Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/xMbA30gBKjHeRgfO5JswW1Q1v7M.roa
File: xMbA30gBKjHeRgfO5JswW1Q1v7M.roa (raw, json)
Hash identifier: CpKopsson8WBUi48FP9qQeFxgZeCChJEhAIfnOECrAo=
Subject key identifier: C4:C6:C0:DF:48:01:2A:31:DE:46:07:CE:E4:9B:30:5B:54:35:BF:B3
Certificate issuer: /CN=29493731efccc74ad5c273874b9360f7aa689465
Certificate serial: 018CC56DDF1D1E04D7A8BD7A9381F0A3C97E
Authority key identifier: 29:49:37:31:EF:CC:C7:4A:D5:C2:73:87:4B:93:60:F7:AA:68:94:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUk3Me_Mx0rVwnOHS5Ng96polGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/xMbA30gBKjHeRgfO5JswW1Q1v7M.roa
Signing time: Mon 01 Jan 2024 14:29:21 +0000
ROA not before: Mon 01 Jan 2024 14:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208376
IP address blocks: 45.141.228.0/24 maxlen: 24
45.141.230.0/24 maxlen: 24
45.141.229.0/24 maxlen: 24
2a0e:d0c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/KUk3Me_Mx0rVwnOHS5Ng96polGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/KUk3Me_Mx0rVwnOHS5Ng96polGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KUk3Me_Mx0rVwnOHS5Ng96polGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:df:1d:1e:04:d7:a8:bd:7a:93:81:f0:a3:c9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29493731efccc74ad5c273874b9360f7aa689465
Validity
Not Before: Jan 1 14:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4c6c0df48012a31de4607cee49b305b5435bfb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2c:6e:56:aa:18:99:3a:da:28:40:72:50:ec:
e7:7c:ba:ed:d1:36:6f:aa:88:8b:56:e8:52:1d:b1:
ab:2a:d3:8e:ab:c2:ba:94:6e:d0:3c:85:28:1f:5c:
85:ac:9d:79:3b:93:c6:ca:05:61:dc:6b:53:56:ba:
13:cf:e8:65:13:12:7a:17:50:9a:5d:f0:34:d3:51:
72:89:a6:f8:e5:d1:c9:1e:e1:64:06:38:c8:86:21:
cf:07:51:e1:8e:25:90:3b:70:c2:8c:a7:c2:9a:9f:
3b:43:13:5f:8c:83:1b:27:9d:cf:fb:f5:b5:ea:0b:
e2:3c:14:5e:42:a9:3f:7c:fe:02:13:06:34:1c:fe:
07:f3:02:29:72:2f:89:fe:74:46:8f:61:0d:88:c1:
79:f8:d7:72:49:6a:d5:2f:85:27:cf:e8:27:4f:f9:
8e:5c:8a:90:9e:62:c2:e8:23:c2:d9:11:a5:ac:f6:
d7:c5:69:bd:b0:39:b7:58:76:fd:2f:b3:ea:52:79:
75:08:92:7d:d9:63:6d:0c:73:7e:99:2e:a2:bb:ba:
2a:32:e1:ea:e1:cd:75:e7:d5:a8:f2:05:df:51:fd:
df:a7:65:5a:c5:25:c9:8c:fc:14:e0:a3:8d:4f:e4:
18:5b:55:f7:a5:c6:e3:90:99:c5:ba:4d:2b:c4:51:
f7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C6:C0:DF:48:01:2A:31:DE:46:07:CE:E4:9B:30:5B:54:35:BF:B3
X509v3 Authority Key Identifier:
keyid:29:49:37:31:EF:CC:C7:4A:D5:C2:73:87:4B:93:60:F7:AA:68:94:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUk3Me_Mx0rVwnOHS5Ng96polGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/xMbA30gBKjHeRgfO5JswW1Q1v7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/af4c09-c8c2-4893-a10b-0cd8a69729b7/1/KUk3Me_Mx0rVwnOHS5Ng96polGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.228.0-45.141.230.255
IPv6:
2a0e:d0c0::/29
Signature Algorithm: sha256WithRSAEncryption
c6:53:79:ba:06:7f:2b:5c:9f:7b:f4:d8:d4:41:b7:14:5c:a3:
28:f3:73:63:89:80:e6:8a:43:c9:51:26:99:d5:cc:49:bf:18:
6a:06:85:0e:9e:2d:34:b6:06:e0:52:8c:45:77:d9:36:d6:c2:
00:e3:f2:40:f5:ba:f2:c0:05:78:ea:11:a3:bf:26:16:4d:23:
05:a1:3c:ba:41:bd:1b:a8:f6:69:8f:d1:0d:35:c7:5c:42:50:
3b:80:ce:be:65:eb:cf:84:6d:d2:c4:ff:2c:76:8e:20:ef:37:
8e:ef:fb:e9:46:fe:d7:dd:c9:63:a6:4f:4d:d4:b8:e2:1a:fe:
d3:68:c3:49:75:2f:31:f6:77:37:86:37:f6:24:6e:33:0c:92:
1d:fc:65:4d:bb:0a:5b:e2:64:3f:c0:5c:9c:83:c7:20:96:6e:
cb:57:7c:b2:10:1c:26:7e:30:8b:8a:ab:9f:8b:88:40:aa:d1:
da:5c:94:c3:ee:be:1c:c6:64:3c:93:65:52:e7:23:bc:4b:a6:
45:ef:92:47:34:f6:6a:bd:0b:c3:d6:29:f4:4c:a1:da:80:ec:
29:64:ff:fb:00:65:25:f2:c8:16:25:af:3c:60:9d:eb:c9:16:
29:5b:82:59:f9:e1:88:5f:c3:f7:66:1a:00:e1:3c:b5:45:ff:
b4:25:c7:78
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFbd8dHgTXqL16k4Hwo8l+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NDkzNzMxZWZjY2M3NGFkNWMyNzM4NzRiOTM2MGY3YWE2
ODk0NjUwHhcNMjQwMTAxMTQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGM2YzBkZjQ4MDEyYTMxZGU0NjA3Y2VlNDliMzA1YjU0MzViZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyxuVqoYmTraKEByUOznfLrt0TZv
qoiLVuhSHbGrKtOOq8K6lG7QPIUoH1yFrJ15O5PGygVh3GtTVroTz+hlExJ6F1Ca
XfA001Fyiab45dHJHuFkBjjIhiHPB1HhjiWQO3DCjKfCmp87QxNfjIMbJ53P+/W1
6gviPBReQqk/fP4CEwY0HP4H8wIpci+J/nRGj2ENiMF5+NdySWrVL4Unz+gnT/mO
XIqQnmLC6CPC2RGlrPbXxWm9sDm3WHb9L7PqUnl1CJJ92WNtDHN+mS6iu7oqMuHq
4c1159Wo8gXfUf3fp2VaxSXJjPwU4KONT+QYW1X3pcbjkJnFuk0rxFH3hwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMTGwN9IASox3kYHzuSbMFtUNb+zMB8GA1UdIwQY
MBaAFClJNzHvzMdK1cJzh0uTYPeqaJRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VrM01lX014MHJWd25PSFM1Tmc5NnBvbEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9hZjRjMDktYzhjMi00ODkzLWExMGIt
MGNkOGE2OTcyOWI3LzEveE1iQTMwZ0JLakhlUmdmTzVKc3dXMVExdjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9hZjRjMDktYzhjMi00ODkzLWExMGItMGNkOGE2OTcyOWI3
LzEvS1VrM01lX014MHJWd25PSFM1Tmc5NnBvbEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAItjeQD
BAAtjeYwDQQCAAIwBwMFAyoO0MAwDQYJKoZIhvcNAQELBQADggEBAMZTeboGfytc
n3v02NRBtxRcoyjzc2OJgOaKQ8lRJpnVzEm/GGoGhQ6eLTS2BuBSjEV32TbWwgDj
8kD1uvLABXjqEaO/JhZNIwWhPLpBvRuo9mmP0Q01x1xCUDuAzr5l68+EbdLE/yx2
jiDvN47v++lG/tfdyWOmT03UuOIa/tNow0l1LzH2dzeGN/YkbjMMkh38ZU27Clvi
ZD/AXJyDxyCWbstXfLIQHCZ+MIuKq5+LiECq0dpclMPuvhzGZDyTZVLnI7xLpkXv
kkc09mq9C8PWKfRModqA7Clk//sAZSXyyBYlrzxgnevJFilbgln54Yhfw/dmGgDh
PLVF/7Qlx3g=
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:40:28 2024 by rpki-client on console-ams.rpki-client.org