Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/mOwLFZD8cQhJeAk93TUwR_fZSiM.roa
File: mOwLFZD8cQhJeAk93TUwR_fZSiM.roa (raw, json)
Hash identifier: UJFOgWKFnmWUoFEZnNWxjdqcF++8ojzKAPNNBvHmyB0=
Subject key identifier: 98:EC:0B:15:90:FC:71:08:49:78:09:3D:DD:35:30:47:F7:D9:4A:23
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 018CC8015939171C02EF9363B3F494381945
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/mOwLFZD8cQhJeAk93TUwR_fZSiM.roa
Signing time: Tue 02 Jan 2024 02:29:40 +0000
ROA not before: Tue 02 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.152.177.0/24 maxlen: 24
45.157.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:59:39:17:1c:02:ef:93:63:b3:f4:94:38:19:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 2 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98ec0b1590fc71084978093ddd353047f7d94a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2b:d4:44:9b:d1:79:90:66:4a:ea:4b:39:79:
b3:cf:92:7b:31:f9:00:a9:a8:a0:bc:b1:05:ca:b0:
f2:ce:9d:19:df:8f:7b:51:0a:d7:a7:a2:4a:31:12:
a7:46:38:6b:e0:2c:13:b3:32:43:7a:02:87:29:52:
07:a9:b0:06:04:d5:00:dd:60:df:e3:66:62:da:7b:
9d:88:d3:03:6c:79:fb:b2:90:ad:ab:ae:b5:ba:f1:
53:ab:79:76:c7:07:54:c9:20:2d:b3:5b:22:b6:7d:
97:30:d0:78:80:8e:03:01:7c:48:fb:be:53:2f:e4:
42:36:01:c8:ae:60:44:27:9b:c6:0e:ad:94:2d:6d:
4a:21:b7:10:33:dd:4f:87:f4:16:c1:5f:cb:c0:c0:
a6:34:b8:6b:be:1a:96:54:25:27:92:38:2c:e5:be:
9b:0f:83:26:0e:be:11:8a:02:03:83:16:e6:c0:83:
c5:52:16:28:af:d1:54:5c:93:9e:0f:6c:20:8d:06:
ee:f0:bd:19:b7:d3:c8:db:98:f4:47:d4:29:fc:25:
4a:51:9b:d8:6e:22:93:c7:6d:9d:b3:96:32:a1:73:
68:9b:4c:dc:01:e1:8a:46:d3:da:57:c7:ed:eb:07:
ad:72:1c:14:8b:ac:d8:c5:08:03:e8:6b:57:8f:02:
1b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EC:0B:15:90:FC:71:08:49:78:09:3D:DD:35:30:47:F7:D9:4A:23
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/mOwLFZD8cQhJeAk93TUwR_fZSiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.177.0/24
45.157.92.0/22
Signature Algorithm: sha256WithRSAEncryption
20:5e:bd:de:18:99:0e:a8:f2:3c:52:e8:a6:cc:b5:ba:9a:38:
b1:46:6b:95:c7:58:49:d8:fd:d0:25:f9:2d:d0:2f:ca:f8:5b:
43:ec:36:7c:e2:89:0d:82:7b:1a:f5:d4:25:f1:84:34:34:e8:
47:25:55:55:94:d0:92:8c:4d:a7:e4:de:5d:43:81:ce:e8:d2:
8d:30:2b:54:87:2a:78:cb:73:c8:42:89:2c:25:bb:b8:df:90:
47:52:4f:6d:fb:b5:07:40:04:27:49:b5:b7:40:ce:cd:32:16:
6f:e6:94:9b:47:bf:24:f5:f9:f0:c8:b5:05:4d:1a:de:2a:c5:
07:5f:c0:34:45:05:46:e7:cc:d8:a7:d0:39:a2:11:c3:ad:e7:
55:98:f0:b8:04:54:c5:bb:d1:88:5e:9e:31:ef:f6:95:94:fa:
57:e3:a8:6d:25:c4:ac:ca:b4:84:65:7c:7d:3c:a1:ff:66:5c:
1f:51:c1:88:8d:73:ec:ab:fa:60:04:fc:c1:84:c8:af:31:f9:
77:df:6e:d4:97:4a:41:08:6b:37:27:51:5d:34:9b:21:c5:b3:
23:d2:f7:65:13:92:6b:da:d2:93:34:70:7b:43:9c:17:8d:80:
27:7d:58:9c:db:18:be:66:bb:8b:97:6b:3b:f8:c9:e1:fe:b4:
95:48:8a:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAVk5FxwC75Njs/SUOBlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGVjMGIxNTkwZmM3MTA4NDk3ODA5M2RkZDM1MzA0N2Y3ZDk0YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyvURJvReZBmSupLOXmzz5J7MfkA
qaigvLEFyrDyzp0Z3497UQrXp6JKMRKnRjhr4CwTszJDegKHKVIHqbAGBNUA3WDf
42Zi2nudiNMDbHn7spCtq661uvFTq3l2xwdUySAts1sitn2XMNB4gI4DAXxI+75T
L+RCNgHIrmBEJ5vGDq2ULW1KIbcQM91Ph/QWwV/LwMCmNLhrvhqWVCUnkjgs5b6b
D4MmDr4RigIDgxbmwIPFUhYor9FUXJOeD2wgjQbu8L0Zt9PI25j0R9Qp/CVKUZvY
biKTx22ds5YyoXNom0zcAeGKRtPaV8ft6wetchwUi6zYxQgD6GtXjwIbzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJjsCxWQ/HEISXgJPd01MEf32UojMB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvbU93TEZaRDhjUWhKZUFrOTNUVXdSX2ZaU2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEtMGQ3YjU1MWY4Mjhj
LzEvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZixAwQC
LZ1cMA0GCSqGSIb3DQEBCwUAA4IBAQAgXr3eGJkOqPI8UuimzLW6mjixRmuVx1hJ
2P3QJfkt0C/K+FtD7DZ84okNgnsa9dQl8YQ0NOhHJVVVlNCSjE2n5N5dQ4HO6NKN
MCtUhyp4y3PIQoksJbu435BHUk9t+7UHQAQnSbW3QM7NMhZv5pSbR78k9fnwyLUF
TRreKsUHX8A0RQVG58zYp9A5ohHDredVmPC4BFTFu9GIXp4x7/aVlPpX46htJcSs
yrSEZXx9PKH/ZlwfUcGIjXPsq/pgBPzBhMivMfl3327Ul0pBCGs3J1FdNJshxbMj
0vdlE5Jr2tKTNHB7Q5wXjYAnfVic2xi+ZruLl2s7+Mnh/rSVSIqF
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:42:38 2024 by rpki-client on console-fra.rpki-client.org