Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/xNi0pb-qETK1nFsJb8O1S0sF9Jw.roa
File: xNi0pb-qETK1nFsJb8O1S0sF9Jw.roa (raw, json)
Hash identifier: KFC68WALx5BWqi9v9BUqJS09FLBVGR/iJgoy6P7aysQ=
Subject key identifier: C4:D8:B4:A5:BF:AA:11:32:B5:9C:5B:09:6F:C3:B5:4B:4B:05:F4:9C
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 018CC56E63F7CCCCE573315CBA4E97817F2A
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/xNi0pb-qETK1nFsJb8O1S0sF9Jw.roa
Signing time: Mon 01 Jan 2024 14:29:55 +0000
ROA not before: Mon 01 Jan 2024 14:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 217.196.106.0/23 maxlen: 23
217.197.107.0/24 maxlen: 24
45.15.157.0/24 maxlen: 24
45.15.159.0/24 maxlen: 24
217.196.98.0/24 maxlen: 24
217.196.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:63:f7:cc:cc:e5:73:31:5c:ba:4e:97:81:7f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Jan 1 14:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4d8b4a5bfaa1132b59c5b096fc3b54b4b05f49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:88:56:e4:60:b4:80:7e:ca:fd:8f:d5:be:9a:
13:71:d8:94:d1:46:e4:1b:2f:0f:4c:db:be:f5:03:
5a:a5:6e:47:49:6d:9a:d8:1b:7d:d6:f7:83:c4:aa:
ba:08:37:5c:5d:97:f1:59:6f:9f:08:b3:5a:51:35:
58:c0:da:d7:14:62:3d:3c:81:66:50:ba:c8:c0:73:
6f:c0:24:30:b7:02:a7:d1:54:e3:1f:29:18:e0:8f:
3d:4f:b8:c0:33:7f:38:a8:4c:54:5b:69:14:62:1a:
c5:14:ed:10:8c:e2:bd:a3:3f:4a:19:aa:88:6a:3a:
a5:05:4e:6b:1f:25:42:a6:9d:e7:97:cf:6e:cc:4c:
f2:24:bb:e0:42:bd:31:f5:82:1c:47:5f:14:1e:e7:
68:51:49:8d:8d:41:29:c2:bd:aa:94:b1:49:3b:d8:
4d:02:ca:86:f0:90:ab:09:56:10:58:3a:45:40:0e:
1d:ed:a6:21:c6:13:db:29:77:4a:68:12:4a:45:3d:
93:ab:33:eb:5b:0d:77:ae:db:2d:b4:de:6d:78:69:
df:41:fc:b9:6d:ec:1e:f5:1c:e6:d0:77:73:b4:b5:
78:a9:c9:d4:9b:d1:7a:d6:97:95:bb:07:07:59:a2:
08:92:c1:06:f4:64:ff:d3:38:cc:80:14:a9:6b:26:
e6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D8:B4:A5:BF:AA:11:32:B5:9C:5B:09:6F:C3:B5:4B:4B:05:F4:9C
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/xNi0pb-qETK1nFsJb8O1S0sF9Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.157.0/24
45.15.159.0/24
217.196.98.0/24
217.196.103.0/24
217.196.106.0/23
217.197.107.0/24
Signature Algorithm: sha256WithRSAEncryption
96:07:62:0e:ff:88:42:c0:54:90:ed:70:08:9e:23:c8:de:a7:
c1:ec:80:65:93:7d:fe:64:7c:c8:51:aa:de:61:9f:d8:45:12:
93:3b:d5:ba:e6:c7:90:6c:d6:83:a1:52:66:b7:63:63:5e:bc:
63:f4:77:49:42:8b:a9:4b:85:0d:81:4a:9f:61:80:76:b9:a0:
4d:6b:76:87:1e:b0:ad:f8:92:a3:3e:30:21:ab:fd:26:49:5d:
fb:e7:45:bb:d9:3c:f5:3c:23:81:88:6f:27:18:d4:e6:78:65:
ed:b4:ef:67:d2:da:3b:4b:46:19:4e:6b:f6:8b:41:67:cb:7a:
fb:c7:83:dd:b3:e0:83:65:cc:28:9b:f8:7b:7b:42:02:35:f6:
be:c3:72:6e:13:cc:d3:9a:7a:70:30:09:e7:37:54:22:5d:99:
00:03:30:ab:25:fb:22:d1:79:a1:45:c2:a9:63:93:83:74:8f:
35:2e:64:f8:9e:e9:6d:67:5b:5a:c2:22:1f:fe:6b:20:aa:07:
f0:3e:27:a6:93:c2:31:77:f4:12:ea:b9:b7:95:72:7a:18:ab:
cf:29:a7:57:25:8a:e7:fa:c1:91:f8:c6:25:59:a4:13:90:7d:
eb:b5:b4:4c:32:d0:57:f8:7e:00:39:6b:07:e4:f3:5a:e1:31:
4b:09:96:41
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFbmP3zMzlczFcuk6XgX8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjQwMTAxMTQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGQ4YjRhNWJmYWExMTMyYjU5YzViMDk2ZmMzYjU0YjRiMDVmNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4hW5GC0gH7K/Y/VvpoTcdiU0Ubk
Gy8PTNu+9QNapW5HSW2a2Bt91veDxKq6CDdcXZfxWW+fCLNaUTVYwNrXFGI9PIFm
ULrIwHNvwCQwtwKn0VTjHykY4I89T7jAM384qExUW2kUYhrFFO0QjOK9oz9KGaqI
ajqlBU5rHyVCpp3nl89uzEzyJLvgQr0x9YIcR18UHudoUUmNjUEpwr2qlLFJO9hN
AsqG8JCrCVYQWDpFQA4d7aYhxhPbKXdKaBJKRT2TqzPrWw13rtsttN5teGnfQfy5
bewe9Rzm0HdztLV4qcnUm9F61peVuwcHWaIIksEG9GT/0zjMgBSpaybmBwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMTYtKW/qhEytZxbCW/DtUtLBfScMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEveE5pMHBiLXFFVEsxbkZzSmI4TzFTMHNGOUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQ+dAwQA
LQ+fAwQA2cRiAwQA2cRnAwQB2cRqAwQA2cVrMA0GCSqGSIb3DQEBCwUAA4IBAQCW
B2IO/4hCwFSQ7XAIniPI3qfB7IBlk33+ZHzIUareYZ/YRRKTO9W65seQbNaDoVJm
t2NjXrxj9HdJQoupS4UNgUqfYYB2uaBNa3aHHrCt+JKjPjAhq/0mSV3750W72Tz1
PCOBiG8nGNTmeGXttO9n0to7S0YZTmv2i0Fny3r7x4Pds+CDZcwom/h7e0ICNfa+
w3JuE8zTmnpwMAnnN1QiXZkAAzCrJfsi0XmhRcKpY5ODdI81LmT4nultZ1tawiIf
/msgqgfwPiemk8Ixd/QS6rm3lXJ6GKvPKadXJYrn+sGR+MYlWaQTkH3rtbRMMtBX
+H4AOWsH5PNa4TFLCZZB
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:56:34 2024 by rpki-client on console-ams.rpki-client.org