Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/H45IyaaEr811i7_XBQJ1qb-WyiA.roa
File: H45IyaaEr811i7_XBQJ1qb-WyiA.roa (raw, json)
Hash identifier: /pRri/d3HDJxbLpxuJZAk2pZWG7BxHfKtNpbOG98wl0=
Subject key identifier: 1F:8E:48:C9:A6:84:AF:CD:75:8B:BF:D7:05:02:75:A9:BF:96:CA:20
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 018CC6B91AE5CE7E47F351612F5DC73A56BB
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/H45IyaaEr811i7_XBQJ1qb-WyiA.roa
Signing time: Mon 01 Jan 2024 20:31:08 +0000
ROA not before: Mon 01 Jan 2024 20:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209043
IP address blocks: 45.156.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1a:e5:ce:7e:47:f3:51:61:2f:5d:c7:3a:56:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 1 20:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f8e48c9a684afcd758bbfd7050275a9bf96ca20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:27:f7:09:fd:67:55:df:8f:f1:56:7d:c7:03:
f5:6a:91:b7:da:f7:7e:62:c4:14:80:91:f5:b2:8c:
12:3a:d2:40:2d:10:bc:cf:8d:87:20:b0:f7:6c:1e:
9c:e4:6b:c5:32:35:36:ae:66:fb:ff:53:9c:c2:40:
15:3c:75:18:aa:1d:99:20:d7:fa:58:8c:bf:9a:2e:
b3:8d:93:b9:e3:22:1a:72:5c:92:d3:7c:a8:37:5e:
fd:8e:59:11:c8:d6:cf:57:91:c3:0e:92:41:99:89:
b4:44:14:1f:4a:a1:a9:59:66:6b:24:e5:81:ff:a8:
b6:82:b4:f6:af:e5:62:41:7b:e2:f0:7f:d7:cf:59:
bb:20:95:fc:38:65:14:4d:64:e7:44:8b:21:c4:13:
34:7b:c0:c1:db:e0:51:cf:a1:34:00:a0:4c:50:df:
12:d9:db:54:0a:ee:51:62:bd:49:20:2e:15:2d:c9:
a0:80:e8:8d:88:b9:bf:a3:e1:86:9d:7d:95:be:18:
70:1b:5c:04:aa:e1:a1:9f:b9:6f:5a:78:19:21:6a:
3d:9e:0e:09:c2:35:3d:5f:d8:00:26:bb:11:bc:2a:
23:28:95:09:d9:3a:d9:57:74:3b:4d:42:a0:c0:f3:
b0:69:2d:16:5e:b7:46:81:39:42:e9:84:a6:e0:be:
62:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8E:48:C9:A6:84:AF:CD:75:8B:BF:D7:05:02:75:A9:BF:96:CA:20
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/H45IyaaEr811i7_XBQJ1qb-WyiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.145.0/24
Signature Algorithm: sha256WithRSAEncryption
03:a9:2a:0d:a8:d5:ce:5c:8a:26:4e:7c:34:44:f9:2e:a9:1d:
3e:db:a8:21:93:84:e9:4d:cb:eb:45:c7:7e:33:95:29:b4:d5:
58:7c:95:4e:be:7a:ff:b5:68:a9:a6:7e:df:cf:f5:0a:ee:0f:
b3:ee:b4:9b:50:0a:eb:dc:fe:1e:b5:f5:5a:da:b6:84:6a:b5:
fd:f7:2d:cd:a8:ae:a3:0f:30:98:28:14:0d:42:b4:7d:13:11:
d6:23:8c:22:6e:50:96:c3:fd:70:73:03:76:b1:ac:73:33:65:
9f:47:f6:27:52:ab:f3:3f:be:be:23:76:74:21:30:f5:30:0f:
ad:69:5d:42:0c:76:81:a2:7f:90:49:fb:a8:e0:98:1c:d3:23:
ff:42:78:3b:13:7d:48:fc:62:69:be:72:ff:49:ef:01:17:b0:
f1:0f:9e:72:d4:13:a2:d4:7e:5f:79:18:07:6d:59:bb:46:a9:
f7:0c:e5:bc:b0:8b:10:fa:5e:39:e3:40:47:58:10:21:03:65:
54:6e:de:70:7e:6d:00:b2:5c:54:37:46:59:3d:19:95:58:3b:
18:be:44:fa:41:3a:3a:1c:a3:fd:bc:38:12:e1:21:65:52:a5:
84:a3:3e:23:4b:33:c3:47:38:ca:5c:c8:77:c9:96:1f:83:a3:
f7:36:e0:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuRrlzn5H81FhL13HOla7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjQwMTAxMjAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjhlNDhjOWE2ODRhZmNkNzU4YmJmZDcwNTAyNzVhOWJmOTZjYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArif3Cf1nVd+P8VZ9xwP1apG32vd+
YsQUgJH1sowSOtJALRC8z42HILD3bB6c5GvFMjU2rmb7/1OcwkAVPHUYqh2ZINf6
WIy/mi6zjZO54yIaclyS03yoN179jlkRyNbPV5HDDpJBmYm0RBQfSqGpWWZrJOWB
/6i2grT2r+ViQXvi8H/Xz1m7IJX8OGUUTWTnRIshxBM0e8DB2+BRz6E0AKBMUN8S
2dtUCu5RYr1JIC4VLcmggOiNiLm/o+GGnX2VvhhwG1wEquGhn7lvWngZIWo9ng4J
wjU9X9gAJrsRvCojKJUJ2TrZV3Q7TUKgwPOwaS0WXrdGgTlC6YSm4L5iCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+OSMmmhK/NdYu/1wUCdam/lsogMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvSDQ1SXlhYUVyODExaTdfWEJRSjFxYi1XeWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyRMA0G
CSqGSIb3DQEBCwUAA4IBAQADqSoNqNXOXIomTnw0RPkuqR0+26ghk4TpTcvrRcd+
M5UptNVYfJVOvnr/tWippn7fz/UK7g+z7rSbUArr3P4etfVa2raEarX99y3NqK6j
DzCYKBQNQrR9ExHWI4wiblCWw/1wcwN2saxzM2WfR/YnUqvzP76+I3Z0ITD1MA+t
aV1CDHaBon+QSfuo4Jgc0yP/Qng7E31I/GJpvnL/Se8BF7DxD55y1BOi1H5feRgH
bVm7Rqn3DOW8sIsQ+l4540BHWBAhA2VUbt5wfm0AslxUN0ZZPRmVWDsYvkT6QTo6
HKP9vDgS4SFlUqWEoz4jSzPDRzjKXMh3yZYfg6P3NuD4
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:00:23 2024 by rpki-client on console-fra.rpki-client.org