Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/sfRb7PnQnp6KzcxBJFWxYiAoHlU.roa
File: sfRb7PnQnp6KzcxBJFWxYiAoHlU.roa (raw, json)
Hash identifier: 4vkc/0sluobAYxIwzdbQlTD3R28W1r1PHJ8PcOAoKfs=
Subject key identifier: B1:F4:5B:EC:F9:D0:9E:9E:8A:CD:CC:41:24:55:B1:62:20:28:1E:55
Certificate issuer: /CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Certificate serial: 0191DA5CECF1F3B36F578037958882BDCDC0
Authority key identifier: C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/sfRb7PnQnp6KzcxBJFWxYiAoHlU.roa
Signing time: Tue 10 Sep 2024 05:16:48 +0000
ROA not before: Tue 10 Sep 2024 05:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12679
IP address blocks: 45.134.13.0/24 maxlen: 24
185.192.21.0/24 maxlen: 24
185.192.22.0/24 maxlen: 24
185.192.23.0/24 maxlen: 24
212.8.224.0/22 maxlen: 22
212.8.228.0/24 maxlen: 24
2a07:500::/32 maxlen: 32
2a07:501::/32 maxlen: 32
2a07:502::/32 maxlen: 32
2a07:503::/32 maxlen: 32
2a07:504::/32 maxlen: 32
2a07:505::/32 maxlen: 32
2a07:506::/32 maxlen: 32
2a07:507::/32 maxlen: 32
2a0e:7c40::/32 maxlen: 32
2a0e:7c41::/32 maxlen: 32
2a0e:7c42::/32 maxlen: 32
2a0e:7c43::/32 maxlen: 32
2a0e:7c44::/32 maxlen: 32
2a0e:7c45::/32 maxlen: 32
2a0e:7c46::/32 maxlen: 32
2a0e:7c47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 12:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:5c:ec:f1:f3:b3:6f:57:80:37:95:88:82:bd:cd:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Validity
Not Before: Sep 10 05:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1f45becf9d09e9e8acdcc412455b16220281e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5c:32:fa:83:17:96:2b:94:bc:3d:4e:4d:c2:
de:74:ac:d9:8c:19:d3:c1:72:79:b0:44:a9:10:d0:
9f:34:2f:11:f8:eb:14:60:ab:1c:ff:bd:9a:c5:f6:
4e:ed:93:5a:c5:ac:6d:ca:b2:6f:1c:d8:4e:59:d9:
26:d4:3c:ec:1e:04:b6:1d:9e:c7:4f:9f:7b:86:75:
29:71:b3:f8:d8:48:b2:87:ea:3e:15:1b:6e:11:b0:
d7:5b:54:db:45:8e:14:61:b9:4e:b2:05:7a:8a:bd:
1a:1a:e0:76:72:a9:29:90:2f:fe:25:57:e2:b5:1d:
aa:bd:26:a5:10:e8:5f:f7:cb:20:13:01:f7:91:bb:
8e:73:81:1f:c2:4d:75:d4:93:2d:7e:a1:ab:c4:60:
42:9e:74:8e:c9:28:ff:00:a5:7e:8b:92:08:84:4a:
5c:fd:d1:29:45:7d:aa:04:67:18:79:13:c6:33:e7:
12:1b:8b:35:c9:fd:e4:9b:04:5c:30:df:38:8c:f4:
e4:f8:ae:b6:b9:53:15:1c:bf:b1:69:56:f2:90:b9:
b0:2e:33:a3:cd:de:5d:eb:3f:65:d1:8e:8b:15:44:
90:c7:98:05:f2:f6:b2:77:75:bc:14:06:2d:6c:3d:
52:d0:27:a2:da:96:6f:cd:9a:0e:72:e9:6a:0d:97:
92:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F4:5B:EC:F9:D0:9E:9E:8A:CD:CC:41:24:55:B1:62:20:28:1E:55
X509v3 Authority Key Identifier:
keyid:C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/sfRb7PnQnp6KzcxBJFWxYiAoHlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.13.0/24
185.192.21.0-185.192.23.255
212.8.224.0-212.8.228.255
IPv6:
2a07:500::/29
2a0e:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
2a:81:54:c1:9e:21:c9:49:53:ce:f4:95:ef:89:bf:c2:0c:bd:
1b:f8:f8:56:04:9b:90:e2:3a:70:ee:7f:cb:fc:08:ca:2c:12:
bb:ff:07:ab:82:5f:21:0b:a0:da:99:55:ef:23:d1:e5:43:5a:
44:91:83:c7:69:8a:b5:61:40:d6:09:82:c7:5a:81:98:fc:91:
f9:e6:5d:c5:95:ea:e0:06:5e:93:1d:c9:c6:bf:ce:0b:fc:ec:
37:81:61:27:ed:4e:42:b2:19:27:5d:42:5b:b0:3e:94:d4:aa:
4d:bc:fe:13:b8:54:e5:34:a5:ba:ef:ad:27:f6:e6:59:8f:e2:
54:32:ef:18:6d:f3:e1:ee:8b:30:65:c4:ea:b4:9c:72:b6:08:
f7:ca:16:6a:0b:b7:eb:39:be:c5:5e:e8:f3:3d:07:c6:ce:9e:
ff:96:d8:d6:e7:aa:82:51:56:3f:49:ed:62:e2:cb:9f:d0:5e:
e8:56:a9:7b:9b:56:9f:a6:e7:91:42:8a:b4:88:ac:a2:47:f8:
52:c8:76:ac:87:af:5e:55:8d:b1:e0:52:74:8c:36:cb:6e:af:
fb:77:3d:2c:be:8d:ba:07:23:c8:44:2b:32:7f:59:d5:af:a7:
66:b6:3c:b1:79:22:c4:69:20:e0:1f:61:f1:66:86:0f:14:51:
6b:0b:c7:68
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZHaXOzx87NvV4A3lYiCvc3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTY5NzE2ZDBhZTY0MDY4NzAzMTQwYWEzNzMwZTM3ODhm
ZGQ0YzYwHhcNMjQwOTEwMDUxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWY0NWJlY2Y5ZDA5ZTllOGFjZGNjNDEyNDU1YjE2MjIwMjgxZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslwy+oMXliuUvD1OTcLedKzZjBnT
wXJ5sESpENCfNC8R+OsUYKsc/72axfZO7ZNaxaxtyrJvHNhOWdkm1DzsHgS2HZ7H
T597hnUpcbP42Eiyh+o+FRtuEbDXW1TbRY4UYblOsgV6ir0aGuB2cqkpkC/+JVfi
tR2qvSalEOhf98sgEwH3kbuOc4Efwk111JMtfqGrxGBCnnSOySj/AKV+i5IIhEpc
/dEpRX2qBGcYeRPGM+cSG4s1yf3kmwRcMN84jPTk+K62uVMVHL+xaVbykLmwLjOj
zd5d6z9l0Y6LFUSQx5gF8vayd3W8FAYtbD1S0Cei2pZvzZoOculqDZeSuQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLH0W+z50J6eis3MQSRVsWIgKB5VMB8GA1UdIwQY
MBaAFMYWlxbQrmQGhwMUCqNzDjeI/dTGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2Yt
MDQyNDQ2YjcwZmIxLzEvc2ZSYjdQblFucDZLemN4QkpGV3hZaUFvSGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2YtMDQyNDQ2YjcwZmIx
LzEveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAoBAIAATAiAwQALYYNMAwD
BAC5wBUDBAO5wBAwDAMEBdQI4AMEANQI5DAUBAIAAjAOAwUDKgcFAAMFAyoOfEAw
DQYJKoZIhvcNAQELBQADggEBACqBVMGeIclJU870le+Jv8IMvRv4+FYEm5DiOnDu
f8v8CMosErv/B6uCXyELoNqZVe8j0eVDWkSRg8dpirVhQNYJgsdagZj8kfnmXcWV
6uAGXpMdyca/zgv87DeBYSftTkKyGSddQluwPpTUqk28/hO4VOU0pbrvrSf25lmP
4lQy7xht8+HuizBlxOq0nHK2CPfKFmoLt+s5vsVe6PM9B8bOnv+W2NbnqoJRVj9J
7WLiy5/QXuhWqXubVp+m55FCirSIrKJH+FLIdqyHr15VjbHgUnSMNstur/t3PSy+
jboHI8hEKzJ/WdWvp2a2PLF5IsRpIOAfYfFmhg8UUWsLx2g=
-----END CERTIFICATE-----
Generated at Sun Nov 24 20:17:15 2024 by rpki-client on console-ams.rpki-client.org