Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/lh3-o4Xlj2IJK4ydI1JVvU1EOVQ.roa
File: lh3-o4Xlj2IJK4ydI1JVvU1EOVQ.roa (raw, json)
Hash identifier: px6Ma2YEJ2eGu4TpGyVxTDYGtw1VtzsAPI67jWbC7qo=
Subject key identifier: 96:1D:FE:A3:85:E5:8F:62:09:2B:8C:9D:23:52:55:BD:4D:44:39:54
Certificate issuer: /CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Certificate serial: 01927B59BEDAC44A704E87F4B42FD6486386
Authority key identifier: B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/lh3-o4Xlj2IJK4ydI1JVvU1EOVQ.roa
Signing time: Fri 11 Oct 2024 11:32:11 +0000
ROA not before: Fri 11 Oct 2024 11:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39679
IP address blocks: 45.67.156.0/24 maxlen: 24
45.67.158.0/24 maxlen: 24
45.67.159.0/24 maxlen: 24
2a09:7ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:59:be:da:c4:4a:70:4e:87:f4:b4:2f:d6:48:63:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Validity
Not Before: Oct 11 11:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=961dfea385e58f62092b8c9d235255bd4d443954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:63:55:d8:4f:18:22:f3:8e:9d:ab:99:08:1f:
82:28:88:23:5a:8f:25:ac:36:05:90:1e:93:49:bc:
a1:e0:02:31:5a:08:59:4e:c4:d8:c7:19:92:ec:49:
eb:64:ea:2a:5c:4a:73:0f:ef:93:36:44:5e:d0:18:
b1:8e:b5:99:98:04:13:b5:99:63:78:19:82:20:3d:
8a:a0:81:b5:65:6b:00:76:3a:76:63:0e:2a:14:b3:
85:32:76:96:0b:37:64:10:ad:bc:7a:d4:13:0a:06:
09:aa:d4:0b:72:63:27:51:c6:d5:1f:ab:1d:30:9d:
62:c6:45:c9:37:0c:a0:af:6b:a2:52:f2:6e:da:4d:
43:e7:f5:5f:aa:cc:3c:ab:f2:0b:de:50:d9:0c:59:
c9:66:d1:f4:24:c2:6f:4d:44:87:91:02:8f:9f:e0:
d0:8b:8f:fe:44:a2:03:93:f7:04:f8:b0:0d:16:a6:
52:1f:3c:8f:f7:0f:f9:d4:97:60:8a:0e:50:b5:04:
26:f9:48:fe:3f:71:48:55:af:26:47:11:6e:5f:12:
2c:1d:9d:10:dd:79:95:53:f5:4f:ec:cf:55:6e:da:
ee:a0:61:0b:8b:5b:b2:94:75:01:d0:86:2e:01:6a:
1a:60:af:3e:d5:2b:30:5f:0a:ab:cc:52:2a:a2:90:
28:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:1D:FE:A3:85:E5:8F:62:09:2B:8C:9D:23:52:55:BD:4D:44:39:54
X509v3 Authority Key Identifier:
keyid:B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/lh3-o4Xlj2IJK4ydI1JVvU1EOVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.156.0/24
45.67.158.0/23
IPv6:
2a09:7ac0::/32
Signature Algorithm: sha256WithRSAEncryption
58:53:ff:5a:5e:0b:59:d9:19:66:fa:8f:7b:fc:3b:f7:b3:32:
05:fe:00:9e:8f:bf:fb:aa:13:f8:7d:ce:18:ae:6f:84:e1:bb:
f8:0c:62:87:74:5c:ad:ff:e6:e0:9f:4a:61:20:84:7a:35:9e:
5c:04:1e:64:45:00:9d:ab:73:99:17:5b:81:06:1f:62:98:ff:
62:de:5c:4d:58:c4:ca:30:97:f5:e9:67:09:c5:39:d0:97:1f:
bc:3d:a4:41:7d:9e:38:8c:87:a2:f1:bf:e9:1e:73:3e:96:74:
1b:16:a1:21:a8:01:e3:11:b1:7c:5a:95:38:56:5c:53:d2:b0:
13:01:40:3b:21:d2:90:9b:5e:d3:9c:87:7a:a7:16:f9:70:77:
51:6e:9b:ad:d7:d4:3b:39:3c:b5:39:38:7b:96:e5:db:33:5a:
db:a4:c5:b7:f2:2e:d4:21:c1:02:55:9b:ed:60:3e:d4:9e:09:
79:c3:d4:61:d7:7a:08:31:60:28:dc:79:32:a3:30:fb:5d:d1:
f9:0f:a3:cf:57:e6:bd:43:7c:71:eb:35:83:63:a9:12:49:1b:
03:db:92:2d:ad:8b:2c:b8:7c:b2:39:6b:a8:48:ad:75:43:d1:
02:10:1f:66:0b:b8:56:a5:4d:95:ab:db:70:5d:02:62:73:6a:
d6:82:d6:b8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZJ7Wb7axEpwTof0tC/WSGOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDI3ZWE0OWY5NzJkMTljNTYzOTNhNjg5ZTdjYmViOTkw
ZDVkN2EwHhcNMjQxMDExMTEzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjFkZmVhMzg1ZTU4ZjYyMDkyYjhjOWQyMzUyNTViZDRkNDQzOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGNV2E8YIvOOnauZCB+CKIgjWo8l
rDYFkB6TSbyh4AIxWghZTsTYxxmS7EnrZOoqXEpzD++TNkRe0BixjrWZmAQTtZlj
eBmCID2KoIG1ZWsAdjp2Yw4qFLOFMnaWCzdkEK28etQTCgYJqtQLcmMnUcbVH6sd
MJ1ixkXJNwygr2uiUvJu2k1D5/Vfqsw8q/IL3lDZDFnJZtH0JMJvTUSHkQKPn+DQ
i4/+RKIDk/cE+LANFqZSHzyP9w/51Jdgig5QtQQm+Uj+P3FIVa8mRxFuXxIsHZ0Q
3XmVU/VP7M9VbtruoGELi1uylHUB0IYuAWoaYK8+1SswXwqrzFIqopAoiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJYd/qOF5Y9iCSuMnSNSVb1NRDlUMB8GA1UdIwQY
MBaAFLVCfqSfly0ZxWOTponny+uZDV16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1Mjgt
MGM0OTU0NzdjYTEwLzEvbGgzLW80WGxqMklKSzR5ZEkxSlZ2VTFFT1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1MjgtMGM0OTU0NzdjYTEw
LzEvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALUOcAwQB
LUOeMA0EAgACMAcDBQAqCXrAMA0GCSqGSIb3DQEBCwUAA4IBAQBYU/9aXgtZ2Rlm
+o97/Dv3szIF/gCej7/7qhP4fc4Yrm+E4bv4DGKHdFyt/+bgn0phIIR6NZ5cBB5k
RQCdq3OZF1uBBh9imP9i3lxNWMTKMJf16WcJxTnQlx+8PaRBfZ44jIei8b/pHnM+
lnQbFqEhqAHjEbF8WpU4VlxT0rATAUA7IdKQm17TnId6pxb5cHdRbput19Q7OTy1
OTh7luXbM1rbpMW38i7UIcECVZvtYD7Ungl5w9Rh13oIMWAo3HkyozD7XdH5D6PP
V+a9Q3xx6zWDY6kSSRsD25ItrYssuHyyOWuoSK11Q9ECEB9mC7hWpU2Vq9twXQJi
c2rWgta4
-----END CERTIFICATE-----
Generated at Sat Nov 23 16:20:06 2024 by rpki-client on console-fra.rpki-client.org