Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/57b414-5091-4657-a9b4-e9af566f2c14/1/lEkjH1eHejqcCKhaZx8X23fiWT4.roa
File: lEkjH1eHejqcCKhaZx8X23fiWT4.roa (raw, json)
Hash identifier: 933OQ1bQyQKBOMor93Uuf44ryEgGEQhbcB4NcFNrckQ=
Subject key identifier: 94:49:23:1F:57:87:7A:3A:9C:08:A8:5A:67:1F:17:DB:77:E2:59:3E
Certificate issuer: /CN=783f2e92ad59c70c8cdc28b28029e229705c6c91
Certificate serial: 018CC5DC2CF7105EEE3E71FEB9DCE9CCFA77
Authority key identifier: 78:3F:2E:92:AD:59:C7:0C:8C:DC:28:B2:80:29:E2:29:70:5C:6C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eD8ukq1ZxwyM3CiygCniKXBcbJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/57b414-5091-4657-a9b4-e9af566f2c14/1/lEkjH1eHejqcCKhaZx8X23fiWT4.roa
Signing time: Mon 01 Jan 2024 16:29:50 +0000
ROA not before: Mon 01 Jan 2024 16:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 45.143.224.0/24 maxlen: 24
45.143.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/57b414-5091-4657-a9b4-e9af566f2c14/1/eD8ukq1ZxwyM3CiygCniKXBcbJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/57b414-5091-4657-a9b4-e9af566f2c14/1/eD8ukq1ZxwyM3CiygCniKXBcbJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/eD8ukq1ZxwyM3CiygCniKXBcbJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2c:f7:10:5e:ee:3e:71:fe:b9:dc:e9:cc:fa:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=783f2e92ad59c70c8cdc28b28029e229705c6c91
Validity
Not Before: Jan 1 16:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9449231f57877a3a9c08a85a671f17db77e2593e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e7:ad:c5:23:22:71:02:e5:fc:cc:24:2c:ac:
0c:23:3d:fa:71:02:99:2f:02:63:a5:ce:5a:48:a6:
cd:c6:a0:b4:21:94:83:73:3d:18:12:14:23:a4:d7:
8d:72:b8:b7:11:18:20:4c:a5:e2:99:2f:44:09:e2:
49:ba:c5:bc:16:39:1c:0c:93:c9:b0:b2:86:13:b6:
84:52:91:c9:06:88:fe:eb:d2:5d:eb:07:ce:1d:f2:
64:ae:88:03:31:57:73:e7:8d:b1:f6:92:da:bb:96:
fd:a6:6c:dd:1e:9e:7c:93:38:e2:aa:ed:a5:90:85:
02:04:45:8f:cd:f7:c0:8a:e6:fd:28:08:07:f5:f2:
d5:bc:83:36:59:bd:89:51:d4:ff:e9:20:07:36:0c:
91:4b:39:25:13:fe:48:91:26:bd:b9:12:b4:64:54:
ba:78:ce:ff:f1:a6:c7:0d:9e:66:80:f9:70:d8:83:
3c:88:18:e4:79:bf:2c:e6:b4:bc:2e:c2:73:f4:a6:
47:c4:d0:72:2d:3d:d8:ad:3d:32:5d:df:86:42:3b:
19:e0:31:1c:d6:5b:f9:51:fe:f1:c0:04:1b:58:30:
76:7f:a7:8c:1c:3d:33:9d:37:ee:66:5a:2e:12:c8:
35:16:c7:37:41:e6:a1:81:8e:38:f6:6f:a6:b4:c8:
44:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:49:23:1F:57:87:7A:3A:9C:08:A8:5A:67:1F:17:DB:77:E2:59:3E
X509v3 Authority Key Identifier:
keyid:78:3F:2E:92:AD:59:C7:0C:8C:DC:28:B2:80:29:E2:29:70:5C:6C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eD8ukq1ZxwyM3CiygCniKXBcbJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/57b414-5091-4657-a9b4-e9af566f2c14/1/lEkjH1eHejqcCKhaZx8X23fiWT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/57b414-5091-4657-a9b4-e9af566f2c14/1/eD8ukq1ZxwyM3CiygCniKXBcbJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.224.0/23
Signature Algorithm: sha256WithRSAEncryption
af:32:a3:e4:37:4f:fd:0f:2c:90:c7:a8:4d:5d:b8:b5:0a:33:
38:7e:45:2d:4e:9f:30:20:08:48:f3:5c:d6:20:b4:c9:a4:c4:
8f:f3:2b:ef:92:33:0c:b7:db:e4:19:e2:6e:1c:80:f1:e0:63:
32:9d:23:f2:53:ac:6d:51:c0:ba:90:a7:5f:7c:a3:fb:02:a2:
f8:c1:e2:3e:c0:e1:91:06:6a:87:16:c4:6b:5f:3b:ce:fd:d6:
c2:91:75:50:c1:e9:8c:d7:3d:2f:0e:8e:90:ae:b8:fa:19:d1:
24:bf:f6:8c:76:97:d8:47:04:48:7c:49:80:43:8a:37:a8:4d:
8b:d4:0f:b4:29:d9:7a:1f:bb:36:f0:7a:84:3d:71:b5:b0:8d:
2f:a4:2c:d1:3f:38:61:70:4a:40:0c:52:ec:3a:c0:dd:03:b1:
0f:d9:29:61:21:fc:c3:8d:55:e7:52:19:7a:4f:b6:fd:6f:79:
47:97:7d:dd:f4:28:af:66:e6:5b:05:34:a5:ba:a0:e1:17:3f:
6a:a3:2c:d2:91:46:30:b8:6e:82:c1:39:36:ee:a5:aa:fb:e2:
82:d5:43:a5:0d:b6:5c:c9:5f:9f:6c:ee:bc:f2:54:ff:1d:a5:
56:8e:c5:3b:74:bf:72:6c:3c:a2:00:ba:24:46:7e:a6:98:64:
1d:82:34:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Cz3EF7uPnH+udzpzPp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4M2YyZTkyYWQ1OWM3MGM4Y2RjMjhiMjgwMjllMjI5NzA1
YzZjOTEwHhcNMjQwMTAxMTYyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQ5MjMxZjU3ODc3YTNhOWMwOGE4NWE2NzFmMTdkYjc3ZTI1OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeetxSMicQLl/MwkLKwMIz36cQKZ
LwJjpc5aSKbNxqC0IZSDcz0YEhQjpNeNcri3ERggTKXimS9ECeJJusW8FjkcDJPJ
sLKGE7aEUpHJBoj+69Jd6wfOHfJkrogDMVdz542x9pLau5b9pmzdHp58kzjiqu2l
kIUCBEWPzffAiub9KAgH9fLVvIM2Wb2JUdT/6SAHNgyRSzklE/5IkSa9uRK0ZFS6
eM7/8abHDZ5mgPlw2IM8iBjkeb8s5rS8LsJz9KZHxNByLT3YrT0yXd+GQjsZ4DEc
1lv5Uf7xwAQbWDB2f6eMHD0znTfuZlouEsg1Fsc3QeahgY449m+mtMhE4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRJIx9Xh3o6nAioWmcfF9t34lk+MB8GA1UdIwQY
MBaAFHg/LpKtWccMjNwosoAp4ilwXGyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUQ4dWtxMVp4d3lNM0NpeWdDbmlLWEJjYkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81N2I0MTQtNTA5MS00NjU3LWE5YjQt
ZTlhZjU2NmYyYzE0LzEvbEVrakgxZUhlanFjQ0toYVp4OFgyM2ZpV1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81N2I0MTQtNTA5MS00NjU3LWE5YjQtZTlhZjU2NmYyYzE0
LzEvZUQ4dWtxMVp4d3lNM0NpeWdDbmlLWEJjYkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLY/gMA0G
CSqGSIb3DQEBCwUAA4IBAQCvMqPkN0/9DyyQx6hNXbi1CjM4fkUtTp8wIAhI81zW
ILTJpMSP8yvvkjMMt9vkGeJuHIDx4GMynSPyU6xtUcC6kKdffKP7AqL4weI+wOGR
BmqHFsRrXzvO/dbCkXVQwemM1z0vDo6Qrrj6GdEkv/aMdpfYRwRIfEmAQ4o3qE2L
1A+0Kdl6H7s28HqEPXG1sI0vpCzRPzhhcEpADFLsOsDdA7EP2SlhIfzDjVXnUhl6
T7b9b3lHl33d9CivZuZbBTSluqDhFz9qoyzSkUYwuG6CwTk27qWq++KC1UOlDbZc
yV+fbO688lT/HaVWjsU7dL9ybDyiALokRn6mmGQdgjTm
-----END CERTIFICATE-----
Generated at Mon May 20 14:06:23 2024 by rpki-client on console-fra.rpki-client.org