Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/PLx4rj98cMNbH-J-FjWFR_p1hhQ.roa
File: PLx4rj98cMNbH-J-FjWFR_p1hhQ.roa (raw, json)
Hash identifier: fwTWx0P4CSo1sNLLQblnyhxPlhs8yHEKYJQZvbwwx/Y=
Subject key identifier: 3C:BC:78:AE:3F:7C:70:C3:5B:1F:E2:7E:16:35:85:47:FA:75:86:14
Certificate issuer: /CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Certificate serial: 018CC8DEEF3EEF61FAB0187C257C68CC3794
Authority key identifier: 67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/PLx4rj98cMNbH-J-FjWFR_p1hhQ.roa
Signing time: Tue 02 Jan 2024 06:31:42 +0000
ROA not before: Tue 02 Jan 2024 06:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211552
IP address blocks: 74.220.16.0/21 maxlen: 21
45.157.1.0/24 maxlen: 24
2a10:c881::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ef:3e:ef:61:fa:b0:18:7c:25:7c:68:cc:37:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00
Validity
Not Before: Jan 2 06:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cbc78ae3f7c70c35b1fe27e16358547fa758614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:07:ea:9c:33:1f:96:db:29:2c:35:38:dd:8d:
cf:ca:d8:19:c4:cc:76:ea:8d:db:96:0d:82:22:16:
c9:20:dd:62:f7:9c:f9:0e:f4:4b:58:6d:34:c6:4a:
6c:b4:fb:5e:3c:06:43:c2:04:ea:95:b6:f4:30:43:
ed:94:7e:a3:90:9b:9e:6c:d5:79:ba:c4:fb:9f:a4:
1c:e9:30:98:2b:c7:53:df:2e:28:c6:e9:64:c2:b3:
71:e4:a5:4f:cb:d0:ca:f3:b6:aa:cd:d3:31:83:f9:
cb:e0:73:65:fe:2f:c2:cf:ab:af:37:f4:91:ac:1b:
7d:4a:73:20:4c:c3:87:5a:9e:69:45:19:3c:a9:de:
41:53:66:93:73:d9:90:98:7f:1c:5f:e9:83:b4:f0:
f0:08:ff:ae:3b:db:18:c7:c0:ae:e2:95:78:29:38:
12:e3:42:6f:7b:e9:e5:41:07:5f:18:48:83:3c:f2:
6b:b7:0d:85:8b:9c:07:6d:0f:4f:9d:c3:88:16:8a:
cd:7e:12:7b:ac:fd:5d:b8:cb:d0:72:77:f0:fe:0b:
4b:12:9e:55:b1:d1:7d:04:eb:d8:78:74:e6:4b:eb:
1a:59:d9:da:05:f5:a2:45:e2:ec:09:56:0b:58:d3:
f6:da:06:de:7a:ea:70:a6:bc:33:a5:7c:00:98:9f:
aa:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:BC:78:AE:3F:7C:70:C3:5B:1F:E2:7E:16:35:85:47:FA:75:86:14
X509v3 Authority Key Identifier:
keyid:67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/PLx4rj98cMNbH-J-FjWFR_p1hhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.1.0/24
74.220.16.0/21
IPv6:
2a10:c881::/32
Signature Algorithm: sha256WithRSAEncryption
63:36:8a:e6:09:07:56:42:45:0e:8a:50:dc:ab:46:c5:f7:43:
37:b4:72:d3:f7:23:6b:0b:04:96:17:d5:e8:19:6b:e7:83:8e:
a3:f5:5e:7c:4b:04:38:0c:ed:2d:66:9d:d4:0c:c7:98:90:01:
d8:77:47:95:00:6f:d1:78:60:c9:97:1d:8f:b8:47:a4:46:72:
77:a0:4b:e8:7f:70:31:14:dc:54:69:72:71:52:5c:8c:e2:6d:
f0:48:18:7f:57:77:bd:8d:6d:4a:ff:56:ed:90:ca:98:50:da:
57:12:94:3a:7d:b2:db:52:25:9c:2b:53:d8:87:d5:de:ee:8e:
af:32:fb:e9:a3:31:9b:91:e2:f0:e7:c7:8f:af:25:2f:c4:7d:
15:bf:2c:d4:e4:3b:1d:7f:bc:e1:cc:b1:5c:64:52:c6:ec:7a:
e5:64:27:77:41:a6:da:de:f0:df:38:99:dc:50:92:e0:e3:52:
44:1b:ec:57:83:09:61:6c:4b:73:4c:5c:ac:7e:53:81:17:9d:
55:26:bb:3b:26:7e:2b:5b:5d:62:d1:42:f5:77:7c:8a:ef:ca:
a5:96:d7:63:15:dd:36:7b:ee:7d:09:03:4a:d3:4c:aa:37:bd:
1c:22:57:e6:7a:63:39:67:a7:b2:f7:48:ee:81:b7:4f:38:4c:
88:50:8a:ae
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3u8+72H6sBh8JXxozDeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTI0YzcyODRlZjQ4ODdlNDVkNGNjZDliZGU2NzljZDlh
YjRmMDAwHhcNMjQwMTAyMDYzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2JjNzhhZTNmN2M3MGMzNWIxZmUyN2UxNjM1ODU0N2ZhNzU4NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAfqnDMfltspLDU43Y3PytgZxMx2
6o3blg2CIhbJIN1i95z5DvRLWG00xkpstPtePAZDwgTqlbb0MEPtlH6jkJuebNV5
usT7n6Qc6TCYK8dT3y4oxulkwrNx5KVPy9DK87aqzdMxg/nL4HNl/i/Cz6uvN/SR
rBt9SnMgTMOHWp5pRRk8qd5BU2aTc9mQmH8cX+mDtPDwCP+uO9sYx8Cu4pV4KTgS
40Jve+nlQQdfGEiDPPJrtw2Fi5wHbQ9PncOIForNfhJ7rP1duMvQcnfw/gtLEp5V
sdF9BOvYeHTmS+saWdnaBfWiReLsCVYLWNP22gbeeupwprwzpXwAmJ+q5wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDy8eK4/fHDDWx/ifhY1hUf6dYYUMB8GA1UdIwQY
MBaAFGfiTHKE70iH5F1MzZveZ5zZq08AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzct
MDM3NWE5YzMyYjAwLzEvUEx4NHJqOThjTU5iSC1KLUZqV0ZSX3AxaGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzctMDM3NWE5YzMyYjAw
LzEvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALZ0BAwQD
StwQMA0EAgACMAcDBQAqEMiBMA0GCSqGSIb3DQEBCwUAA4IBAQBjNormCQdWQkUO
ilDcq0bF90M3tHLT9yNrCwSWF9XoGWvng46j9V58SwQ4DO0tZp3UDMeYkAHYd0eV
AG/ReGDJlx2PuEekRnJ3oEvof3AxFNxUaXJxUlyM4m3wSBh/V3e9jW1K/1btkMqY
UNpXEpQ6fbLbUiWcK1PYh9Xe7o6vMvvpozGbkeLw58ePryUvxH0VvyzU5Dsdf7zh
zLFcZFLG7HrlZCd3Qaba3vDfOJncUJLg41JEG+xXgwlhbEtzTFysflOBF51VJrs7
Jn4rW11i0UL1d3yK78qlltdjFd02e+59CQNK00yqN70cIlfmemM5Z6ey90jugbdP
OEyIUIqu
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:32:27 2024 by rpki-client on console-fra.rpki-client.org