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:13:86:35:5c:e1:d2:47:f3:12:4d:ff:0e:e1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 16:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42576ee572254bb89214e58c57234a011a357502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6f:e9:60:53:69:ae:78:b3:82:0f:7f:a4:9a:
87:f5:d9:38:32:d8:30:8a:99:7b:1e:a7:e8:39:18:
a4:5a:4a:ce:e2:1a:c5:c6:ca:14:79:bf:be:f4:92:
92:60:ec:34:d7:de:69:85:d4:92:b8:3f:9e:ee:e9:
9b:6d:79:c8:fa:76:8e:c8:1c:c4:cb:c6:27:a6:f3:
0c:40:ca:d6:09:b4:a8:67:67:4d:68:9f:37:81:7d:
ee:e9:d1:a6:5f:a9:67:f8:5d:88:2f:9d:3f:6c:15:
78:60:4e:6b:ce:38:84:b0:1b:eb:1a:e7:41:44:69:
a3:ee:fc:24:7e:ff:61:59:1f:fb:43:86:69:21:ab:
85:77:13:08:0f:8b:15:1f:76:b0:29:da:e0:31:0b:
e7:41:81:3c:73:25:46:89:03:39:56:7e:f9:0e:0f:
07:c0:fc:62:4b:9b:68:45:9d:ef:56:ee:19:2c:7c:
88:0b:f6:99:96:a5:c9:9e:2f:d7:18:d6:23:45:74:
39:45:63:f6:b0:46:19:74:d2:55:c0:06:ad:d4:c2:
95:b0:12:cb:74:a8:bb:b7:14:88:50:48:61:6b:78:
7b:dc:c2:51:0f:6a:98:fd:aa:1c:df:a3:c7:d2:e0:
b4:72:5c:f9:e4:9f:2e:99:31:79:48:93:6d:e8:51:
e9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:57:6E:E5:72:25:4B:B8:92:14:E5:8C:57:23:4A:01:1A:35:75:02
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/Qldu5XIlS7iSFOWMVyNKARo1dQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.153.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:8c:fd:ec:f8:ab:9c:c3:82:52:e5:a2:9f:71:af:ba:71:ed:
48:b1:b7:de:6a:32:28:e2:b4:fa:75:0a:2d:d1:b5:d1:03:90:
7e:b0:71:02:6d:6d:6b:b7:74:16:2e:bc:d0:b9:d5:d9:8b:fd:
cb:24:45:3c:e8:72:d0:23:c3:98:55:cb:eb:45:33:e8:5e:30:
32:2d:d1:a3:2f:12:1c:5e:c8:f9:6d:96:9e:cb:4e:cf:f6:0b:
c3:25:12:0b:5e:1a:58:71:d8:95:4d:42:e0:d5:ba:13:f0:4a:
61:80:e4:c7:d6:56:51:4e:15:6e:c2:1e:90:b7:69:72:b3:1f:
a0:fc:bd:20:e6:b3:de:60:39:d7:fd:d5:94:b4:55:d0:75:64:
96:4c:42:d9:35:a4:e3:14:94:94:3f:0b:25:ff:0d:31:d6:76:
66:da:8c:6a:95:19:f1:cb:d4:af:08:53:3c:fd:24:4a:34:58:
07:a4:02:6e:b5:d3:f8:5c:3e:42:72:90:24:12:62:cc:d3:49:
72:d9:d1:87:fa:b8:bd:34:a7:2d:e1:49:42:9e:55:51:12:41:
5d:67:36:8a:e3:1f:84:56:d4:8a:94:47:dd:b5:15:1f:08:3f:
47:29:df:24:84:ab:36:7d:3d:43:d4:74:fb:11:80:4f:5a:1d:
47:0b:83:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3ROGNVzh0kfzEk3/DuGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwMTAxMTYzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjU3NmVlNTcyMjU0YmI4OTIxNGU1OGM1NzIzNGEwMTFhMzU3NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2/pYFNprnizgg9/pJqH9dk4Mtgw
ipl7HqfoORikWkrO4hrFxsoUeb++9JKSYOw0195phdSSuD+e7umbbXnI+naOyBzE
y8YnpvMMQMrWCbSoZ2dNaJ83gX3u6dGmX6ln+F2IL50/bBV4YE5rzjiEsBvrGudB
RGmj7vwkfv9hWR/7Q4ZpIauFdxMID4sVH3awKdrgMQvnQYE8cyVGiQM5Vn75Dg8H
wPxiS5toRZ3vVu4ZLHyIC/aZlqXJni/XGNYjRXQ5RWP2sEYZdNJVwAat1MKVsBLL
dKi7txSIUEhha3h73MJRD2qY/aoc36PH0uC0clz55J8umTF5SJNt6FHpCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJXbuVyJUu4khTljFcjSgEaNXUCMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvUWxkdTVYSWxTN2lTRk9XTVZ5TktBUm8xZFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYWZMA0G
CSqGSIb3DQEBCwUAA4IBAQCujP3s+Kucw4JS5aKfca+6ce1IsbfeajIo4rT6dQot
0bXRA5B+sHECbW1rt3QWLrzQudXZi/3LJEU86HLQI8OYVcvrRTPoXjAyLdGjLxIc
Xsj5bZaey07P9gvDJRILXhpYcdiVTULg1boT8EphgOTH1lZRThVuwh6Qt2lysx+g
/L0g5rPeYDnX/dWUtFXQdWSWTELZNaTjFJSUPwsl/w0x1nZm2oxqlRnxy9SvCFM8
/SRKNFgHpAJutdP4XD5CcpAkEmLM00ly2dGH+ri9NKct4UlCnlVREkFdZzaK4x+E
VtSKlEfdtRUfCD9HKd8khKs2fT1D1HT7EYBPWh1HC4M8
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:21:44 2024 by rpki-client on console-ams.rpki-client.org