Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/hpBIi-yGTOIC_3dMWbpPMWuaQ1s.roa
File: hpBIi-yGTOIC_3dMWbpPMWuaQ1s.roa (raw, json)
Hash identifier: GQZWlobkbAms8Vn+Q2jYmqq0TUpZ7iMJNH6K+K4bQhs=
Subject key identifier: 86:90:48:8B:EC:86:4C:E2:02:FF:77:4C:59:BA:4F:31:6B:9A:43:5B
Certificate issuer: /CN=179661a164d2d517ea7677fb229cafa19eba97f3
Certificate serial: 018CC56EA6C5C0EDBCBA6D9161EB46830C24
Authority key identifier: 17:96:61:A1:64:D2:D5:17:EA:76:77:FB:22:9C:AF:A1:9E:BA:97:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5ZhoWTS1Rfqdnf7IpyvoZ66l_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/hpBIi-yGTOIC_3dMWbpPMWuaQ1s.roa
Signing time: Mon 01 Jan 2024 14:30:12 +0000
ROA not before: Mon 01 Jan 2024 14:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206804
IP address blocks: 45.128.132.0/24 maxlen: 24
45.128.135.0/24 maxlen: 24
45.128.133.0/24 maxlen: 24
45.128.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/F5ZhoWTS1Rfqdnf7IpyvoZ66l_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/F5ZhoWTS1Rfqdnf7IpyvoZ66l_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/F5ZhoWTS1Rfqdnf7IpyvoZ66l_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a6:c5:c0:ed:bc:ba:6d:91:61:eb:46:83:0c:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179661a164d2d517ea7677fb229cafa19eba97f3
Validity
Not Before: Jan 1 14:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8690488bec864ce202ff774c59ba4f316b9a435b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b9:8d:d8:76:05:79:0f:77:d9:5a:b3:3e:f7:
8d:a3:5c:75:0b:12:d7:30:fd:3d:07:a0:4f:74:32:
73:90:f5:83:dc:c7:fb:6e:d4:eb:e0:7e:10:6e:89:
c6:3e:eb:e5:15:f1:a7:e8:53:ac:32:02:5a:2a:72:
1e:dd:67:8c:7f:e5:88:c5:7f:92:47:f5:6b:fb:bf:
4c:d2:d7:e5:b2:55:17:89:92:f2:ba:54:09:96:a4:
97:f5:78:de:b0:05:af:ac:df:2e:46:32:de:e2:18:
28:ee:38:74:b7:d3:3c:3f:fa:57:1a:bd:ae:9b:27:
ec:41:44:42:b6:08:e2:c1:b0:65:c6:bc:f2:2a:dd:
37:60:1b:9f:be:b3:18:c3:db:0d:29:70:dd:69:e4:
6e:91:81:fd:60:77:f8:0a:4c:6c:9c:c3:b2:6b:d9:
0f:88:e9:23:bf:ba:59:54:c2:33:21:3e:de:5f:09:
bd:7e:4d:1e:e1:01:1a:d9:15:8e:6c:90:77:d3:9b:
7a:b4:8a:0a:7d:5b:0e:08:2c:4f:a2:27:a4:8f:92:
13:15:6e:e6:69:26:be:84:94:8f:44:a0:ce:42:cf:
d6:3d:11:83:ff:44:08:23:4d:6e:89:3a:28:b0:be:
47:b5:c3:c9:48:4f:7b:e7:16:1a:3b:b7:10:87:cf:
48:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:90:48:8B:EC:86:4C:E2:02:FF:77:4C:59:BA:4F:31:6B:9A:43:5B
X509v3 Authority Key Identifier:
keyid:17:96:61:A1:64:D2:D5:17:EA:76:77:FB:22:9C:AF:A1:9E:BA:97:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5ZhoWTS1Rfqdnf7IpyvoZ66l_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/hpBIi-yGTOIC_3dMWbpPMWuaQ1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/f84001-664d-4998-8c35-e4f2e0b2350f/1/F5ZhoWTS1Rfqdnf7IpyvoZ66l_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.132.0/22
Signature Algorithm: sha256WithRSAEncryption
81:ac:a1:74:37:ec:fb:a7:f4:18:47:47:d6:b6:aa:c8:12:eb:
ce:ab:cc:31:77:69:a9:23:9e:cc:f5:91:78:78:58:69:71:d2:
19:2f:21:e8:72:ef:a5:aa:6e:95:0b:81:c5:4b:dc:ac:4a:6a:
d4:a5:b2:83:ca:14:56:80:3d:62:d9:aa:2b:e2:8e:48:fc:59:
01:02:64:06:d8:8a:05:d4:a1:2b:73:75:43:d0:92:3e:fd:2e:
43:7e:8c:8e:2f:ea:95:4d:28:20:6d:a7:0d:a2:96:e9:3b:76:
a2:f9:c7:e7:dd:93:0d:cf:ea:fd:37:93:bb:78:00:c1:e4:16:
28:2e:46:a9:bf:66:bc:73:5a:6b:c8:e2:47:5b:8a:f3:e8:e6:
70:15:e1:3f:5a:3a:7d:fd:02:cf:44:f9:bd:4f:db:5c:7e:c4:
51:e2:dc:0d:1e:90:68:8e:b3:f0:4a:d4:61:2a:e4:4f:59:c2:
43:69:7e:99:78:26:7a:d5:6a:32:22:8f:54:e6:09:63:ab:1b:
e9:61:cc:d1:af:0a:55:f1:81:df:b8:e7:25:de:6c:3c:52:9a:
88:f5:1e:64:dd:9b:bb:9a:ba:b4:6d:b4:f8:11:24:6c:ec:4b:
cc:f5:e0:0f:08:60:1f:5c:a3:39:d9:12:10:07:77:d6:74:f0:
33:8c:62:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbqbFwO28um2RYetGgwwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTY2MWExNjRkMmQ1MTdlYTc2NzdmYjIyOWNhZmExOWVi
YTk3ZjMwHhcNMjQwMTAxMTQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjkwNDg4YmVjODY0Y2UyMDJmZjc3NGM1OWJhNGYzMTZiOWE0MzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrmN2HYFeQ932VqzPveNo1x1CxLX
MP09B6BPdDJzkPWD3Mf7btTr4H4QbonGPuvlFfGn6FOsMgJaKnIe3WeMf+WIxX+S
R/Vr+79M0tflslUXiZLyulQJlqSX9XjesAWvrN8uRjLe4hgo7jh0t9M8P/pXGr2u
myfsQURCtgjiwbBlxrzyKt03YBufvrMYw9sNKXDdaeRukYH9YHf4CkxsnMOya9kP
iOkjv7pZVMIzIT7eXwm9fk0e4QEa2RWObJB305t6tIoKfVsOCCxPoiekj5ITFW7m
aSa+hJSPRKDOQs/WPRGD/0QII01uiToosL5HtcPJSE975xYaO7cQh89I5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaQSIvshkziAv93TFm6TzFrmkNbMB8GA1UdIwQY
MBaAFBeWYaFk0tUX6nZ3+yKcr6GeupfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVaaG9XVFMxUmZxZG5mN0lweXZvWjY2bF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mODQwMDEtNjY0ZC00OTk4LThjMzUt
ZTRmMmUwYjIzNTBmLzEvaHBCSWkteUdUT0lDXzNkTVdicFBNV3VhUTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mODQwMDEtNjY0ZC00OTk4LThjMzUtZTRmMmUwYjIzNTBm
LzEvRjVaaG9XVFMxUmZxZG5mN0lweXZvWjY2bF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYCEMA0G
CSqGSIb3DQEBCwUAA4IBAQCBrKF0N+z7p/QYR0fWtqrIEuvOq8wxd2mpI57M9ZF4
eFhpcdIZLyHocu+lqm6VC4HFS9ysSmrUpbKDyhRWgD1i2aor4o5I/FkBAmQG2IoF
1KErc3VD0JI+/S5DfoyOL+qVTSggbacNopbpO3ai+cfn3ZMNz+r9N5O7eADB5BYo
Lkapv2a8c1pryOJHW4rz6OZwFeE/Wjp9/QLPRPm9T9tcfsRR4twNHpBojrPwStRh
KuRPWcJDaX6ZeCZ61WoyIo9U5gljqxvpYczRrwpV8YHfuOcl3mw8UpqI9R5k3Zu7
mrq0bbT4ESRs7EvM9eAPCGAfXKM52RIQB3fWdPAzjGL7
-----END CERTIFICATE-----
Generated at Fri May 10 01:45:15 2024 by rpki-client on console-ams.rpki-client.org