Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/XT1zj5bUysEe3DBL0TeKsvelwYI.roa
File: XT1zj5bUysEe3DBL0TeKsvelwYI.roa (raw, json)
Hash identifier: rl8Y2PJOWJ2EF1Vz90P2LXCnxHV8yV6HWDixas2qiPU=
Subject key identifier: 5D:3D:73:8F:96:D4:CA:C1:1E:DC:30:4B:D1:37:8A:B2:F7:A5:C1:82
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0191B29F3085F36084FA7FE3AD3CC5B65443
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/XT1zj5bUysEe3DBL0TeKsvelwYI.roa
Signing time: Mon 02 Sep 2024 12:04:22 +0000
ROA not before: Mon 02 Sep 2024 12:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212826
IP address blocks: 45.130.52.0/24 maxlen: 24
45.152.11.0/24 maxlen: 24
45.157.32.0/23 maxlen: 24
46.161.208.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:9f:30:85:f3:60:84:fa:7f:e3:ad:3c:c5:b6:54:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Sep 2 12:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d3d738f96d4cac11edc304bd1378ab2f7a5c182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ae:8f:2e:d2:40:57:4d:7e:50:2b:2e:2c:d5:
89:88:f8:5a:33:15:79:e4:d7:1a:9e:e7:eb:7e:2d:
4a:c7:54:30:75:dd:45:02:ae:be:0b:72:f6:ca:a8:
32:d3:51:72:99:b7:52:32:04:4a:70:c0:26:3a:9f:
6c:06:62:d0:6d:92:9f:a8:68:c8:5b:37:30:0f:38:
90:b2:3e:6d:86:70:88:44:94:74:a0:03:39:5e:53:
b1:46:2c:5f:c5:c4:7d:4b:90:7e:51:67:83:29:cf:
c2:88:f1:df:30:aa:b0:4e:af:a9:ad:7b:d1:7e:dc:
2b:ba:dd:2a:95:6a:cc:86:76:63:6e:e0:76:5b:2d:
c5:4f:be:a3:99:45:a9:aa:98:8f:24:c5:71:ad:67:
ed:bd:e1:71:48:e1:43:25:f4:c1:6f:2f:9b:07:a2:
b0:97:8c:85:66:7b:2e:c8:0a:d4:8c:8f:59:fb:b5:
24:d0:ea:f6:fc:82:f6:2b:22:31:32:ae:58:2f:14:
c3:39:55:b9:3d:8b:73:aa:d4:09:3f:d5:06:5a:d9:
1f:4a:9f:3d:0d:e7:99:9d:69:d8:e5:01:ab:96:ba:
0a:25:d4:c2:45:0f:02:d6:20:b2:4d:f9:57:50:5f:
4c:bb:96:29:65:c3:f5:a4:fd:7f:38:a0:eb:c2:a9:
d0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3D:73:8F:96:D4:CA:C1:1E:DC:30:4B:D1:37:8A:B2:F7:A5:C1:82
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/XT1zj5bUysEe3DBL0TeKsvelwYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.52.0/24
45.152.11.0/24
45.157.32.0/23
46.161.208.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:6a:50:3a:55:78:ce:32:03:c9:2c:97:bd:da:c6:6b:e2:71:
12:ff:00:ed:93:5e:0a:92:77:c7:13:6b:2a:d8:6a:1c:00:54:
2e:6d:d3:9a:64:1b:ca:0c:88:5e:01:19:76:8e:45:2e:9d:bb:
40:3f:cb:d5:33:67:b3:7c:71:32:56:a2:22:ab:8d:86:c1:16:
c4:e7:1e:b1:de:13:2d:08:ca:f0:3c:37:a9:3a:51:0b:02:1d:
06:c6:d8:53:ec:c6:b7:49:9e:e6:2c:de:30:e4:c3:b6:db:ca:
6e:40:cc:5f:85:1d:83:e5:dc:fd:8d:cf:65:82:be:ce:f5:ac:
90:72:e6:5a:89:8f:39:fc:bf:d3:26:aa:fd:8a:0f:89:2b:3d:
d2:68:a7:16:f1:e3:0f:07:71:eb:07:75:a6:db:c3:7b:42:81:
7d:0d:b7:02:8d:f9:4f:b9:d9:f4:f0:93:b3:5e:1a:03:61:b7:
e5:2b:20:7f:0d:97:a2:cc:b4:58:7e:ad:25:4a:58:20:7e:69:
5f:c1:01:c7:f3:ff:fb:74:7e:2a:f6:ad:d9:29:0d:f9:e1:d0:
e5:e5:bd:9d:28:c4:93:58:8d:5f:36:4a:09:7f:b9:93:35:f9:
41:68:15:77:0f:18:87:a1:31:20:08:39:83:be:16:a9:65:76:
e5:f5:a8:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGynzCF82CE+n/jrTzFtlRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwOTAyMTIwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDNkNzM4Zjk2ZDRjYWMxMWVkYzMwNGJkMTM3OGFiMmY3YTVjMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh66PLtJAV01+UCsuLNWJiPhaMxV5
5Ncanufrfi1Kx1Qwdd1FAq6+C3L2yqgy01FymbdSMgRKcMAmOp9sBmLQbZKfqGjI
WzcwDziQsj5thnCIRJR0oAM5XlOxRixfxcR9S5B+UWeDKc/CiPHfMKqwTq+prXvR
ftwrut0qlWrMhnZjbuB2Wy3FT76jmUWpqpiPJMVxrWftveFxSOFDJfTBby+bB6Kw
l4yFZnsuyArUjI9Z+7Uk0Or2/IL2KyIxMq5YLxTDOVW5PYtzqtQJP9UGWtkfSp89
DeeZnWnY5QGrlroKJdTCRQ8C1iCyTflXUF9Mu5YpZcP1pP1/OKDrwqnQSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF09c4+W1MrBHtwwS9E3irL3pcGCMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWFQxemo1YlV5c0VlM0RCTDBUZUtzdmVsd1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYI0AwQA
LZgLAwQBLZ0gAwQBLqHQMA0GCSqGSIb3DQEBCwUAA4IBAQA7alA6VXjOMgPJLJe9
2sZr4nES/wDtk14KknfHE2sq2GocAFQubdOaZBvKDIheARl2jkUunbtAP8vVM2ez
fHEyVqIiq42GwRbE5x6x3hMtCMrwPDepOlELAh0GxthT7Ma3SZ7mLN4w5MO228pu
QMxfhR2D5dz9jc9lgr7O9ayQcuZaiY85/L/TJqr9ig+JKz3SaKcW8eMPB3HrB3Wm
28N7QoF9DbcCjflPudn08JOzXhoDYbflKyB/DZeizLRYfq0lSlggfmlfwQHH8//7
dH4q9q3ZKQ354dDl5b2dKMSTWI1fNkoJf7mTNflBaBV3DxiHoTEgCDmDvhapZXbl
9ajy
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:26:32 2024 by rpki-client on console-fra.rpki-client.org