Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/2b5fea-8f51-4ba1-bdcc-3ebcadabf0d8/1/X4ZGGSTJ6fNUIAN_GWncfJbb4qs.roa
File: X4ZGGSTJ6fNUIAN_GWncfJbb4qs.roa (raw, json)
Hash identifier: 370ubA+Ac8UB/5g2n5QSFisX9U2g7es7wwcxhpkicio=
Subject key identifier: 5F:86:46:19:24:C9:E9:F3:54:20:03:7F:19:69:DC:7C:96:DB:E2:AB
Certificate issuer: /CN=1127b8d5a5040209b8993bf2031789c3b2bab7c7
Certificate serial: 018CC4934C656D2D2691F90536A6D8193EE8
Authority key identifier: 11:27:B8:D5:A5:04:02:09:B8:99:3B:F2:03:17:89:C3:B2:BA:B7:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESe41aUEAgm4mTvyAxeJw7K6t8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/2b5fea-8f51-4ba1-bdcc-3ebcadabf0d8/1/X4ZGGSTJ6fNUIAN_GWncfJbb4qs.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43202
IP address blocks: 45.128.4.0/22 maxlen: 24
2a12:83c0::/32 maxlen: 32
2a12:83c5::/32 maxlen: 32
2a12:83c2::/32 maxlen: 32
2a12:83c3::/32 maxlen: 32
2a12:83c6::/32 maxlen: 32
2a12:83c1::/32 maxlen: 32
2a12:83c4::/32 maxlen: 32
2a12:83c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/2b5fea-8f51-4ba1-bdcc-3ebcadabf0d8/1/ESe41aUEAgm4mTvyAxeJw7K6t8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/2b5fea-8f51-4ba1-bdcc-3ebcadabf0d8/1/ESe41aUEAgm4mTvyAxeJw7K6t8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/ESe41aUEAgm4mTvyAxeJw7K6t8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:4c:65:6d:2d:26:91:f9:05:36:a6:d8:19:3e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1127b8d5a5040209b8993bf2031789c3b2bab7c7
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f86461924c9e9f35420037f1969dc7c96dbe2ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:69:f4:96:c7:8d:62:4c:91:5d:15:9e:39:3e:
70:0a:36:ff:7a:80:6d:44:cb:b0:3b:cf:cf:cf:3b:
07:2d:50:ba:80:ab:54:30:b2:82:00:3d:47:a5:39:
9f:55:66:9a:a1:c6:62:df:93:da:8a:11:9c:41:da:
81:bc:aa:75:80:38:2b:2d:a2:57:6d:71:8c:c5:18:
37:1c:a5:3e:7f:ed:e3:d0:3f:f2:60:10:e3:14:7b:
c5:3f:17:9b:f6:f1:c1:cf:56:a3:62:b8:ee:88:4d:
a0:82:30:a4:76:f4:47:f6:da:92:12:eb:a6:7d:29:
5b:6f:3a:31:1a:e9:7d:e5:c0:78:ed:55:da:48:58:
87:9f:f9:93:d3:db:6a:ac:64:dc:ee:5c:d5:f8:50:
69:60:32:0b:c5:f6:a4:f4:c9:73:45:70:ea:f7:0c:
a0:08:cb:07:6f:b5:25:2d:96:de:19:84:a0:d9:ae:
a5:f8:ac:e4:82:0d:16:59:83:13:71:b1:6a:95:2b:
72:11:00:8c:d5:ce:7f:66:40:88:83:fd:6c:43:a9:
64:75:27:e2:a8:a4:27:56:ca:b9:77:05:f6:cf:a0:
3d:7b:b0:6b:54:34:0b:07:ec:01:45:79:f9:d4:24:
06:48:63:c7:9e:84:8b:c3:51:b5:f3:95:ed:41:6e:
94:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:86:46:19:24:C9:E9:F3:54:20:03:7F:19:69:DC:7C:96:DB:E2:AB
X509v3 Authority Key Identifier:
keyid:11:27:B8:D5:A5:04:02:09:B8:99:3B:F2:03:17:89:C3:B2:BA:B7:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESe41aUEAgm4mTvyAxeJw7K6t8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/2b5fea-8f51-4ba1-bdcc-3ebcadabf0d8/1/X4ZGGSTJ6fNUIAN_GWncfJbb4qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/2b5fea-8f51-4ba1-bdcc-3ebcadabf0d8/1/ESe41aUEAgm4mTvyAxeJw7K6t8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.4.0/22
IPv6:
2a12:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
e8:f7:0b:63:01:95:db:e5:04:1d:d4:41:be:60:17:31:25:4a:
b4:7a:c6:21:9e:b9:b8:3f:c6:92:e4:ad:12:96:84:ba:45:7e:
90:51:15:46:25:3c:8e:6e:53:f1:e6:2c:8f:8b:98:22:b1:60:
89:3e:de:9d:53:c3:7b:96:2a:38:54:74:a6:63:cb:44:9f:2d:
85:d8:8e:23:d3:5a:a0:96:9d:ef:8e:99:44:f2:7b:58:31:58:
b6:a0:7a:5b:3f:95:85:65:c5:95:30:80:b6:9a:a0:5d:46:f7:
63:cf:0f:47:d5:52:12:51:f6:a5:e1:3a:f2:f9:9e:8a:b6:e0:
b0:f1:33:0d:2b:f7:c2:b1:6d:1a:ba:f8:38:9b:18:8b:96:7a:
75:84:c2:14:9f:e9:02:65:36:93:48:e8:f7:38:21:a5:82:4b:
4e:7e:b3:c6:16:98:7b:94:d3:66:ba:34:3d:9b:f4:d7:d8:ba:
82:38:37:5f:79:d6:4c:55:89:9e:00:b6:3c:61:82:23:b5:be:
73:14:19:7c:f4:e1:37:73:0c:46:9b:53:8d:d5:c3:70:dd:79:
19:a3:cb:74:71:9f:2a:56:d6:65:48:51:a7:f0:c7:03:c3:74:
39:dc:82:6f:69:fc:86:8c:4b:05:dd:cf:03:fb:87:1e:77:1c:
e4:6b:a1:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk0xlbS0mkfkFNqbYGT7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjdiOGQ1YTUwNDAyMDliODk5M2JmMjAzMTc4OWMzYjJi
YWI3YzcwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjg2NDYxOTI0YzllOWYzNTQyMDAzN2YxOTY5ZGM3Yzk2ZGJlMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2n0lseNYkyRXRWeOT5wCjb/eoBt
RMuwO8/PzzsHLVC6gKtUMLKCAD1HpTmfVWaaocZi35PaihGcQdqBvKp1gDgrLaJX
bXGMxRg3HKU+f+3j0D/yYBDjFHvFPxeb9vHBz1ajYrjuiE2ggjCkdvRH9tqSEuum
fSlbbzoxGul95cB47VXaSFiHn/mT09tqrGTc7lzV+FBpYDILxfak9MlzRXDq9wyg
CMsHb7UlLZbeGYSg2a6l+Kzkgg0WWYMTcbFqlStyEQCM1c5/ZkCIg/1sQ6lkdSfi
qKQnVsq5dwX2z6A9e7BrVDQLB+wBRXn51CQGSGPHnoSLw1G185XtQW6U+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF+GRhkkyenzVCADfxlp3HyW2+KrMB8GA1UdIwQY
MBaAFBEnuNWlBAIJuJk78gMXicOyurfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNlNDFhVUVBZ200bVR2eUF4ZUp3N0s2dDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yYjVmZWEtOGY1MS00YmExLWJkY2Mt
M2ViY2FkYWJmMGQ4LzEvWDRaR0dTVEo2Zk5VSUFOX0dXbmNmSmJiNHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8yYjVmZWEtOGY1MS00YmExLWJkY2MtM2ViY2FkYWJmMGQ4
LzEvRVNlNDFhVUVBZ200bVR2eUF4ZUp3N0s2dDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYAEMA0E
AgACMAcDBQMqEoPAMA0GCSqGSIb3DQEBCwUAA4IBAQDo9wtjAZXb5QQd1EG+YBcx
JUq0esYhnrm4P8aS5K0SloS6RX6QURVGJTyOblPx5iyPi5gisWCJPt6dU8N7lio4
VHSmY8tEny2F2I4j01qglp3vjplE8ntYMVi2oHpbP5WFZcWVMIC2mqBdRvdjzw9H
1VISUfal4Try+Z6KtuCw8TMNK/fCsW0auvg4mxiLlnp1hMIUn+kCZTaTSOj3OCGl
gktOfrPGFph7lNNmujQ9m/TX2LqCODdfedZMVYmeALY8YYIjtb5zFBl89OE3cwxG
m1ON1cNw3XkZo8t0cZ8qVtZlSFGn8McDw3Q53IJvafyGjEsF3c8D+4cedxzka6Gq
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:05:06 2024 by rpki-client on console-fra.rpki-client.org