Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/pVmp9_LE34r3wSXVGuZVjD_PqAQ.roa
File: pVmp9_LE34r3wSXVGuZVjD_PqAQ.roa (raw, json)
Hash identifier: B1V3H5Ax20onhpL/sEP1f1gbR9vVvqHjPDUdrmnd0YU=
Subject key identifier: A5:59:A9:F7:F2:C4:DF:8A:F7:C1:25:D5:1A:E6:55:8C:3F:CF:A8:04
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 018CC492E288225F71029585ED3034323264
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/pVmp9_LE34r3wSXVGuZVjD_PqAQ.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46261
IP address blocks: 77.83.44.0/23 maxlen: 23
45.153.239.0/24 maxlen: 24
45.147.63.0/24 maxlen: 24
45.147.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e2:88:22:5f:71:02:95:85:ed:30:34:32:32:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a559a9f7f2c4df8af7c125d51ae6558c3fcfa804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a6:7e:5c:30:c1:4b:11:5e:b1:44:b7:c8:27:
a8:48:da:8c:28:b4:83:63:45:70:86:75:71:b6:37:
eb:cf:98:77:f0:bb:e6:5f:d9:ce:f3:e9:4e:52:4d:
19:02:4e:f6:3c:dc:4a:5f:8a:12:7e:92:78:95:ee:
54:a1:29:a4:4a:f8:93:3e:d2:31:1d:0d:9c:3e:f5:
d9:e0:48:c6:df:ea:78:2c:93:22:eb:73:1f:ba:f1:
5e:85:f9:fe:4f:79:de:02:43:cf:67:cf:1e:a6:39:
fa:f9:a6:54:64:6f:7e:d8:64:71:e6:55:d4:a2:1a:
3e:6b:3a:19:3b:83:0b:98:a7:e8:ab:3e:cc:29:36:
94:98:36:42:cd:d7:f6:29:d5:86:22:a4:7f:7a:e6:
a7:9d:2a:a3:17:4c:12:e6:cc:e6:5f:56:6e:67:da:
6e:7f:b9:6a:54:83:7d:cb:87:26:eb:89:32:c7:64:
e4:9a:49:67:25:90:8b:cc:1f:39:6f:ca:18:ab:ab:
2d:97:07:84:c5:0c:b5:8d:50:c3:5c:9a:3b:a3:31:
23:bd:43:88:df:63:8a:14:ef:bf:fe:7b:ef:01:41:
2f:e0:99:79:5d:20:18:c4:10:6a:64:0f:0c:70:2c:
a8:58:5f:1e:e8:30:fd:06:23:30:e0:da:9f:46:d5:
e8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:59:A9:F7:F2:C4:DF:8A:F7:C1:25:D5:1A:E6:55:8C:3F:CF:A8:04
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/pVmp9_LE34r3wSXVGuZVjD_PqAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.61.0/24
45.147.63.0/24
45.153.239.0/24
77.83.44.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:f8:12:f2:9f:2b:91:17:35:34:15:42:b2:c7:24:3d:9d:c2:
fd:72:a0:56:39:cf:34:15:98:ee:d5:16:58:c0:17:d1:cb:7a:
70:ae:c8:2c:c3:fe:f6:e6:8e:be:8f:37:70:ac:ff:b5:78:31:
e3:b1:5e:b7:d5:30:12:5c:5d:ea:ae:f3:1e:22:a8:fd:42:18:
80:6b:16:c4:ae:bd:15:4a:78:9a:51:0d:d8:4d:c4:d1:93:17:
51:f6:6c:6c:9f:86:5f:8f:8b:41:f6:26:f8:88:51:ff:cf:d6:
af:29:d1:cb:77:b8:ae:f6:d6:19:02:83:82:d2:89:ef:4b:c5:
5c:05:8e:78:a5:1f:bd:ec:e1:f2:e1:12:7a:64:8e:08:62:c0:
e9:f5:12:01:62:da:63:be:87:ac:ec:8b:9b:f5:aa:6b:0c:e3:
14:0d:c2:bc:06:de:c7:cd:ce:af:e3:61:00:bf:c2:d7:01:c2:
26:e1:8e:ac:0d:3a:76:5a:00:5e:61:51:83:f5:1f:fc:ba:84:
7c:a2:81:d1:d1:4b:c8:c6:12:b7:4c:5b:87:8a:68:4d:19:79:
81:fc:de:2a:c6:18:12:53:fd:35:7e:6f:b5:42:c9:d2:bc:cb:
44:01:d5:60:8e:29:8b:7b:b2:8a:0f:13:55:02:40:37:26:3f:
b2:27:7c:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEkuKIIl9xApWF7TA0MjJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTU5YTlmN2YyYzRkZjhhZjdjMTI1ZDUxYWU2NTU4YzNmY2ZhODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6Z+XDDBSxFesUS3yCeoSNqMKLSD
Y0VwhnVxtjfrz5h38LvmX9nO8+lOUk0ZAk72PNxKX4oSfpJ4le5UoSmkSviTPtIx
HQ2cPvXZ4EjG3+p4LJMi63MfuvFehfn+T3neAkPPZ88epjn6+aZUZG9+2GRx5lXU
oho+azoZO4MLmKfoqz7MKTaUmDZCzdf2KdWGIqR/euannSqjF0wS5szmX1ZuZ9pu
f7lqVIN9y4cm64kyx2TkmklnJZCLzB85b8oYq6stlweExQy1jVDDXJo7ozEjvUOI
32OKFO+//nvvAUEv4Jl5XSAYxBBqZA8McCyoWF8e6DD9BiMw4NqfRtXo+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKVZqffyxN+K98El1RrmVYw/z6gEMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvcFZtcDlfTEUzNHIzd1NYVkd1WlZqRF9QcUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZM9AwQA
LZM/AwQALZnvAwQBTVMsMA0GCSqGSIb3DQEBCwUAA4IBAQCg+BLynyuRFzU0FUKy
xyQ9ncL9cqBWOc80FZju1RZYwBfRy3pwrsgsw/725o6+jzdwrP+1eDHjsV631TAS
XF3qrvMeIqj9QhiAaxbErr0VSniaUQ3YTcTRkxdR9mxsn4Zfj4tB9ib4iFH/z9av
KdHLd7iu9tYZAoOC0onvS8VcBY54pR+97OHy4RJ6ZI4IYsDp9RIBYtpjvoes7Iub
9aprDOMUDcK8Bt7Hzc6v42EAv8LXAcIm4Y6sDTp2WgBeYVGD9R/8uoR8ooHR0UvI
xhK3TFuHimhNGXmB/N4qxhgSU/01fm+1QsnSvMtEAdVgjimLe7KKDxNVAkA3Jj+y
J3yx
-----END CERTIFICATE-----
Generated at Tue Apr 30 14:31:04 2024 by rpki-client on console-fra.rpki-client.org