Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/4aeb8a-b96f-4ec4-8d8e-eabe34e802b4/1/xL1waNLH89tu16gqR_InkZtP0MM.roa
File: xL1waNLH89tu16gqR_InkZtP0MM.roa (raw, json)
Hash identifier: UbiBAyPW5WcKpHG6QUDn1a6TZhLyyQKfdK3u0M9NdEQ=
Subject key identifier: C4:BD:70:68:D2:C7:F3:DB:6E:D7:A8:2A:47:F2:27:91:9B:4F:D0:C3
Certificate issuer: /CN=6e83f685eb7b6a2f8464b997129338d63f7eed6a
Certificate serial: 0194214437854C29D40ADA82BC7F019F5448
Authority key identifier: 6E:83:F6:85:EB:7B:6A:2F:84:64:B9:97:12:93:38:D6:3F:7E:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/boP2het7ai-EZLmXEpM41j9-7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/4aeb8a-b96f-4ec4-8d8e-eabe34e802b4/1/xL1waNLH89tu16gqR_InkZtP0MM.roa
Signing time: Wed 01 Jan 2025 09:48:26 +0000
ROA not before: Wed 01 Jan 2025 09:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12731
IP address blocks: 45.130.192.0/23 maxlen: 23
2a0e:57c0:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/4aeb8a-b96f-4ec4-8d8e-eabe34e802b4/1/boP2het7ai-EZLmXEpM41j9-7Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/4aeb8a-b96f-4ec4-8d8e-eabe34e802b4/1/boP2het7ai-EZLmXEpM41j9-7Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/boP2het7ai-EZLmXEpM41j9-7Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:37:85:4c:29:d4:0a:da:82:bc:7f:01:9f:54:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e83f685eb7b6a2f8464b997129338d63f7eed6a
Validity
Not Before: Jan 1 09:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4bd7068d2c7f3db6ed7a82a47f227919b4fd0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:55:18:49:b8:de:97:d1:14:e5:a1:44:65:df:
84:3b:5b:2f:32:2c:f3:6b:36:4b:09:fd:dc:a8:5d:
e6:5f:36:ac:38:61:83:e2:eb:3e:09:cf:d2:e3:25:
66:b2:a1:1f:2a:70:75:7d:5b:9f:4a:1a:4b:0b:42:
53:a9:31:bb:05:2e:38:4c:20:2a:7c:0a:81:3c:48:
33:da:25:7c:f3:4d:d7:bb:a3:e7:f6:41:a0:33:f9:
7f:50:89:2c:71:c6:f9:62:dd:b8:de:8b:8f:4d:18:
93:10:12:01:89:d6:9c:d7:11:af:ff:01:47:70:1b:
94:7c:ca:36:17:75:90:75:04:2e:e3:88:fd:5f:ca:
07:14:4b:47:ea:b9:b7:17:ea:5a:fa:d6:89:2e:b2:
9b:fc:46:f0:74:d0:45:12:90:00:22:05:ed:45:1b:
45:7c:78:97:4a:f9:e2:b7:f4:04:1c:3a:70:f6:8c:
d8:fb:17:b0:9c:54:ba:1d:45:bc:d1:6d:a3:8f:f0:
e8:f2:85:3e:1c:a5:b2:61:72:02:08:5d:b6:ff:fb:
71:f6:1c:9c:f7:f8:b6:79:7c:df:e4:c8:dd:5a:ef:
23:49:d4:8d:19:95:35:aa:ac:4f:e0:e1:49:84:30:
c9:44:10:25:04:1e:7c:40:a9:b8:4f:5b:9e:44:86:
af:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:BD:70:68:D2:C7:F3:DB:6E:D7:A8:2A:47:F2:27:91:9B:4F:D0:C3
X509v3 Authority Key Identifier:
keyid:6E:83:F6:85:EB:7B:6A:2F:84:64:B9:97:12:93:38:D6:3F:7E:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/boP2het7ai-EZLmXEpM41j9-7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4aeb8a-b96f-4ec4-8d8e-eabe34e802b4/1/xL1waNLH89tu16gqR_InkZtP0MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/4aeb8a-b96f-4ec4-8d8e-eabe34e802b4/1/boP2het7ai-EZLmXEpM41j9-7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.192.0/23
IPv6:
2a0e:57c0:800::/38
Signature Algorithm: sha256WithRSAEncryption
0d:fd:0d:3a:d2:6f:7c:cf:a6:94:be:e9:4e:43:b1:7f:ae:4c:
2e:5b:87:62:fd:d3:e0:b6:7e:10:ee:b1:36:ce:11:d3:01:8a:
16:33:28:28:13:9b:02:cc:73:99:7e:4b:69:4c:51:9c:51:c9:
7c:25:ae:7c:d8:a3:18:9a:a5:41:36:03:22:ed:77:f6:76:1f:
85:3d:2a:c6:00:9c:48:d6:16:fc:3b:ce:ec:8c:63:41:cd:c2:
32:36:35:99:76:53:4a:a7:32:ad:5e:b3:93:78:cb:a0:43:49:
59:c0:d4:b1:ea:25:33:5e:9e:d2:ea:87:e5:a2:21:b3:40:60:
27:bd:07:08:54:6e:60:9e:99:3b:9a:33:c7:46:0b:3d:41:6f:
37:1b:d6:8e:f3:eb:c2:fc:28:25:68:4f:f7:40:f4:35:c7:08:
9a:ba:0d:c3:ed:5d:2e:b3:de:ce:be:d1:f9:4d:64:a5:b8:cb:
4f:07:d9:b7:94:d0:4f:47:48:e0:36:a3:8d:dc:ba:c8:52:68:
e2:29:46:8d:11:5b:48:65:47:a0:6d:eb:62:1c:60:c7:16:e7:
30:69:30:bb:6c:07:e9:d0:1c:e9:a3:68:d1:c4:2d:05:7c:fc:
4d:af:07:2a:fa:3c:7c:84:43:99:f5:a9:f5:eb:cc:f0:a5:4b:
33:17:c1:24
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQhRDeFTCnUCtqCvH8Bn1RIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODNmNjg1ZWI3YjZhMmY4NDY0Yjk5NzEyOTMzOGQ2M2Y3
ZWVkNmEwHhcNMjUwMTAxMDk0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGJkNzA2OGQyYzdmM2RiNmVkN2E4MmE0N2YyMjc5MTliNGZkMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FUYSbjel9EU5aFEZd+EO1svMizz
azZLCf3cqF3mXzasOGGD4us+Cc/S4yVmsqEfKnB1fVufShpLC0JTqTG7BS44TCAq
fAqBPEgz2iV8803Xu6Pn9kGgM/l/UIksccb5Yt243ouPTRiTEBIBidac1xGv/wFH
cBuUfMo2F3WQdQQu44j9X8oHFEtH6rm3F+pa+taJLrKb/EbwdNBFEpAAIgXtRRtF
fHiXSvnit/QEHDpw9ozY+xewnFS6HUW80W2jj/Do8oU+HKWyYXICCF22//tx9hyc
9/i2eXzf5MjdWu8jSdSNGZU1qqxP4OFJhDDJRBAlBB58QKm4T1ueRIavRwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMS9cGjSx/PbbteoKkfyJ5GbT9DDMB8GA1UdIwQY
MBaAFG6D9oXre2ovhGS5lxKTONY/fu1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9QMmhldDdhaS1FWkxtWEVwTTQxajktN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy80YWViOGEtYjk2Zi00ZWM0LThkOGUt
ZWFiZTM0ZTgwMmI0LzEveEwxd2FOTEg4OXR1MTZncVJfSW5rWnRQME1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy80YWViOGEtYjk2Zi00ZWM0LThkOGUtZWFiZTM0ZTgwMmI0
LzEvYm9QMmhldDdhaS1FWkxtWEVwTTQxajktN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBLYLAMA4E
AgACMAgDBgIqDlfACDANBgkqhkiG9w0BAQsFAAOCAQEADf0NOtJvfM+mlL7pTkOx
f65MLluHYv3T4LZ+EO6xNs4R0wGKFjMoKBObAsxzmX5LaUxRnFHJfCWufNijGJql
QTYDIu139nYfhT0qxgCcSNYW/DvO7IxjQc3CMjY1mXZTSqcyrV6zk3jLoENJWcDU
seolM16e0uqH5aIhs0BgJ70HCFRuYJ6ZO5ozx0YLPUFvNxvWjvPrwvwoJWhP90D0
NccImroNw+1dLrPezr7R+U1kpbjLTwfZt5TQT0dI4Dajjdy6yFJo4ilGjRFbSGVH
oG3rYhxgxxbnMGkwu2wH6dAc6aNo0cQtBXz8Ta8HKvo8fIRDmfWp9evM8KVLMxfB
JA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:00 2025 by rpki-client