Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XjIl-Aj84gR2doZmSz4VtHpLoJ8.roa
File: XjIl-Aj84gR2doZmSz4VtHpLoJ8.roa (raw, json)
Hash identifier: TKLNG4c89llcTmMAcninznIU39whnEZk2hIt9Aq8HZU=
Subject key identifier: 5E:32:25:F8:08:FC:E2:04:76:76:86:66:4B:3E:15:B4:7A:4B:A0:9F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E2E6614083BAC70AFDCE787C16302E4DA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XjIl-Aj84gR2doZmSz4VtHpLoJ8.roa
Signing time: Mon 11 Mar 2024 16:43:45 +0000
ROA not before: Mon 11 Mar 2024 16:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.149.240.0/24 maxlen: 24
87.120.68.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:66:14:08:3b:ac:70:af:dc:e7:87:c1:63:02:e4:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 11 16:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e3225f808fce204767686664b3e15b47a4ba09f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c9:e4:b7:a7:e6:94:fa:d4:34:ef:2d:6c:9b:
cb:93:67:3e:e6:7d:0b:33:87:f7:29:f9:d3:cf:09:
bd:e1:24:ba:00:14:68:27:83:73:c5:1b:bb:47:4d:
76:50:6e:ca:e3:ff:88:8e:15:7e:2e:fe:4f:f3:1d:
36:b7:84:0e:15:0e:9b:10:d8:a0:01:6b:85:b3:bf:
b9:1d:84:88:fd:c2:3a:0b:13:ef:79:3d:ff:ec:7a:
65:f7:6d:83:d2:4e:bf:35:59:17:4d:85:1f:59:2c:
8f:45:88:47:99:83:be:27:8b:a9:b3:67:8c:be:e2:
46:02:f8:79:09:e5:47:86:0d:34:ca:d9:1b:0e:07:
f7:a4:a1:1c:2c:d2:71:f4:6b:d3:c3:a4:81:35:c6:
20:c8:ce:d3:0e:18:d5:17:f4:c8:14:d3:9d:96:fa:
3d:0f:15:0b:97:30:1c:34:ba:e0:1d:c5:df:56:66:
da:35:b1:4c:5f:1e:73:4a:64:a8:35:1a:39:e6:a2:
52:74:b3:11:72:9f:50:e1:de:c9:c0:50:41:44:b0:
52:6b:70:da:4a:6b:3e:22:c8:a4:3c:0c:7a:0d:05:
9a:80:57:10:01:b0:fa:21:79:18:b3:bb:2a:eb:98:
11:e3:9b:02:c4:fa:e4:3d:88:f6:2d:8f:21:29:e7:
41:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:32:25:F8:08:FC:E2:04:76:76:86:66:4B:3E:15:B4:7A:4B:A0:9F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XjIl-Aj84gR2doZmSz4VtHpLoJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.240.0/24
87.120.68.0/24
87.121.46.0/24
93.123.116.0/24
94.156.14.0/24
185.218.136.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:68:cd:77:40:70:ea:bb:ce:94:13:cb:44:82:a9:e6:5a:ae:
d1:a7:f7:14:9e:68:be:a1:39:5d:e9:fa:b9:7f:12:dc:b6:c8:
fb:5c:77:26:bb:cd:12:10:0f:03:37:9e:63:b0:09:f8:06:77:
49:b2:e6:78:13:aa:4f:29:9b:26:de:2c:12:eb:ab:0d:31:d9:
24:79:f9:9c:10:97:cc:d3:ee:cc:b9:71:38:e9:1a:0f:2a:e1:
d1:d1:82:1b:41:d3:94:02:70:12:d2:a1:71:f7:88:f9:20:4b:
3e:63:0a:0a:ed:c3:33:e8:0b:1a:55:1a:2e:22:24:70:89:af:
54:4d:42:f9:cf:ee:a6:9d:c2:e5:40:58:90:11:03:16:b6:a5:
ad:97:e0:c7:bf:8a:84:c1:7c:05:4e:4d:da:ae:13:25:4c:f8:
27:58:94:51:72:35:0e:6b:f0:b8:80:70:b5:c5:93:b1:91:74:
fc:54:58:93:c6:0a:4f:8b:37:71:b1:d4:ab:ba:18:17:c6:1a:
f1:99:26:f1:99:1d:bf:92:7b:17:42:13:ef:06:3a:1b:71:a5:
35:1a:0f:c4:da:15:91:7d:6a:52:63:32:5b:ee:71:6e:3a:71:
4a:73:b9:4f:3f:f3:d6:43:2e:e4:82:d5:18:1e:d3:d1:c4:b3:
52:a5:5a:fa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY4uZhQIO6xwr9znh8FjAuTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzExMTY0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTMyMjVmODA4ZmNlMjA0NzY3Njg2NjY0YjNlMTViNDdhNGJhMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMnkt6fmlPrUNO8tbJvLk2c+5n0L
M4f3KfnTzwm94SS6ABRoJ4NzxRu7R012UG7K4/+IjhV+Lv5P8x02t4QOFQ6bENig
AWuFs7+5HYSI/cI6CxPveT3/7Hpl922D0k6/NVkXTYUfWSyPRYhHmYO+J4ups2eM
vuJGAvh5CeVHhg00ytkbDgf3pKEcLNJx9GvTw6SBNcYgyM7TDhjVF/TIFNOdlvo9
DxULlzAcNLrgHcXfVmbaNbFMXx5zSmSoNRo55qJSdLMRcp9Q4d7JwFBBRLBSa3Da
Sms+IsikPAx6DQWagFcQAbD6IXkYs7sq65gR45sCxPrkPYj2LY8hKedBqQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF4yJfgI/OIEdnaGZks+FbR6S6CfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWGpJbC1Bajg0Z1IyZG9abVN6NFZ0SHBMb0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZXwAwQA
V3hEAwQAV3kuAwQAXXt0AwQAXpwOAwQAudqIMA0GCSqGSIb3DQEBCwUAA4IBAQAb
aM13QHDqu86UE8tEgqnmWq7Rp/cUnmi+oTld6fq5fxLctsj7XHcmu80SEA8DN55j
sAn4BndJsuZ4E6pPKZsm3iwS66sNMdkkefmcEJfM0+7MuXE46RoPKuHR0YIbQdOU
AnAS0qFx94j5IEs+YwoK7cMz6AsaVRouIiRwia9UTUL5z+6mncLlQFiQEQMWtqWt
l+DHv4qEwXwFTk3arhMlTPgnWJRRcjUOa/C4gHC1xZOxkXT8VFiTxgpPizdxsdSr
uhgXxhrxmSbxmR2/knsXQhPvBjobcaU1Gg/E2hWRfWpSYzJb7nFuOnFKc7lPP/PW
Qy7kgtUYHtPRxLNSpVr6
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:28:45 2024 by rpki-client on console-ams.rpki-client.org