Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/xR3PgpOVwcK_N3RWWAanJv4i5ig.roa
File: xR3PgpOVwcK_N3RWWAanJv4i5ig.roa (raw, json)
Hash identifier: v5ipvKv0uU5IKGOheSQLOIP+K20OPedHqTifoHVfE+g=
Subject key identifier: C5:1D:CF:82:93:95:C1:C2:BF:37:74:56:58:06:A7:26:FE:22:E6:28
Certificate issuer: /CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Certificate serial: 018D648C5ABB12ADEB5FADF56409D5E01D4E
Authority key identifier: 49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/xR3PgpOVwcK_N3RWWAanJv4i5ig.roa
Signing time: Thu 01 Feb 2024 12:02:16 +0000
ROA not before: Thu 01 Feb 2024 12:02:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 45.66.40.0/22 maxlen: 24
195.20.114.0/24 maxlen: 24
2a10:9300::/29 maxlen: 36
2a10:9300::/36 maxlen: 42
2a10:9301::/36 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:8c:5a:bb:12:ad:eb:5f:ad:f5:64:09:d5:e0:1d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Validity
Not Before: Feb 1 12:02:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c51dcf829395c1c2bf3774565806a726fe22e628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d6:fc:33:3f:e9:79:c5:a9:18:da:bf:bf:7d:
c0:ec:a4:f3:e6:53:18:cd:c8:b4:71:34:15:46:e6:
9b:35:c6:b9:9b:8c:23:b1:b7:66:27:d8:0d:6c:3d:
88:9a:a2:76:dc:2d:6f:fe:19:35:0c:a8:db:92:71:
50:d3:37:d2:bd:f7:81:2e:bf:0a:df:24:8d:55:6e:
a2:56:55:02:4a:ea:55:d3:25:ca:ed:4e:99:14:27:
c5:a7:9d:3e:e9:76:b2:87:95:2b:c4:7e:0e:e4:fa:
bc:8b:7d:ea:53:bd:fd:70:4f:70:a1:62:69:b8:f2:
b9:a7:eb:ac:73:c7:07:09:4d:76:44:84:40:fc:26:
0e:93:25:de:61:5c:97:14:9b:0f:51:8a:3c:f2:2b:
f8:1e:1c:82:15:35:73:06:94:7b:75:29:3a:1f:0c:
c1:29:fd:13:aa:89:73:5f:f9:49:58:07:ea:2f:c8:
51:39:d7:24:cc:df:70:2e:57:3f:26:ac:72:01:81:
df:0f:9b:a6:7c:07:0d:22:50:41:8a:0e:fe:a7:71:
ca:73:f7:33:f6:86:ec:52:28:e5:be:64:7f:3a:44:
6d:b4:4c:65:53:0b:a7:c7:aa:f8:f8:ae:6f:4f:91:
50:7f:02:36:30:a4:c6:25:31:d4:ad:c4:fc:fe:80:
54:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1D:CF:82:93:95:C1:C2:BF:37:74:56:58:06:A7:26:FE:22:E6:28
X509v3 Authority Key Identifier:
keyid:49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/xR3PgpOVwcK_N3RWWAanJv4i5ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.40.0/22
195.20.114.0/24
IPv6:
2a10:9300::/29
Signature Algorithm: sha256WithRSAEncryption
37:b2:81:57:2f:4d:d1:06:6f:b5:4b:45:ef:39:db:96:d0:68:
ae:c3:ac:4c:a1:48:f3:15:c7:30:19:9e:bf:38:7d:ad:b5:07:
1f:25:3d:a6:f1:22:2b:a0:15:f6:61:d5:74:e4:28:f7:cf:0c:
d7:ed:60:18:e6:d7:77:c1:e9:73:68:80:4f:ab:f5:73:9b:5f:
33:4d:01:61:44:ff:69:ac:86:0e:67:4b:30:58:38:b8:b0:01:
37:ad:4d:a3:3d:24:cf:4b:5d:d7:99:3e:15:40:1a:b2:37:26:
b3:2f:a1:c9:a9:77:d8:fc:49:69:a9:6c:21:39:91:73:6a:ce:
79:9a:06:ab:56:20:3f:31:e3:02:87:4b:65:77:5f:ac:ca:16:
ed:53:e5:6c:97:87:df:b1:1c:b4:0c:4e:89:fc:56:8e:9c:7b:
8b:67:01:ca:6b:02:bb:9b:3f:7c:58:e1:39:17:7c:ed:5c:85:
bb:e3:08:a1:04:54:51:d4:30:2c:24:c6:1e:a3:3b:56:6a:07:
e6:b8:15:e7:c9:c6:c8:5c:90:ce:7d:da:ed:0d:bb:8c:b6:d0:
42:cb:c2:de:2d:5d:e7:ad:fa:f2:6b:aa:37:ad:b2:a9:45:1a:
84:96:93:55:5d:59:ad:28:69:ec:e4:48:9f:34:58:27:51:37:
42:d8:92:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY1kjFq7Eq3rX631ZAnV4B1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODc5NDFlNzRjMWMwM2U3YWJhM2I4Nzg1MzAwOTVlYjZm
YTg3NGUwHhcNMjQwMjAxMTIwMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFkY2Y4MjkzOTVjMWMyYmYzNzc0NTY1ODA2YTcyNmZlMjJlNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdb8Mz/pecWpGNq/v33A7KTz5lMY
zci0cTQVRuabNca5m4wjsbdmJ9gNbD2ImqJ23C1v/hk1DKjbknFQ0zfSvfeBLr8K
3ySNVW6iVlUCSupV0yXK7U6ZFCfFp50+6Xayh5UrxH4O5Pq8i33qU739cE9woWJp
uPK5p+usc8cHCU12RIRA/CYOkyXeYVyXFJsPUYo88iv4HhyCFTVzBpR7dSk6HwzB
Kf0TqolzX/lJWAfqL8hROdckzN9wLlc/JqxyAYHfD5umfAcNIlBBig7+p3HKc/cz
9obsUijlvmR/OkRttExlUwunx6r4+K5vT5FQfwI2MKTGJTHUrcT8/oBU8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMUdz4KTlcHCvzd0VlgGpyb+IuYoMB8GA1UdIwQY
MBaAFEmHlB50wcA+ero7h4UwCV62+odOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQt
ZThhZGE1MWVlOGZmLzEveFIzUGdwT1Z3Y0tfTjNSV1dBYW5KdjRpNWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQtZThhZGE1MWVlOGZm
LzEvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLUIoAwQA
wxRyMA0EAgACMAcDBQMqEJMAMA0GCSqGSIb3DQEBCwUAA4IBAQA3soFXL03RBm+1
S0XvOduW0Giuw6xMoUjzFccwGZ6/OH2ttQcfJT2m8SIroBX2YdV05Cj3zwzX7WAY
5td3welzaIBPq/Vzm18zTQFhRP9prIYOZ0swWDi4sAE3rU2jPSTPS13XmT4VQBqy
NyazL6HJqXfY/ElpqWwhOZFzas55mgarViA/MeMCh0tld1+syhbtU+Vsl4ffsRy0
DE6J/FaOnHuLZwHKawK7mz98WOE5F3ztXIW74wihBFRR1DAsJMYeoztWagfmuBXn
ycbIXJDOfdrtDbuMttBCy8LeLV3nrfrya6o3rbKpRRqElpNVXVmtKGns5EifNFgn
UTdC2JJn
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:09:57 2024 by rpki-client on console-fra.rpki-client.org