Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/_XLEAdo-AHKL6lGtkO-C_ksD0t8.roa
File: _XLEAdo-AHKL6lGtkO-C_ksD0t8.roa (raw, json)
Hash identifier: JXk+zipMtJBAhX6vddfjEm4BGnvajaYgqDzdILsRhVk=
Subject key identifier: FD:72:C4:01:DA:3E:00:72:8B:EA:51:AD:90:EF:82:FE:4B:03:D2:DF
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 018FEDD1997FDF182D72379473088FCD6266
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/_XLEAdo-AHKL6lGtkO-C_ksD0t8.roa
Signing time: Thu 06 Jun 2024 13:51:27 +0000
ROA not before: Thu 06 Jun 2024 13:51:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33845
IP address blocks: 131.102.0.0/16 maxlen: 24
149.126.48.0/21 maxlen: 24
162.23.0.0/16 maxlen: 24
193.5.216.0/21 maxlen: 24
2a07:2900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:d1:99:7f:df:18:2d:72:37:94:73:08:8f:cd:62:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jun 6 13:51:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd72c401da3e00728bea51ad90ef82fe4b03d2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3a:43:fe:41:34:4c:49:e9:9f:f4:20:06:4a:
03:7b:f3:83:93:a1:a0:82:05:3e:61:96:a5:9d:31:
4c:06:00:e6:fd:5c:bf:29:2c:f2:38:e8:11:53:cb:
2d:3c:cc:a2:73:e4:cc:60:77:ed:a7:7f:69:bc:6b:
bb:e4:9c:d7:1d:72:7d:12:66:95:93:8c:8f:2e:59:
05:76:ec:d4:b9:13:81:ec:7c:36:b5:00:ef:8a:13:
32:9a:96:6e:cb:e4:8e:33:43:72:a0:d6:2c:f9:b9:
8e:93:c8:c3:fa:b0:07:88:a1:5b:df:0d:07:15:13:
7b:4b:4e:2b:43:c9:32:7c:e4:46:f7:b5:bf:21:fe:
89:10:d9:ce:f6:4f:93:15:24:85:4d:c5:24:a1:4c:
72:58:15:f8:6a:f7:6b:40:a0:a1:95:b9:66:ef:fc:
74:8b:08:74:3e:28:5c:53:38:2a:55:ff:a0:2a:8d:
47:fa:b7:81:27:5d:b0:fe:48:d5:b6:5e:c5:2f:5a:
4b:fa:b4:6b:4a:37:78:69:d4:b5:cc:fb:0f:68:26:
88:f2:90:e9:ae:0a:96:47:ff:73:e7:5f:89:9e:e3:
5a:e4:58:cc:34:65:12:89:40:4f:2b:74:b9:4d:2b:
c3:c4:1e:19:a4:81:7b:92:d7:9b:bd:cd:b8:0f:bd:
59:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:72:C4:01:DA:3E:00:72:8B:EA:51:AD:90:EF:82:FE:4B:03:D2:DF
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/_XLEAdo-AHKL6lGtkO-C_ksD0t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.102.0.0/16
149.126.48.0/21
162.23.0.0/16
193.5.216.0/21
IPv6:
2a07:2900::/32
Signature Algorithm: sha256WithRSAEncryption
24:78:5c:88:66:c7:aa:76:eb:8d:05:44:e7:65:32:42:c6:ce:
7e:0c:b1:1e:77:90:f7:66:b7:98:84:fb:c1:9b:c0:cc:66:16:
aa:16:1a:61:3a:3e:38:ef:0d:2a:d3:17:58:1c:33:90:1f:ab:
29:37:3b:7c:1d:59:84:eb:c5:d6:b9:09:17:a7:0a:83:f1:6c:
37:63:00:ec:d0:8a:2a:3d:07:cf:03:93:64:78:f5:9e:27:26:
fb:de:6e:35:fd:c2:3b:e0:28:56:89:07:3e:0a:cc:7f:07:5c:
8b:7c:14:fb:c2:e6:db:7a:b1:2d:35:35:53:f3:a7:02:d3:94:
b1:0e:41:c5:4d:76:bb:f9:97:7c:2a:81:34:fd:4e:48:a3:d7:
6f:b3:98:59:3a:73:bd:91:3b:14:ba:b5:71:97:26:f4:73:0d:
f3:0c:e3:0e:83:91:4b:bd:67:e1:13:f2:db:60:15:62:b7:9c:
e6:d9:fd:2b:b3:92:b3:a0:d0:6d:c8:52:30:d9:6b:72:bd:e9:
19:e9:91:92:b0:d1:0d:65:55:aa:39:8e:ec:f1:22:06:29:a6:
4d:79:5a:7d:b1:a4:c1:a4:86:e8:c8:da:e7:2b:db:42:a4:98:
9a:90:80:60:18:2d:9c:42:b8:0f:2e:f1:3d:dd:c7:db:c3:5b:
69:ee:ad:01
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY/t0Zl/3xgtcjeUcwiPzWJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjQwNjA2MTM1MTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDcyYzQwMWRhM2UwMDcyOGJlYTUxYWQ5MGVmODJmZTRiMDNkMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDpD/kE0TEnpn/QgBkoDe/ODk6Gg
ggU+YZalnTFMBgDm/Vy/KSzyOOgRU8stPMyic+TMYHftp39pvGu75JzXHXJ9EmaV
k4yPLlkFduzUuROB7Hw2tQDvihMympZuy+SOM0NyoNYs+bmOk8jD+rAHiKFb3w0H
FRN7S04rQ8kyfORG97W/If6JENnO9k+TFSSFTcUkoUxyWBX4avdrQKChlblm7/x0
iwh0PihcUzgqVf+gKo1H+reBJ12w/kjVtl7FL1pL+rRrSjd4adS1zPsPaCaI8pDp
rgqWR/9z51+JnuNa5FjMNGUSiUBPK3S5TSvDxB4ZpIF7ktebvc24D71ZzQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFP1yxAHaPgByi+pRrZDvgv5LA9LfMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvX1hMRUFkby1BSEtMNmxHdGtPLUNfa3NEMHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAcBAIAATAWAwMAg2YDBAOV
fjADAwCiFwMEA8EF2DANBAIAAjAHAwUAKgcpADANBgkqhkiG9w0BAQsFAAOCAQEA
JHhciGbHqnbrjQVE52UyQsbOfgyxHneQ92a3mIT7wZvAzGYWqhYaYTo+OO8NKtMX
WBwzkB+rKTc7fB1ZhOvF1rkJF6cKg/FsN2MA7NCKKj0HzwOTZHj1nicm+95uNf3C
O+AoVokHPgrMfwdci3wU+8Lm23qxLTU1U/OnAtOUsQ5BxU12u/mXfCqBNP1OSKPX
b7OYWTpzvZE7FLq1cZcm9HMN8wzjDoORS71n4RPy22AVYrec5tn9K7OSs6DQbchS
MNlrcr3pGemRkrDRDWVVqjmO7PEiBimmTXlafbGkwaSG6Mja5yvbQqSYmpCAYBgt
nEK4Dy7xPd3H28Nbae6tAQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:51:58 2024 by rpki-client on console-ams.rpki-client.org