Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/I9Wektv6-XL14b2IxIG_oS5d2W4.roa
File: I9Wektv6-XL14b2IxIG_oS5d2W4.roa (raw, json)
Hash identifier: ox8FYP1UnyfDSJdmN++bhOjko1FfluzmuijGzS6oZmM=
Subject key identifier: 23:D5:9E:92:DB:FA:F9:72:F5:E1:BD:88:C4:81:BF:A1:2E:5D:D9:6E
Certificate issuer: /CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Certificate serial: 018CC2DB45C2E71F00A248CAB5D81E1008C0
Authority key identifier: 51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/I9Wektv6-XL14b2IxIG_oS5d2W4.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 45.156.97.0/24 maxlen: 24
45.156.98.0/24 maxlen: 24
45.156.96.0/24 maxlen: 24
45.156.99.0/24 maxlen: 24
2a0f:1c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.mft
rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 22:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:45:c2:e7:1f:00:a2:48:ca:b5:d8:1e:10:08:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23d59e92dbfaf972f5e1bd88c481bfa12e5dd96e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:79:ca:65:0c:ed:8a:82:03:bd:8b:a6:4b:aa:
4c:89:e2:20:bb:5b:a8:fc:3b:d6:f2:a5:3b:92:2c:
5d:7c:51:ad:46:22:9f:07:12:27:c3:cc:1a:19:03:
c3:2f:ed:c7:08:88:dc:1f:6e:74:f9:b5:bf:19:e8:
83:44:c7:69:03:09:0c:33:54:9e:ce:9f:a2:58:d3:
29:f7:fc:88:97:cb:1f:7a:95:54:42:bc:19:b0:79:
99:e1:b7:15:9a:77:23:42:e3:9f:07:ed:84:10:d6:
ac:63:cf:84:a2:3b:47:db:3e:ba:86:10:27:a1:eb:
16:c8:c6:73:aa:95:39:9b:5d:00:4b:bc:c2:7e:74:
62:4a:77:cf:d2:c6:f1:a3:f6:c3:73:67:bc:2f:d7:
88:68:51:34:70:f4:d3:4f:8a:3a:15:53:c7:89:65:
6b:26:96:6f:2d:a0:c7:32:c5:c2:0b:96:ea:17:8a:
9e:ce:db:82:3f:c5:35:88:1f:2d:fb:05:67:ef:ab:
c6:fa:55:a4:fb:94:6e:fd:3b:d1:3e:1d:7a:44:9d:
58:50:21:bf:7b:6c:3d:24:dd:09:ea:ff:25:ce:af:
74:7e:71:3b:4a:c9:d2:bb:cc:58:3e:df:1f:39:f1:
82:ed:d5:f8:4b:ef:07:0f:64:d7:a7:b2:3e:8a:a4:
bb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D5:9E:92:DB:FA:F9:72:F5:E1:BD:88:C4:81:BF:A1:2E:5D:D9:6E
X509v3 Authority Key Identifier:
keyid:51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/I9Wektv6-XL14b2IxIG_oS5d2W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.96.0/22
IPv6:
2a0f:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
96:0e:15:75:f9:d6:6b:84:c7:ca:2e:31:64:12:e7:6d:cb:2c:
61:ac:5b:23:00:93:ec:ae:e5:57:28:a1:34:34:9b:a2:7b:28:
a6:9d:57:46:0e:c7:42:ef:f3:b1:fa:7a:11:4b:06:90:ae:66:
d2:5f:e5:7e:87:2e:dd:16:31:55:72:09:af:92:df:32:ab:0a:
15:85:02:c8:5d:93:85:9f:39:70:2f:10:83:9e:8a:b2:43:bc:
a8:ab:11:7c:44:2a:25:83:86:37:43:13:37:b5:f2:8a:f8:07:
1a:2c:80:10:f7:71:28:29:ee:e0:ac:f7:44:d9:99:52:32:c8:
71:34:45:0a:7a:09:2a:22:40:ed:0c:72:5f:e9:31:71:66:dd:
6f:48:07:cc:3a:0e:fc:6f:a3:67:f5:d2:e1:93:c8:5a:ba:39:
c0:90:01:de:9a:f5:b5:a3:34:70:ef:ef:b9:1e:ac:f8:d8:2a:
54:39:7a:aa:1c:55:d8:6f:73:7b:db:e7:c0:08:46:b5:f2:ae:
1b:5a:2b:29:e2:2c:25:cc:75:ec:4d:89:e6:68:bb:c3:66:6b:
9d:84:c9:be:dd:65:ef:f3:e0:86:4c:bb:f7:b7:ec:c3:a2:d5:
38:0e:b8:8c:b7:49:71:b3:f9:cb:97:38:86:a0:55:90:04:39:
06:a5:a0:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC20XC5x8AokjKtdgeEAjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYTBkOTgyNTEwM2Q5ZGE0NzYxZWZhOTFhNjBlYTJjYTc1
OGQwMDMwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Q1OWU5MmRiZmFmOTcyZjVlMWJkODhjNDgxYmZhMTJlNWRkOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3nKZQztioIDvYumS6pMieIgu1uo
/DvW8qU7kixdfFGtRiKfBxInw8waGQPDL+3HCIjcH250+bW/GeiDRMdpAwkMM1Se
zp+iWNMp9/yIl8sfepVUQrwZsHmZ4bcVmncjQuOfB+2EENasY8+EojtH2z66hhAn
oesWyMZzqpU5m10AS7zCfnRiSnfP0sbxo/bDc2e8L9eIaFE0cPTTT4o6FVPHiWVr
JpZvLaDHMsXCC5bqF4qeztuCP8U1iB8t+wVn76vG+lWk+5Ru/TvRPh16RJ1YUCG/
e2w9JN0J6v8lzq90fnE7SsnSu8xYPt8fOfGC7dX4S+8HD2TXp7I+iqS72wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCPVnpLb+vly9eG9iMSBv6EuXdluMB8GA1UdIwQY
MBaAFFGg2YJRA9naR2HvqRpg6iynWNADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUt
NmEzZGYwMWEzMjM2LzEvSTlXZWt0djYtWEwxNGIySXhJR19vUzVkMlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUtNmEzZGYwMWEzMjM2
LzEvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZxgMA0E
AgACMAcDBQMqDxyAMA0GCSqGSIb3DQEBCwUAA4IBAQCWDhV1+dZrhMfKLjFkEudt
yyxhrFsjAJPsruVXKKE0NJuieyimnVdGDsdC7/Ox+noRSwaQrmbSX+V+hy7dFjFV
cgmvkt8yqwoVhQLIXZOFnzlwLxCDnoqyQ7yoqxF8RColg4Y3QxM3tfKK+AcaLIAQ
93EoKe7grPdE2ZlSMshxNEUKegkqIkDtDHJf6TFxZt1vSAfMOg78b6Nn9dLhk8ha
ujnAkAHemvW1ozRw7++5Hqz42CpUOXqqHFXYb3N72+fACEa18q4bWisp4iwlzHXs
TYnmaLvDZmudhMm+3WXv8+CGTLv3t+zDotU4DriMt0lxs/nLlziGoFWQBDkGpaBo
-----END CERTIFICATE-----
Generated at Thu May 2 02:09:34 2024 by rpki-client on console-ams.rpki-client.org