Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/xj_-cVoqmYhbo9Psja1AvOTnr7s.roa
File: xj_-cVoqmYhbo9Psja1AvOTnr7s.roa (raw, json)
Hash identifier: psNmnPbV14dv7v9rlF39sIi1Np0xNmyeVJtB3eZmtW8=
Subject key identifier: C6:3F:FE:71:5A:2A:99:88:5B:A3:D3:EC:8D:AD:40:BC:E4:E7:AF:BB
Certificate issuer: /CN=a11966c5ab4ea0673cc41c786e0778394b8bdacf
Certificate serial: 018CC5DCDB467E062C991420392B9F98AD4D
Authority key identifier: A1:19:66:C5:AB:4E:A0:67:3C:C4:1C:78:6E:07:78:39:4B:8B:DA:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oRlmxatOoGc8xBx4bgd4OUuL2s8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/xj_-cVoqmYhbo9Psja1AvOTnr7s.roa
Signing time: Mon 01 Jan 2024 16:30:34 +0000
ROA not before: Mon 01 Jan 2024 16:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44486
IP address blocks: 45.135.200.0/22 maxlen: 22
45.88.111.0/24 maxlen: 24
45.88.110.0/24 maxlen: 24
45.88.109.0/24 maxlen: 24
45.88.108.0/22 maxlen: 22
45.88.108.0/24 maxlen: 24
91.218.64.0/22 maxlen: 24
2a04:e8c0::/29 maxlen: 29
2a0c:75c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/oRlmxatOoGc8xBx4bgd4OUuL2s8.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/oRlmxatOoGc8xBx4bgd4OUuL2s8.mft
rsync://rpki.ripe.net/repository/DEFAULT/oRlmxatOoGc8xBx4bgd4OUuL2s8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 01:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:db:46:7e:06:2c:99:14:20:39:2b:9f:98:ad:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a11966c5ab4ea0673cc41c786e0778394b8bdacf
Validity
Not Before: Jan 1 16:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c63ffe715a2a99885ba3d3ec8dad40bce4e7afbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8a:7a:ed:77:26:f0:4d:bc:7f:42:8f:90:e0:
34:b8:59:d8:25:7c:4c:40:81:08:9c:86:58:fb:e2:
c3:f5:23:a1:de:a1:6c:98:d9:53:f5:9b:49:e0:eb:
5e:49:78:02:87:89:6c:01:94:5b:45:a1:9d:61:90:
6e:9e:5f:7f:f9:05:8e:89:9a:8e:9d:58:f4:ec:80:
18:17:15:fe:3e:2f:da:57:8f:6a:7a:01:df:fd:f3:
62:34:53:85:92:d7:bb:b1:2a:09:aa:be:c2:db:e1:
fb:68:72:98:2b:9c:ec:08:d8:a0:7a:9c:52:db:ff:
5a:52:d7:a6:f8:c0:7b:f4:7f:68:ab:c8:64:00:31:
bc:33:21:34:ea:c6:e1:dd:57:d3:d0:eb:2e:fa:a5:
cf:2c:58:c0:a8:43:b2:ab:87:6e:09:ca:77:fa:2e:
f6:49:f2:77:bf:b8:d6:70:39:8e:6e:4a:01:c9:af:
c6:cb:70:0c:c2:64:70:5b:14:19:ca:c4:55:4b:de:
96:fd:30:97:11:4a:5b:a4:a5:b6:15:85:6b:15:37:
c1:2c:20:1f:2a:13:b4:36:33:67:56:d8:c0:2f:64:
91:db:f6:5a:c2:8d:79:d1:f1:db:4e:ea:23:f2:45:
6d:ce:aa:5f:90:16:78:e0:52:42:1f:90:14:c6:60:
f5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:3F:FE:71:5A:2A:99:88:5B:A3:D3:EC:8D:AD:40:BC:E4:E7:AF:BB
X509v3 Authority Key Identifier:
keyid:A1:19:66:C5:AB:4E:A0:67:3C:C4:1C:78:6E:07:78:39:4B:8B:DA:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRlmxatOoGc8xBx4bgd4OUuL2s8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/xj_-cVoqmYhbo9Psja1AvOTnr7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/oRlmxatOoGc8xBx4bgd4OUuL2s8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.108.0/22
45.135.200.0/22
91.218.64.0/22
IPv6:
2a04:e8c0::/29
2a0c:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:0c:ce:ab:5c:c7:34:0b:2f:bd:98:aa:e8:3e:ea:b8:12:06:
b4:26:5f:f6:d7:2c:36:8a:bc:e9:6b:bb:37:ea:58:62:b1:8a:
37:fe:41:c0:0f:a0:52:38:3b:62:fd:19:c8:e2:4d:fa:a9:8c:
12:e1:54:ca:26:72:1f:8d:8c:f8:10:75:12:bb:81:4e:75:0e:
5b:df:f6:d2:de:63:76:02:8d:91:3e:f0:e4:62:a9:e4:21:d3:
78:ac:6e:cf:ea:19:a5:2f:3e:c7:05:2b:73:67:dc:81:5d:14:
ba:2d:ba:c1:e3:77:06:aa:9f:c1:da:67:b6:c6:b1:9e:af:14:
2f:36:3b:24:51:10:3b:cf:eb:12:21:7d:00:f4:d1:45:63:ff:
01:25:5a:47:fa:fd:6e:77:92:5e:84:cb:5f:d9:7c:c4:62:fb:
51:b7:20:d0:87:4e:0d:45:a3:b0:bb:20:49:79:8d:66:cf:d4:
66:c9:8c:0f:3e:0d:0d:a5:e7:47:c0:0b:cc:95:ad:83:22:ce:
92:1d:f9:54:fb:a3:75:a7:24:7c:3c:a2:7d:bf:84:7d:d3:c6:
7a:71:71:1a:13:88:21:a0:12:73:92:46:b5:f2:8f:00:14:c5:
4b:91:d6:85:a9:cc:63:d9:c4:3d:12:19:fe:72:5c:01:f0:47:
d9:26:e0:b9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzF3NtGfgYsmRQgOSufmK1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMTk2NmM1YWI0ZWEwNjczY2M0MWM3ODZlMDc3ODM5NGI4
YmRhY2YwHhcNMjQwMTAxMTYzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjNmZmU3MTVhMmE5OTg4NWJhM2QzZWM4ZGFkNDBiY2U0ZTdhZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYp67Xcm8E28f0KPkOA0uFnYJXxM
QIEInIZY++LD9SOh3qFsmNlT9ZtJ4OteSXgCh4lsAZRbRaGdYZBunl9/+QWOiZqO
nVj07IAYFxX+Pi/aV49qegHf/fNiNFOFkte7sSoJqr7C2+H7aHKYK5zsCNigepxS
2/9aUtem+MB79H9oq8hkADG8MyE06sbh3VfT0Osu+qXPLFjAqEOyq4duCcp3+i72
SfJ3v7jWcDmObkoBya/Gy3AMwmRwWxQZysRVS96W/TCXEUpbpKW2FYVrFTfBLCAf
KhO0NjNnVtjAL2SR2/Zawo150fHbTuoj8kVtzqpfkBZ44FJCH5AUxmD14QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMY//nFaKpmIW6PT7I2tQLzk56+7MB8GA1UdIwQY
MBaAFKEZZsWrTqBnPMQceG4HeDlLi9rPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JsbXhhdE9vR2M4eEJ4NGJnZDRPVXVMMnM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8xMjBlMzItNzkzYy00ZTIzLTlkZDgt
NGE3NWExNDEyMWJmLzEveGpfLWNWb3FtWWhibzlQc2phMUF2T1RucjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8xMjBlMzItNzkzYy00ZTIzLTlkZDgtNGE3NWExNDEyMWJm
LzEvb1JsbXhhdE9vR2M4eEJ4NGJnZDRPVXVMMnM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLVhsAwQC
LYfIAwQCW9pAMBQEAgACMA4DBQMqBOjAAwUDKgx1wDANBgkqhkiG9w0BAQsFAAOC
AQEAPQzOq1zHNAsvvZiq6D7quBIGtCZf9tcsNoq86Wu7N+pYYrGKN/5BwA+gUjg7
Yv0ZyOJN+qmMEuFUyiZyH42M+BB1EruBTnUOW9/20t5jdgKNkT7w5GKp5CHTeKxu
z+oZpS8+xwUrc2fcgV0Uui26weN3Bqqfwdpntsaxnq8ULzY7JFEQO8/rEiF9APTR
RWP/ASVaR/r9bneSXoTLX9l8xGL7Ubcg0IdODUWjsLsgSXmNZs/UZsmMDz4NDaXn
R8ALzJWtgyLOkh35VPujdackfDyifb+EfdPGenFxGhOIIaASc5JGtfKPABTFS5HW
hanMY9nEPRIZ/nJcAfBH2SbguQ==
-----END CERTIFICATE-----
Generated at Tue May 7 10:16:57 2024 by rpki-client on console-fra.rpki-client.org