Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XBjsj2pFuTXMB1LH1mWENqR0iTI.roa
File: XBjsj2pFuTXMB1LH1mWENqR0iTI.roa (raw, json)
Hash identifier: z2N5e42WOx6D1qp9KiDdPnti4cEsFDdUbS8qUPI6nVA=
Subject key identifier: 5C:18:EC:8F:6A:45:B9:35:CC:07:52:C7:D6:65:84:36:A4:74:89:32
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018D83FAE9A9ED8DBAE4B59F3ABF78FEDBC5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XBjsj2pFuTXMB1LH1mWENqR0iTI.roa
Signing time: Wed 07 Feb 2024 14:31:15 +0000
ROA not before: Wed 07 Feb 2024 14:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.128.79.0/24 maxlen: 24
45.141.178.0/24 maxlen: 24
93.190.246.0/24 maxlen: 24
2a0f:7d03::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:fa:e9:a9:ed:8d:ba:e4:b5:9f:3a:bf:78:fe:db:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 7 14:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c18ec8f6a45b935cc0752c7d6658436a4748932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3f:4d:70:cc:c9:6a:0f:24:19:6c:c4:0b:78:
33:bd:18:da:26:68:11:e8:d6:c4:dd:15:ba:88:87:
ac:f1:3d:89:ed:74:72:70:73:18:4a:3a:0a:b3:03:
4c:b3:1c:42:02:ac:05:af:6c:59:83:77:3d:83:03:
08:20:ee:20:07:bd:e2:e6:bb:4d:88:81:0a:aa:06:
80:e1:1d:df:c0:19:7b:f4:fd:96:bc:b2:35:33:72:
0c:24:87:ce:e6:72:06:0f:65:e6:c6:fa:de:22:95:
0b:06:ba:a2:d0:2e:3a:fa:9c:c4:15:9c:90:ee:8b:
5d:47:a9:31:47:c9:f4:03:d5:ee:de:e1:9b:fb:93:
8b:e4:4f:2d:bb:69:75:ec:e4:14:5e:35:53:cc:9d:
7f:1a:d8:a3:8e:ba:4b:83:d2:d9:35:b9:e1:a4:da:
f9:98:d3:78:4f:99:6f:3b:f4:86:13:3d:f2:14:3a:
76:ea:3e:c2:d8:e5:bd:74:46:ed:81:d8:af:ca:83:
0f:ef:f1:f0:90:5b:5c:d9:c4:15:4e:b8:ea:f8:63:
44:1a:e0:70:f1:41:97:c5:25:c9:9d:8e:f4:0a:50:
2d:b9:a7:1a:a9:70:3b:df:df:20:d7:31:55:c9:ae:
3f:06:f9:03:f4:51:78:66:4b:77:68:5c:4b:1c:b0:
84:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:18:EC:8F:6A:45:B9:35:CC:07:52:C7:D6:65:84:36:A4:74:89:32
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XBjsj2pFuTXMB1LH1mWENqR0iTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.79.0/24
45.141.178.0/24
93.190.246.0/24
IPv6:
2a0f:7d03::/32
Signature Algorithm: sha256WithRSAEncryption
a9:5e:26:27:86:3f:41:9c:f3:e8:4e:31:0e:b6:52:4a:58:7c:
9e:9d:72:23:32:b5:bb:9c:d3:28:56:f4:32:10:d3:75:78:e4:
7b:c9:df:5f:3a:6d:bc:d0:d5:f7:d1:05:8d:dc:05:3c:ae:c8:
06:ff:cb:cb:b1:d9:54:f0:62:47:55:c0:10:1f:60:d8:f2:c8:
f8:7b:60:3b:a0:f8:10:c5:5f:fd:16:5e:07:5e:e2:c8:51:2a:
06:5d:ea:f7:33:d8:dc:1c:d1:f5:95:ad:fd:a5:f6:ff:5a:a0:
c2:4e:b8:d3:24:a5:31:22:93:7c:fe:07:d1:88:e8:81:1d:3c:
0b:65:f8:5a:71:53:9f:88:8b:6a:5f:7c:ee:4e:52:a6:08:c2:
1d:06:c9:12:35:d8:a3:a5:f8:f6:06:82:64:e3:c5:21:5f:00:
eb:4f:e1:51:ae:c9:13:84:c5:ee:4b:c3:10:4b:d9:2a:f3:50:
c8:68:8b:ef:dd:d8:c6:03:6e:ca:ce:87:f7:dc:49:d5:83:07:
32:56:8d:9e:34:97:2b:2f:cf:92:62:2f:3d:e5:ee:7e:16:fa:
71:6b:38:6b:62:68:26:a6:45:06:16:98:8a:2f:ed:8c:f0:3f:
38:f6:1d:61:91:4f:a0:af:1c:59:e9:74:14:49:04:aa:7d:fb:
0e:ed:94:4a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY2D+ump7Y265LWfOr94/tvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMjA3MTQzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzE4ZWM4ZjZhNDViOTM1Y2MwNzUyYzdkNjY1ODQzNmE0NzQ4OTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2D9NcMzJag8kGWzEC3gzvRjaJmgR
6NbE3RW6iIes8T2J7XRycHMYSjoKswNMsxxCAqwFr2xZg3c9gwMIIO4gB73i5rtN
iIEKqgaA4R3fwBl79P2WvLI1M3IMJIfO5nIGD2XmxvreIpULBrqi0C46+pzEFZyQ
7otdR6kxR8n0A9Xu3uGb+5OL5E8tu2l17OQUXjVTzJ1/GtijjrpLg9LZNbnhpNr5
mNN4T5lvO/SGEz3yFDp26j7C2OW9dEbtgdivyoMP7/HwkFtc2cQVTrjq+GNEGuBw
8UGXxSXJnY70ClAtuacaqXA7398g1zFVya4/BvkD9FF4Zkt3aFxLHLCEQQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFwY7I9qRbk1zAdSx9ZlhDakdIkyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWEJqc2oycEZ1VFhNQjFMSDFtV0VOcVIwaVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYBPAwQA
LY2yAwQAXb72MA0EAgACMAcDBQAqD30DMA0GCSqGSIb3DQEBCwUAA4IBAQCpXiYn
hj9BnPPoTjEOtlJKWHyenXIjMrW7nNMoVvQyENN1eOR7yd9fOm280NX30QWN3AU8
rsgG/8vLsdlU8GJHVcAQH2DY8sj4e2A7oPgQxV/9Fl4HXuLIUSoGXer3M9jcHNH1
la39pfb/WqDCTrjTJKUxIpN8/gfRiOiBHTwLZfhacVOfiItqX3zuTlKmCMIdBskS
Ndijpfj2BoJk48UhXwDrT+FRrskThMXuS8MQS9kq81DIaIvv3djGA27Kzof33EnV
gwcyVo2eNJcrL8+SYi895e5+FvpxazhrYmgmpkUGFpiKL+2M8D849h1hkU+grxxZ
6XQUSQSqffsO7ZRK
-----END CERTIFICATE-----
Generated at Sun Apr 28 05:47:43 2024 by rpki-client on console-ams.rpki-client.org