Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XsnL58BowN54P94Hq8ZFELardLk.roa
File: XsnL58BowN54P94Hq8ZFELardLk.roa (raw, json)
Hash identifier: HNbFuOKPa1T82T8LpW7Qm3FZ0tR+dmMImgYgvtx3m4g=
Subject key identifier: 5E:C9:CB:E7:C0:68:C0:DE:78:3F:DE:07:AB:C6:45:10:B6:AB:74:B9
Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Certificate serial: 01955CD2988BA7F17652CBC6DAD8E8D1A7FB
Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XsnL58BowN54P94Hq8ZFELardLk.roa
Signing time: Mon 03 Mar 2025 16:24:20 +0000
ROA not before: Mon 03 Mar 2025 16:24:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212669
IP address blocks: 45.134.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:d2:98:8b:a7:f1:76:52:cb:c6:da:d8:e8:d1:a7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Validity
Not Before: Mar 3 16:24:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ec9cbe7c068c0de783fde07abc64510b6ab74b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5f:ee:f1:00:c1:c7:72:75:08:0a:a2:8e:21:
f5:0e:24:2d:9c:c7:c1:56:0d:62:2e:09:8a:6a:8b:
66:f2:5f:74:32:20:5f:06:37:26:39:1e:a0:9a:b8:
fc:23:ea:15:64:93:8e:87:0d:32:2d:4c:ca:2e:8c:
b8:85:ab:cd:b8:5d:a8:03:35:b6:ef:f3:ad:46:18:
59:4e:e4:28:f9:b8:db:7b:9c:6a:c4:0c:25:63:99:
3c:be:3a:ce:f1:45:32:ad:ab:fa:45:fc:e0:3c:f7:
28:01:82:05:ae:c3:e2:4d:88:18:49:5c:df:ed:26:
69:d2:ba:9f:2e:5f:3e:1c:d8:45:af:0f:52:8a:08:
61:1c:47:01:26:19:bb:a3:c0:71:84:49:4e:42:28:
58:8e:61:52:07:f7:c9:24:0a:c3:c4:dc:6b:4e:f8:
a2:58:b2:00:cd:a9:27:23:1c:2d:f4:52:db:8b:f4:
1e:3b:f3:74:25:3f:3c:e8:37:d6:95:3f:f9:cd:2e:
7c:4a:75:40:da:f1:35:ac:9c:f2:24:e5:50:06:12:
3c:7c:3a:7a:6c:3e:19:50:84:d1:bc:d0:0d:7e:35:
df:33:e7:96:c6:59:8c:84:57:74:28:24:ab:87:d2:
a8:3c:6a:3a:09:fd:91:83:8a:14:e6:5a:16:73:4d:
2f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C9:CB:E7:C0:68:C0:DE:78:3F:DE:07:AB:C6:45:10:B6:AB:74:B9
X509v3 Authority Key Identifier:
keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XsnL58BowN54P94Hq8ZFELardLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.72.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:0c:41:c4:da:56:06:b9:13:3d:3d:56:07:a0:d9:fb:2c:e1:
69:11:db:fa:0c:94:cb:64:ab:09:b8:c7:f4:e3:4f:8a:3d:3a:
a5:65:82:be:8e:14:25:45:7b:0d:77:a3:f3:1b:5d:ad:ae:1f:
48:35:ea:31:32:41:7c:52:21:6a:48:13:b7:5f:fa:ce:f7:dc:
69:6c:da:5f:53:e9:1d:6a:d7:2d:93:b4:3b:97:08:b6:bd:cd:
42:ea:93:85:eb:b6:95:59:51:ab:65:1b:55:ef:b8:0c:fe:c3:
de:6b:8e:f5:a0:86:fc:a6:28:92:f0:df:af:c6:0a:30:b3:c7:
d7:3f:5e:13:1c:4b:ab:14:4e:c8:9b:59:eb:4b:f7:63:19:20:
e3:65:4b:f0:0b:c7:01:1c:c6:6e:09:e4:0c:bd:a4:01:8d:d6:
d5:7e:7b:e3:61:fc:bb:e3:a6:70:70:ce:43:71:8c:2e:ed:3a:
23:11:7c:5f:8b:a3:66:b7:1e:08:85:ac:9f:29:30:95:7c:63:
3b:ac:be:98:c2:51:2e:c8:b9:61:21:8d:75:d6:cc:60:f4:bd:
48:57:a8:4a:30:52:6a:60:b2:ea:f2:b8:4c:69:6f:5a:b4:3c:
4f:15:1a:8e:45:53:3a:c7:f4:71:e2:18:66:c3:02:5f:71:9d:
4b:f6:cc:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVc0piLp/F2UsvG2tjo0af7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy
MjcxYmEwHhcNMjUwMzAzMTYyNDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWM5Y2JlN2MwNjhjMGRlNzgzZmRlMDdhYmM2NDUxMGI2YWI3NGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll/u8QDBx3J1CAqijiH1DiQtnMfB
Vg1iLgmKaotm8l90MiBfBjcmOR6gmrj8I+oVZJOOhw0yLUzKLoy4havNuF2oAzW2
7/OtRhhZTuQo+bjbe5xqxAwlY5k8vjrO8UUyrav6RfzgPPcoAYIFrsPiTYgYSVzf
7SZp0rqfLl8+HNhFrw9SighhHEcBJhm7o8BxhElOQihYjmFSB/fJJArDxNxrTvii
WLIAzaknIxwt9FLbi/QeO/N0JT886DfWlT/5zS58SnVA2vE1rJzyJOVQBhI8fDp6
bD4ZUITRvNANfjXfM+eWxlmMhFd0KCSrh9KoPGo6Cf2Rg4oU5loWc00v+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7Jy+fAaMDeeD/eB6vGRRC2q3S5MB8GA1UdIwQY
MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt
NzM2ZDEyODg4Y2E4LzEvWHNuTDU4Qm93TjU0UDk0SHE4WkZFTGFyZExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4
LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYZIMA0G
CSqGSIb3DQEBCwUAA4IBAQB/DEHE2lYGuRM9PVYHoNn7LOFpEdv6DJTLZKsJuMf0
40+KPTqlZYK+jhQlRXsNd6PzG12trh9INeoxMkF8UiFqSBO3X/rO99xpbNpfU+kd
atctk7Q7lwi2vc1C6pOF67aVWVGrZRtV77gM/sPea471oIb8piiS8N+vxgows8fX
P14THEurFE7Im1nrS/djGSDjZUvwC8cBHMZuCeQMvaQBjdbVfnvjYfy746ZwcM5D
cYwu7TojEXxfi6Nmtx4IhayfKTCVfGM7rL6YwlEuyLlhIY111sxg9L1IV6hKMFJq
YLLq8rhMaW9atDxPFRqORVM6x/Rx4hhmwwJfcZ1L9swi
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:36:18 2025 by rpki-client