Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/hhwZNeX2yGniDaymhwF-dTbtdbM.roa
File: hhwZNeX2yGniDaymhwF-dTbtdbM.roa (raw, json)
Hash identifier: r60aHVAumfJJcGBMM/7OB5weVpwdXs4yYnEuIzl5WGQ=
Subject key identifier: 86:1C:19:35:E5:F6:C8:69:E2:0D:AC:A6:87:01:7E:75:36:ED:75:B3
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018CC4255981523D04C044B20C9FAD90DFAE
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/hhwZNeX2yGniDaymhwF-dTbtdbM.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40028
IP address blocks: 45.43.87.0/24 maxlen: 24
107.181.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:59:81:52:3d:04:c0:44:b2:0c:9f:ad:90:df:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=861c1935e5f6c869e20daca687017e7536ed75b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:41:c2:a2:9c:6b:0c:5e:22:4d:b0:05:f9:72:
1b:04:a2:f4:b6:c7:8e:ff:4e:54:1a:49:ef:7d:70:
7f:62:83:fd:cd:9c:25:67:a0:0a:82:89:8f:ae:02:
64:39:85:a6:56:83:fb:e3:62:78:15:fe:9d:c2:68:
36:33:1d:9d:73:75:87:2f:ae:4b:59:c9:20:51:fc:
7e:90:18:da:95:6e:fb:2f:94:43:44:ac:3f:14:bd:
56:c9:e4:7a:42:c9:61:9c:68:ed:a7:74:17:3e:ca:
2a:8d:8e:de:68:bc:45:b6:b4:42:d4:29:08:a1:c0:
6f:9f:1b:24:cb:62:e8:51:2b:e8:89:65:7c:dd:4d:
e6:3f:3b:6c:b9:32:8c:11:9f:6e:7d:3b:87:ce:6f:
e7:45:53:dd:30:17:c0:34:7b:06:e5:84:81:5b:12:
8e:f8:d7:3d:e5:2c:59:46:c9:ea:80:38:db:9b:30:
93:e1:33:35:c1:7e:9b:95:0d:e8:b7:22:63:c5:24:
50:33:3c:69:d0:6e:98:f9:02:46:56:f1:86:b0:2e:
3a:27:f2:07:a5:ae:36:8b:d9:d7:06:e0:c6:74:ab:
7f:7e:7a:93:39:88:94:0d:51:1a:92:55:84:c5:ae:
68:66:29:51:43:dc:76:9b:e4:e1:3c:10:4f:e8:50:
80:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1C:19:35:E5:F6:C8:69:E2:0D:AC:A6:87:01:7E:75:36:ED:75:B3
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/hhwZNeX2yGniDaymhwF-dTbtdbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.87.0/24
107.181.150.0/24
Signature Algorithm: sha256WithRSAEncryption
20:05:56:d4:36:44:b6:58:dc:71:d3:1a:b9:51:10:75:57:55:
f7:45:0b:f6:57:09:9b:7c:71:3b:fc:89:2b:68:b4:5d:fe:ed:
c7:27:9a:b2:56:14:01:82:50:be:9c:a0:8e:eb:a1:64:fc:24:
5a:87:65:89:03:81:85:1a:53:a6:22:f1:7b:c2:d7:35:1b:8b:
a3:cf:9c:57:6a:6f:10:4a:78:56:65:11:20:da:f4:11:ab:5c:
3e:25:39:56:e7:5c:a7:0e:0a:80:b2:af:37:57:b9:5c:fe:9f:
a5:5c:1b:8f:86:d6:6d:d3:77:8f:00:4b:c0:3b:ad:90:66:29:
d3:65:2d:fb:dc:75:3a:7e:99:94:93:93:fb:d0:fd:e1:a6:d7:
a3:7b:79:3d:ee:27:3f:33:0b:47:27:fe:82:30:2b:bc:38:a9:
73:1e:0f:2a:60:da:8b:87:3c:e0:f1:97:50:5b:72:d1:42:47:
3d:ed:07:d3:ca:3e:bb:ac:7b:9b:2c:8b:8f:31:a8:98:37:24:
a7:21:45:04:70:84:e5:8a:2a:46:eb:95:08:14:d6:e7:ce:d0:
68:29:13:04:49:16:0c:87:98:ea:4f:56:bc:db:8a:ec:c3:de:
60:d2:16:39:fc:a9:ad:78:96:26:9f:29:27:64:54:42:4b:6c:
01:98:e7:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJVmBUj0EwESyDJ+tkN+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjFjMTkzNWU1ZjZjODY5ZTIwZGFjYTY4NzAxN2U3NTM2ZWQ3NWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkHCopxrDF4iTbAF+XIbBKL0tseO
/05UGknvfXB/YoP9zZwlZ6AKgomPrgJkOYWmVoP742J4Ff6dwmg2Mx2dc3WHL65L
WckgUfx+kBjalW77L5RDRKw/FL1WyeR6QslhnGjtp3QXPsoqjY7eaLxFtrRC1CkI
ocBvnxsky2LoUSvoiWV83U3mPztsuTKMEZ9ufTuHzm/nRVPdMBfANHsG5YSBWxKO
+Nc95SxZRsnqgDjbmzCT4TM1wX6blQ3otyJjxSRQMzxp0G6Y+QJGVvGGsC46J/IH
pa42i9nXBuDGdKt/fnqTOYiUDVEaklWExa5oZilRQ9x2m+ThPBBP6FCA+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIYcGTXl9shp4g2spocBfnU27XWzMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvaGh3Wk5lWDJ5R25pRGF5bWh3Ri1kVGJ0ZGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALStXAwQA
a7WWMA0GCSqGSIb3DQEBCwUAA4IBAQAgBVbUNkS2WNxx0xq5URB1V1X3RQv2Vwmb
fHE7/IkraLRd/u3HJ5qyVhQBglC+nKCO66Fk/CRah2WJA4GFGlOmIvF7wtc1G4uj
z5xXam8QSnhWZREg2vQRq1w+JTlW51ynDgqAsq83V7lc/p+lXBuPhtZt03ePAEvA
O62QZinTZS373HU6fpmUk5P70P3hpteje3k97ic/MwtHJ/6CMCu8OKlzHg8qYNqL
hzzg8ZdQW3LRQkc97QfTyj67rHubLIuPMaiYNySnIUUEcITliipG65UIFNbnztBo
KRMESRYMh5jqT1a824rsw95g0hY5/KmteJYmnyknZFRCS2wBmOe1
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:40:05 2024 by rpki-client on console-ams.rpki-client.org