Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/xPALUfluhc3M1pU60G36RtHocpA.roa
File: xPALUfluhc3M1pU60G36RtHocpA.roa (raw, json)
Hash identifier: wRwFSHaQORk1ykv79GhYTCI3NoOPBL8jK/cotxCEkRo=
Subject key identifier: C4:F0:0B:51:F9:6E:85:CD:CC:D6:95:3A:D0:6D:FA:46:D1:E8:72:90
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 018CC26D06610CD1EEDCFA12B32C54CE9DB0
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/xPALUfluhc3M1pU60G36RtHocpA.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11426
IP address blocks: 45.81.26.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:06:61:0c:d1:ee:dc:fa:12:b3:2c:54:ce:9d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4f00b51f96e85cdccd6953ad06dfa46d1e87290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:23:10:9a:e2:09:6c:51:16:97:58:74:d5:db:
c3:60:cc:39:04:1e:b9:bd:e1:61:be:a1:6d:ae:31:
e0:b1:b9:52:ce:60:50:6d:23:04:40:cb:ae:17:40:
cd:2e:78:c3:72:27:17:ac:f7:75:ab:b4:10:c9:fc:
08:b3:5c:23:ed:d8:01:44:b0:56:95:54:a7:40:d1:
cc:73:23:9b:e8:59:0c:06:2c:f7:af:93:bb:39:97:
65:ad:75:db:a2:57:34:82:7c:af:cb:a2:26:db:5e:
1d:22:f6:30:b4:d3:06:93:19:0b:50:5e:1f:13:ad:
36:5e:5e:c0:8b:52:21:af:0e:03:8e:30:04:e5:63:
47:26:ef:80:d8:fc:46:ab:86:04:46:7c:98:10:c4:
df:ce:4c:0b:52:02:52:32:d8:a1:2a:7c:73:01:be:
71:81:66:3a:e2:93:e0:33:8c:51:6a:a4:b0:5f:f3:
3f:f8:09:a5:19:97:0b:be:33:22:be:66:2d:2b:c7:
1b:07:f9:d8:65:d5:2f:c9:34:9c:4c:05:01:2e:b3:
e1:b9:86:3f:eb:4f:79:fc:bf:28:df:c4:9c:1e:d3:
86:19:35:28:c2:a3:1c:96:15:b2:80:75:f5:c1:aa:
56:0c:36:45:24:2a:e6:ac:7a:26:21:48:92:e6:44:
3e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F0:0B:51:F9:6E:85:CD:CC:D6:95:3A:D0:6D:FA:46:D1:E8:72:90
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/xPALUfluhc3M1pU60G36RtHocpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.26.0/23
Signature Algorithm: sha256WithRSAEncryption
50:5c:01:35:cb:86:13:b3:c3:f0:88:07:94:98:21:f8:77:16:
bd:9a:a3:a4:44:5a:b1:6e:bc:1b:ab:b6:4a:ee:d4:a8:05:4a:
6b:e8:97:37:91:dd:94:f1:ac:36:49:7a:f2:56:c2:d4:80:73:
8d:8e:2c:af:e8:92:63:95:e5:fd:f8:ca:a6:9a:96:91:75:54:
15:97:b1:22:8e:00:59:10:73:3f:e5:67:5e:5e:c5:a4:07:05:
7c:59:79:42:65:78:b6:42:79:05:d7:1e:75:34:c9:72:c7:78:
b7:4b:17:8c:b2:93:77:f6:82:39:d0:79:5e:60:48:08:d0:e9:
1c:1e:77:07:7c:de:e6:b4:83:c2:9a:d8:38:27:0d:45:05:db:
db:c4:09:ae:77:0f:46:8b:13:08:a9:15:4a:02:c9:89:99:91:
72:30:c9:0b:19:0b:43:86:ad:9a:dd:14:f6:39:43:47:d2:b8:
4f:77:74:91:63:48:47:27:a2:b7:5e:5b:85:e0:0a:65:7b:36:
09:c9:de:18:86:f7:09:6c:84:41:94:b6:f2:46:8e:e4:45:6c:
a0:9e:15:41:53:0d:ef:ac:49:d4:38:dd:04:2d:0b:4a:2a:bb:
85:76:b1:47:0e:91:80:e1:7d:59:3a:4a:ff:92:22:24:01:ec:
21:5d:a4:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQZhDNHu3PoSsyxUzp2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGYwMGI1MWY5NmU4NWNkY2NkNjk1M2FkMDZkZmE0NmQxZTg3MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiMQmuIJbFEWl1h01dvDYMw5BB65
veFhvqFtrjHgsblSzmBQbSMEQMuuF0DNLnjDcicXrPd1q7QQyfwIs1wj7dgBRLBW
lVSnQNHMcyOb6FkMBiz3r5O7OZdlrXXbolc0gnyvy6Im214dIvYwtNMGkxkLUF4f
E602Xl7Ai1Ihrw4DjjAE5WNHJu+A2PxGq4YERnyYEMTfzkwLUgJSMtihKnxzAb5x
gWY64pPgM4xRaqSwX/M/+AmlGZcLvjMivmYtK8cbB/nYZdUvyTScTAUBLrPhuYY/
6095/L8o38ScHtOGGTUowqMclhWygHX1wapWDDZFJCrmrHomIUiS5kQ+qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTwC1H5boXNzNaVOtBt+kbR6HKQMB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEveFBBTFVmbHVoYzNNMXBVNjBHMzZSdEhvY3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVEaMA0G
CSqGSIb3DQEBCwUAA4IBAQBQXAE1y4YTs8PwiAeUmCH4dxa9mqOkRFqxbrwbq7ZK
7tSoBUpr6Jc3kd2U8aw2SXryVsLUgHONjiyv6JJjleX9+MqmmpaRdVQVl7EijgBZ
EHM/5WdeXsWkBwV8WXlCZXi2QnkF1x51NMlyx3i3SxeMspN39oI50HleYEgI0Okc
HncHfN7mtIPCmtg4Jw1FBdvbxAmudw9GixMIqRVKAsmJmZFyMMkLGQtDhq2a3RT2
OUNH0rhPd3SRY0hHJ6K3XluF4AplezYJyd4YhvcJbIRBlLbyRo7kRWygnhVBUw3v
rEnUON0ELQtKKruFdrFHDpGA4X1ZOkr/kiIkAewhXaQ2
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:37:49 2024 by rpki-client on console-fra.rpki-client.org