Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Xw90L885kIMpc54EV17rdg4QfLY.roa
File: Xw90L885kIMpc54EV17rdg4QfLY.roa (raw, json)
Hash identifier: aX+lIXoluf0pM1PWKF7XHCyAVGWBaJu28+Ea7v9jz7c=
Subject key identifier: 5F:0F:74:2F:CF:39:90:83:29:73:9E:04:57:5E:EB:76:0E:10:7C:B6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0192E523CD7ACD392D543701423695BF8646
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Xw90L885kIMpc54EV17rdg4QfLY.roa
Signing time: Fri 01 Nov 2024 00:33:01 +0000
ROA not before: Fri 01 Nov 2024 00:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 45.9.30.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e5:23:cd:7a:cd:39:2d:54:37:01:42:36:95:bf:86:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 1 00:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f0f742fcf39908329739e04575eeb760e107cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8f:37:d5:74:73:93:d2:57:02:79:e1:b0:ce:
3a:7b:c3:36:6c:67:7d:c5:4c:8b:7c:bd:0a:6f:2d:
2f:b7:61:93:8f:89:de:fe:f1:90:b3:d0:31:78:52:
f6:31:82:52:8e:6a:ab:5d:64:c1:71:eb:71:ef:e8:
6a:0b:66:97:f6:97:29:b1:3c:a9:5b:f3:31:39:84:
ca:bb:29:ac:34:b3:c6:38:96:6f:35:94:91:55:0d:
75:20:a8:13:b4:be:0d:3a:b7:6d:c1:a0:03:39:3e:
2e:a3:4f:f2:04:4e:e8:39:63:5a:49:fe:4d:f9:d1:
5c:a1:ea:e2:81:25:59:2e:0f:c5:cd:d6:3a:4b:5a:
16:31:f1:d4:48:13:28:2f:48:18:20:fe:31:f4:9c:
ec:70:ce:2f:31:2e:4d:e2:59:d5:51:fa:20:58:33:
90:5a:ac:a3:88:88:25:ba:47:d8:33:22:85:15:d1:
3d:df:f1:ab:3f:5d:85:87:06:87:9b:4d:c7:a1:e5:
97:ea:06:51:49:fe:4f:95:59:56:56:73:25:f9:31:
b2:0b:33:f7:25:65:7a:5f:c2:0d:80:23:9d:0f:46:
f9:ca:2c:22:88:6a:73:0a:50:ec:d5:75:7e:9e:fa:
7c:a5:5e:67:2b:ce:9d:02:c0:71:a5:4a:b5:16:f6:
14:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0F:74:2F:CF:39:90:83:29:73:9E:04:57:5E:EB:76:0E:10:7C:B6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Xw90L885kIMpc54EV17rdg4QfLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.13.190.0/24
45.144.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:d9:77:da:40:3f:e6:d9:9d:d2:37:03:ba:a2:ca:23:fb:3a:
7e:bb:2c:3d:5a:59:9e:c2:c3:ec:e0:5e:af:d6:32:58:41:42:
b1:0d:47:62:b8:c7:34:ae:8d:00:e0:81:ba:c9:00:f1:d0:14:
aa:33:d7:10:94:95:d6:7f:ae:e6:8a:c2:1b:17:85:ad:47:bc:
9c:71:d6:a0:52:20:81:f4:0b:a2:9c:2b:cf:14:fc:27:66:f1:
bb:ee:b9:be:0e:23:a4:f4:51:42:b6:41:aa:3b:13:8c:78:e9:
33:ce:40:9f:3a:c9:71:1c:d3:b5:b8:ab:9d:2c:bb:f5:0f:3b:
96:76:d8:1d:7b:c1:e2:09:e0:76:9a:25:0b:4c:36:89:91:48:
c8:8d:64:0b:eb:e2:61:d1:30:d1:d8:b8:c7:4d:56:15:a2:9b:
72:ea:56:06:16:71:fd:06:38:b1:7d:9a:d9:4a:6a:26:26:09:
28:af:fe:ba:81:ee:77:6a:03:49:d5:be:06:c5:d1:3a:06:1c:
94:99:79:a1:bb:50:fb:d8:14:53:67:e7:29:09:b1:d7:71:a1:
1d:c8:23:a2:0e:a6:03:1a:2a:46:2c:12:56:42:a7:c1:d6:ce:
5f:bf:61:e4:f2:e1:fd:12:ab:d5:a4:d7:92:ba:49:78:43:88:
e4:32:6a:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLlI816zTktVDcBQjaVv4ZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMTAxMDAzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjBmNzQyZmNmMzk5MDgzMjk3MzllMDQ1NzVlZWI3NjBlMTA3Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24831XRzk9JXAnnhsM46e8M2bGd9
xUyLfL0Kby0vt2GTj4ne/vGQs9AxeFL2MYJSjmqrXWTBcetx7+hqC2aX9pcpsTyp
W/MxOYTKuymsNLPGOJZvNZSRVQ11IKgTtL4NOrdtwaADOT4uo0/yBE7oOWNaSf5N
+dFcoerigSVZLg/FzdY6S1oWMfHUSBMoL0gYIP4x9JzscM4vMS5N4lnVUfogWDOQ
WqyjiIglukfYMyKFFdE93/GrP12FhwaHm03HoeWX6gZRSf5PlVlWVnMl+TGyCzP3
JWV6X8INgCOdD0b5yiwiiGpzClDs1XV+nvp8pV5nK86dAsBxpUq1FvYUrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF8PdC/POZCDKXOeBFde63YOEHy2MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWHc5MEw4ODVrSU1wYzU0RVYxN3JkZzRRZkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQkeAwQA
LQ2+AwQALZDVMA0GCSqGSIb3DQEBCwUAA4IBAQBL2XfaQD/m2Z3SNwO6osoj+zp+
uyw9WlmewsPs4F6v1jJYQUKxDUdiuMc0ro0A4IG6yQDx0BSqM9cQlJXWf67misIb
F4WtR7yccdagUiCB9AuinCvPFPwnZvG77rm+DiOk9FFCtkGqOxOMeOkzzkCfOslx
HNO1uKudLLv1DzuWdtgde8HiCeB2miULTDaJkUjIjWQL6+Jh0TDR2LjHTVYVopty
6lYGFnH9BjixfZrZSmomJgkor/66ge53agNJ1b4GxdE6BhyUmXmhu1D72BRTZ+cp
CbHXcaEdyCOiDqYDGipGLBJWQqfB1s5fv2Hk8uH9EqvVpNeSukl4Q4jkMmrA
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:33:16 2024 by rpki-client on console-fra.rpki-client.org