Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/xELBAY4ItUggjkRyQUchLZrVR6A.roa
File: xELBAY4ItUggjkRyQUchLZrVR6A.roa (raw, json)
Hash identifier: sRpheBhvwlfQO9eUst+BEphBonCXM+48ypdudzT/xS0=
Subject key identifier: C4:42:C1:01:8E:08:B5:48:20:8E:44:72:41:47:21:2D:9A:D5:47:A0
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 018CC79523B08BD745575F0010FBEE8803E3
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/xELBAY4ItUggjkRyQUchLZrVR6A.roa
Signing time: Tue 02 Jan 2024 00:31:29 +0000
ROA not before: Tue 02 Jan 2024 00:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15744
IP address blocks: 213.227.64.0/20 maxlen: 20
212.106.128.0/19 maxlen: 19
83.230.80.0/20 maxlen: 20
212.106.160.0/20 maxlen: 20
195.82.160.0/19 maxlen: 19
83.230.0.0/18 maxlen: 18
2a01:1df::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:23:b0:8b:d7:45:57:5f:00:10:fb:ee:88:03:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Jan 2 00:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c442c1018e08b548208e44724147212d9ad547a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1a:f7:4a:8a:e2:50:9f:58:44:ab:80:4a:61:
3b:92:05:0f:88:cf:b7:23:04:2d:86:86:f1:c5:c2:
22:45:1b:9e:67:33:36:f4:03:77:00:5f:f2:bc:3c:
85:02:0c:fd:92:0f:e0:d6:41:16:73:31:9b:a5:5c:
e0:b7:3a:89:74:54:72:61:66:4d:03:52:50:46:a7:
06:f6:5f:0f:43:80:12:ec:c0:01:34:2e:6a:21:5c:
18:68:1d:4c:70:70:55:7c:ee:0e:d8:42:7b:8e:9a:
ee:36:63:05:b9:00:69:44:39:d0:8a:aa:51:e8:4b:
75:68:f8:a6:f2:e9:b1:5e:f9:61:f3:bc:42:e2:aa:
3e:c2:a1:02:4d:32:37:ae:48:17:75:ce:46:d4:f9:
96:27:39:c5:ac:62:bd:ad:ec:5e:01:ba:f2:20:26:
23:9b:f8:b5:98:e2:7c:fc:62:f1:7c:39:11:cb:c6:
57:7a:a6:77:d8:92:54:23:22:fe:6f:7e:5b:d4:2e:
7b:4f:fa:f5:74:3d:89:f2:1a:65:cb:5f:12:be:cb:
fb:e2:eb:9a:92:75:76:86:b8:60:27:5b:b5:a0:04:
83:0d:33:bb:c6:0d:76:b4:93:8f:fc:99:64:3b:ca:
d3:eb:8b:74:c2:dc:53:ab:93:12:19:26:7f:82:87:
bb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:42:C1:01:8E:08:B5:48:20:8E:44:72:41:47:21:2D:9A:D5:47:A0
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/xELBAY4ItUggjkRyQUchLZrVR6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.230.0.0/18
83.230.80.0/20
195.82.160.0/19
212.106.128.0-212.106.175.255
213.227.64.0/20
IPv6:
2a01:1df::/32
Signature Algorithm: sha256WithRSAEncryption
58:bc:5b:06:14:13:b6:41:16:d0:31:06:bf:38:9e:d2:64:fe:
fe:b5:77:48:83:10:4c:79:8a:0c:c2:8b:c3:5c:c5:1e:a4:d0:
10:2d:b3:3a:43:78:73:70:65:2f:79:58:d8:cf:70:8f:27:53:
c6:df:dd:7c:a3:54:74:84:81:1f:f2:da:7c:58:24:7b:ec:04:
7c:f6:a7:7a:3d:fe:69:f4:7c:45:97:72:a5:17:ba:b0:6e:b8:
2c:be:9c:f9:1a:9c:61:40:d5:0f:7d:8d:1a:b8:05:d0:f9:4e:
d7:b6:b1:6a:7c:61:0f:e4:7f:d8:be:d7:ad:57:bc:36:d1:ad:
ac:8d:a2:1a:d8:45:c5:dc:56:45:23:aa:9c:dc:58:04:59:97:
1d:58:ea:4a:ca:91:9e:94:44:bc:26:9b:8d:da:8e:98:f0:aa:
4f:5a:97:38:80:aa:c6:bf:ec:72:8c:e3:f1:b2:64:4e:cb:b6:
ff:1a:af:61:c9:f4:32:88:9a:77:98:06:dc:1c:53:a0:d7:aa:
08:c0:d7:55:a0:cf:14:04:59:e1:db:d1:2e:46:69:47:05:78:
e4:8f:fd:0e:4d:d0:07:5c:35:40:ba:a2:60:97:6e:ee:c4:37:
e4:8a:f6:76:d1:86:cb:39:0f:82:e8:27:b7:90:f7:ae:04:0a:
c5:69:a8:43
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzHlSOwi9dFV18AEPvuiAPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDA1Y2FhYjM0YmJmZGU2YjhlZTY2YzYwMDg2MGM2Y2U5
NmYzMmIwHhcNMjQwMTAyMDAzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQyYzEwMThlMDhiNTQ4MjA4ZTQ0NzI0MTQ3MjEyZDlhZDU0N2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBr3SoriUJ9YRKuASmE7kgUPiM+3
IwQthobxxcIiRRueZzM29AN3AF/yvDyFAgz9kg/g1kEWczGbpVzgtzqJdFRyYWZN
A1JQRqcG9l8PQ4AS7MABNC5qIVwYaB1McHBVfO4O2EJ7jpruNmMFuQBpRDnQiqpR
6Et1aPim8umxXvlh87xC4qo+wqECTTI3rkgXdc5G1PmWJznFrGK9rexeAbryICYj
m/i1mOJ8/GLxfDkRy8ZXeqZ32JJUIyL+b35b1C57T/r1dD2J8hply18Svsv74uua
knV2hrhgJ1u1oASDDTO7xg12tJOP/JlkO8rT64t0wtxTq5MSGSZ/goe70QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFMRCwQGOCLVIII5EckFHIS2a1UegMB8GA1UdIwQY
MBaAFEtAXKqzS7/ea47mbGAIYMbOlvMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYt
ZDg3YWZmYjhiYzYxLzEveEVMQkFZNEl0VWdnamtSeVFVY2hMWnJWUjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYtZDg3YWZmYjhiYzYx
LzEvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQGU+YAAwQE
U+ZQAwQFw1KgMAwDBAfUaoADBATUaqADBATV40AwDQQCAAIwBwMFACoBAd8wDQYJ
KoZIhvcNAQELBQADggEBAFi8WwYUE7ZBFtAxBr84ntJk/v61d0iDEEx5igzCi8Nc
xR6k0BAtszpDeHNwZS95WNjPcI8nU8bf3XyjVHSEgR/y2nxYJHvsBHz2p3o9/mn0
fEWXcqUXurBuuCy+nPkanGFA1Q99jRq4BdD5Tte2sWp8YQ/kf9i+161XvDbRrayN
ohrYRcXcVkUjqpzcWARZlx1Y6krKkZ6URLwmm43ajpjwqk9alziAqsa/7HKM4/Gy
ZE7Ltv8ar2HJ9DKImneYBtwcU6DXqgjA11WgzxQEWeHb0S5GaUcFeOSP/Q5N0Adc
NUC6omCXbu7EN+SK9nbRhss5D4LoJ7eQ964ECsVpqEM=
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:08:59 2024 by rpki-client on console-fra.rpki-client.org