Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/w8CaOlH7Xo7qopAjpYLVPrxtweY.roa
File: w8CaOlH7Xo7qopAjpYLVPrxtweY.roa (raw, json)
Hash identifier: 8RhXFdjZbbFYL9T6NaQy9tHI+r+zw6LX5vygVNTQ7cI=
Subject key identifier: C3:C0:9A:3A:51:FB:5E:8E:EA:A2:90:23:A5:82:D5:3E:BC:6D:C1:E6
Certificate issuer: /CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Certificate serial: 018CC6B845B22105C38C48BA8D0425160A2C
Authority key identifier: C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/w8CaOlH7Xo7qopAjpYLVPrxtweY.roa
Signing time: Mon 01 Jan 2024 20:30:14 +0000
ROA not before: Mon 01 Jan 2024 20:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205893
IP address blocks: 45.11.40.0/24 maxlen: 24
185.202.242.0/24 maxlen: 24
185.202.243.0/24 maxlen: 24
185.202.241.0/24 maxlen: 24
185.202.240.0/24 maxlen: 24
2a0a:e246::/32 maxlen: 32
2a0a:e245::/32 maxlen: 32
2a0a:e242::/32 maxlen: 32
2a0a:e241::/32 maxlen: 32
2a0a:e244::/32 maxlen: 32
2a0a:e247::/32 maxlen: 32
2a0a:e240::/32 maxlen: 32
2a0a:e243::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:45:b2:21:05:c3:8c:48:ba:8d:04:25:16:0a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Validity
Not Before: Jan 1 20:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3c09a3a51fb5e8eeaa29023a582d53ebc6dc1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:dc:a4:ed:08:6a:a0:39:73:f1:7f:3c:7c:60:
fb:29:0a:81:0b:9d:1c:02:94:c3:bc:b4:b9:6f:37:
86:e8:c1:b4:18:e7:15:c3:e8:65:99:69:54:a6:48:
f1:22:5b:fd:2d:3e:e3:f8:05:54:ff:20:f3:70:17:
3c:05:82:a7:ff:70:f1:88:2a:97:1f:39:12:72:2d:
84:45:2d:b6:2c:d7:a5:43:81:af:16:9d:8e:1a:70:
fb:55:39:4d:93:ac:41:7d:14:5d:b2:18:7f:34:3e:
39:66:62:8a:8d:f0:62:9a:a5:80:30:65:4d:f0:dc:
18:21:ef:1c:4a:1e:be:57:1e:7b:68:33:d2:8f:22:
59:b3:f3:6a:49:91:eb:b0:e6:98:26:57:09:ac:4e:
ed:7b:52:a4:75:ac:37:37:42:51:fa:df:ed:34:14:
be:96:93:f8:83:b9:b7:bc:98:e7:76:ad:e6:74:3e:
bb:84:8e:62:fc:fc:0b:87:a2:67:77:ca:68:4b:36:
4d:12:2d:29:2c:71:a8:ee:71:ba:01:2d:c4:ea:00:
f5:4c:b5:db:2c:a7:f8:0c:be:3c:31:47:65:b4:7f:
5e:17:ee:f1:d9:00:58:c1:f7:98:e0:d4:98:b5:c1:
ac:ca:4b:09:fe:68:ac:fa:f0:2c:0a:cc:c8:df:9b:
75:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C0:9A:3A:51:FB:5E:8E:EA:A2:90:23:A5:82:D5:3E:BC:6D:C1:E6
X509v3 Authority Key Identifier:
keyid:C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/w8CaOlH7Xo7qopAjpYLVPrxtweY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.40.0/24
185.202.240.0/22
IPv6:
2a0a:e240::/29
Signature Algorithm: sha256WithRSAEncryption
09:bd:aa:d3:26:d9:4a:95:c5:d5:35:81:8b:81:3a:55:77:ac:
4d:29:68:64:60:a3:7b:10:fe:0e:39:76:23:d4:7f:4a:3e:63:
9e:7d:59:d8:4d:13:7c:75:16:a9:49:86:33:7f:6a:d3:19:f8:
a0:68:64:b6:cc:b0:c5:72:1a:4a:df:10:71:b8:ec:dd:22:eb:
79:37:5f:b4:e9:30:9b:c5:33:2f:63:e0:84:21:83:ef:72:66:
e8:51:b3:0c:29:c1:5b:63:1b:c1:97:00:ad:c6:c5:a7:b4:5e:
43:8e:a3:d2:f8:ff:91:52:e5:a3:03:67:13:9b:a3:0d:f7:c0:
10:b4:8c:98:a2:4f:cd:9a:8f:4c:f4:03:e4:43:2c:29:5e:99:
83:45:39:f5:31:8c:d0:3b:27:5d:7c:5b:4a:40:4f:4a:15:ca:
cf:fb:ce:23:d9:b2:bb:9f:32:1b:a2:e3:94:24:03:79:9c:a3:
75:0d:b4:99:44:63:2f:96:f2:23:d6:ed:a0:5b:ef:76:95:20:
e0:5b:d6:0d:f7:da:6b:41:1d:df:6f:b7:73:9b:2b:7b:bc:8a:
62:fd:a1:3f:55:52:e0:ca:c0:9d:9a:fb:7e:6b:cc:4d:3c:46:
8b:8e:49:d5:c9:75:ee:b1:81:15:95:3d:42:81:e4:d7:7b:6c:
08:3c:23:af
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuEWyIQXDjEi6jQQlFgosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjIxYzg5YmM3ZTJiMjE0MDY3ZjMwNzA3YTRhMDNkYzM0
NmVlMDUwHhcNMjQwMTAxMjAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2MwOWEzYTUxZmI1ZThlZWFhMjkwMjNhNTgyZDUzZWJjNmRjMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdyk7QhqoDlz8X88fGD7KQqBC50c
ApTDvLS5bzeG6MG0GOcVw+hlmWlUpkjxIlv9LT7j+AVU/yDzcBc8BYKn/3DxiCqX
HzkSci2ERS22LNelQ4GvFp2OGnD7VTlNk6xBfRRdshh/ND45ZmKKjfBimqWAMGVN
8NwYIe8cSh6+Vx57aDPSjyJZs/NqSZHrsOaYJlcJrE7te1Kkdaw3N0JR+t/tNBS+
lpP4g7m3vJjndq3mdD67hI5i/PwLh6Jnd8poSzZNEi0pLHGo7nG6AS3E6gD1TLXb
LKf4DL48MUdltH9eF+7x2QBYwfeY4NSYtcGsyksJ/mis+vAsCszI35t1+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMPAmjpR+16O6qKQI6WC1T68bcHmMB8GA1UdIwQY
MBaAFMSyHIm8fishQGfzBwekoD3DRu4FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODkt
MDYzYjQwMTc0NTk3LzEvdzhDYU9sSDdYbzdxb3BBanBZTFZQcnh0d2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODktMDYzYjQwMTc0NTk3
LzEveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQsoAwQC
ucrwMA0EAgACMAcDBQMqCuJAMA0GCSqGSIb3DQEBCwUAA4IBAQAJvarTJtlKlcXV
NYGLgTpVd6xNKWhkYKN7EP4OOXYj1H9KPmOefVnYTRN8dRapSYYzf2rTGfigaGS2
zLDFchpK3xBxuOzdIut5N1+06TCbxTMvY+CEIYPvcmboUbMMKcFbYxvBlwCtxsWn
tF5DjqPS+P+RUuWjA2cTm6MN98AQtIyYok/Nmo9M9APkQywpXpmDRTn1MYzQOydd
fFtKQE9KFcrP+84j2bK7nzIbouOUJAN5nKN1DbSZRGMvlvIj1u2gW+92lSDgW9YN
99prQR3fb7dzmyt7vIpi/aE/VVLgysCdmvt+a8xNPEaLjknVyXXusYEVlT1CgeTX
e2wIPCOv
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:52:39 2024 by rpki-client on console-fra.rpki-client.org