Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/xj5gqq1sdTaI2eipxKs7NbWwiYA.roa
File: xj5gqq1sdTaI2eipxKs7NbWwiYA.roa (raw, json)
Hash identifier: hEkzv8o1dKi436uW2EuG0OpTUecgU96nnPV/TA1DbDk=
Subject key identifier: C6:3E:60:AA:AD:6C:75:36:88:D9:E8:A9:C4:AB:3B:35:B5:B0:89:80
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0192BDB917AE16AC8CE9FECE22B34160E1A5
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/xj5gqq1sdTaI2eipxKs7NbWwiYA.roa
Signing time: Thu 24 Oct 2024 08:51:16 +0000
ROA not before: Thu 24 Oct 2024 08:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200436
IP address blocks: 45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.42.44.0/24 maxlen: 24
89.42.45.0/24 maxlen: 24
89.42.46.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
188.212.99.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:b9:17:ae:16:ac:8c:e9:fe:ce:22:b3:41:60:e1:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 24 08:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c63e60aaad6c753688d9e8a9c4ab3b35b5b08980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cf:f4:0f:6b:07:93:17:19:af:f8:98:d5:47:
48:51:8d:a1:73:17:43:ac:56:3c:a4:ea:b8:bf:32:
cd:85:15:a7:41:f7:11:24:20:03:54:0a:aa:a5:fb:
88:22:d6:80:a5:2f:06:99:7f:fb:82:e2:8e:e0:b3:
59:b5:e2:99:20:c3:9d:90:5e:db:44:29:50:20:aa:
4d:6c:cf:44:fb:d8:34:86:7d:20:d2:75:37:c5:a9:
9d:fe:3d:b0:91:a1:98:4d:7b:60:05:b5:ce:e7:81:
9d:ab:cf:bd:5d:fb:a3:92:2e:0a:de:2e:31:91:b4:
81:01:48:97:25:03:70:3e:d5:df:23:ee:b0:76:0b:
67:42:cd:ab:f9:86:67:d3:40:18:a0:5b:0a:5c:be:
16:b9:dc:b0:93:4d:88:c8:99:be:99:08:fc:28:db:
9d:11:df:1d:84:97:42:37:be:b4:2f:f4:2c:b8:6f:
da:1e:5e:0f:76:fc:ac:89:09:2f:a1:db:52:06:61:
05:6f:b2:24:68:e6:4b:7d:64:7e:77:38:45:26:19:
96:7a:8e:a8:b2:c1:50:5e:4a:44:49:a5:52:1b:ae:
b1:83:e6:35:15:2b:68:21:01:57:7a:e9:d4:c9:a2:
96:fb:97:2e:65:ce:da:b9:a4:3a:c5:b5:fa:3f:f4:
db:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3E:60:AA:AD:6C:75:36:88:D9:E8:A9:C4:AB:3B:35:B5:B0:89:80
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/xj5gqq1sdTaI2eipxKs7NbWwiYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/23
89.42.44.0-89.42.46.255
185.3.200.0/24
188.212.99.0/24
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
08:42:95:44:21:25:36:bc:c6:b7:b5:00:2f:34:d5:5c:59:ae:
69:6b:95:52:a0:9f:1c:ae:76:55:6e:b1:39:33:f5:4a:2b:91:
02:88:f7:ea:89:d5:10:ce:79:30:4b:8a:9e:19:27:02:1b:45:
73:10:93:c0:e6:93:a6:c8:9f:8f:19:d9:ad:79:79:61:f2:3e:
3b:83:6b:91:a7:d9:ea:27:df:b2:70:59:89:99:48:ca:f7:ef:
aa:1b:87:9a:3c:14:41:ab:e8:30:94:18:b5:ff:be:20:12:8a:
27:5f:8a:3d:6b:15:67:17:bc:79:4a:4b:9a:09:69:a4:83:ca:
61:4b:72:d5:6a:18:39:3b:6a:a2:c5:a6:11:41:d3:df:57:ec:
81:d4:2c:53:82:95:55:a3:12:ad:ed:67:48:d6:d6:8f:65:32:
b7:0d:f6:63:2c:f6:e8:9c:28:57:9a:b1:0d:cb:f2:5c:5c:a6:
41:3c:76:7e:7f:8c:68:71:1c:cc:e6:8d:b2:a0:54:35:50:6f:
7a:88:79:87:1c:31:2e:31:56:e0:5d:4a:64:ba:2d:a7:df:7a:
25:40:d0:30:04:91:47:c7:dd:3e:5f:8e:c2:af:85:89:8a:58:
93:08:43:88:f3:bc:a3:7c:18:af:fe:41:94:81:29:49:a6:7f:
32:c8:39:b0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZK9uReuFqyM6f7OIrNBYOGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDI0MDg1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjNlNjBhYWFkNmM3NTM2ODhkOWU4YTljNGFiM2IzNWI1YjA4OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos/0D2sHkxcZr/iY1UdIUY2hcxdD
rFY8pOq4vzLNhRWnQfcRJCADVAqqpfuIItaApS8GmX/7guKO4LNZteKZIMOdkF7b
RClQIKpNbM9E+9g0hn0g0nU3xamd/j2wkaGYTXtgBbXO54Gdq8+9Xfujki4K3i4x
kbSBAUiXJQNwPtXfI+6wdgtnQs2r+YZn00AYoFsKXL4Wudywk02IyJm+mQj8KNud
Ed8dhJdCN760L/QsuG/aHl4PdvysiQkvodtSBmEFb7IkaOZLfWR+dzhFJhmWeo6o
ssFQXkpESaVSG66xg+Y1FStoIQFXeunUyaKW+5cuZc7auaQ6xbX6P/TbWwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMY+YKqtbHU2iNnoqcSrOzW1sImAMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEveGo1Z3FxMXNkVGFJMmVpcHhLczdOYld3aVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBLV7WMAwD
BAJZKiwDBABZKi4DBAC5A8gDBAC81GMDBAC88MQwDQYJKoZIhvcNAQELBQADggEB
AAhClUQhJTa8xre1AC801VxZrmlrlVKgnxyudlVusTkz9UorkQKI9+qJ1RDOeTBL
ip4ZJwIbRXMQk8Dmk6bIn48Z2a15eWHyPjuDa5Gn2eon37JwWYmZSMr376obh5o8
FEGr6DCUGLX/viASiidfij1rFWcXvHlKS5oJaaSDymFLctVqGDk7aqLFphFB099X
7IHULFOClVWjEq3tZ0jW1o9lMrcN9mMs9uicKFeasQ3L8lxcpkE8dn5/jGhxHMzm
jbKgVDVQb3qIeYccMS4xVuBdSmS6LaffeiVA0DAEkUfH3T5fjsKvhYmKWJMIQ4jz
vKN8GK/+QZSBKUmmfzLIObA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:09 2024 by rpki-client on console-ams.rpki-client.org