Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/XlfwVICSW__efDE3Ro4FQxkhaLw.roa
File: XlfwVICSW__efDE3Ro4FQxkhaLw.roa (raw, json)
Hash identifier: 4joLwfP7MQOEpA9MKHT0OQD/oltoIcnYwPBX/GiXF6Y=
Subject key identifier: 5E:57:F0:54:80:92:5B:FF:DE:7C:31:37:46:8E:05:43:19:21:68:BC
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 019353A03BE7AA86C1ADB8231856DBC3BC75
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/XlfwVICSW__efDE3Ro4FQxkhaLw.roa
Signing time: Fri 22 Nov 2024 11:27:10 +0000
ROA not before: Fri 22 Nov 2024 11:27:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 45.134.20.0/24 maxlen: 24
2a0e:d787::/32 maxlen: 48
2a11:f885::/32 maxlen: 48
2a11:f886::/32 maxlen: 48
2a11:f887::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:a0:3b:e7:aa:86:c1:ad:b8:23:18:56:db:c3:bc:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Nov 22 11:27:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e57f05480925bffde7c3137468e0543192168bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fc:0e:f5:1f:94:0d:c2:55:ff:4c:a2:6f:3c:
d3:36:13:7d:64:bb:c6:75:eb:33:76:28:48:cf:de:
03:1f:a8:51:e4:2e:b2:70:8c:67:9a:3c:f3:30:a8:
85:a8:39:fb:ad:7c:4c:ec:56:35:48:91:1c:ef:3a:
75:c3:eb:7e:ca:68:86:e4:63:d2:e3:a3:8f:e5:fc:
23:0e:ce:11:dc:f8:95:6c:21:61:7b:bb:18:27:25:
88:81:a8:63:e7:ca:68:5a:1c:31:a4:cc:71:a5:81:
7d:b3:43:b1:f2:9b:98:9d:64:dc:20:38:24:c9:83:
3c:ed:2c:f2:bd:9b:f0:28:94:5c:72:24:12:3a:2d:
c5:37:28:01:dd:d4:90:72:d4:54:56:bc:47:a3:57:
67:77:41:1f:93:86:e9:f9:cb:6a:64:53:64:e1:0d:
bb:e8:91:b4:15:07:6d:e8:03:f3:a1:ba:58:62:c3:
08:7b:2d:3c:59:4c:e5:79:7e:36:e0:60:b4:de:62:
e3:93:3b:b4:75:30:92:af:af:4e:15:3a:bd:1e:70:
fb:e0:d8:c6:62:48:0e:37:8f:d8:81:8a:80:b5:23:
d0:f4:01:9c:9b:30:64:a0:bd:5d:6f:9d:d0:4f:ef:
7b:21:ce:2a:0f:5c:12:3e:1d:7b:d8:03:52:fd:91:
0a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:57:F0:54:80:92:5B:FF:DE:7C:31:37:46:8E:05:43:19:21:68:BC
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/XlfwVICSW__efDE3Ro4FQxkhaLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.20.0/24
IPv6:
2a0e:d787::/32
2a11:f885::-2a11:f887:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
52:cd:aa:49:9a:40:4d:0f:80:86:e6:0e:a8:e0:17:df:c8:ac:
bf:33:fe:f5:57:fe:ef:55:87:54:48:f7:49:47:dc:8f:4e:fb:
25:56:91:85:a8:d9:4f:67:1e:55:ec:96:37:f2:34:ce:02:a1:
b0:eb:35:2d:08:3e:15:4b:f7:6c:4c:0c:28:dc:d3:69:8a:b8:
42:8f:9b:60:1a:5c:bb:6c:60:bc:de:a8:24:34:83:fb:f4:2e:
97:71:15:88:34:6d:93:0c:fb:e2:91:94:32:4c:fe:91:e5:3c:
6d:d4:4e:ce:2f:00:23:bc:01:dd:be:51:3b:5c:ad:da:d4:5b:
39:1a:04:f9:4a:2a:b5:4f:14:25:48:e2:73:43:6d:1c:ae:b2:
b4:ae:3d:9f:ec:1e:28:47:6a:78:fa:bd:da:bb:fd:4a:02:61:
47:3a:6b:78:4a:4e:d5:fd:e0:7a:7a:7d:d3:b7:fc:dd:c1:1a:
7f:07:58:45:bc:a9:4f:26:e1:c9:6e:b8:01:21:b4:89:ac:6c:
54:60:51:b1:c6:93:7c:2b:c8:45:5c:b4:80:e0:f3:b6:56:fd:
5a:e3:35:34:42:23:cc:99:3e:c2:04:7c:2c:47:82:81:15:29:
78:53:71:a8:2f:f3:48:45:af:b0:3b:4a:95:fa:e2:f4:d3:e4:
13:d4:56:85
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZNToDvnqobBrbgjGFbbw7x1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQxMTIyMTEyNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTU3ZjA1NDgwOTI1YmZmZGU3YzMxMzc0NjhlMDU0MzE5MjE2OGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPwO9R+UDcJV/0yibzzTNhN9ZLvG
deszdihIz94DH6hR5C6ycIxnmjzzMKiFqDn7rXxM7FY1SJEc7zp1w+t+ymiG5GPS
46OP5fwjDs4R3PiVbCFhe7sYJyWIgahj58poWhwxpMxxpYF9s0Ox8puYnWTcIDgk
yYM87SzyvZvwKJRcciQSOi3FNygB3dSQctRUVrxHo1dnd0Efk4bp+ctqZFNk4Q27
6JG0FQdt6APzobpYYsMIey08WUzleX424GC03mLjkzu0dTCSr69OFTq9HnD74NjG
YkgON4/YgYqAtSPQ9AGcmzBkoL1db53QT+97Ic4qD1wSPh172ANS/ZEKEwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFF5X8FSAklv/3nwxN0aOBUMZIWi8MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvWGxmd1ZJQ1NXX19lZkRFM1JvNEZReGtoYUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQALYYUMB0E
AgACMBcDBQAqDteHMA4DBQAqEfiFAwUDKhH4gDANBgkqhkiG9w0BAQsFAAOCAQEA
Us2qSZpATQ+AhuYOqOAX38isvzP+9Vf+71WHVEj3SUfcj077JVaRhajZT2ceVeyW
N/I0zgKhsOs1LQg+FUv3bEwMKNzTaYq4Qo+bYBpcu2xgvN6oJDSD+/Qul3EViDRt
kwz74pGUMkz+keU8bdROzi8AI7wB3b5RO1yt2tRbORoE+UoqtU8UJUjic0NtHK6y
tK49n+weKEdqePq92rv9SgJhRzpreEpO1f3genp907f83cEafwdYRbypTybhyW64
ASG0iaxsVGBRscaTfCvIRVy0gODztlb9WuM1NEIjzJk+wgR8LEeCgRUpeFNxqC/z
SEWvsDtKlfri9NPkE9RWhQ==
-----END CERTIFICATE-----
Generated at Tue Nov 26 06:36:15 2024 by rpki-client on console-fra.rpki-client.org