Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/FLdWmUBhfViquL2lJBcNfP17ubc.roa
File: FLdWmUBhfViquL2lJBcNfP17ubc.roa (raw, json)
Hash identifier: Hm156U4yLqfdZlB42oAbkyK0P0XYyJIRO3iOeuXXvmM=
Subject key identifier: 14:B7:56:99:40:61:7D:58:AA:B8:BD:A5:24:17:0D:7C:FD:7B:B9:B7
Certificate issuer: /CN=33358b451ee0fe85b004a0564f8310fb211c95fa
Certificate serial: 018CC64A42A4C687ADBC8BA818D2F2301DB0
Authority key identifier: 33:35:8B:45:1E:E0:FE:85:B0:04:A0:56:4F:83:10:FB:21:1C:95:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/FLdWmUBhfViquL2lJBcNfP17ubc.roa
Signing time: Mon 01 Jan 2024 18:30:04 +0000
ROA not before: Mon 01 Jan 2024 18:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64425
IP address blocks: 45.148.121.0/24 maxlen: 24
45.148.122.0/24 maxlen: 24
2a0f:5e05::/32 maxlen: 32
2a0f:5e03::/32 maxlen: 32
2a0f:5e07::/32 maxlen: 32
2a0f:5e01::/32 maxlen: 32
2a0f:5e04::/32 maxlen: 32
2a0f:5e02::/32 maxlen: 32
2a0f:5e00::/32 maxlen: 32
2a0f:5e06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/MzWLRR7g_oWwBKBWT4MQ-yEclfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/MzWLRR7g_oWwBKBWT4MQ-yEclfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:42:a4:c6:87:ad:bc:8b:a8:18:d2:f2:30:1d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33358b451ee0fe85b004a0564f8310fb211c95fa
Validity
Not Before: Jan 1 18:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14b7569940617d58aab8bda524170d7cfd7bb9b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4b:c6:65:14:4a:a5:22:a9:b0:49:37:76:68:
21:77:59:6a:89:86:46:eb:8a:4a:28:56:86:87:44:
75:b3:81:c9:f6:88:d6:f8:fb:d8:53:f7:f1:83:ca:
73:1c:a9:4c:92:39:95:17:82:00:86:c1:a1:1b:c0:
34:a4:ad:7d:cc:d8:d6:ff:33:fa:52:a4:89:3a:72:
29:1d:83:9e:06:57:90:ef:5d:3f:b1:cf:2c:65:e9:
c2:c5:4d:7c:33:65:76:e4:cd:50:f8:d5:98:8b:65:
28:65:90:09:ad:bb:82:f5:e8:4e:f4:4e:5f:92:23:
94:d9:41:ff:a8:9e:45:3b:5d:11:15:9d:b3:83:30:
a3:93:42:b9:b8:f1:9e:9d:dd:a8:31:af:8d:8b:41:
05:ad:c7:d5:22:e0:dd:b2:6e:07:f7:cf:f1:d7:b9:
d1:6d:65:4f:aa:f9:03:39:c3:46:c0:f9:b1:b1:31:
ab:b5:0d:2a:2b:88:04:b1:47:3d:b7:99:a8:3b:13:
46:84:fe:4c:11:ce:c1:72:3c:97:1c:0b:e6:df:df:
2e:86:9a:00:d8:d2:5c:62:92:c3:1b:b6:0b:09:42:
b7:69:31:c3:fd:d2:41:04:05:15:52:f3:8a:f3:63:
69:5a:26:e4:62:4d:e5:3b:fd:10:81:8b:e7:25:60:
6e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B7:56:99:40:61:7D:58:AA:B8:BD:A5:24:17:0D:7C:FD:7B:B9:B7
X509v3 Authority Key Identifier:
keyid:33:35:8B:45:1E:E0:FE:85:B0:04:A0:56:4F:83:10:FB:21:1C:95:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/FLdWmUBhfViquL2lJBcNfP17ubc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/MzWLRR7g_oWwBKBWT4MQ-yEclfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.121.0-45.148.122.255
IPv6:
2a0f:5e00::/29
Signature Algorithm: sha256WithRSAEncryption
1f:81:45:50:01:25:24:24:53:ae:1d:1c:0b:0a:e5:94:1e:de:
3d:c5:f3:e1:b0:d9:b0:bf:5f:f6:d6:dd:66:07:65:49:66:60:
65:0f:49:cd:9b:a3:f3:58:c3:53:28:c1:0c:e3:13:8d:5b:51:
39:0b:11:c6:09:fe:52:a7:5c:83:ae:cc:7b:a1:f8:08:30:3c:
cd:14:0b:da:97:d6:45:f1:3f:9f:5b:b8:6b:05:b7:6b:a2:47:
fd:cb:93:47:fb:6c:c8:a6:47:67:c1:eb:df:53:9f:36:ab:37:
65:f6:6c:42:d5:bc:8f:85:b0:06:e7:0c:62:ed:c3:76:d6:d2:
38:08:a1:76:99:28:f7:b7:5b:bd:9c:fc:c8:1b:a3:d7:32:e7:
e1:8e:30:34:74:b5:d2:2f:64:c7:8e:0c:ff:95:2f:be:87:b6:
de:fb:76:34:17:b0:31:59:55:e9:34:b0:21:bb:b2:b6:5e:44:
1c:f7:0a:d5:fc:f9:24:3d:a4:f4:d1:db:47:da:90:42:05:ce:
93:02:cf:4a:29:c9:2b:24:31:04:19:9b:24:4a:10:70:c5:52:
f5:d8:34:61:1e:3e:26:aa:e6:79:c9:42:62:e2:dd:8e:f2:a2:
74:c4:46:9e:7d:86:bd:27:8b:0c:17:b1:b8:36:66:5f:35:fe:
8f:6e:8c:8c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGSkKkxoetvIuoGNLyMB2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzU4YjQ1MWVlMGZlODViMDA0YTA1NjRmODMxMGZiMjEx
Yzk1ZmEwHhcNMjQwMTAxMTgzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGI3NTY5OTQwNjE3ZDU4YWFiOGJkYTUyNDE3MGQ3Y2ZkN2JiOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUvGZRRKpSKpsEk3dmghd1lqiYZG
64pKKFaGh0R1s4HJ9ojW+PvYU/fxg8pzHKlMkjmVF4IAhsGhG8A0pK19zNjW/zP6
UqSJOnIpHYOeBleQ710/sc8sZenCxU18M2V25M1Q+NWYi2UoZZAJrbuC9ehO9E5f
kiOU2UH/qJ5FO10RFZ2zgzCjk0K5uPGend2oMa+Ni0EFrcfVIuDdsm4H98/x17nR
bWVPqvkDOcNGwPmxsTGrtQ0qK4gEsUc9t5moOxNGhP5MEc7BcjyXHAvm398uhpoA
2NJcYpLDG7YLCUK3aTHD/dJBBAUVUvOK82NpWibkYk3lO/0QgYvnJWBuVQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBS3VplAYX1Yqri9pSQXDXz9e7m3MB8GA1UdIwQY
MBaAFDM1i0Ue4P6FsASgVk+DEPshHJX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpXTFJSN2dfb1d3QktCV1Q0TVEteUVjbGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85ZjE4ZjgtOTZjNC00YjIzLTkzMWYt
ZDVmMDQ3YzI5MTkwLzEvRkxkV21VQmhmVmlxdUwybEpCY05mUDE3dWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85ZjE4ZjgtOTZjNC00YjIzLTkzMWYtZDVmMDQ3YzI5MTkw
LzEvTXpXTFJSN2dfb1d3QktCV1Q0TVEteUVjbGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAAtlHkD
BAAtlHowDQQCAAIwBwMFAyoPXgAwDQYJKoZIhvcNAQELBQADggEBAB+BRVABJSQk
U64dHAsK5ZQe3j3F8+Gw2bC/X/bW3WYHZUlmYGUPSc2bo/NYw1MowQzjE41bUTkL
EcYJ/lKnXIOuzHuh+AgwPM0UC9qX1kXxP59buGsFt2uiR/3Lk0f7bMimR2fB699T
nzarN2X2bELVvI+FsAbnDGLtw3bW0jgIoXaZKPe3W72c/Mgbo9cy5+GOMDR0tdIv
ZMeODP+VL76Htt77djQXsDFZVek0sCG7srZeRBz3CtX8+SQ9pPTR20fakEIFzpMC
z0opySskMQQZmyRKEHDFUvXYNGEePiaq5nnJQmLi3Y7yonTERp59hr0niwwXsbg2
Zl81/o9ujIw=
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:25:14 2024 by rpki-client on console-ams.rpki-client.org