Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/xZPi0VZa5oWvUKQfrpnsmMtXxkI.roa
File: xZPi0VZa5oWvUKQfrpnsmMtXxkI.roa (raw, json)
Hash identifier: eHUs9uM0Y/xpXym5j8yEaEOU2/lmD6cEfWjjFfu7Hwk=
Subject key identifier: C5:93:E2:D1:56:5A:E6:85:AF:50:A4:1F:AE:99:EC:98:CB:57:C6:42
Certificate issuer: /CN=ded7239db81d61f98d586383ccc125d66106cb30
Certificate serial: 018CC9BBF8AB903D0AB40F08B2870185463D
Authority key identifier: DE:D7:23:9D:B8:1D:61:F9:8D:58:63:83:CC:C1:25:D6:61:06:CB:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3tcjnbgdYfmNWGODzMEl1mEGyzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/xZPi0VZa5oWvUKQfrpnsmMtXxkI.roa
Signing time: Tue 02 Jan 2024 10:33:08 +0000
ROA not before: Tue 02 Jan 2024 10:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51827
IP address blocks: 45.151.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/3tcjnbgdYfmNWGODzMEl1mEGyzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/3tcjnbgdYfmNWGODzMEl1mEGyzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3tcjnbgdYfmNWGODzMEl1mEGyzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:f8:ab:90:3d:0a:b4:0f:08:b2:87:01:85:46:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ded7239db81d61f98d586383ccc125d66106cb30
Validity
Not Before: Jan 2 10:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c593e2d1565ae685af50a41fae99ec98cb57c642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5d:ba:d2:5c:85:b1:20:15:76:5f:ba:99:46:
40:42:ac:64:c3:4d:30:5b:b9:1c:55:96:2b:79:df:
7f:7c:12:45:11:23:7e:bf:3a:40:54:85:46:80:8f:
0e:9a:a8:19:b4:23:3d:2d:ea:6b:35:4e:98:64:3a:
6b:f3:e5:ee:6e:42:5a:69:97:3b:d4:e8:93:6a:08:
33:a2:6c:b5:f6:b8:f4:65:c1:ad:26:48:3c:b6:00:
71:33:86:6b:54:19:ac:c2:3e:25:a8:c9:7b:06:fb:
97:da:3f:d9:40:10:e1:e1:5f:f2:03:f9:bb:27:0d:
9d:78:59:1e:ec:03:3a:9f:1f:e9:42:02:22:89:ce:
a8:1c:35:22:ee:06:20:b2:09:69:d5:cd:12:d1:87:
91:5c:5f:50:d9:1e:75:b2:2e:ff:22:b9:0e:16:8c:
86:20:61:0c:61:f1:b8:6e:55:05:02:37:2e:9f:b3:
4e:5e:19:43:5e:b0:a1:25:ca:de:56:30:ea:33:f1:
3f:b5:df:c4:b2:2a:fe:f2:18:07:ba:df:92:85:10:
80:ac:50:14:65:77:25:9b:70:62:e5:ac:3a:09:01:
8f:02:11:63:a8:09:c5:ac:13:85:ec:b1:a3:12:3b:
ab:3a:30:12:2f:a5:9d:f7:37:b4:ff:8b:8a:24:e7:
eb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:93:E2:D1:56:5A:E6:85:AF:50:A4:1F:AE:99:EC:98:CB:57:C6:42
X509v3 Authority Key Identifier:
keyid:DE:D7:23:9D:B8:1D:61:F9:8D:58:63:83:CC:C1:25:D6:61:06:CB:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tcjnbgdYfmNWGODzMEl1mEGyzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/xZPi0VZa5oWvUKQfrpnsmMtXxkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b6c426-76d5-4a82-9b5f-856b65c75c26/1/3tcjnbgdYfmNWGODzMEl1mEGyzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.243.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:6d:67:ac:74:53:0f:78:68:a3:24:a0:43:7e:90:55:a4:01:
ae:fa:fe:d3:b2:d9:26:e4:25:31:77:77:97:7b:7a:fe:6f:cd:
1a:05:66:b7:42:2b:fd:7a:fd:8c:81:7d:53:16:05:0a:7f:de:
2a:ea:34:83:68:8d:31:5a:1f:08:55:46:d5:d9:5c:54:08:db:
b2:5b:2a:e2:46:cc:49:12:37:e2:9f:80:e7:ea:fc:e6:ac:2d:
96:dd:58:48:33:e8:a3:3a:87:52:62:74:7a:5b:c5:84:d7:b4:
f5:a9:de:be:7c:2c:95:cf:1a:00:1a:5b:b7:d0:82:f7:6e:48:
47:1d:b6:03:84:61:41:7f:59:82:ab:1a:0b:f8:29:03:ed:ed:
95:b3:b3:04:80:d9:f5:a8:ae:1b:9e:27:c7:1b:e7:21:db:7b:
a6:ec:ff:28:6f:83:04:70:84:bb:25:e4:e9:9a:a5:ab:75:1b:
ea:5e:0a:ea:8e:cd:e3:f6:2c:ac:59:ba:19:a1:c1:14:a9:e8:
c8:a4:64:80:03:15:9d:29:5e:8c:fa:bf:44:87:9a:65:c2:a2:
87:dc:58:d9:65:e1:0f:4d:99:4e:ab:ff:b0:49:58:ca:c7:ff:
f6:be:f0:84:ee:0d:68:32:34:35:60:49:3d:58:96:2c:d0:16:
ef:c9:13:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu/irkD0KtA8IsocBhUY9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZDcyMzlkYjgxZDYxZjk4ZDU4NjM4M2NjYzEyNWQ2NjEw
NmNiMzAwHhcNMjQwMTAyMTAzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTkzZTJkMTU2NWFlNjg1YWY1MGE0MWZhZTk5ZWM5OGNiNTdjNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxF260lyFsSAVdl+6mUZAQqxkw00w
W7kcVZYred9/fBJFESN+vzpAVIVGgI8OmqgZtCM9LeprNU6YZDpr8+XubkJaaZc7
1OiTaggzomy19rj0ZcGtJkg8tgBxM4ZrVBmswj4lqMl7BvuX2j/ZQBDh4V/yA/m7
Jw2deFke7AM6nx/pQgIiic6oHDUi7gYgsglp1c0S0YeRXF9Q2R51si7/IrkOFoyG
IGEMYfG4blUFAjcun7NOXhlDXrChJcreVjDqM/E/td/Esir+8hgHut+ShRCArFAU
ZXclm3Bi5aw6CQGPAhFjqAnFrBOF7LGjEjurOjASL6Wd9ze0/4uKJOfrdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWT4tFWWuaFr1CkH66Z7JjLV8ZCMB8GA1UdIwQY
MBaAFN7XI524HWH5jVhjg8zBJdZhBsswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Rjam5iZ2RZZm1OV0dPRHpNRWwxbUVHeXpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iNmM0MjYtNzZkNS00YTgyLTliNWYt
ODU2YjY1Yzc1YzI2LzEveFpQaTBWWmE1b1d2VUtRZnJwbnNtTXRYeGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iNmM0MjYtNzZkNS00YTgyLTliNWYtODU2YjY1Yzc1YzI2
LzEvM3Rjam5iZ2RZZm1OV0dPRHpNRWwxbUVHeXpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZfzMA0G
CSqGSIb3DQEBCwUAA4IBAQC4bWesdFMPeGijJKBDfpBVpAGu+v7Tstkm5CUxd3eX
e3r+b80aBWa3Qiv9ev2MgX1TFgUKf94q6jSDaI0xWh8IVUbV2VxUCNuyWyriRsxJ
Ejfin4Dn6vzmrC2W3VhIM+ijOodSYnR6W8WE17T1qd6+fCyVzxoAGlu30IL3bkhH
HbYDhGFBf1mCqxoL+CkD7e2Vs7MEgNn1qK4bnifHG+ch23um7P8ob4MEcIS7JeTp
mqWrdRvqXgrqjs3j9iysWboZocEUqejIpGSAAxWdKV6M+r9Eh5plwqKH3FjZZeEP
TZlOq/+wSVjKx//2vvCE7g1oMjQ1YEk9WJYs0BbvyRNj
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:12:58 2024 by rpki-client on console-ams.rpki-client.org