Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/NZhq0mdPc_JLJgWl2SgxNhBbwF0.roa
File: NZhq0mdPc_JLJgWl2SgxNhBbwF0.roa (raw, json)
Hash identifier: 1mMZgwde1TWO7cRW8PxujN3FHSPvyHjnCmfLTAjjmEM=
Subject key identifier: 35:98:6A:D2:67:4F:73:F2:4B:26:05:A5:D9:28:31:36:10:5B:C0:5D
Certificate issuer: /CN=b1814a28a8c1ebe0adc33a1519b9883e3084bb59
Certificate serial: 018CC56DF8C516F85A7058E5E9D4B6DB845F
Authority key identifier: B1:81:4A:28:A8:C1:EB:E0:AD:C3:3A:15:19:B9:88:3E:30:84:BB:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sYFKKKjB6-CtwzoVGbmIPjCEu1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/NZhq0mdPc_JLJgWl2SgxNhBbwF0.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.152.135.0/24 maxlen: 24
45.152.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/sYFKKKjB6-CtwzoVGbmIPjCEu1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/sYFKKKjB6-CtwzoVGbmIPjCEu1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/sYFKKKjB6-CtwzoVGbmIPjCEu1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f8:c5:16:f8:5a:70:58:e5:e9:d4:b6:db:84:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1814a28a8c1ebe0adc33a1519b9883e3084bb59
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35986ad2674f73f24b2605a5d9283136105bc05d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d2:8e:9e:bc:b3:7e:4d:6f:d9:11:b6:85:bf:
87:e6:9f:ee:e0:ad:52:b5:c5:de:cc:ab:35:02:18:
45:b0:8b:be:46:5f:cc:a0:a0:ef:60:cc:88:dd:9a:
91:56:a7:f1:c9:94:e0:93:42:06:fd:02:f5:e3:70:
43:be:d9:0d:ce:cf:29:41:4a:9a:ad:a9:49:2f:70:
db:ee:9c:06:15:e0:e3:99:9c:f6:6e:b2:83:06:e7:
70:f5:c9:c3:1d:96:bc:14:c6:e2:0d:ff:22:e5:69:
15:19:25:4d:35:c3:31:73:d9:12:f4:73:34:11:42:
43:bb:91:8e:2f:da:b0:7a:a1:94:32:6d:a9:ca:e0:
7d:32:2c:85:30:35:94:d0:0a:2b:c9:57:59:85:e4:
8c:9b:f4:fd:b1:10:9a:fd:92:33:b9:de:74:5b:71:
84:f9:b5:a6:64:d9:67:e3:83:f5:ba:6e:b3:a3:33:
27:bd:08:55:0a:29:87:1c:02:33:64:ea:8c:e4:49:
99:53:a5:4c:f0:e0:f8:ce:9e:72:09:be:84:ac:68:
9a:81:50:9d:72:5a:62:79:82:52:9b:de:b1:91:81:
10:75:1e:1b:7e:66:15:70:45:dd:e3:b7:b9:c1:97:
22:5a:af:ac:5e:d5:94:8a:a1:32:50:14:9f:d0:44:
d3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:98:6A:D2:67:4F:73:F2:4B:26:05:A5:D9:28:31:36:10:5B:C0:5D
X509v3 Authority Key Identifier:
keyid:B1:81:4A:28:A8:C1:EB:E0:AD:C3:3A:15:19:B9:88:3E:30:84:BB:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sYFKKKjB6-CtwzoVGbmIPjCEu1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/NZhq0mdPc_JLJgWl2SgxNhBbwF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/3fbff6-73ee-4812-8e4b-81dabc81c05c/1/sYFKKKjB6-CtwzoVGbmIPjCEu1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.134.0/23
Signature Algorithm: sha256WithRSAEncryption
69:59:82:d6:52:0f:2c:c9:2b:a4:e6:b7:97:bb:33:e0:1d:88:
36:74:b3:cb:67:66:57:84:b4:49:29:92:94:22:6a:49:0c:06:
84:8b:8d:68:53:78:b0:08:56:1b:19:44:12:99:03:ec:c2:6a:
ff:38:6b:68:37:e7:be:dc:e4:b6:3f:e4:e7:e0:6f:65:97:c8:
8e:e1:62:5c:55:61:39:88:4a:7c:07:f7:f9:87:cb:a6:63:f4:
67:a5:33:d1:ef:6f:de:cf:ee:29:02:56:bd:8c:c9:ef:72:a0:
59:ce:9e:23:85:11:9c:ae:d5:39:a2:52:39:57:36:a2:df:b2:
ed:15:1b:cb:7b:a1:9e:95:87:83:fc:79:13:5a:a6:42:0c:d3:
e5:f4:33:b9:b1:db:1c:f6:93:fa:76:ea:91:c1:2a:75:f2:c8:
99:bf:37:d1:a6:d1:3e:23:a2:75:82:12:83:4e:81:67:9d:53:
bd:13:aa:a7:ce:15:8e:52:c9:07:3e:12:a1:da:7a:59:bb:ff:
fe:89:42:6a:ab:ce:ff:75:c0:75:29:a3:fe:d0:f9:aa:25:1c:
1b:f9:a4:9a:e0:0b:94:fb:eb:3b:1c:b8:6c:32:2a:78:e9:3a:
2d:ea:34:3d:5d:2a:ca:84:d8:82:92:f1:0c:06:a1:02:af:a5:
39:4a:31:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbfjFFvhacFjl6dS224RfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxODE0YTI4YThjMWViZTBhZGMzM2ExNTE5Yjk4ODNlMzA4
NGJiNTkwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk4NmFkMjY3NGY3M2YyNGIyNjA1YTVkOTI4MzEzNjEwNWJjMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNKOnryzfk1v2RG2hb+H5p/u4K1S
tcXezKs1AhhFsIu+Rl/MoKDvYMyI3ZqRVqfxyZTgk0IG/QL143BDvtkNzs8pQUqa
ralJL3Db7pwGFeDjmZz2brKDBudw9cnDHZa8FMbiDf8i5WkVGSVNNcMxc9kS9HM0
EUJDu5GOL9qweqGUMm2pyuB9MiyFMDWU0AoryVdZheSMm/T9sRCa/ZIzud50W3GE
+bWmZNln44P1um6zozMnvQhVCimHHAIzZOqM5EmZU6VM8OD4zp5yCb6ErGiagVCd
clpieYJSm96xkYEQdR4bfmYVcEXd47e5wZciWq+sXtWUiqEyUBSf0ETTIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDWYatJnT3PySyYFpdkoMTYQW8BdMB8GA1UdIwQY
MBaAFLGBSiiowevgrcM6FRm5iD4whLtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1lGS0tLakI2LUN0d3pvVkdibUlQakNFdTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8zZmJmZjYtNzNlZS00ODEyLThlNGIt
ODFkYWJjODFjMDVjLzEvTlpocTBtZFBjX0pMSmdXbDJTZ3hOaEJid0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8zZmJmZjYtNzNlZS00ODEyLThlNGItODFkYWJjODFjMDVj
LzEvc1lGS0tLakI2LUN0d3pvVkdibUlQakNFdTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZiGMA0G
CSqGSIb3DQEBCwUAA4IBAQBpWYLWUg8sySuk5reXuzPgHYg2dLPLZ2ZXhLRJKZKU
ImpJDAaEi41oU3iwCFYbGUQSmQPswmr/OGtoN+e+3OS2P+Tn4G9ll8iO4WJcVWE5
iEp8B/f5h8umY/RnpTPR72/ez+4pAla9jMnvcqBZzp4jhRGcrtU5olI5Vzai37Lt
FRvLe6GelYeD/HkTWqZCDNPl9DO5sdsc9pP6duqRwSp18siZvzfRptE+I6J1ghKD
ToFnnVO9E6qnzhWOUskHPhKh2npZu//+iUJqq87/dcB1KaP+0PmqJRwb+aSa4AuU
++s7HLhsMip46Tot6jQ9XSrKhNiCkvEMBqECr6U5SjEW
-----END CERTIFICATE-----
Generated at Thu May 2 16:03:07 2024 by rpki-client on console-ams.rpki-client.org