Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/xbEhFMe96Lq98oM2kaTSxYoflQo.roa
File: xbEhFMe96Lq98oM2kaTSxYoflQo.roa (raw, json)
Hash identifier: TG0r6adK5rxJjOXHHJZ61hb/iZXi4XWRAs1u1uQ8odg=
Subject key identifier: C5:B1:21:14:C7:BD:E8:BA:BD:F2:83:36:91:A4:D2:C5:8A:1F:95:0A
Certificate issuer: /CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Certificate serial: 01942067D10917F9C244E477317298781874
Authority key identifier: 36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/xbEhFMe96Lq98oM2kaTSxYoflQo.roa
Signing time: Wed 01 Jan 2025 05:47:42 +0000
ROA not before: Wed 01 Jan 2025 05:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203059
IP address blocks: 45.91.120.0/24 maxlen: 24
45.95.211.0/24 maxlen: 24
91.218.77.0/24 maxlen: 24
134.255.242.0/24 maxlen: 24
178.16.230.0/23 maxlen: 24
185.53.33.0/24 maxlen: 24
185.231.228.0/22 maxlen: 24
185.234.101.0/24 maxlen: 24
185.253.62.0/23 maxlen: 24
194.156.132.0/23 maxlen: 24
194.156.150.0/23 maxlen: 24
2a13:5080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d1:09:17:f9:c2:44:e4:77:31:72:98:78:18:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Validity
Not Before: Jan 1 05:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5b12114c7bde8babdf2833691a4d2c58a1f950a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a7:96:84:47:02:05:0f:5b:65:0e:71:4a:bf:
4f:de:ef:03:59:ed:a8:00:3d:55:e4:15:0a:e7:4f:
7c:d1:e6:bb:5a:16:ba:5a:14:01:e2:e1:c2:e9:82:
31:98:07:09:3e:3e:90:2b:0b:94:55:eb:5b:fd:bc:
8e:57:74:35:04:13:32:f5:20:a3:d1:8b:24:69:f0:
c8:80:e1:60:48:83:42:61:b0:e0:49:a0:41:9c:1b:
bf:ae:ab:df:a3:40:e8:eb:1d:35:5f:9c:f2:c3:69:
47:31:0a:88:0b:e9:50:88:19:fb:fb:a6:2a:fd:a4:
9c:be:a6:c7:3b:02:0f:d3:2a:41:6f:33:27:58:1b:
54:b8:bb:da:7a:4c:23:98:84:71:93:2c:b6:36:6c:
b0:b7:d7:b5:63:cd:34:f3:1c:b8:c7:88:56:cf:39:
ba:36:e8:25:f9:4d:3f:7f:35:01:1b:e1:88:42:4d:
00:51:44:10:71:c1:93:a5:b0:a2:6e:01:15:f4:9e:
d6:9d:5e:d8:fa:08:d4:8d:c3:a1:73:a1:c7:85:a0:
e1:2f:f3:23:92:c9:a3:da:ae:c4:70:cb:5f:3e:32:
63:a2:74:8e:c1:96:6e:be:0e:60:a1:0f:1b:1f:84:
f4:75:b7:df:b0:4d:65:14:cc:0d:7b:db:17:e6:9b:
77:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B1:21:14:C7:BD:E8:BA:BD:F2:83:36:91:A4:D2:C5:8A:1F:95:0A
X509v3 Authority Key Identifier:
keyid:36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/xbEhFMe96Lq98oM2kaTSxYoflQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.120.0/24
45.95.211.0/24
91.218.77.0/24
134.255.242.0/24
178.16.230.0/23
185.53.33.0/24
185.231.228.0/22
185.234.101.0/24
185.253.62.0/23
194.156.132.0/23
194.156.150.0/23
IPv6:
2a13:5080::/29
Signature Algorithm: sha256WithRSAEncryption
2a:ab:64:bc:c5:de:99:8e:8c:47:66:ea:fe:84:63:da:b6:b7:
32:2d:58:07:b4:0c:b3:f3:e0:03:ea:f4:f2:87:6a:1e:98:61:
11:f6:50:0f:d5:cc:ff:b9:33:a2:f6:94:87:ab:f6:ab:fe:78:
df:8a:db:aa:db:e6:ad:f7:ba:72:9e:df:91:22:cd:bb:3b:1b:
e8:8d:3d:0d:c1:3d:79:b6:d3:6a:c1:06:3e:84:70:2e:c6:2f:
03:9d:5a:3e:2e:e9:82:7b:fa:ed:58:e8:a4:86:24:2c:c1:54:
6e:4b:24:84:84:4d:ea:44:c8:72:d8:f1:43:62:db:85:21:6c:
99:07:f0:ff:d2:78:44:27:ee:d3:8f:b7:26:8f:bf:a4:67:c1:
55:24:b6:d8:a6:d8:9d:5f:08:b6:e7:99:b2:b7:9c:a8:a4:7a:
73:17:44:36:2c:7a:bd:f1:b8:ec:80:55:7f:dc:0b:f2:8f:0a:
22:f1:fd:74:32:19:8c:9f:9a:a4:02:7a:79:a7:cc:e2:bb:dd:
56:29:31:7b:38:62:5f:af:af:6b:63:cb:fb:0e:f4:41:33:d1:
56:bc:04:d2:22:d5:21:f8:bb:41:23:da:04:9c:6c:f9:2c:82:
c8:b2:9a:9f:a7:e1:19:96:95:ba:1d:1f:0d:85:f1:bf:49:ef:
71:0c:51:32
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQgZ9EJF/nCROR3MXKYeBh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzNjNDU2NTc0M2FlNTdiZDJhZWE5YTM2M2MyYjNjM2Uy
NTBmNzIwHhcNMjUwMTAxMDU0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWIxMjExNGM3YmRlOGJhYmRmMjgzMzY5MWE0ZDJjNThhMWY5NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaeWhEcCBQ9bZQ5xSr9P3u8DWe2o
AD1V5BUK50980ea7Wha6WhQB4uHC6YIxmAcJPj6QKwuUVetb/byOV3Q1BBMy9SCj
0YskafDIgOFgSINCYbDgSaBBnBu/rqvfo0Do6x01X5zyw2lHMQqIC+lQiBn7+6Yq
/aScvqbHOwIP0ypBbzMnWBtUuLvaekwjmIRxkyy2Nmywt9e1Y8008xy4x4hWzzm6
Nugl+U0/fzUBG+GIQk0AUUQQccGTpbCibgEV9J7WnV7Y+gjUjcOhc6HHhaDhL/Mj
ksmj2q7EcMtfPjJjonSOwZZuvg5goQ8bH4T0dbffsE1lFMwNe9sX5pt3UwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFMWxIRTHvei6vfKDNpGk0sWKH5UKMB8GA1UdIwQY
MBaAFDbDxFZXQ65XvSrqmjY8Kzw+JQ9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQt
YTU3NDlkMjM0NmU3LzEveGJFaEZNZTk2THE5OG9NMmthVFN4WW9mbFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQtYTU3NDlkMjM0NmU3
LzEvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQALVt4AwQA
LV/TAwQAW9pNAwQAhv/yAwQBshDmAwQAuTUhAwQCuefkAwQAueplAwQBuf0+AwQB
wpyEAwQBwpyWMA0EAgACMAcDBQMqE1CAMA0GCSqGSIb3DQEBCwUAA4IBAQAqq2S8
xd6ZjoxHZur+hGPatrcyLVgHtAyz8+AD6vTyh2oemGER9lAP1cz/uTOi9pSHq/ar
/njfituq2+at97pynt+RIs27OxvojT0NwT15ttNqwQY+hHAuxi8DnVo+LumCe/rt
WOikhiQswVRuSySEhE3qRMhy2PFDYtuFIWyZB/D/0nhEJ+7Tj7cmj7+kZ8FVJLbY
ptidXwi255myt5yopHpzF0Q2LHq98bjsgFV/3Avyjwoi8f10MhmMn5qkAnp5p8zi
u91WKTF7OGJfr69rY8v7DvRBM9FWvATSItUh+LtBI9oEnGz5LILIspqfp+EZlpW6
HR8NhfG/Se9xDFEy
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:08 2025 by rpki-client