Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/1xSBnK06zgnmMDJ3Re6aQEEY1zI.roa
File: 1xSBnK06zgnmMDJ3Re6aQEEY1zI.roa (raw, json)
Hash identifier: EtvDHBcTeWPrUTgoVJwIbMg9Lwly0QyI1p4UpAp40/0=
Subject key identifier: D7:14:81:9C:AD:3A:CE:09:E6:30:32:77:45:EE:9A:40:41:18:D7:32
Certificate issuer: /CN=1ab5c22bf53b705c7a2bb273ba73e3f0c0595b7b
Certificate serial: 01922A951E96C4E42E3F996CC05E2ADAE7F3
Authority key identifier: 1A:B5:C2:2B:F5:3B:70:5C:7A:2B:B2:73:BA:73:E3:F0:C0:59:5B:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GrXCK_U7cFx6K7JzunPj8MBZW3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/1xSBnK06zgnmMDJ3Re6aQEEY1zI.roa
Signing time: Wed 25 Sep 2024 19:07:48 +0000
ROA not before: Wed 25 Sep 2024 19:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60446
IP address blocks: 45.131.196.0/24 maxlen: 24
45.131.197.0/24 maxlen: 24
45.131.198.0/24 maxlen: 24
45.131.199.0/24 maxlen: 24
185.128.112.0/24 maxlen: 24
185.128.113.0/24 maxlen: 24
185.128.114.0/24 maxlen: 24
185.128.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/GrXCK_U7cFx6K7JzunPj8MBZW3s.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/GrXCK_U7cFx6K7JzunPj8MBZW3s.mft
rsync://rpki.ripe.net/repository/DEFAULT/GrXCK_U7cFx6K7JzunPj8MBZW3s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2a:95:1e:96:c4:e4:2e:3f:99:6c:c0:5e:2a:da:e7:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab5c22bf53b705c7a2bb273ba73e3f0c0595b7b
Validity
Not Before: Sep 25 19:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d714819cad3ace09e630327745ee9a404118d732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d2:a3:99:01:f5:a0:8b:b7:81:6b:b0:42:3f:
ae:08:80:79:44:3d:d6:26:40:a0:70:db:20:dd:b8:
36:5d:6b:92:7f:8d:b4:a8:e5:95:9b:cb:65:91:15:
03:45:25:f3:6e:90:10:f7:14:4d:c6:0f:1e:ba:dd:
bb:7e:ba:eb:e5:14:aa:cf:9b:4d:14:e3:9d:18:84:
dc:32:a8:b0:3c:7f:7f:41:f1:79:e1:e1:64:fd:1a:
be:28:85:ce:47:18:43:c4:e4:10:3a:12:66:17:94:
70:d7:44:da:59:25:50:c6:eb:cd:64:35:99:14:9b:
df:02:20:8e:87:a0:88:39:de:11:a3:90:62:cf:ec:
db:c0:de:6c:bb:0f:59:76:00:fd:69:1a:d1:c0:c8:
f6:79:91:a1:a7:72:2f:0e:89:c3:35:50:a5:0e:e3:
20:98:ea:db:26:eb:d6:12:e6:e8:77:a9:b8:3a:4d:
5a:a9:b5:4a:21:b5:f5:8a:56:4f:50:ea:fa:c8:ab:
44:1b:3c:04:32:20:ff:c3:40:c6:2d:6a:f5:10:0a:
9b:d2:f9:8e:b4:3b:d0:6f:42:7b:04:0c:d8:ff:67:
27:7f:70:aa:d9:d5:6b:de:03:85:7b:65:54:14:f7:
c9:60:85:e7:9e:34:2d:9c:77:de:cb:aa:b7:ff:3b:
1d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:14:81:9C:AD:3A:CE:09:E6:30:32:77:45:EE:9A:40:41:18:D7:32
X509v3 Authority Key Identifier:
keyid:1A:B5:C2:2B:F5:3B:70:5C:7A:2B:B2:73:BA:73:E3:F0:C0:59:5B:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GrXCK_U7cFx6K7JzunPj8MBZW3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/1xSBnK06zgnmMDJ3Re6aQEEY1zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7c8bf4-6ab6-4199-b3a7-b4b1f6f98a90/1/GrXCK_U7cFx6K7JzunPj8MBZW3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.196.0/22
185.128.112.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:56:c5:9e:7f:f7:46:f6:2c:cd:96:63:ef:c9:b1:91:3f:e5:
27:a1:42:16:ed:46:a9:10:5d:8f:6a:18:df:a7:3a:13:5b:f4:
5d:05:d4:4e:fb:47:0d:a8:48:b6:49:36:5b:60:19:84:67:35:
97:09:d2:4d:07:91:c8:fd:ba:29:81:ce:e5:75:73:8c:3d:ad:
b5:d3:57:29:56:ae:f6:53:7c:2e:26:b4:88:06:be:87:9f:8b:
bc:c6:4e:50:05:f7:aa:34:b1:ca:86:cb:76:cb:7c:0e:10:11:
e1:57:2f:ca:96:a6:b2:be:b6:3c:54:3f:9d:c1:bb:50:4d:eb:
7a:d5:37:e6:37:20:a1:6b:20:55:3d:4c:c6:8b:eb:6d:4a:4b:
73:c6:39:ee:f0:7b:d8:cd:d7:7a:40:67:82:8a:cd:2d:73:5e:
92:a4:35:85:be:d6:ab:4b:6a:5e:7b:46:53:11:46:78:2b:16:
4f:cb:3a:7b:21:af:7b:7f:a8:f1:d1:a7:d0:a1:9d:58:55:43:
8d:5e:3e:f5:04:2e:d1:1a:f3:b8:24:f6:f1:e5:b2:08:33:e2:
93:37:77:ea:f7:d8:fa:b4:57:b8:71:ab:be:60:1f:f0:16:22:
6b:81:38:8b:96:e1:e5:c7:fc:02:25:36:5f:b1:06:80:5e:f0:
0b:9d:eb:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIqlR6WxOQuP5lswF4q2ufzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjVjMjJiZjUzYjcwNWM3YTJiYjI3M2JhNzNlM2YwYzA1
OTViN2IwHhcNMjQwOTI1MTkwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzE0ODE5Y2FkM2FjZTA5ZTYzMDMyNzc0NWVlOWE0MDQxMThkNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNKjmQH1oIu3gWuwQj+uCIB5RD3W
JkCgcNsg3bg2XWuSf420qOWVm8tlkRUDRSXzbpAQ9xRNxg8eut27frrr5RSqz5tN
FOOdGITcMqiwPH9/QfF54eFk/Rq+KIXORxhDxOQQOhJmF5Rw10TaWSVQxuvNZDWZ
FJvfAiCOh6CIOd4Ro5Biz+zbwN5suw9ZdgD9aRrRwMj2eZGhp3IvDonDNVClDuMg
mOrbJuvWEubod6m4Ok1aqbVKIbX1ilZPUOr6yKtEGzwEMiD/w0DGLWr1EAqb0vmO
tDvQb0J7BAzY/2cnf3Cq2dVr3gOFe2VUFPfJYIXnnjQtnHfey6q3/zsd0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNcUgZytOs4J5jAyd0XumkBBGNcyMB8GA1UdIwQY
MBaAFBq1wiv1O3Bceiuyc7pz4/DAWVt7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JYQ0tfVTdjRng2SzdKenVuUGo4TUJaVzNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83YzhiZjQtNmFiNi00MTk5LWIzYTct
YjRiMWY2Zjk4YTkwLzEvMXhTQm5LMDZ6Z25tTURKM1JlNmFRRUVZMXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83YzhiZjQtNmFiNi00MTk5LWIzYTctYjRiMWY2Zjk4YTkw
LzEvR3JYQ0tfVTdjRng2SzdKenVuUGo4TUJaVzNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYPEAwQC
uYBwMA0GCSqGSIb3DQEBCwUAA4IBAQCqVsWef/dG9izNlmPvybGRP+UnoUIW7Uap
EF2PahjfpzoTW/RdBdRO+0cNqEi2STZbYBmEZzWXCdJNB5HI/bopgc7ldXOMPa21
01cpVq72U3wuJrSIBr6Hn4u8xk5QBfeqNLHKhst2y3wOEBHhVy/KlqayvrY8VD+d
wbtQTet61TfmNyChayBVPUzGi+ttSktzxjnu8HvYzdd6QGeCis0tc16SpDWFvtar
S2pee0ZTEUZ4KxZPyzp7Ia97f6jx0afQoZ1YVUONXj71BC7RGvO4JPbx5bIIM+KT
N3fq99j6tFe4cau+YB/wFiJrgTiLluHlx/wCJTZfsQaAXvALnevs
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:55:42 2024 by rpki-client on console-fra.rpki-client.org