Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/RXEEhyHtoVBsjsgZbGbtjTy2kBw.roa
File: RXEEhyHtoVBsjsgZbGbtjTy2kBw.roa (raw, json)
Hash identifier: unZ5NoAbc3A558NicFa4i4RG5dMWnnbUpeiukKVmqAI=
Subject key identifier: 45:71:04:87:21:ED:A1:50:6C:8E:C8:19:6C:66:ED:8D:3C:B6:90:1C
Certificate issuer: /CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Certificate serial: 018CF8BB691341725D35C07BCF9AA765F291
Authority key identifier: 2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/RXEEhyHtoVBsjsgZbGbtjTy2kBw.roa
Signing time: Thu 11 Jan 2024 13:34:40 +0000
ROA not before: Thu 11 Jan 2024 13:34:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 141.93.16.0/24 maxlen: 24
141.93.16.0/22 maxlen: 24
141.93.17.0/24 maxlen: 24
141.93.12.0/24 maxlen: 24
141.93.18.0/24 maxlen: 24
141.93.19.0/24 maxlen: 24
141.93.25.0/24 maxlen: 24
141.93.28.0/24 maxlen: 24
141.93.32.0/24 maxlen: 24
141.93.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/LxF62jy5UVptim3MFfKwsafZvh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/LxF62jy5UVptim3MFfKwsafZvh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:bb:69:13:41:72:5d:35:c0:7b:cf:9a:a7:65:f2:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f117ada3cb9515a6d8a6dcc15f2b0b1a7d9be1d
Validity
Not Before: Jan 11 13:34:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4571048721eda1506c8ec8196c66ed8d3cb6901c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:27:80:6b:f3:e6:ec:89:3e:16:8f:75:82:6e:
8f:84:a0:50:37:5f:6c:73:6a:49:d2:f3:cf:1f:83:
d8:97:0f:ee:e8:30:1a:ea:d4:60:eb:43:aa:f8:0e:
96:ea:ee:88:2e:96:ed:c3:69:aa:b3:83:21:e3:08:
68:fa:ff:a5:84:21:3a:3d:d6:48:9e:3d:a1:db:32:
31:d7:fe:75:3e:f1:f6:0e:24:56:8d:c5:37:0a:67:
29:67:df:b7:b7:d9:8f:1f:56:a0:b1:40:04:4f:d7:
e5:81:74:e3:98:00:89:d8:e7:29:02:be:9a:d8:be:
31:85:37:57:05:21:a8:36:58:a7:bc:62:4b:59:74:
d8:e8:53:ec:47:06:99:bd:39:78:fe:05:e3:2f:08:
d8:28:99:0e:b2:19:bc:dd:6c:0e:94:b1:2e:8c:37:
29:e0:63:04:1f:5a:d5:03:87:ee:df:5c:c4:29:dd:
86:82:15:cb:3d:04:1d:2b:bb:5c:ed:f2:1f:99:c5:
d7:52:82:1b:24:66:19:0c:b4:5a:54:1f:f5:d4:d3:
47:6d:72:2f:3e:69:96:dc:4e:99:0b:78:50:3c:b3:
5c:9c:2d:35:db:59:a8:2a:03:4e:0a:02:50:ae:93:
28:7a:3b:77:12:22:bf:06:1b:03:84:30:82:43:93:
59:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:71:04:87:21:ED:A1:50:6C:8E:C8:19:6C:66:ED:8D:3C:B6:90:1C
X509v3 Authority Key Identifier:
keyid:2F:11:7A:DA:3C:B9:51:5A:6D:8A:6D:CC:15:F2:B0:B1:A7:D9:BE:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LxF62jy5UVptim3MFfKwsafZvh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/RXEEhyHtoVBsjsgZbGbtjTy2kBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/eff44d-24fd-4384-9507-7a034d170b85/1/LxF62jy5UVptim3MFfKwsafZvh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.93.12.0/24
141.93.16.0/22
141.93.25.0/24
141.93.28.0/24
141.93.32.0/24
141.93.35.0/24
Signature Algorithm: sha256WithRSAEncryption
04:99:61:4b:74:2f:0a:43:fe:f7:60:80:de:d8:e7:9b:00:7a:
e8:bd:89:a8:a5:8c:0c:a4:25:05:51:fe:64:f5:de:12:a6:74:
c9:6c:0e:a7:32:2c:24:5e:62:08:55:59:1b:25:13:c7:9d:f7:
13:bf:ff:bf:48:75:42:c4:2b:40:3a:03:ba:47:17:ff:25:38:
70:cb:ee:f7:02:43:3e:fb:d7:95:59:62:3b:d8:52:d8:36:2a:
f8:23:18:f8:d1:8f:de:8b:aa:77:a9:3d:9d:72:e2:17:30:a9:
8a:02:e4:d3:17:cf:79:51:dd:82:c4:b4:a6:60:7d:2a:44:46:
4f:64:7e:8c:e1:1b:8f:73:2d:dd:20:00:d2:4e:17:94:07:fd:
9d:33:68:9c:00:e7:9c:fd:d1:49:d7:00:14:74:53:a4:e9:a3:
a9:67:ad:ba:89:68:df:d9:c0:71:c1:e7:61:9b:b0:76:08:4b:
5a:93:a7:c1:7e:f0:6a:a4:3e:e6:d3:28:20:94:15:01:01:2a:
87:cf:20:ba:e8:2f:62:9e:dc:af:f7:b9:18:02:6b:9e:7c:5e:
43:10:a7:66:5a:a9:8a:71:73:8e:bb:8d:b1:d7:35:24:f4:ba:
4e:02:3e:b7:69:6e:fa:ce:e5:d4:94:09:2b:ec:61:59:8d:e6:
db:aa:6a:07
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYz4u2kTQXJdNcB7z5qnZfKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMTE3YWRhM2NiOTUxNWE2ZDhhNmRjYzE1ZjJiMGIxYTdk
OWJlMWQwHhcNMjQwMTExMTMzNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTcxMDQ4NzIxZWRhMTUwNmM4ZWM4MTk2YzY2ZWQ4ZDNjYjY5MDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCeAa/Pm7Ik+Fo91gm6PhKBQN19s
c2pJ0vPPH4PYlw/u6DAa6tRg60Oq+A6W6u6ILpbtw2mqs4Mh4who+v+lhCE6PdZI
nj2h2zIx1/51PvH2DiRWjcU3CmcpZ9+3t9mPH1agsUAET9flgXTjmACJ2OcpAr6a
2L4xhTdXBSGoNlinvGJLWXTY6FPsRwaZvTl4/gXjLwjYKJkOshm83WwOlLEujDcp
4GMEH1rVA4fu31zEKd2GghXLPQQdK7tc7fIfmcXXUoIbJGYZDLRaVB/11NNHbXIv
PmmW3E6ZC3hQPLNcnC0121moKgNOCgJQrpMoejt3EiK/BhsDhDCCQ5NZpQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEVxBIch7aFQbI7IGWxm7Y08tpAcMB8GA1UdIwQY
MBaAFC8Reto8uVFabYptzBXysLGn2b4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDct
N2EwMzRkMTcwYjg1LzEvUlhFRWh5SHRvVkJzanNnWmJHYnRqVHkya0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9lZmY0NGQtMjRmZC00Mzg0LTk1MDctN2EwMzRkMTcwYjg1
LzEvTHhGNjJqeTVVVnB0aW0zTUZmS3dzYWZadmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjV0MAwQC
jV0QAwQAjV0ZAwQAjV0cAwQAjV0gAwQAjV0jMA0GCSqGSIb3DQEBCwUAA4IBAQAE
mWFLdC8KQ/73YIDe2OebAHrovYmopYwMpCUFUf5k9d4SpnTJbA6nMiwkXmIIVVkb
JRPHnfcTv/+/SHVCxCtAOgO6Rxf/JThwy+73AkM++9eVWWI72FLYNir4Ixj40Y/e
i6p3qT2dcuIXMKmKAuTTF895Ud2CxLSmYH0qREZPZH6M4RuPcy3dIADSTheUB/2d
M2icAOec/dFJ1wAUdFOk6aOpZ626iWjf2cBxwedhm7B2CEtak6fBfvBqpD7m0ygg
lBUBASqHzyC66C9intyv97kYAmuefF5DEKdmWqmKcXOOu42x1zUk9LpOAj63aW76
zuXUlAkr7GFZjebbqmoH
-----END CERTIFICATE-----
Generated at Sat May 25 22:44:49 2024 by rpki-client on console-fra.rpki-client.org