Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/0AOj-EjsyvEXu1WvL2PT1O97D8Q.roa
File: 0AOj-EjsyvEXu1WvL2PT1O97D8Q.roa (raw, json)
Hash identifier: wENEWKHy8Bc1NXEJIiWw5rzRYbw2yYc96D9nrQHNHXc=
Subject key identifier: D0:03:A3:F8:48:EC:CA:F1:17:BB:55:AF:2F:63:D3:D4:EF:7B:0F:C4
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018CC6B9319F1F3A42B342BE3F693571304F
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/0AOj-EjsyvEXu1WvL2PT1O97D8Q.roa
Signing time: Mon 01 Jan 2024 20:31:14 +0000
ROA not before: Mon 01 Jan 2024 20:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40065
IP address blocks: 45.142.158.0/23 maxlen: 32
45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.145.72.0/23 maxlen: 32
45.150.226.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:31:9f:1f:3a:42:b3:42:be:3f:69:35:71:30:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 1 20:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d003a3f848eccaf117bb55af2f63d3d4ef7b0fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:06:6a:f7:b4:31:21:56:5a:5a:00:b3:9c:07:
11:34:ec:24:c4:2c:6c:d5:63:52:2b:39:36:9b:fc:
a5:3a:0d:8d:33:f0:4e:d8:4f:57:28:d4:3d:c1:c3:
a1:f5:a1:54:be:98:4c:bd:79:91:ca:43:cc:02:a4:
e8:15:a5:11:66:59:5f:cb:2e:78:db:fc:bd:80:8c:
9c:99:34:34:d7:c2:58:f0:e2:d1:69:02:da:36:b7:
27:0c:50:87:01:37:a4:54:f4:ff:77:89:a9:65:a0:
a4:83:e3:30:b5:f1:6b:6d:ce:96:dc:93:a7:8c:86:
5f:83:61:6a:f4:1e:b0:cb:9a:6d:1a:6d:8c:55:55:
4b:e1:2a:ae:cd:9f:ef:70:35:89:83:20:71:af:13:
b7:e8:d7:53:16:62:fe:85:a2:04:9c:79:82:88:27:
5c:73:c4:00:49:13:05:26:fd:51:24:83:a2:c4:4f:
f8:37:31:50:6c:1b:ac:86:8f:a2:e4:52:10:4b:51:
60:bb:09:16:8c:fe:eb:90:59:32:49:2b:f8:74:84:
b7:51:1b:f9:db:ca:2b:d3:fc:14:f2:66:82:60:e4:
16:97:b9:25:f8:1e:59:9b:5d:ac:97:e4:1a:62:51:
a8:cc:46:82:bf:e0:45:49:6d:0c:2f:ee:24:14:3a:
86:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:03:A3:F8:48:EC:CA:F1:17:BB:55:AF:2F:63:D3:D4:EF:7B:0F:C4
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/0AOj-EjsyvEXu1WvL2PT1O97D8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/23
45.150.226.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:38:35:74:c4:84:d7:0c:d7:ec:12:46:ae:5d:b5:69:2f:95:
b5:9e:98:07:da:89:a8:95:c4:e8:fe:84:51:a8:bf:e9:98:8b:
21:1b:ee:fa:12:50:4d:89:26:76:52:03:98:2f:ed:19:9d:17:
7e:3c:74:21:13:f1:ee:3b:12:4c:6b:d1:f1:b6:b6:3a:fe:ad:
c7:07:63:26:9b:3e:b5:b2:b7:aa:b8:99:ad:b0:ef:15:46:b7:
fd:e9:b9:40:db:44:a2:23:e8:65:41:65:3d:a1:ff:58:d2:46:
98:5c:43:ae:ff:7e:89:2a:1a:dc:1f:e2:28:1f:54:72:51:eb:
3b:6d:ca:fd:f2:2d:47:0c:39:e1:1c:8f:1d:aa:e6:9a:9a:94:
60:97:82:c6:ba:ca:34:3c:13:67:53:e1:b6:63:9c:12:6d:fe:
1e:d5:d7:f0:e0:29:f2:86:64:93:e2:8e:77:6f:54:65:bf:fb:
79:07:17:0b:80:27:f7:40:57:9b:aa:db:5c:97:9b:65:71:bb:
c8:49:cd:82:9f:60:77:56:1b:9e:2c:73:7d:95:82:07:b5:6d:
d8:aa:ac:89:ac:11:ce:ad:f0:d3:51:1b:f4:b9:4b:25:88:7f:
54:77:6b:d1:ca:2b:a6:68:53:46:6e:2e:fc:51:46:02:40:1b:
a5:0d:5f:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuTGfHzpCs0K+P2k1cTBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMTAxMjAzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDAzYTNmODQ4ZWNjYWYxMTdiYjU1YWYyZjYzZDNkNGVmN2IwZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AZq97QxIVZaWgCznAcRNOwkxCxs
1WNSKzk2m/ylOg2NM/BO2E9XKNQ9wcOh9aFUvphMvXmRykPMAqToFaURZllfyy54
2/y9gIycmTQ018JY8OLRaQLaNrcnDFCHATekVPT/d4mpZaCkg+MwtfFrbc6W3JOn
jIZfg2Fq9B6wy5ptGm2MVVVL4SquzZ/vcDWJgyBxrxO36NdTFmL+haIEnHmCiCdc
c8QASRMFJv1RJIOixE/4NzFQbBusho+i5FIQS1FguwkWjP7rkFkySSv4dIS3URv5
28or0/wU8maCYOQWl7kl+B5Zm12sl+QaYlGozEaCv+BFSW0ML+4kFDqGmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNADo/hI7MrxF7tVry9j09Tvew/EMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvMEFPai1FanN5dkVYdTFXdkwyUFQxTzk3RDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY6cAwQB
LZFIAwQBLZbiMA0GCSqGSIb3DQEBCwUAA4IBAQC/ODV0xITXDNfsEkauXbVpL5W1
npgH2omolcTo/oRRqL/pmIshG+76ElBNiSZ2UgOYL+0ZnRd+PHQhE/HuOxJMa9Hx
trY6/q3HB2Mmmz61srequJmtsO8VRrf96blA20SiI+hlQWU9of9Y0kaYXEOu/36J
KhrcH+IoH1RyUes7bcr98i1HDDnhHI8dquaampRgl4LGuso0PBNnU+G2Y5wSbf4e
1dfw4CnyhmST4o53b1Rlv/t5BxcLgCf3QFebqttcl5tlcbvISc2Cn2B3VhueLHN9
lYIHtW3YqqyJrBHOrfDTURv0uUsliH9Ud2vRyiumaFNGbi78UUYCQBulDV9c
-----END CERTIFICATE-----
Generated at Sat May 4 03:11:23 2024 by rpki-client on console-fra.rpki-client.org