Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/XTHtGod4dCrJHnMbrodjjNF-5f0.roa
File: XTHtGod4dCrJHnMbrodjjNF-5f0.roa (raw, json)
Hash identifier: ml525+BbXnisksGpZ7YawxjX+58KW7bsPQRvEhI/Oi0=
Subject key identifier: 5D:31:ED:1A:87:78:74:2A:C9:1E:73:1B:AE:87:63:8C:D1:7E:E5:FD
Certificate issuer: /CN=b960b14746c5875244ae3b694162ec6d8c63255e
Certificate serial: 018CC26D03826CA793E345869B6B6199D8A4
Authority key identifier: B9:60:B1:47:46:C5:87:52:44:AE:3B:69:41:62:EC:6D:8C:63:25:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/XTHtGod4dCrJHnMbrodjjNF-5f0.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41960
IP address blocks: 45.135.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:03:82:6c:a7:93:e3:45:86:9b:6b:61:99:d8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b960b14746c5875244ae3b694162ec6d8c63255e
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d31ed1a8778742ac91e731bae87638cd17ee5fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5d:78:9c:2e:6f:eb:23:a2:7e:30:3a:69:d6:
c3:10:25:86:04:a4:a4:77:dc:50:45:2f:a6:0c:52:
ed:68:9a:15:1f:0b:4b:7f:30:08:d4:7d:bf:8e:72:
73:0c:7b:21:ec:45:c6:6f:62:ec:57:6f:f6:8c:54:
2e:42:a0:bc:77:48:11:0e:4b:65:2b:9f:fc:71:7d:
df:d9:ca:3f:57:3f:f7:03:50:11:c7:9c:58:b9:8d:
01:4b:09:94:d0:0a:ad:7d:09:00:8c:2a:3a:7e:96:
72:a0:0c:b1:0d:dd:ce:55:ab:a2:51:0a:1c:3f:d1:
ce:7d:3b:1e:f0:70:ea:8d:35:49:1e:19:f7:e4:2e:
55:16:0c:6e:af:ee:ff:42:22:b5:ca:d0:f9:99:3d:
9c:c1:a9:53:fc:2b:6d:c7:da:56:8e:96:90:27:b8:
aa:73:2a:6a:38:cf:4e:aa:04:62:39:b6:38:26:f6:
dc:c7:f4:05:39:72:63:1c:c1:9e:98:9e:22:cd:75:
04:42:29:5a:d1:5e:c7:fb:28:c9:d6:a6:c1:db:a6:
23:70:cc:d4:86:e8:84:f5:db:7b:49:6e:3f:9d:bc:
54:b7:5e:30:e0:92:2c:40:67:89:09:cd:08:0e:a5:
8c:f2:d8:80:65:a0:f8:de:70:62:a5:69:46:4f:73:
17:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:31:ED:1A:87:78:74:2A:C9:1E:73:1B:AE:87:63:8C:D1:7E:E5:FD
X509v3 Authority Key Identifier:
keyid:B9:60:B1:47:46:C5:87:52:44:AE:3B:69:41:62:EC:6D:8C:63:25:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/XTHtGod4dCrJHnMbrodjjNF-5f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.211.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:16:70:84:1e:e0:c4:09:63:fc:88:bb:bd:a2:90:f2:42:75:
18:4b:91:d9:ed:f6:e7:07:3a:d0:ca:c9:97:8c:62:62:de:c2:
ae:56:8e:ef:24:78:a2:04:ea:a6:b4:b0:f7:b4:6b:e5:71:7e:
d8:d4:9c:67:96:73:1a:30:1d:72:1d:07:80:54:26:16:c2:86:
d1:f9:08:62:b9:4f:c7:73:a2:29:82:ea:48:9d:e6:06:81:77:
58:3b:78:62:ca:c9:43:24:86:b3:3d:80:5b:47:3a:3e:07:9a:
17:8f:50:c2:75:9f:13:c8:c9:6f:69:97:c1:f5:69:fb:cb:a3:
1f:9a:8a:22:87:54:8b:12:b5:7d:f1:a3:9e:86:52:64:72:29:
c3:ee:e9:c7:57:42:92:63:01:8d:8a:15:51:a4:4d:1a:32:9c:
b1:3e:9e:74:6a:d3:20:a3:70:46:0d:9e:6a:2c:f9:01:98:5d:
fa:83:29:6a:cf:88:ec:d0:d2:30:3d:bf:ba:a3:8c:c2:c1:ce:
f2:87:a5:e8:68:12:89:90:0c:04:8d:a2:e1:3c:61:38:87:d6:
8d:bc:33:3b:e1:ea:05:59:53:67:40:ac:62:65:42:26:db:e0:
00:fa:26:e6:a2:ef:74:e7:ac:e6:27:d1:ca:39:eb:dc:5f:17:
ed:e1:72:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQOCbKeT40WGm2thmdikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NjBiMTQ3NDZjNTg3NTI0NGFlM2I2OTQxNjJlYzZkOGM2
MzI1NWUwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDMxZWQxYTg3Nzg3NDJhYzkxZTczMWJhZTg3NjM4Y2QxN2VlNWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy114nC5v6yOifjA6adbDECWGBKSk
d9xQRS+mDFLtaJoVHwtLfzAI1H2/jnJzDHsh7EXGb2LsV2/2jFQuQqC8d0gRDktl
K5/8cX3f2co/Vz/3A1ARx5xYuY0BSwmU0AqtfQkAjCo6fpZyoAyxDd3OVauiUQoc
P9HOfTse8HDqjTVJHhn35C5VFgxur+7/QiK1ytD5mT2cwalT/Cttx9pWjpaQJ7iq
cypqOM9OqgRiObY4Jvbcx/QFOXJjHMGemJ4izXUEQila0V7H+yjJ1qbB26YjcMzU
huiE9dt7SW4/nbxUt14w4JIsQGeJCc0IDqWM8tiAZaD43nBipWlGT3MXFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0x7RqHeHQqyR5zG66HY4zRfuX9MB8GA1UdIwQY
MBaAFLlgsUdGxYdSRK47aUFi7G2MYyVeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVdDeFIwYkZoMUpFcmp0cFFXTHNiWXhqSlY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80NTgwNzgtNDI2ZS00NDQ5LWEyYTkt
MTg4ODJhMjgwOWIyLzEvWFRIdEdvZDRkQ3JKSG5NYnJvZGpqTkYtNWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80NTgwNzgtNDI2ZS00NDQ5LWEyYTktMTg4ODJhMjgwOWIy
LzEvdVdDeFIwYkZoMUpFcmp0cFFXTHNiWXhqSlY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYfTMA0G
CSqGSIb3DQEBCwUAA4IBAQC9FnCEHuDECWP8iLu9opDyQnUYS5HZ7fbnBzrQysmX
jGJi3sKuVo7vJHiiBOqmtLD3tGvlcX7Y1JxnlnMaMB1yHQeAVCYWwobR+QhiuU/H
c6IpgupIneYGgXdYO3hiyslDJIazPYBbRzo+B5oXj1DCdZ8TyMlvaZfB9Wn7y6Mf
mooih1SLErV98aOehlJkcinD7unHV0KSYwGNihVRpE0aMpyxPp50atMgo3BGDZ5q
LPkBmF36gylqz4js0NIwPb+6o4zCwc7yh6XoaBKJkAwEjaLhPGE4h9aNvDM74eoF
WVNnQKxiZUIm2+AA+ibmou9056zmJ9HKOevcXxft4XKc
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:07 2024 by rpki-client on console-fra.rpki-client.org