Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/7M9_tchu8pP4qIilqgQeCeU-Jc8.roa
File: 7M9_tchu8pP4qIilqgQeCeU-Jc8.roa (raw, json)
Hash identifier: eFS5ti0efm87Fwh/Z1sHWg936UPdm6tpWI2uCZCpmtw=
Subject key identifier: EC:CF:7F:B5:C8:6E:F2:93:F8:A8:88:A5:AA:04:1E:09:E5:3E:25:CF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50127419935F1DE85FC5BB9FDDA1F28
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/7M9_tchu8pP4qIilqgQeCeU-Jc8.roa
Signing time: Mon 01 Jan 2024 12:30:36 +0000
ROA not before: Mon 01 Jan 2024 12:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206238
IP address blocks: 45.83.232.0/22 maxlen: 24
45.142.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:27:41:99:35:f1:de:85:fc:5b:b9:fd:da:1f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eccf7fb5c86ef293f8a888a5aa041e09e53e25cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1a:a5:94:9d:2d:23:12:d9:82:70:3e:5d:01:
8c:d6:fd:fd:22:bb:20:38:53:7c:63:65:cd:36:68:
76:b3:25:8c:3e:53:d0:20:30:a3:b1:71:49:e9:65:
b5:3b:bb:43:20:6c:0a:04:85:40:7a:b9:50:75:12:
e2:ae:01:1a:85:55:30:d2:e8:c2:ee:1a:c7:a3:69:
85:82:86:c8:3b:15:4a:c6:a9:0a:27:86:a3:58:17:
34:3e:61:2a:e3:22:7b:31:cd:05:50:e6:f1:26:5c:
75:da:10:1a:72:6b:7b:b1:b8:15:36:9e:50:94:4a:
80:30:07:8d:79:04:00:f8:1d:e0:52:da:93:c7:a0:
20:7c:9f:c5:68:48:85:ca:dd:9c:7f:6c:9f:c1:98:
64:51:6f:3e:61:b6:97:03:b6:a9:6b:51:92:35:48:
07:61:78:3d:4d:67:a0:91:f2:ef:56:9e:d9:29:a6:
ee:3f:84:07:a3:f4:56:c3:87:2d:64:8f:7e:12:4b:
52:e2:12:59:83:8d:33:0e:2c:9f:03:1f:0d:e0:3b:
73:2d:ae:bf:89:c9:98:74:05:27:90:e5:ed:f2:be:
11:52:ba:aa:80:a2:e4:d9:a7:ed:ae:6c:5d:f5:6d:
9d:a7:38:a3:b1:b9:07:92:b8:05:ab:3b:ec:22:41:
df:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CF:7F:B5:C8:6E:F2:93:F8:A8:88:A5:AA:04:1E:09:E5:3E:25:CF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/7M9_tchu8pP4qIilqgQeCeU-Jc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.232.0/22
45.142.232.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:04:a9:b7:3c:8b:f2:6f:ce:5d:2e:0e:ab:85:e8:af:e8:d7:
f3:7f:6f:d6:12:78:a8:fa:9b:0c:1f:f0:a0:03:de:70:7d:cf:
dd:42:19:73:aa:66:0f:7b:91:b3:cb:58:07:ae:2e:0e:b3:15:
8e:c8:9a:4a:7b:dd:8c:69:41:36:49:f3:f2:24:27:63:29:c4:
85:52:6c:de:4b:c4:bf:4a:b5:93:11:e8:9d:71:37:a6:a4:95:
af:9b:0d:ca:ca:18:53:f9:9a:c8:db:29:f2:94:a5:63:4e:4a:
03:a2:94:0a:44:22:3d:d2:3a:e6:61:79:9c:1a:ad:5d:d4:a4:
a9:5b:40:e4:8f:84:54:4a:ab:28:75:7c:5a:8d:2a:f6:51:85:
02:4e:77:85:89:a4:fe:5b:8b:cb:87:ad:7c:70:20:71:62:5a:
49:4b:5d:02:4d:fc:7b:91:9f:32:e1:17:47:62:79:de:a9:24:
ca:f5:99:73:aa:f4:cf:03:16:3b:f2:41:fd:37:ad:00:6d:aa:
a8:7e:bd:2f:0e:5e:b8:f8:4a:49:18:a9:18:fd:c7:20:4c:48:
c7:0f:60:0b:83:bf:85:c0:d1:0a:2c:10:bb:30:f2:df:6b:8d:
e2:a0:e5:bf:14:77:04:23:63:e6:d4:a6:66:cb:68:7b:a5:06:
3d:71:0e:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFASdBmTXx3oX8W7n92h8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2NmN2ZiNWM4NmVmMjkzZjhhODg4YTVhYTA0MWUwOWU1M2UyNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBqllJ0tIxLZgnA+XQGM1v39Irsg
OFN8Y2XNNmh2syWMPlPQIDCjsXFJ6WW1O7tDIGwKBIVAerlQdRLirgEahVUw0ujC
7hrHo2mFgobIOxVKxqkKJ4ajWBc0PmEq4yJ7Mc0FUObxJlx12hAacmt7sbgVNp5Q
lEqAMAeNeQQA+B3gUtqTx6AgfJ/FaEiFyt2cf2yfwZhkUW8+YbaXA7apa1GSNUgH
YXg9TWegkfLvVp7ZKabuP4QHo/RWw4ctZI9+EktS4hJZg40zDiyfAx8N4DtzLa6/
icmYdAUnkOXt8r4RUrqqgKLk2aftrmxd9W2dpzijsbkHkrgFqzvsIkHfOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOzPf7XIbvKT+KiIpaoEHgnlPiXPMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvN005X3RjaHU4cFA0cUlpbHFnUWVDZVUtSmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVPoAwQC
LY7oMA0GCSqGSIb3DQEBCwUAA4IBAQALBKm3PIvyb85dLg6rheiv6Nfzf2/WEnio
+psMH/CgA95wfc/dQhlzqmYPe5Gzy1gHri4OsxWOyJpKe92MaUE2SfPyJCdjKcSF
UmzeS8S/SrWTEeidcTempJWvmw3KyhhT+ZrI2ynylKVjTkoDopQKRCI90jrmYXmc
Gq1d1KSpW0Dkj4RUSqsodXxajSr2UYUCTneFiaT+W4vLh618cCBxYlpJS10CTfx7
kZ8y4RdHYnneqSTK9ZlzqvTPAxY78kH9N60Abaqofr0vDl64+EpJGKkY/ccgTEjH
D2ALg7+FwNEKLBC7MPLfa43ioOW/FHcEI2Pm1KZmy2h7pQY9cQ4Y
-----END CERTIFICATE-----
Generated at Mon May 6 09:03:56 2024 by rpki-client on console-ams.rpki-client.org