Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8146d8-31b0-4022-af7e-fa5b2199a739/1/XpA3Ot4osrzBZeRyBzLUTxkXZ1w.roa
File: XpA3Ot4osrzBZeRyBzLUTxkXZ1w.roa (raw, json)
Hash identifier: bV4gioYZr1HZtPr+tZUBtIzY/TYPSJ/ULmdreJHa6rw=
Subject key identifier: 5E:90:37:3A:DE:28:B2:BC:C1:65:E4:72:07:32:D4:4F:19:17:67:5C
Certificate issuer: /CN=b56fa2bcfb1ba199d0a6597fb88954c0a6c512d5
Certificate serial: 018CC2DAB1E7F8CEE83174007DD02EF1F780
Authority key identifier: B5:6F:A2:BC:FB:1B:A1:99:D0:A6:59:7F:B8:89:54:C0:A6:C5:12:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tW-ivPsboZnQpll_uIlUwKbFEtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/8146d8-31b0-4022-af7e-fa5b2199a739/1/XpA3Ot4osrzBZeRyBzLUTxkXZ1w.roa
Signing time: Mon 01 Jan 2024 02:29:21 +0000
ROA not before: Mon 01 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21769
IP address blocks: 45.11.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/8146d8-31b0-4022-af7e-fa5b2199a739/1/tW-ivPsboZnQpll_uIlUwKbFEtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/8146d8-31b0-4022-af7e-fa5b2199a739/1/tW-ivPsboZnQpll_uIlUwKbFEtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tW-ivPsboZnQpll_uIlUwKbFEtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b1:e7:f8:ce:e8:31:74:00:7d:d0:2e:f1:f7:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b56fa2bcfb1ba199d0a6597fb88954c0a6c512d5
Validity
Not Before: Jan 1 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e90373ade28b2bcc165e4720732d44f1917675c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:12:3e:c6:83:71:51:58:12:2a:d0:44:b0:04:
e8:5d:27:ce:17:75:4e:27:3a:15:28:10:b9:93:14:
13:ed:b7:69:4d:5e:0f:1a:05:3a:36:bd:5c:27:21:
7a:76:34:cb:74:4d:33:29:84:b5:28:7f:e1:ed:41:
5b:ef:bb:0b:c2:4c:3a:5e:a0:51:2f:4e:7e:6f:e7:
f2:7f:60:5d:46:7a:6a:49:85:5e:66:8c:d8:14:11:
6f:f2:1a:56:60:2c:9f:b3:74:12:5d:e1:5b:bd:99:
15:8e:e5:36:67:f8:3f:e0:e3:cc:5b:1a:fc:8f:ac:
60:f4:c6:ae:59:38:65:91:e0:33:2e:c6:7e:da:96:
32:2a:5b:03:37:50:95:2c:09:ca:f7:22:3f:af:a7:
0e:ea:71:36:9d:79:5b:69:5b:a7:f9:15:79:83:7e:
b4:4e:24:09:09:84:c0:4a:d0:6b:d2:7b:3a:b3:ae:
d6:ea:c1:bd:70:e7:af:a6:1e:db:23:7e:94:d7:cc:
7d:2d:8e:60:df:57:1a:c7:ff:51:38:df:fa:e6:05:
e4:74:a4:ba:de:ce:5b:20:6d:57:78:b8:7c:64:62:
d1:0a:e0:55:1e:c1:d7:cb:81:95:ab:11:42:9a:fb:
2a:fe:6a:d0:9c:e0:61:ce:a8:b9:3c:b3:16:67:59:
a5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:90:37:3A:DE:28:B2:BC:C1:65:E4:72:07:32:D4:4F:19:17:67:5C
X509v3 Authority Key Identifier:
keyid:B5:6F:A2:BC:FB:1B:A1:99:D0:A6:59:7F:B8:89:54:C0:A6:C5:12:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tW-ivPsboZnQpll_uIlUwKbFEtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8146d8-31b0-4022-af7e-fa5b2199a739/1/XpA3Ot4osrzBZeRyBzLUTxkXZ1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8146d8-31b0-4022-af7e-fa5b2199a739/1/tW-ivPsboZnQpll_uIlUwKbFEtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.32.0/22
Signature Algorithm: sha256WithRSAEncryption
88:5b:00:cc:71:50:fc:2a:77:ac:5f:18:1a:cc:a0:d4:78:17:
47:97:d9:9a:a6:b7:46:6c:95:10:dc:b7:64:5c:dd:ba:f3:5f:
52:8e:37:fa:63:71:55:44:f9:29:9e:d0:db:81:db:d2:22:08:
07:4d:4d:ef:18:94:e4:19:2a:60:d2:a1:85:8a:ed:e8:29:e7:
a1:5f:91:a5:7d:98:a9:51:23:36:95:e5:67:0e:9d:b4:72:7d:
23:59:ef:c0:eb:3f:80:fb:95:7d:1a:ba:57:c0:a6:78:97:f3:
2c:ec:c9:b4:45:16:5c:2c:c2:84:f4:6d:d3:26:20:2a:7f:67:
83:41:3f:bd:c0:12:b4:59:79:97:96:7a:99:97:d3:45:64:85:
b8:cd:b1:ac:2c:70:f7:09:1a:61:88:97:e0:24:40:71:a6:09:
95:c2:3d:d7:b2:d3:d9:eb:95:8a:7e:4b:12:61:fb:37:fd:1b:
7f:a0:91:ff:71:26:5d:5f:24:56:a8:93:d5:6c:c6:24:72:68:
c0:77:d7:a9:54:b9:0b:f4:0a:19:27:e5:c7:14:7b:a2:74:62:
0c:95:4e:b7:bd:80:93:68:7f:e7:64:f8:4c:e1:09:76:a8:0b:
16:8e:81:af:1b:7d:ea:a0:b0:d4:69:87:55:f6:ac:8c:30:b9:
62:1d:13:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2rHn+M7oMXQAfdAu8feAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmZhMmJjZmIxYmExOTlkMGE2NTk3ZmI4ODk1NGMwYTZj
NTEyZDUwHhcNMjQwMTAxMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTkwMzczYWRlMjhiMmJjYzE2NWU0NzIwNzMyZDQ0ZjE5MTc2NzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRI+xoNxUVgSKtBEsAToXSfOF3VO
JzoVKBC5kxQT7bdpTV4PGgU6Nr1cJyF6djTLdE0zKYS1KH/h7UFb77sLwkw6XqBR
L05+b+fyf2BdRnpqSYVeZozYFBFv8hpWYCyfs3QSXeFbvZkVjuU2Z/g/4OPMWxr8
j6xg9MauWThlkeAzLsZ+2pYyKlsDN1CVLAnK9yI/r6cO6nE2nXlbaVun+RV5g360
TiQJCYTAStBr0ns6s67W6sG9cOevph7bI36U18x9LY5g31cax/9RON/65gXkdKS6
3s5bIG1XeLh8ZGLRCuBVHsHXy4GVqxFCmvsq/mrQnOBhzqi5PLMWZ1mlGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6QNzreKLK8wWXkcgcy1E8ZF2dcMB8GA1UdIwQY
MBaAFLVvorz7G6GZ0KZZf7iJVMCmxRLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFctaXZQc2JvWm5RcGxsX3VJbFV3S2JGRXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MTQ2ZDgtMzFiMC00MDIyLWFmN2Ut
ZmE1YjIxOTlhNzM5LzEvWHBBM090NG9zcnpCWmVSeUJ6TFVUeGtYWjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MTQ2ZDgtMzFiMC00MDIyLWFmN2UtZmE1YjIxOTlhNzM5
LzEvdFctaXZQc2JvWm5RcGxsX3VJbFV3S2JGRXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQsgMA0G
CSqGSIb3DQEBCwUAA4IBAQCIWwDMcVD8KnesXxgazKDUeBdHl9maprdGbJUQ3Ldk
XN26819Sjjf6Y3FVRPkpntDbgdvSIggHTU3vGJTkGSpg0qGFiu3oKeehX5GlfZip
USM2leVnDp20cn0jWe/A6z+A+5V9GrpXwKZ4l/Ms7Mm0RRZcLMKE9G3TJiAqf2eD
QT+9wBK0WXmXlnqZl9NFZIW4zbGsLHD3CRphiJfgJEBxpgmVwj3XstPZ65WKfksS
Yfs3/Rt/oJH/cSZdXyRWqJPVbMYkcmjAd9epVLkL9AoZJ+XHFHuidGIMlU63vYCT
aH/nZPhM4Ql2qAsWjoGvG33qoLDUaYdV9qyMMLliHROA
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:35:15 2024 by rpki-client on console-fra.rpki-client.org