Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/MIDXNSWjIhULQb8E4WP1UboAY9U.roa
File: MIDXNSWjIhULQb8E4WP1UboAY9U.roa (raw, json)
Hash identifier: C7qbLjUtcbapVvbxb1un9lYjbiieubM8Ywh3jGsbkDM=
Subject key identifier: 30:80:D7:35:25:A3:22:15:0B:41:BF:04:E1:63:F5:51:BA:00:63:D5
Certificate issuer: /CN=b5f19eb0dd48e1b24924908bb5b6848cc1678546
Certificate serial: 018CC56E1E3A076A6518A26B0B33C99AD1EB
Authority key identifier: B5:F1:9E:B0:DD:48:E1:B2:49:24:90:8B:B5:B6:84:8C:C1:67:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfGesN1I4bJJJJCLtbaEjMFnhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/MIDXNSWjIhULQb8E4WP1UboAY9U.roa
Signing time: Mon 01 Jan 2024 14:29:37 +0000
ROA not before: Mon 01 Jan 2024 14:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.136.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/tfGesN1I4bJJJJCLtbaEjMFnhUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/tfGesN1I4bJJJJCLtbaEjMFnhUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/tfGesN1I4bJJJJCLtbaEjMFnhUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1e:3a:07:6a:65:18:a2:6b:0b:33:c9:9a:d1:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5f19eb0dd48e1b24924908bb5b6848cc1678546
Validity
Not Before: Jan 1 14:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3080d73525a322150b41bf04e163f551ba0063d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:20:47:0d:de:aa:08:c5:88:fe:97:6d:1f:ce:
79:4b:26:a4:15:df:6a:a4:ac:40:e3:e3:aa:f3:01:
52:72:71:f1:29:5c:5b:7b:8c:6f:a9:cb:d4:d3:d7:
67:81:d2:4b:ce:d6:bd:c9:ad:b3:26:24:f9:92:61:
a3:ec:80:ca:1f:6f:ed:2b:c1:de:3e:82:26:39:a1:
c7:c5:16:32:4f:f1:63:71:67:0a:14:2c:09:9f:6f:
58:b9:10:44:d5:a7:33:72:23:96:3b:d4:1e:e8:05:
e9:2d:6a:51:72:dd:a2:1a:b7:a1:3c:d8:7c:71:be:
b2:e3:93:8d:5e:21:1f:93:bb:06:eb:80:21:99:b6:
95:e7:d7:9d:44:22:6e:21:93:16:fe:7a:92:24:52:
17:d0:64:54:b1:c2:da:56:40:1c:e6:d0:c0:f9:c7:
6f:77:1b:fe:25:65:07:da:5b:8a:45:96:d7:00:21:
ee:35:50:81:ed:fd:1a:3e:09:70:6b:d1:dd:d8:e2:
f8:8f:9a:82:55:17:b0:3d:57:7c:fd:96:89:33:e9:
7c:6e:83:3a:26:49:a7:8a:8e:4b:c3:0e:a1:2d:ca:
d0:a6:ac:19:57:86:c3:c1:9a:39:55:bf:3f:66:5a:
60:4d:6c:f3:c3:4f:fe:52:5e:eb:85:0b:a7:39:fd:
08:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:80:D7:35:25:A3:22:15:0B:41:BF:04:E1:63:F5:51:BA:00:63:D5
X509v3 Authority Key Identifier:
keyid:B5:F1:9E:B0:DD:48:E1:B2:49:24:90:8B:B5:B6:84:8C:C1:67:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfGesN1I4bJJJJCLtbaEjMFnhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/MIDXNSWjIhULQb8E4WP1UboAY9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/ce001b-a4d8-4f0e-831d-35c66d7c5260/1/tfGesN1I4bJJJJCLtbaEjMFnhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.240.0/22
Signature Algorithm: sha256WithRSAEncryption
49:16:21:85:3e:a3:71:70:2f:1c:db:b8:30:37:93:30:da:1a:
1c:51:4e:56:22:35:06:47:df:0f:fc:f6:8a:74:0a:2a:ac:2c:
00:ea:1f:e7:6b:8e:fd:82:d5:3e:cf:97:81:13:de:55:fa:b7:
9f:7d:28:93:02:01:60:a0:05:ad:1d:1b:a5:98:44:d4:6b:9d:
55:1d:fc:36:fc:3e:f8:ca:44:41:41:b2:de:43:ab:31:35:dd:
5b:fd:31:c8:29:b8:5d:c7:87:e1:2f:4a:83:30:85:72:27:63:
fe:fd:2f:71:07:bb:97:b4:d7:8f:0d:88:13:23:06:48:d1:8a:
01:80:32:32:57:51:1a:d9:8c:88:43:2c:a0:a2:3c:76:e3:c2:
03:44:cf:cc:a1:b9:52:1e:db:06:99:7e:b5:26:82:34:0a:e4:
04:7f:09:50:50:87:64:72:79:03:1e:37:7f:78:e5:b9:b8:14:
c1:7c:14:ea:ea:be:96:28:7a:1a:ac:78:a2:96:71:9a:f8:30:
fe:f1:83:4f:36:27:e4:d9:bf:3a:05:ec:e8:f8:f4:1c:b5:de:
f7:8b:2b:c9:b1:c7:4c:4f:ac:0c:be:32:8f:f1:a5:69:8f:e4:
4e:14:8d:86:35:01:29:63:6c:18:67:ef:67:fa:24:43:44:fb:
b6:88:bb:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbh46B2plGKJrCzPJmtHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ZjE5ZWIwZGQ0OGUxYjI0OTI0OTA4YmI1YjY4NDhjYzE2
Nzg1NDYwHhcNMjQwMTAxMTQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDgwZDczNTI1YTMyMjE1MGI0MWJmMDRlMTYzZjU1MWJhMDA2M2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyBHDd6qCMWI/pdtH855SyakFd9q
pKxA4+Oq8wFScnHxKVxbe4xvqcvU09dngdJLzta9ya2zJiT5kmGj7IDKH2/tK8He
PoImOaHHxRYyT/FjcWcKFCwJn29YuRBE1aczciOWO9Qe6AXpLWpRct2iGrehPNh8
cb6y45ONXiEfk7sG64AhmbaV59edRCJuIZMW/nqSJFIX0GRUscLaVkAc5tDA+cdv
dxv+JWUH2luKRZbXACHuNVCB7f0aPglwa9Hd2OL4j5qCVRewPVd8/ZaJM+l8boM6
Jkmnio5Lww6hLcrQpqwZV4bDwZo5Vb8/ZlpgTWzzw0/+Ul7rhQunOf0IPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCA1zUloyIVC0G/BOFj9VG6AGPVMB8GA1UdIwQY
MBaAFLXxnrDdSOGySSSQi7W2hIzBZ4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGZHZXNOMUk0YkpKSkpDTHRiYUVqTUZuaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jZTAwMWItYTRkOC00ZjBlLTgzMWQt
MzVjNjZkN2M1MjYwLzEvTUlEWE5TV2pJaFVMUWI4RTRXUDFVYm9BWTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jZTAwMWItYTRkOC00ZjBlLTgzMWQtMzVjNjZkN2M1MjYw
LzEvdGZHZXNOMUk0YkpKSkpDTHRiYUVqTUZuaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYjwMA0G
CSqGSIb3DQEBCwUAA4IBAQBJFiGFPqNxcC8c27gwN5Mw2hocUU5WIjUGR98P/PaK
dAoqrCwA6h/na479gtU+z5eBE95V+reffSiTAgFgoAWtHRulmETUa51VHfw2/D74
ykRBQbLeQ6sxNd1b/THIKbhdx4fhL0qDMIVyJ2P+/S9xB7uXtNePDYgTIwZI0YoB
gDIyV1Ea2YyIQyygojx248IDRM/MoblSHtsGmX61JoI0CuQEfwlQUIdkcnkDHjd/
eOW5uBTBfBTq6r6WKHoarHiilnGa+DD+8YNPNifk2b86Bezo+PQctd73iyvJscdM
T6wMvjKP8aVpj+ROFI2GNQEpY2wYZ+9n+iRDRPu2iLvD
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:35:06 2024 by rpki-client on console-ams.rpki-client.org