Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/xkVDQY0Z8X59nnzkqQcYjZq2-_k.roa
File: xkVDQY0Z8X59nnzkqQcYjZq2-_k.roa (raw, json)
Hash identifier: x+9H4OWYwMa+P6jKp5KPmCiMuSH7VlPhrhUd6HruMdk=
Subject key identifier: C6:45:43:41:8D:19:F1:7E:7D:9E:7C:E4:A9:07:18:8D:9A:B6:FB:F9
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019421441A259F9F2997680AEA815FA5DB80
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/xkVDQY0Z8X59nnzkqQcYjZq2-_k.roa
Signing time: Wed 01 Jan 2025 09:48:18 +0000
ROA not before: Wed 01 Jan 2025 09:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214833
IP address blocks: 45.131.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 02:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:1a:25:9f:9f:29:97:68:0a:ea:81:5f:a5:db:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c64543418d19f17e7d9e7ce4a907188d9ab6fbf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c8:09:3f:74:17:35:19:5f:0f:8a:ce:f0:e7:
2b:dd:d8:56:1b:bc:d2:9d:a2:b9:c3:11:d5:ab:56:
10:72:24:92:57:7f:a5:7b:cd:42:a2:5e:a1:dd:2d:
c3:99:76:6e:fb:24:3b:17:8b:44:e5:bb:74:07:46:
93:c1:e2:29:05:20:cf:70:ba:1a:a3:99:0c:91:bd:
1e:cc:7d:de:08:e3:88:28:00:f7:61:ee:c9:34:83:
bc:95:67:68:80:4e:19:78:16:50:42:f0:be:81:1a:
f9:7d:77:de:9d:9d:b5:f3:02:d9:68:28:27:69:be:
ce:16:45:b7:b1:60:26:6f:72:14:b9:ea:c0:05:78:
45:56:aa:55:f1:ac:a8:a6:9e:91:62:c3:fb:9a:8d:
14:df:f3:24:23:cb:21:c4:58:3f:93:48:73:90:40:
34:4c:3f:0c:da:c8:ec:ec:ca:75:cc:91:02:70:0c:
50:51:13:8b:04:9c:2f:7f:ce:ee:8e:f8:2e:5a:e2:
fe:f5:51:76:cd:9e:30:0c:29:0a:4a:d4:6d:08:3f:
52:25:01:85:ad:7b:84:f0:04:06:3e:dd:d2:d3:90:
b7:8b:4d:81:3f:56:17:d8:16:b7:ae:b8:d5:ed:a5:
41:c0:e2:bc:de:b5:1c:63:31:9c:5c:b9:24:df:ff:
28:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:45:43:41:8D:19:F1:7E:7D:9E:7C:E4:A9:07:18:8D:9A:B6:FB:F9
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/xkVDQY0Z8X59nnzkqQcYjZq2-_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.163.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:ee:eb:11:92:12:3a:67:e0:ab:e3:00:a4:32:8f:53:e6:9f:
08:22:aa:00:14:a3:4b:34:b9:34:e8:d8:2d:cf:d2:d5:87:7d:
5d:5f:c8:b3:53:65:f4:83:a0:34:02:90:47:bb:47:60:3a:7e:
91:87:fa:88:39:b3:22:f4:1d:41:44:00:cc:09:d5:09:28:31:
65:83:ec:70:5a:a4:82:30:06:1d:b9:d5:c7:f6:a9:d8:fd:1f:
b3:67:e6:d9:ed:ca:ab:16:3c:ce:94:ca:f2:65:21:0d:be:7b:
27:d6:ed:c0:74:0c:bf:0e:1f:0c:83:04:95:3a:0e:c5:6f:eb:
aa:d1:13:61:13:73:7a:4f:90:8e:4f:c4:04:57:0d:c8:4c:dd:
c4:9e:8c:28:d3:05:ad:ff:1c:ef:54:39:1b:66:63:4f:7a:d4:
c2:23:35:67:e1:d7:c7:e4:41:4b:18:49:47:4a:0d:ae:27:39:
51:86:42:9f:07:79:54:89:16:9c:91:31:31:ac:d4:c2:d8:42:
ea:d3:76:92:01:50:fc:05:4e:81:c4:43:ef:35:fe:30:60:7a:
56:5d:e1:82:cd:46:71:3f:e1:51:bb:f6:c4:43:f8:6f:f6:17:
25:05:d0:54:4b:41:bb:32:6e:2b:17:f3:bf:03:8a:a0:a7:f7:
14:7c:07:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBoln58pl2gK6oFfpduAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ1NDM0MThkMTlmMTdlN2Q5ZTdjZTRhOTA3MTg4ZDlhYjZmYmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8gJP3QXNRlfD4rO8Ocr3dhWG7zS
naK5wxHVq1YQciSSV3+le81Col6h3S3DmXZu+yQ7F4tE5bt0B0aTweIpBSDPcLoa
o5kMkb0ezH3eCOOIKAD3Ye7JNIO8lWdogE4ZeBZQQvC+gRr5fXfenZ218wLZaCgn
ab7OFkW3sWAmb3IUuerABXhFVqpV8ayopp6RYsP7mo0U3/MkI8shxFg/k0hzkEA0
TD8M2sjs7Mp1zJECcAxQUROLBJwvf87ujvguWuL+9VF2zZ4wDCkKStRtCD9SJQGF
rXuE8AQGPt3S05C3i02BP1YX2Ba3rrjV7aVBwOK83rUcYzGcXLkk3/8oawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZFQ0GNGfF+fZ585KkHGI2atvv5MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEveGtWRFFZMFo4WDU5bm56a3FRY1lqWnEyLV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYOjMA0G
CSqGSIb3DQEBCwUAA4IBAQCh7usRkhI6Z+Cr4wCkMo9T5p8IIqoAFKNLNLk06Ngt
z9LVh31dX8izU2X0g6A0ApBHu0dgOn6Rh/qIObMi9B1BRADMCdUJKDFlg+xwWqSC
MAYdudXH9qnY/R+zZ+bZ7cqrFjzOlMryZSENvnsn1u3AdAy/Dh8MgwSVOg7Fb+uq
0RNhE3N6T5COT8QEVw3ITN3Enowo0wWt/xzvVDkbZmNPetTCIzVn4dfH5EFLGElH
Sg2uJzlRhkKfB3lUiRackTExrNTC2ELq03aSAVD8BU6BxEPvNf4wYHpWXeGCzUZx
P+FRu/bEQ/hv9hclBdBUS0G7Mm4rF/O/A4qgp/cUfAfw
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:01:57 2025 by rpki-client