Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/whN2rlu4LvClQ0WO0AhW7cblk0s.roa
File: whN2rlu4LvClQ0WO0AhW7cblk0s.roa (raw, json)
Hash identifier: MU4Pfz+w/7f7KG0Vj41Pvgn3i/2O9klu372ouIAUAM8=
Subject key identifier: C2:13:76:AE:5B:B8:2E:F0:A5:43:45:8E:D0:08:56:ED:C6:E5:93:4B
Certificate issuer: /CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Certificate serial: 018D3ADB111095585799D0F9BC452DB3797B
Authority key identifier: C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/whN2rlu4LvClQ0WO0AhW7cblk0s.roa
Signing time: Wed 24 Jan 2024 09:44:11 +0000
ROA not before: Wed 24 Jan 2024 09:44:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12679
IP address blocks: 45.134.13.0/24 maxlen: 24
185.192.21.0/24 maxlen: 24
185.192.22.0/24 maxlen: 24
185.192.23.0/24 maxlen: 24
212.8.224.0/22 maxlen: 22
212.8.228.0/24 maxlen: 24
2a07:500::/32 maxlen: 32
2a07:501::/32 maxlen: 32
2a07:502::/32 maxlen: 32
2a07:503::/32 maxlen: 32
2a07:504::/32 maxlen: 32
2a07:505::/32 maxlen: 32
2a07:506::/32 maxlen: 32
2a07:507::/32 maxlen: 32
2a0e:7c40::/32 maxlen: 32
2a0e:7c41::/32 maxlen: 32
2a0e:7c42::/32 maxlen: 32
2a0e:7c43::/32 maxlen: 32
2a0e:7c44::/32 maxlen: 32
2a0e:7c45::/32 maxlen: 32
2a0e:7c46::/32 maxlen: 32
2a0e:7c47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:db:11:10:95:58:57:99:d0:f9:bc:45:2d:b3:79:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Validity
Not Before: Jan 24 09:44:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c21376ae5bb82ef0a543458ed00856edc6e5934b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c2:78:f0:85:75:f9:a2:9f:76:4e:63:56:af:
d1:82:5d:e7:27:8e:e6:dc:36:5e:73:52:0e:a0:71:
cc:af:e8:ff:da:23:16:d5:5e:61:5f:e5:6e:5e:7b:
ef:c9:1e:55:42:49:9c:c7:07:d6:8f:06:6d:ba:24:
19:da:c5:21:83:22:50:2d:20:a8:e4:2d:f5:e0:81:
0b:94:12:e2:9f:3f:cb:fa:12:be:08:ca:19:6f:17:
0e:0d:4c:15:9e:f4:2b:d8:e2:b9:3f:04:22:ce:42:
29:75:7b:32:2c:d7:87:95:e3:7a:40:be:9e:c9:39:
3a:90:77:d7:a1:c9:df:31:2d:19:17:a4:c3:fd:5f:
7f:93:80:68:4b:79:55:6b:0b:96:55:d0:01:c5:b1:
f5:76:5c:dc:68:66:e9:bf:ad:09:f9:b4:4e:87:3e:
b8:a3:ff:d7:91:53:52:93:37:13:b9:13:5c:99:91:
80:28:0c:ba:e2:11:9e:13:d6:bf:ab:83:ed:db:49:
f3:37:3f:bc:61:ca:f9:f3:c6:7c:3e:93:5b:79:7c:
14:98:31:40:ec:63:60:c5:75:75:2d:e6:c2:7a:1c:
e6:9f:d4:d2:06:9a:ca:a8:97:8c:68:3d:7f:ea:cb:
80:9e:52:c6:57:93:95:0d:4a:a8:db:fc:4d:9f:2f:
7f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:13:76:AE:5B:B8:2E:F0:A5:43:45:8E:D0:08:56:ED:C6:E5:93:4B
X509v3 Authority Key Identifier:
keyid:C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/whN2rlu4LvClQ0WO0AhW7cblk0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.13.0/24
185.192.21.0-185.192.23.255
212.8.224.0-212.8.228.255
IPv6:
2a07:500::/29
2a0e:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
24:8d:b7:dd:d8:49:63:92:ab:12:73:79:79:85:36:4e:6d:83:
6e:65:6e:b8:3d:b9:d5:ed:6f:39:19:88:ff:41:57:59:f7:a6:
3a:3d:7c:c3:12:94:68:7d:63:b5:b7:8b:79:a0:25:fc:d2:57:
84:df:6e:a1:78:4d:58:ec:16:23:9e:f3:1b:7d:42:cd:4d:05:
01:d8:12:47:65:9e:71:c5:91:25:e9:f0:5a:06:f3:db:50:b1:
80:da:2b:2b:3d:78:0e:d7:90:e2:db:2b:23:c6:7f:83:ed:6b:
46:4f:b2:36:bc:13:45:46:b3:ab:6b:a6:5b:a5:d9:5c:65:2c:
1e:22:d0:e3:85:19:f5:fa:00:41:9a:3f:de:a7:fb:00:8f:8f:
29:6a:41:40:cd:5c:c5:47:57:09:c8:17:07:e3:cb:ff:d6:22:
8b:a3:86:dd:25:cc:b1:b7:0c:ad:c6:e0:45:cd:4e:73:ca:aa:
4e:e6:7b:2d:bf:5b:be:4d:e8:13:6c:04:37:8f:f9:05:f5:4d:
87:7d:39:ac:60:56:7c:04:41:b1:1a:50:12:ff:d5:53:56:51:
59:60:b6:51:4b:77:0d:2f:5a:27:3b:31:fa:77:5f:07:17:1d:
5c:7d:63:dd:23:a2:c7:75:8a:20:fd:29:c5:56:fb:09:e3:df:
bd:9d:d7:f6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY062xEQlVhXmdD5vEUts3l7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTY5NzE2ZDBhZTY0MDY4NzAzMTQwYWEzNzMwZTM3ODhm
ZGQ0YzYwHhcNMjQwMTI0MDk0NDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjEzNzZhZTViYjgyZWYwYTU0MzQ1OGVkMDA4NTZlZGM2ZTU5MzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8J48IV1+aKfdk5jVq/Rgl3nJ47m
3DZec1IOoHHMr+j/2iMW1V5hX+VuXnvvyR5VQkmcxwfWjwZtuiQZ2sUhgyJQLSCo
5C314IELlBLinz/L+hK+CMoZbxcODUwVnvQr2OK5PwQizkIpdXsyLNeHleN6QL6e
yTk6kHfXocnfMS0ZF6TD/V9/k4BoS3lVawuWVdABxbH1dlzcaGbpv60J+bROhz64
o//XkVNSkzcTuRNcmZGAKAy64hGeE9a/q4Pt20nzNz+8Ycr588Z8PpNbeXwUmDFA
7GNgxXV1LebCehzmn9TSBprKqJeMaD1/6suAnlLGV5OVDUqo2/xNny9/xQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMITdq5buC7wpUNFjtAIVu3G5ZNLMB8GA1UdIwQY
MBaAFMYWlxbQrmQGhwMUCqNzDjeI/dTGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2Yt
MDQyNDQ2YjcwZmIxLzEvd2hOMnJsdTRMdkNsUTBXTzBBaFc3Y2JsazBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2YtMDQyNDQ2YjcwZmIx
LzEveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAoBAIAATAiAwQALYYNMAwD
BAC5wBUDBAO5wBAwDAMEBdQI4AMEANQI5DAUBAIAAjAOAwUDKgcFAAMFAyoOfEAw
DQYJKoZIhvcNAQELBQADggEBACSNt93YSWOSqxJzeXmFNk5tg25lbrg9udXtbzkZ
iP9BV1n3pjo9fMMSlGh9Y7W3i3mgJfzSV4TfbqF4TVjsFiOe8xt9Qs1NBQHYEkdl
nnHFkSXp8FoG89tQsYDaKys9eA7XkOLbKyPGf4Pta0ZPsja8E0VGs6trplul2Vxl
LB4i0OOFGfX6AEGaP96n+wCPjylqQUDNXMVHVwnIFwfjy//WIoujht0lzLG3DK3G
4EXNTnPKqk7mey2/W75N6BNsBDeP+QX1TYd9OaxgVnwEQbEaUBL/1VNWUVlgtlFL
dw0vWic7Mfp3XwcXHVx9Y90josd1iiD9KcVW+wnj372d1/Y=
-----END CERTIFICATE-----
Generated at Sat May 4 09:47:12 2024 by rpki-client on console-fra.rpki-client.org