Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/xenniu8cPLTU12iFdsueiz3fG4I.roa
File: xenniu8cPLTU12iFdsueiz3fG4I.roa (raw, json)
Hash identifier: rroZ3Bhqnl2W+JPUt0ibsStuzFq+3s34BPOmdHnV7mo=
Subject key identifier: C5:E9:E7:8A:EF:1C:3C:B4:D4:D7:68:85:76:CB:9E:8B:3D:DF:1B:82
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 0194221FA89D893B894778433256ECF298F4
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/xenniu8cPLTU12iFdsueiz3fG4I.roa
Signing time: Wed 01 Jan 2025 13:48:07 +0000
ROA not before: Wed 01 Jan 2025 13:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 45.15.157.0/24 maxlen: 24
45.15.159.0/24 maxlen: 24
217.196.98.0/24 maxlen: 24
217.196.103.0/24 maxlen: 24
217.196.106.0/23 maxlen: 23
217.197.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a8:9d:89:3b:89:47:78:43:32:56:ec:f2:98:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Jan 1 13:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5e9e78aef1c3cb4d4d7688576cb9e8b3ddf1b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:88:35:d8:4a:6f:ae:2e:2f:06:3f:ee:04:a6:
79:4b:a6:a6:0a:c3:ac:e4:64:87:35:15:2d:26:47:
76:ce:60:92:cd:04:c1:fe:2c:e6:5d:5f:c8:6b:c3:
91:dd:0a:74:2a:4f:01:3c:77:b9:90:e6:22:33:f5:
47:f7:34:2a:da:81:b8:a4:f3:44:48:76:b6:7c:ce:
02:24:40:6b:6c:c2:88:95:3d:a8:28:10:0a:53:d7:
1b:5f:f6:b5:c0:6c:09:86:71:b0:93:a1:19:e8:17:
2d:a0:66:a7:18:58:82:78:c0:fc:28:68:d3:7c:a8:
1b:47:d3:e0:cb:c2:71:30:f2:cf:c5:42:29:6d:ac:
a1:73:a6:f2:b5:48:e4:f9:2b:90:d0:32:53:a6:df:
78:cd:9f:01:5c:fd:fe:31:0a:94:89:f4:46:59:15:
9b:25:3d:a9:c9:11:b4:fa:fd:eb:52:ce:f7:8c:d4:
8c:91:d4:fb:21:50:1a:1b:c8:f0:05:93:47:5f:72:
e2:18:91:b5:9f:69:0a:b6:44:c1:75:05:42:20:7a:
d1:21:25:4d:87:5a:ce:f7:70:bc:02:54:f7:a6:77:
e6:b0:6c:0c:96:7d:e8:18:09:13:05:71:96:96:e8:
b8:6d:db:29:98:cb:e8:38:0b:c2:b9:9a:df:bc:fa:
c8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E9:E7:8A:EF:1C:3C:B4:D4:D7:68:85:76:CB:9E:8B:3D:DF:1B:82
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/xenniu8cPLTU12iFdsueiz3fG4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.157.0/24
45.15.159.0/24
217.196.98.0/24
217.196.103.0/24
217.196.106.0/23
217.197.107.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:da:7d:c9:d0:d3:13:c8:dd:ef:79:fd:6d:25:69:53:ee:0a:
be:5a:33:0d:dd:4b:3d:24:f1:53:cb:5e:16:ed:92:f4:ee:f4:
1e:85:9b:a4:b4:3d:5f:52:90:73:4b:8b:1d:61:30:40:79:81:
88:d3:c9:46:3c:3f:53:2f:b6:30:88:5e:35:aa:42:ff:88:42:
3a:a3:20:d0:88:a1:ff:2c:77:c9:c4:4a:ab:d3:02:e8:ac:68:
5f:79:2c:91:e0:df:3f:f6:a3:ff:4d:1d:0c:b3:a0:e0:da:0f:
2a:b1:66:38:27:d2:5c:5a:00:ab:77:3c:05:dc:a5:cd:ca:09:
f3:54:7c:ae:34:5f:49:f1:5a:a0:40:b9:eb:67:c8:53:2a:be:
b4:77:49:ef:14:20:b2:4d:aa:41:d3:13:ab:14:b8:95:12:0d:
38:6d:1a:c9:99:bd:fb:88:d5:73:6d:a3:f9:63:fe:e2:09:fe:
3a:18:60:59:01:6a:03:ab:34:d3:47:79:1a:06:49:68:d2:31:
ad:c2:5f:5a:95:87:f3:71:39:9d:d5:41:55:ac:af:5b:a0:9c:
03:03:39:a9:93:35:f9:62:0d:97:a3:06:b8:b4:29:82:ba:73:
ad:7d:7a:17:59:b7:df:96:1c:71:3c:6e:7a:7a:3a:99:0f:3c:
ff:20:92:8f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQiH6idiTuJR3hDMlbs8pj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjUwMTAxMTM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWU5ZTc4YWVmMWMzY2I0ZDRkNzY4ODU3NmNiOWU4YjNkZGYxYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYg12Epvri4vBj/uBKZ5S6amCsOs
5GSHNRUtJkd2zmCSzQTB/izmXV/Ia8OR3Qp0Kk8BPHe5kOYiM/VH9zQq2oG4pPNE
SHa2fM4CJEBrbMKIlT2oKBAKU9cbX/a1wGwJhnGwk6EZ6BctoGanGFiCeMD8KGjT
fKgbR9Pgy8JxMPLPxUIpbayhc6bytUjk+SuQ0DJTpt94zZ8BXP3+MQqUifRGWRWb
JT2pyRG0+v3rUs73jNSMkdT7IVAaG8jwBZNHX3LiGJG1n2kKtkTBdQVCIHrRISVN
h1rO93C8AlT3pnfmsGwMln3oGAkTBXGWlui4bdspmMvoOAvCuZrfvPrIfwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMXp54rvHDy01NdohXbLnos93xuCMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEveGVubml1OGNQTFRVMTJpRmRzdWVpejNmRzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQ+dAwQA
LQ+fAwQA2cRiAwQA2cRnAwQB2cRqAwQA2cVrMA0GCSqGSIb3DQEBCwUAA4IBAQAt
2n3J0NMTyN3vef1tJWlT7gq+WjMN3Us9JPFTy14W7ZL07vQehZuktD1fUpBzS4sd
YTBAeYGI08lGPD9TL7YwiF41qkL/iEI6oyDQiKH/LHfJxEqr0wLorGhfeSyR4N8/
9qP/TR0Ms6Dg2g8qsWY4J9JcWgCrdzwF3KXNygnzVHyuNF9J8VqgQLnrZ8hTKr60
d0nvFCCyTapB0xOrFLiVEg04bRrJmb37iNVzbaP5Y/7iCf46GGBZAWoDqzTTR3ka
Bklo0jGtwl9alYfzcTmd1UFVrK9boJwDAzmpkzX5Yg2Xowa4tCmCunOtfXoXWbff
lhxxPG56ejqZDzz/IJKP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:57 2025 by rpki-client