Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/X70NhIndRFdIZspepEU72KviCio.roa
File: X70NhIndRFdIZspepEU72KviCio.roa (raw, json)
Hash identifier: vh6NvL1mOETvdgT5lauJ3v4LTMTlb5d5hYl5RYPrI7c=
Subject key identifier: 5F:BD:0D:84:89:DD:44:57:48:66:CA:5E:A4:45:3B:D8:AB:E2:0A:2A
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 018CC492E1C1E487716A06F827AA78B343B0
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/X70NhIndRFdIZspepEU72KviCio.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 45.147.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e1:c1:e4:87:71:6a:06:f8:27:aa:78:b3:43:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fbd0d8489dd44574866ca5ea4453bd8abe20a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:51:3f:8c:7e:24:3d:39:5d:7b:06:6e:93:82:
65:64:e2:f5:d6:d1:6a:80:50:06:5e:d0:0a:0b:da:
34:30:cb:c0:f6:ed:0c:a9:02:ef:85:39:a5:10:e4:
01:5f:67:1f:3d:d3:50:b9:95:62:bf:1a:4b:c5:e5:
de:13:cf:af:03:b2:04:f0:c6:c6:6e:a6:c5:30:45:
d8:0d:c2:75:6a:13:84:aa:28:33:69:eb:6b:19:48:
fa:0b:7c:bc:78:d5:65:f6:b4:dc:5d:da:36:85:9d:
b4:92:95:dd:02:d0:86:cc:d4:59:9a:b3:c2:30:cc:
96:54:90:4a:56:21:9a:a7:9f:b9:0d:de:09:a8:1f:
4b:46:1f:21:bc:1d:08:1f:58:45:94:53:e4:3a:8c:
fe:57:56:bd:a4:e7:5b:ba:e4:12:e1:09:69:4d:98:
81:e2:1d:3f:83:0d:8a:64:92:7c:3c:5b:3a:c7:54:
a6:b7:42:18:eb:00:e9:18:af:d7:ee:75:c0:69:00:
06:41:de:82:a5:9e:43:3c:72:0e:50:20:1f:04:1b:
34:e9:57:b2:73:92:fc:15:ba:6b:7e:30:40:cf:db:
ad:c2:5c:6b:bd:bf:9a:c9:38:a3:f5:d1:b1:82:53:
4c:ef:74:8c:4d:0e:94:5e:48:80:ae:17:6d:99:ae:
b7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BD:0D:84:89:DD:44:57:48:66:CA:5E:A4:45:3B:D8:AB:E2:0A:2A
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/X70NhIndRFdIZspepEU72KviCio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.62.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:5c:7f:07:db:1f:8d:89:ed:33:b8:70:b4:86:53:ab:3e:60:
10:33:b9:ea:21:3c:5c:21:1a:2f:1a:aa:6c:da:9c:e9:03:66:
e3:08:ad:e8:e6:a5:0f:77:ea:6c:36:f6:a1:77:71:01:3c:f3:
7c:1b:86:02:e9:24:94:2d:3b:23:22:ad:ac:2d:70:84:20:5d:
e7:d6:99:b1:bc:5f:20:cb:90:47:3d:b5:15:0b:2b:ea:ca:36:
de:b9:f1:73:98:e3:8f:ff:6e:a6:42:b3:73:0b:87:7e:1f:ab:
5f:ef:b4:3b:bf:fa:cd:0f:bf:f6:d1:32:68:ab:91:fe:c0:7e:
8e:b6:5e:4c:4a:42:fb:84:01:8f:12:1b:26:de:ba:db:4f:57:
ae:75:61:5a:26:f2:08:f4:8d:3e:02:7d:14:c8:43:e7:5f:69:
27:21:20:75:1b:3e:59:0b:2e:c6:9e:37:cb:08:8f:75:61:4b:
39:f0:d1:fd:de:82:e2:eb:36:59:7b:a6:57:5f:9c:a8:11:c7:
31:81:6d:2e:6e:00:8d:91:ff:fc:a4:d7:00:60:3c:d7:0b:79:
b3:d0:a8:ab:d2:44:70:eb:b9:6a:02:e9:3b:e1:fd:62:7a:19:
d7:3d:a5:c5:b9:58:49:61:5b:68:38:67:52:63:4f:76:05:b9:
6a:7f:37:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkuHB5Idxagb4J6p4s0OwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmJkMGQ4NDg5ZGQ0NDU3NDg2NmNhNWVhNDQ1M2JkOGFiZTIwYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1E/jH4kPTldewZuk4JlZOL11tFq
gFAGXtAKC9o0MMvA9u0MqQLvhTmlEOQBX2cfPdNQuZVivxpLxeXeE8+vA7IE8MbG
bqbFMEXYDcJ1ahOEqigzaetrGUj6C3y8eNVl9rTcXdo2hZ20kpXdAtCGzNRZmrPC
MMyWVJBKViGap5+5Dd4JqB9LRh8hvB0IH1hFlFPkOoz+V1a9pOdbuuQS4QlpTZiB
4h0/gw2KZJJ8PFs6x1Smt0IY6wDpGK/X7nXAaQAGQd6CpZ5DPHIOUCAfBBs06Vey
c5L8FbprfjBAz9utwlxrvb+ayTij9dGxglNM73SMTQ6UXkiArhdtma63nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+9DYSJ3URXSGbKXqRFO9ir4goqMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvWDcwTmhJbmRSRmRJWnNwZXBFVTcyS3ZpQ2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZM+MA0G
CSqGSIb3DQEBCwUAA4IBAQC7XH8H2x+Nie0zuHC0hlOrPmAQM7nqITxcIRovGqps
2pzpA2bjCK3o5qUPd+psNvahd3EBPPN8G4YC6SSULTsjIq2sLXCEIF3n1pmxvF8g
y5BHPbUVCyvqyjbeufFzmOOP/26mQrNzC4d+H6tf77Q7v/rND7/20TJoq5H+wH6O
tl5MSkL7hAGPEhsm3rrbT1eudWFaJvII9I0+An0UyEPnX2knISB1Gz5ZCy7GnjfL
CI91YUs58NH93oLi6zZZe6ZXX5yoEccxgW0ubgCNkf/8pNcAYDzXC3mz0Kir0kRw
67lqAuk74f1iehnXPaXFuVhJYVtoOGdSY092BblqfzeX
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:31:24 2024 by rpki-client on console-fra.rpki-client.org