Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/63e5a5-5d4f-43ee-af70-dc73f9d9be29/1/HdNzKwswUIZpPPz8JLkFXvEIOGI.roa
File: HdNzKwswUIZpPPz8JLkFXvEIOGI.roa (raw, json)
Hash identifier: 767lqXY4cMMh/KSKkPNZJ3Sz1GVHWVLlBXY6eIjaCj4=
Subject key identifier: 1D:D3:73:2B:0B:30:50:86:69:3C:FC:FC:24:B9:05:5E:F1:08:38:62
Certificate issuer: /CN=07feb9ae0fa8927045f83423743c4a73a27a74a7
Certificate serial: 018CC6B8CE7B2E6B1C65A5916439CB206763
Authority key identifier: 07:FE:B9:AE:0F:A8:92:70:45:F8:34:23:74:3C:4A:73:A2:7A:74:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_65rg-oknBF-DQjdDxKc6J6dKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/63e5a5-5d4f-43ee-af70-dc73f9d9be29/1/HdNzKwswUIZpPPz8JLkFXvEIOGI.roa
Signing time: Mon 01 Jan 2024 20:30:49 +0000
ROA not before: Mon 01 Jan 2024 20:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15510
IP address blocks: 45.158.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/63e5a5-5d4f-43ee-af70-dc73f9d9be29/1/B_65rg-oknBF-DQjdDxKc6J6dKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/63e5a5-5d4f-43ee-af70-dc73f9d9be29/1/B_65rg-oknBF-DQjdDxKc6J6dKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/B_65rg-oknBF-DQjdDxKc6J6dKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ce:7b:2e:6b:1c:65:a5:91:64:39:cb:20:67:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07feb9ae0fa8927045f83423743c4a73a27a74a7
Validity
Not Before: Jan 1 20:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dd3732b0b305086693cfcfc24b9055ef1083862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9a:9f:87:55:52:37:c5:45:dd:88:19:14:08:
77:2d:14:e8:48:79:21:42:2b:10:e2:80:24:3e:b1:
f3:f1:51:5d:ef:ed:04:55:6f:b9:fe:5f:a1:53:47:
8b:a5:77:24:51:c8:9d:a1:23:23:6d:fd:85:32:34:
c3:ea:fe:bd:50:23:c9:10:f6:b7:17:cd:50:62:b8:
39:6f:82:4a:33:d2:cc:4b:08:3f:67:e6:77:ea:cc:
45:0b:99:34:f2:63:e6:27:83:f0:bc:42:fa:be:8b:
f7:9d:f6:1f:f2:13:13:16:e0:59:cb:3a:b9:35:d0:
b8:39:81:3a:ad:9f:4e:e4:12:7d:19:b7:a9:c9:d4:
ee:dc:d1:72:f1:23:5d:4b:ba:93:c9:0d:ad:a1:6c:
75:2b:c3:60:6c:36:98:01:e7:0b:ef:1d:af:12:ea:
9c:e0:dd:e5:4a:0c:4b:05:e2:f7:6e:99:34:79:a4:
ea:58:be:ca:6d:1d:68:a7:f1:53:f5:21:81:f6:67:
56:8c:bc:ee:f1:6c:48:3e:a0:3d:ad:d4:f8:43:41:
68:67:68:bf:86:e0:50:90:03:51:f9:b7:b4:90:7f:
88:c0:be:38:79:7c:6b:84:a7:c2:15:eb:a3:57:b8:
f9:94:07:f5:7d:a7:6b:03:ea:ae:a7:4a:6b:4f:ce:
ae:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D3:73:2B:0B:30:50:86:69:3C:FC:FC:24:B9:05:5E:F1:08:38:62
X509v3 Authority Key Identifier:
keyid:07:FE:B9:AE:0F:A8:92:70:45:F8:34:23:74:3C:4A:73:A2:7A:74:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_65rg-oknBF-DQjdDxKc6J6dKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/63e5a5-5d4f-43ee-af70-dc73f9d9be29/1/HdNzKwswUIZpPPz8JLkFXvEIOGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/63e5a5-5d4f-43ee-af70-dc73f9d9be29/1/B_65rg-oknBF-DQjdDxKc6J6dKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.164.0/22
Signature Algorithm: sha256WithRSAEncryption
30:d5:ed:78:32:20:bd:c7:aa:d3:e6:31:a9:de:da:c3:5e:8a:
d9:d2:f8:4a:25:e7:48:0c:9c:e4:2c:8f:9f:10:12:2f:72:b6:
0d:b8:4e:7b:cc:ec:38:7b:05:ba:c3:77:69:ad:47:f7:4e:8e:
f6:0e:6c:17:ef:30:da:3e:ba:80:98:c4:c1:c8:da:a6:05:cb:
11:30:b1:13:5d:5c:04:0d:3d:3c:1a:c2:3e:6b:f6:e7:cc:e8:
d5:e9:c3:96:a9:b6:e7:70:e5:a5:d7:bf:97:88:41:02:4f:62:
b1:bf:0c:eb:4f:81:10:13:09:d3:f6:1b:8b:aa:32:f7:6e:d1:
c0:a8:b9:12:2a:c2:3a:61:30:92:70:5f:f9:a4:5f:b2:35:68:
3f:d6:fc:2d:33:4a:ad:dc:42:7f:44:7d:44:9f:bd:12:4f:25:
4a:07:4d:68:96:c4:02:93:86:17:b2:35:51:03:89:c2:a1:6a:
f1:fc:90:81:20:3f:9c:35:94:1f:ec:ae:cd:66:16:a4:86:44:
cc:f9:24:76:09:c5:22:44:87:69:e8:f4:f1:81:cd:34:6a:a1:
fa:61:80:54:e5:b3:01:0e:ca:af:62:9b:2b:84:67:04:32:85:
01:1a:d5:cf:de:41:73:56:61:99:e7:64:24:98:67:17:0e:87:
e3:cf:31:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuM57LmscZaWRZDnLIGdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZmViOWFlMGZhODkyNzA0NWY4MzQyMzc0M2M0YTczYTI3
YTc0YTcwHhcNMjQwMTAxMjAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQzNzMyYjBiMzA1MDg2NjkzY2ZjZmMyNGI5MDU1ZWYxMDgzODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5qfh1VSN8VF3YgZFAh3LRToSHkh
QisQ4oAkPrHz8VFd7+0EVW+5/l+hU0eLpXckUcidoSMjbf2FMjTD6v69UCPJEPa3
F81QYrg5b4JKM9LMSwg/Z+Z36sxFC5k08mPmJ4PwvEL6vov3nfYf8hMTFuBZyzq5
NdC4OYE6rZ9O5BJ9GbepydTu3NFy8SNdS7qTyQ2toWx1K8NgbDaYAecL7x2vEuqc
4N3lSgxLBeL3bpk0eaTqWL7KbR1op/FT9SGB9mdWjLzu8WxIPqA9rdT4Q0FoZ2i/
huBQkANR+be0kH+IwL44eXxrhKfCFeujV7j5lAf1fadrA+qup0prT86u1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3TcysLMFCGaTz8/CS5BV7xCDhiMB8GA1UdIwQY
MBaAFAf+ua4PqJJwRfg0I3Q8SnOienSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl82NXJnLW9rbkJGLURRamREeEtjNko2ZEtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82M2U1YTUtNWQ0Zi00M2VlLWFmNzAt
ZGM3M2Y5ZDliZTI5LzEvSGROekt3c3dVSVpwUFB6OEpMa0ZYdkVJT0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82M2U1YTUtNWQ0Zi00M2VlLWFmNzAtZGM3M2Y5ZDliZTI5
LzEvQl82NXJnLW9rbkJGLURRamREeEtjNko2ZEtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ6kMA0G
CSqGSIb3DQEBCwUAA4IBAQAw1e14MiC9x6rT5jGp3trDXorZ0vhKJedIDJzkLI+f
EBIvcrYNuE57zOw4ewW6w3dprUf3To72DmwX7zDaPrqAmMTByNqmBcsRMLETXVwE
DT08GsI+a/bnzOjV6cOWqbbncOWl17+XiEECT2KxvwzrT4EQEwnT9huLqjL3btHA
qLkSKsI6YTCScF/5pF+yNWg/1vwtM0qt3EJ/RH1En70STyVKB01olsQCk4YXsjVR
A4nCoWrx/JCBID+cNZQf7K7NZhakhkTM+SR2CcUiRIdp6PTxgc00aqH6YYBU5bMB
DsqvYpsrhGcEMoUBGtXP3kFzVmGZ52QkmGcXDofjzzFZ
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:45:58 2024 by rpki-client on console-ams.rpki-client.org