Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/xDblw5K3v2Pe-qanjhjiLY4AMMw.roa
File: xDblw5K3v2Pe-qanjhjiLY4AMMw.roa (raw, json)
Hash identifier: P5T5dY5pASvW/sh1Nr0FqRw6beNzgEN21BZ2o6erRA8=
Subject key identifier: C4:36:E5:C3:92:B7:BF:63:DE:FA:A6:A7:8E:18:E2:2D:8E:00:30:CC
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018FABDA02E10033CFA47F745FDFFBA98E92
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/xDblw5K3v2Pe-qanjhjiLY4AMMw.roa
Signing time: Fri 24 May 2024 18:25:42 +0000
ROA not before: Fri 24 May 2024 18:25:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197537
IP address blocks: 45.141.130.0/24 maxlen: 24
185.240.85.0/24 maxlen: 24
193.56.21.0/24 maxlen: 24
212.87.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ab:da:02:e1:00:33:cf:a4:7f:74:5f:df:fb:a9:8e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: May 24 18:25:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c436e5c392b7bf63defaa6a78e18e22d8e0030cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2d:9d:41:5a:c8:e0:10:cc:9b:b5:3a:d1:17:
95:fe:8e:91:fa:41:dc:60:98:9b:19:64:66:e7:85:
0a:76:d7:c6:55:02:a0:53:7a:0e:e7:e9:ef:fd:09:
1b:5e:d1:c7:11:db:bd:ba:05:d2:b6:b8:70:a0:df:
64:4f:dc:fa:b4:2a:13:e3:a5:da:4a:f9:91:72:1f:
9c:13:32:0a:6e:e7:69:a5:ca:f2:9a:c9:12:c5:7e:
df:36:ff:3a:49:e4:f5:56:bd:84:4a:fa:61:48:3f:
ba:bb:47:e8:4f:74:0c:d3:92:84:28:35:02:d3:fb:
6d:44:7a:54:b9:e5:16:a4:f2:6d:d6:d8:78:b5:d1:
af:f1:c3:26:7c:2e:34:04:1b:60:63:7c:45:ef:7d:
3f:43:cf:67:86:2e:8e:55:b5:11:26:ae:eb:0b:fb:
05:84:98:e8:f5:79:ae:ab:2d:e2:36:55:85:f6:e4:
8c:31:93:00:a7:d0:a0:4e:50:51:7d:0f:c1:df:a9:
89:67:1a:0d:3c:19:fb:47:32:e6:58:91:a5:59:bd:
3f:3b:fa:f9:d9:e5:34:ee:e2:d2:1c:86:75:b8:16:
b7:de:bd:a3:55:1d:bd:02:b6:98:ed:24:42:c3:2a:
e1:bf:af:02:ca:16:94:9b:e8:82:ab:13:43:b8:87:
06:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:36:E5:C3:92:B7:BF:63:DE:FA:A6:A7:8E:18:E2:2D:8E:00:30:CC
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/xDblw5K3v2Pe-qanjhjiLY4AMMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.130.0/24
185.240.85.0/24
193.56.21.0/24
212.87.217.0/24
Signature Algorithm: sha256WithRSAEncryption
04:75:b1:8d:0f:b1:ba:e0:ec:27:6f:75:30:a6:e3:18:10:db:
76:09:e8:ac:7c:ef:08:63:85:98:c1:eb:ae:a9:ad:28:12:1b:
02:cd:c6:c4:58:73:df:b2:e5:59:6c:42:ab:6b:af:53:24:58:
57:5c:ea:35:49:59:fc:5b:85:e1:91:44:9b:f4:6f:be:d5:7d:
9e:70:41:bd:94:b5:f2:f4:16:37:9f:5a:98:e0:53:e2:e5:5a:
f1:66:57:8a:41:dc:d6:0f:b9:11:b1:cf:93:3c:d1:28:0d:57:
9a:2a:71:0b:b9:0f:f9:ff:58:05:da:ba:be:91:bd:77:b0:2c:
d6:51:4d:fc:9d:ea:13:a3:a9:74:9a:00:73:e9:33:b2:5c:7e:
03:bf:8d:83:e4:ef:8e:ef:ce:e9:de:6f:ca:0d:20:f8:05:28:
a3:c2:c2:fe:92:05:bb:d2:2b:19:07:38:32:9c:ec:43:16:f7:
3b:4e:6f:b4:bb:b1:7a:b6:1c:02:17:9c:68:39:33:d2:d1:12:
f2:16:30:f2:39:4a:a2:45:82:6e:af:8c:76:22:94:d6:46:2e:
99:f0:ca:c1:17:b4:e9:e1:7f:a7:2d:b7:51:99:4a:dc:7e:75:
fc:19:d6:8c:fa:d2:87:33:a7:6e:a9:91:2b:45:cd:e9:f1:e5:
b1:3f:be:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+r2gLhADPPpH90X9/7qY6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQwNTI0MTgyNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDM2ZTVjMzkyYjdiZjYzZGVmYWE2YTc4ZTE4ZTIyZDhlMDAzMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi2dQVrI4BDMm7U60ReV/o6R+kHc
YJibGWRm54UKdtfGVQKgU3oO5+nv/QkbXtHHEdu9ugXStrhwoN9kT9z6tCoT46Xa
SvmRch+cEzIKbudppcrymskSxX7fNv86SeT1Vr2ESvphSD+6u0foT3QM05KEKDUC
0/ttRHpUueUWpPJt1th4tdGv8cMmfC40BBtgY3xF730/Q89nhi6OVbURJq7rC/sF
hJjo9Xmuqy3iNlWF9uSMMZMAp9CgTlBRfQ/B36mJZxoNPBn7RzLmWJGlWb0/O/r5
2eU07uLSHIZ1uBa33r2jVR29AraY7SRCwyrhv68CyhaUm+iCqxNDuIcG6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMQ25cOSt79j3vqmp44Y4i2OADDMMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEveERibHc1SzN2MlBlLXFhbmpoamlMWTRBTU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY2CAwQA
ufBVAwQAwTgVAwQA1FfZMA0GCSqGSIb3DQEBCwUAA4IBAQAEdbGND7G64Ownb3Uw
puMYENt2CeisfO8IY4WYweuuqa0oEhsCzcbEWHPfsuVZbEKra69TJFhXXOo1SVn8
W4XhkUSb9G++1X2ecEG9lLXy9BY3n1qY4FPi5VrxZleKQdzWD7kRsc+TPNEoDVea
KnELuQ/5/1gF2rq+kb13sCzWUU38neoTo6l0mgBz6TOyXH4Dv42D5O+O787p3m/K
DSD4BSijwsL+kgW70isZBzgynOxDFvc7Tm+0u7F6thwCF5xoOTPS0RLyFjDyOUqi
RYJur4x2IpTWRi6Z8MrBF7Tp4X+nLbdRmUrcfnX8GdaM+tKHM6duqZErRc3p8eWx
P76y
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:27:42 2024 by rpki-client on console-ams.rpki-client.org