Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/xzcFnaWcS_DKuHaWqvXdH4qfwdg.roa
File: xzcFnaWcS_DKuHaWqvXdH4qfwdg.roa (raw, json)
Hash identifier: oCxBefxPctPMTEdZq+WuANi/glZxbeZQarJ84WqbXz0=
Subject key identifier: C7:37:05:9D:A5:9C:4B:F0:CA:B8:76:96:AA:F5:DD:1F:8A:9F:C1:D8
Certificate issuer: /CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Certificate serial: 018F7CA03793F4600E0F39B30E277843FC6E
Authority key identifier: 4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/xzcFnaWcS_DKuHaWqvXdH4qfwdg.roa
Signing time: Wed 15 May 2024 14:20:25 +0000
ROA not before: Wed 15 May 2024 14:20:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198034
IP address blocks: 45.10.44.0/24 maxlen: 24
91.230.169.0/24 maxlen: 24
185.153.28.0/23 maxlen: 23
185.153.30.0/23 maxlen: 23
2a12:9240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7c:a0:37:93:f4:60:0e:0f:39:b3:0e:27:78:43:fc:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Validity
Not Before: May 15 14:20:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c737059da59c4bf0cab87696aaf5dd1f8a9fc1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d8:9a:0f:3e:68:a5:11:4b:9a:4c:d1:09:24:
a9:a7:ec:36:57:6b:5c:e8:97:0d:5d:c8:19:b9:91:
4c:14:ca:03:86:cc:55:d9:55:74:79:61:dc:db:6d:
f0:7a:86:c6:b2:ca:e9:ea:44:69:7d:a8:0e:48:4e:
1f:cc:ff:8c:ba:b1:44:a2:ba:d6:31:d1:a2:10:4b:
65:81:08:1c:8d:82:4d:5a:03:e6:6f:b6:2b:da:8b:
52:86:f7:54:67:49:1a:2b:52:73:03:7f:c2:29:27:
58:49:e8:01:88:2e:4b:35:6f:c2:df:45:50:67:30:
7f:cb:5d:47:a6:a0:b5:dc:9d:24:47:4a:b9:5b:02:
1d:70:ff:ee:fd:09:66:88:dc:3c:39:4d:c5:7f:45:
82:52:b2:98:ed:5a:18:90:16:1c:90:7f:b6:88:b0:
0f:5b:e6:ed:75:eb:8c:12:20:1a:7b:0b:95:f8:a9:
4d:97:91:29:48:6e:c5:3f:be:ef:16:f2:7e:5c:a1:
61:04:7c:17:ec:16:d1:12:5d:c1:5e:d0:c9:ad:a7:
4a:f7:f3:0e:55:ca:15:16:d4:9d:21:8c:e6:88:e2:
19:bc:0b:4a:f5:57:61:35:45:7b:48:6e:1f:c5:b1:
5c:ca:72:0c:85:5f:9a:1d:72:c0:63:13:45:d8:e3:
bf:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:37:05:9D:A5:9C:4B:F0:CA:B8:76:96:AA:F5:DD:1F:8A:9F:C1:D8
X509v3 Authority Key Identifier:
keyid:4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/xzcFnaWcS_DKuHaWqvXdH4qfwdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.44.0/24
91.230.169.0/24
185.153.28.0/22
IPv6:
2a12:9240::/32
Signature Algorithm: sha256WithRSAEncryption
6e:e7:e7:4c:4c:7a:46:5e:b9:e0:2d:ca:cd:12:a6:83:38:e3:
4a:f0:26:3f:c9:a6:a6:1d:c6:f6:a7:8b:7b:69:9d:f9:e0:cc:
52:39:cf:e4:71:52:84:f7:e7:1c:9a:88:44:d2:20:cb:5c:fc:
db:12:66:6a:dd:5b:61:76:7f:43:6a:a1:52:0c:fe:71:36:0d:
b9:58:33:0c:79:37:75:bc:f6:64:e7:19:e5:2a:1a:5b:9d:55:
87:cf:1d:1f:be:58:98:be:90:1f:fe:80:71:ef:24:ca:11:cd:
4c:0a:26:6a:35:83:61:1b:16:5c:fa:cd:ec:e6:27:16:9e:29:
03:dc:45:97:d5:de:c9:1e:99:6f:7c:9f:60:2c:3a:2d:de:7b:
14:dd:56:a2:96:c1:c0:02:72:83:fb:32:52:ee:65:0c:64:62:
d5:30:96:5f:f7:6e:29:69:8d:8b:43:79:6c:b7:2f:d9:42:bc:
16:e0:15:eb:ed:94:0c:67:35:af:82:13:27:c3:69:1b:25:bf:
31:99:5e:86:be:13:5a:ab:bf:85:e4:9b:5a:e9:1b:7a:e8:03:
c6:c4:8f:41:b8:f9:47:05:4a:df:07:3c:1e:f5:f0:c4:fc:6c:
2d:dd:6a:46:3a:f7:58:cb:17:29:6d:6a:bc:50:3e:65:83:6e:
f9:95:5c:31
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY98oDeT9GAODzmzDid4Q/xuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTllNGVhZTQ4YTAxYzc4MWZhYWQxMWY2ZDgxYTkxZWEz
M2JkZmYwHhcNMjQwNTE1MTQyMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzM3MDU5ZGE1OWM0YmYwY2FiODc2OTZhYWY1ZGQxZjhhOWZjMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdiaDz5opRFLmkzRCSSpp+w2V2tc
6JcNXcgZuZFMFMoDhsxV2VV0eWHc223weobGssrp6kRpfagOSE4fzP+MurFEorrW
MdGiEEtlgQgcjYJNWgPmb7Yr2otShvdUZ0kaK1JzA3/CKSdYSegBiC5LNW/C30VQ
ZzB/y11HpqC13J0kR0q5WwIdcP/u/QlmiNw8OU3Ff0WCUrKY7VoYkBYckH+2iLAP
W+btdeuMEiAaewuV+KlNl5EpSG7FP77vFvJ+XKFhBHwX7BbREl3BXtDJradK9/MO
VcoVFtSdIYzmiOIZvAtK9VdhNUV7SG4fxbFcynIMhV+aHXLAYxNF2OO/fQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMc3BZ2lnEvwyrh2lqr13R+Kn8HYMB8GA1UdIwQY
MBaAFE+Z5OrkigHHgfqtEfbYGpHqM73/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgt
OGI4ZjNmOGQ3MzAzLzEveHpjRm5hV2NTX0RLdUhhV3F2WGRINHFmd2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgtOGI4ZjNmOGQ3MzAz
LzEvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALQosAwQA
W+apAwQCuZkcMA0EAgACMAcDBQAqEpJAMA0GCSqGSIb3DQEBCwUAA4IBAQBu5+dM
THpGXrngLcrNEqaDOONK8CY/yaamHcb2p4t7aZ354MxSOc/kcVKE9+ccmohE0iDL
XPzbEmZq3Vthdn9DaqFSDP5xNg25WDMMeTd1vPZk5xnlKhpbnVWHzx0fvliYvpAf
/oBx7yTKEc1MCiZqNYNhGxZc+s3s5icWnikD3EWX1d7JHplvfJ9gLDot3nsU3Vai
lsHAAnKD+zJS7mUMZGLVMJZf924paY2LQ3lsty/ZQrwW4BXr7ZQMZzWvghMnw2kb
Jb8xmV6GvhNaq7+F5Jta6Rt66APGxI9BuPlHBUrfBzwe9fDE/Gwt3WpGOvdYyxcp
bWq8UD5lg275lVwx
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:54:13 2024 by rpki-client on console-ams.rpki-client.org