Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/hApdaMK1vbsnIfDlL7P0Z5So3xM.roa
File: hApdaMK1vbsnIfDlL7P0Z5So3xM.roa (raw, json)
Hash identifier: MpxYH2itfVj+tT6LQe4Y8T05heBa3H/eLwtlxngJrVo=
Subject key identifier: 84:0A:5D:68:C2:B5:BD:BB:27:21:F0:E5:2F:B3:F4:67:94:A8:DF:13
Certificate issuer: /CN=884b5e16490b9a68d09fbcb45574350000149afa
Certificate serial: 018CC8DEB9F33A878ABCCBA6EFB74B022939
Authority key identifier: 88:4B:5E:16:49:0B:9A:68:D0:9F:BC:B4:55:74:35:00:00:14:9A:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEteFkkLmmjQn7y0VXQ1AAAUmvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/hApdaMK1vbsnIfDlL7P0Z5So3xM.roa
Signing time: Tue 02 Jan 2024 06:31:28 +0000
ROA not before: Tue 02 Jan 2024 06:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201188
IP address blocks: 45.151.184.0/24 maxlen: 24
45.151.184.0/22 maxlen: 22
45.151.185.0/24 maxlen: 24
45.151.186.0/24 maxlen: 24
45.151.187.0/24 maxlen: 24
2a0f:3500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/iEteFkkLmmjQn7y0VXQ1AAAUmvo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/iEteFkkLmmjQn7y0VXQ1AAAUmvo.mft
rsync://rpki.ripe.net/repository/DEFAULT/iEteFkkLmmjQn7y0VXQ1AAAUmvo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:b9:f3:3a:87:8a:bc:cb:a6:ef:b7:4b:02:29:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=884b5e16490b9a68d09fbcb45574350000149afa
Validity
Not Before: Jan 2 06:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=840a5d68c2b5bdbb2721f0e52fb3f46794a8df13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:eb:7b:fc:0b:05:c2:41:1a:9f:2d:83:dd:7c:
ed:02:06:24:5a:f5:a3:0a:26:c1:5a:c0:53:35:cc:
8e:6b:68:ed:c3:5f:2a:e3:98:40:5f:ef:ad:51:84:
4b:0d:08:09:66:80:49:b5:76:ec:2f:85:1f:e4:91:
0d:9c:84:d3:33:dd:72:eb:a6:a4:3f:2f:4b:a3:c5:
49:a1:52:51:a8:29:6c:c9:50:b1:eb:da:11:05:9b:
3c:17:99:7f:c7:86:24:0c:7e:39:bb:cc:a3:db:ea:
d1:fe:c0:31:4c:b0:a8:8a:9e:5e:2f:46:42:7f:0b:
c1:9f:ff:33:a5:64:8a:5d:5e:75:15:d1:72:bd:ee:
31:5a:6f:b7:d9:cc:ff:cf:5f:ba:9d:d0:42:99:5e:
4b:99:58:28:1e:e6:40:94:4e:08:b1:f4:ec:80:9f:
00:27:1a:cd:67:18:38:71:3d:97:df:e8:20:19:c5:
9a:22:65:97:2b:6e:83:f1:d5:d7:5e:82:af:57:ed:
24:d7:21:c2:7b:6d:02:20:71:88:79:44:3f:1c:59:
de:3a:c9:08:8d:3a:a4:ca:d9:32:3e:ec:83:ea:b5:
2c:65:9a:39:d3:27:21:46:31:8f:6c:c9:d4:b8:f0:
d7:11:c7:a3:a1:bc:4b:0c:4b:92:79:a4:64:25:7e:
24:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0A:5D:68:C2:B5:BD:BB:27:21:F0:E5:2F:B3:F4:67:94:A8:DF:13
X509v3 Authority Key Identifier:
keyid:88:4B:5E:16:49:0B:9A:68:D0:9F:BC:B4:55:74:35:00:00:14:9A:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEteFkkLmmjQn7y0VXQ1AAAUmvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/hApdaMK1vbsnIfDlL7P0Z5So3xM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/07b7f7-c41d-4917-b978-ef2d53b5a34d/1/iEteFkkLmmjQn7y0VXQ1AAAUmvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.184.0/22
IPv6:
2a0f:3500::/29
Signature Algorithm: sha256WithRSAEncryption
03:14:35:c7:60:75:23:39:3e:83:3c:30:74:0b:40:b0:78:c1:
e6:92:56:9f:87:3a:46:0d:a8:63:99:8d:6f:0c:9c:c3:2b:7a:
f6:bd:25:b4:7e:ee:48:60:0c:1d:d6:0b:e1:c7:d0:87:ad:fb:
dc:b2:c1:c8:e2:7c:19:d3:9e:80:a1:ff:96:c9:f0:a8:09:4d:
99:ea:21:9e:5a:a1:81:cc:5a:5d:0f:4a:0d:a3:0a:b6:c1:b9:
31:a4:42:7b:b9:0b:2d:24:c1:95:b1:94:34:7c:60:d6:f1:60:
19:d3:80:5b:02:b2:6b:a7:f9:9b:c1:f1:05:e1:b9:fd:b8:c2:
3d:0c:3d:bf:99:6c:26:33:b6:3a:76:f3:aa:c3:ff:84:d7:fc:
ae:4c:93:52:94:7a:cd:f7:56:7f:49:45:1a:5e:4f:c3:0c:7b:
59:4e:49:0a:4d:3d:8e:84:e3:c3:fd:f4:e7:ff:1c:09:85:e7:
19:00:5d:76:f8:60:af:42:7e:86:92:0d:23:23:29:96:9e:cd:
e8:79:4d:6f:ed:11:69:16:11:d1:73:fe:54:b8:b5:eb:65:9a:
08:83:e5:ad:50:6f:da:cc:48:e4:49:b6:cf:49:dc:e1:8c:89:
cc:d3:0e:d0:eb:c9:bb:9f:12:03:31:0e:f0:a7:79:4c:ee:c3:
82:d5:7c:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3rnzOoeKvMum77dLAik5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NGI1ZTE2NDkwYjlhNjhkMDlmYmNiNDU1NzQzNTAwMDAx
NDlhZmEwHhcNMjQwMTAyMDYzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBhNWQ2OGMyYjViZGJiMjcyMWYwZTUyZmIzZjQ2Nzk0YThkZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOt7/AsFwkEany2D3XztAgYkWvWj
CibBWsBTNcyOa2jtw18q45hAX++tUYRLDQgJZoBJtXbsL4Uf5JENnITTM91y66ak
Py9Lo8VJoVJRqClsyVCx69oRBZs8F5l/x4YkDH45u8yj2+rR/sAxTLCoip5eL0ZC
fwvBn/8zpWSKXV51FdFyve4xWm+32cz/z1+6ndBCmV5LmVgoHuZAlE4IsfTsgJ8A
JxrNZxg4cT2X3+ggGcWaImWXK26D8dXXXoKvV+0k1yHCe20CIHGIeUQ/HFneOskI
jTqkytkyPuyD6rUsZZo50ychRjGPbMnUuPDXEcejobxLDEuSeaRkJX4kJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIQKXWjCtb27JyHw5S+z9GeUqN8TMB8GA1UdIwQY
MBaAFIhLXhZJC5po0J+8tFV0NQAAFJr6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUV0ZUZra0xtbWpRbjd5MFZYUTFBQUFVbXZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8wN2I3ZjctYzQxZC00OTE3LWI5Nzgt
ZWYyZDUzYjVhMzRkLzEvaEFwZGFNSzF2YnNuSWZEbEw3UDBaNVNvM3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8wN2I3ZjctYzQxZC00OTE3LWI5NzgtZWYyZDUzYjVhMzRk
LzEvaUV0ZUZra0xtbWpRbjd5MFZYUTFBQUFVbXZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZe4MA0E
AgACMAcDBQMqDzUAMA0GCSqGSIb3DQEBCwUAA4IBAQADFDXHYHUjOT6DPDB0C0Cw
eMHmklafhzpGDahjmY1vDJzDK3r2vSW0fu5IYAwd1gvhx9CHrfvcssHI4nwZ056A
of+WyfCoCU2Z6iGeWqGBzFpdD0oNowq2wbkxpEJ7uQstJMGVsZQ0fGDW8WAZ04Bb
ArJrp/mbwfEF4bn9uMI9DD2/mWwmM7Y6dvOqw/+E1/yuTJNSlHrN91Z/SUUaXk/D
DHtZTkkKTT2OhOPD/fTn/xwJhecZAF12+GCvQn6Gkg0jIymWns3oeU1v7RFpFhHR
c/5UuLXrZZoIg+WtUG/azEjkSbbPSdzhjInM0w7Q68m7nxIDMQ7wp3lM7sOC1Xw0
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:03:38 2024 by rpki-client on console-fra.rpki-client.org