Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/925d4a-f5f4-4299-a829-152a59479e69/1/XNg3V6skgnUdwji4HDmeLucTJJ4.roa
File: XNg3V6skgnUdwji4HDmeLucTJJ4.roa (raw, json)
Hash identifier: qnAgrpJ+ZKqzAA5xY5D8xebgI5BeDiOXhSJeH55tarQ=
Subject key identifier: 5C:D8:37:57:AB:24:82:75:1D:C2:38:B8:1C:39:9E:2E:E7:13:24:9E
Certificate issuer: /CN=36aafa5c3f2f8e4a083f81f0cb87bc7aea44891f
Certificate serial: 018CC42500A866BC5AE4CBB5C9E76780DA91
Authority key identifier: 36:AA:FA:5C:3F:2F:8E:4A:08:3F:81:F0:CB:87:BC:7A:EA:44:89:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nqr6XD8vjkoIP4Hwy4e8eupEiR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/925d4a-f5f4-4299-a829-152a59479e69/1/XNg3V6skgnUdwji4HDmeLucTJJ4.roa
Signing time: Mon 01 Jan 2024 08:30:08 +0000
ROA not before: Mon 01 Jan 2024 08:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51458
IP address blocks: 45.155.176.0/22 maxlen: 24
91.217.168.0/24 maxlen: 24
2001:67c:2844::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/925d4a-f5f4-4299-a829-152a59479e69/1/Nqr6XD8vjkoIP4Hwy4e8eupEiR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/925d4a-f5f4-4299-a829-152a59479e69/1/Nqr6XD8vjkoIP4Hwy4e8eupEiR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nqr6XD8vjkoIP4Hwy4e8eupEiR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:00:a8:66:bc:5a:e4:cb:b5:c9:e7:67:80:da:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36aafa5c3f2f8e4a083f81f0cb87bc7aea44891f
Validity
Not Before: Jan 1 08:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cd83757ab2482751dc238b81c399e2ee713249e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:65:fb:ce:b9:d4:ec:35:ea:f1:59:07:48:c4:
16:1f:ed:93:81:78:f3:dc:c6:07:fc:a8:b3:27:ca:
c0:b0:5a:24:c8:99:97:73:61:03:d5:e8:41:6a:19:
66:98:ed:47:ad:c9:23:a6:7b:dd:f1:08:6b:13:f4:
d7:0e:ff:0b:35:05:3f:42:4d:29:06:73:35:51:70:
95:cb:b5:3d:00:61:19:2d:19:f0:52:f7:74:42:a6:
b4:be:52:5e:9e:fd:ac:57:03:50:f0:1b:6e:ae:58:
c3:c4:c7:06:64:32:0d:b4:b5:d3:8f:9e:d4:01:fa:
3d:36:be:8b:e5:c2:56:d2:78:de:b3:cb:05:43:3b:
f2:5f:85:36:8c:ba:26:f7:91:3d:4e:0e:74:18:18:
06:d3:1c:f2:3d:43:4f:3b:fc:14:79:60:0e:11:16:
37:78:10:5a:8c:e2:29:b6:31:78:c0:7b:75:84:7d:
fe:fd:07:56:65:d5:0d:a6:b6:4c:8d:f2:c6:75:8a:
10:a8:f3:3d:a9:61:99:ec:68:d4:44:15:ff:03:57:
3a:00:a2:e2:16:24:ba:12:da:86:42:0d:cd:68:89:
78:6f:7d:f2:d7:14:51:75:b7:cd:bb:f0:85:84:0f:
d1:8f:cc:b0:f7:57:c0:f0:63:f1:e8:60:cc:00:4a:
0f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D8:37:57:AB:24:82:75:1D:C2:38:B8:1C:39:9E:2E:E7:13:24:9E
X509v3 Authority Key Identifier:
keyid:36:AA:FA:5C:3F:2F:8E:4A:08:3F:81:F0:CB:87:BC:7A:EA:44:89:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nqr6XD8vjkoIP4Hwy4e8eupEiR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/925d4a-f5f4-4299-a829-152a59479e69/1/XNg3V6skgnUdwji4HDmeLucTJJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/925d4a-f5f4-4299-a829-152a59479e69/1/Nqr6XD8vjkoIP4Hwy4e8eupEiR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.176.0/22
91.217.168.0/24
IPv6:
2001:67c:2844::/48
Signature Algorithm: sha256WithRSAEncryption
71:54:67:b6:5f:85:5c:03:5f:28:51:e4:db:8c:f3:c3:60:15:
60:15:ca:8b:d5:90:da:c2:de:f8:84:c0:2e:d5:2e:a3:da:1d:
f1:f6:b7:9c:d8:92:d7:55:ba:f0:25:12:2e:96:73:d0:4b:bf:
61:5c:f3:d3:d4:35:a1:5b:0b:64:1c:37:de:c7:b4:10:b8:64:
e9:1a:c1:61:31:13:88:78:34:be:71:81:18:bf:9e:b7:a2:48:
e7:e3:df:1d:c5:f2:8b:b8:79:8b:0c:5d:c1:45:57:99:d2:ee:
c5:1b:17:96:e8:7d:58:45:09:fd:bc:7a:63:d0:d0:d4:b3:28:
ff:ba:9a:e1:68:c5:c3:55:3a:59:f7:41:32:35:91:5e:ea:e9:
57:af:e5:35:00:41:88:c0:a4:e4:c5:f7:65:47:97:fa:d9:ba:
57:00:b1:43:e8:b1:a6:4d:27:8c:c4:21:f8:e3:d3:bd:0a:4f:
b0:0d:41:1a:9b:74:9e:42:14:b6:76:ca:42:02:bf:d5:63:75:
2a:49:01:a2:9b:c9:8e:4b:74:99:f6:16:f4:ef:22:be:d5:16:
3d:5c:89:b3:d9:bd:83:69:9a:fc:91:5c:c8:e7:26:cd:e2:33:
f1:cd:e5:93:a4:12:56:89:ec:ed:3a:d2:ea:c7:d8:a1:c1:1c:
f5:0f:7d:96
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEJQCoZrxa5Mu1yedngNqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YWFmYTVjM2YyZjhlNGEwODNmODFmMGNiODdiYzdhZWE0
NDg5MWYwHhcNMjQwMTAxMDgzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Q4Mzc1N2FiMjQ4Mjc1MWRjMjM4YjgxYzM5OWUyZWU3MTMyNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWX7zrnU7DXq8VkHSMQWH+2TgXjz
3MYH/KizJ8rAsFokyJmXc2ED1ehBahlmmO1Hrckjpnvd8QhrE/TXDv8LNQU/Qk0p
BnM1UXCVy7U9AGEZLRnwUvd0Qqa0vlJenv2sVwNQ8BturljDxMcGZDINtLXTj57U
Afo9Nr6L5cJW0njes8sFQzvyX4U2jLom95E9Tg50GBgG0xzyPUNPO/wUeWAOERY3
eBBajOIptjF4wHt1hH3+/QdWZdUNprZMjfLGdYoQqPM9qWGZ7GjURBX/A1c6AKLi
FiS6EtqGQg3NaIl4b33y1xRRdbfNu/CFhA/Rj8yw91fA8GPx6GDMAEoP6QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFzYN1erJIJ1HcI4uBw5ni7nEySeMB8GA1UdIwQY
MBaAFDaq+lw/L45KCD+B8MuHvHrqRIkfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnFyNlhEOHZqa29JUDRId3k0ZThldXBFaVI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85MjVkNGEtZjVmNC00Mjk5LWE4Mjkt
MTUyYTU5NDc5ZTY5LzEvWE5nM1Y2c2tnblVkd2ppNEhEbWVMdWNUSko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85MjVkNGEtZjVmNC00Mjk5LWE4MjktMTUyYTU5NDc5ZTY5
LzEvTnFyNlhEOHZqa29JUDRId3k0ZThldXBFaVI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCLZuwAwQA
W9moMA8EAgACMAkDBwAgAQZ8KEQwDQYJKoZIhvcNAQELBQADggEBAHFUZ7ZfhVwD
XyhR5NuM88NgFWAVyovVkNrC3viEwC7VLqPaHfH2t5zYktdVuvAlEi6Wc9BLv2Fc
89PUNaFbC2QcN97HtBC4ZOkawWExE4h4NL5xgRi/nreiSOfj3x3F8ou4eYsMXcFF
V5nS7sUbF5bofVhFCf28emPQ0NSzKP+6muFoxcNVOln3QTI1kV7q6Vev5TUAQYjA
pOTF92VHl/rZulcAsUPosaZNJ4zEIfjj070KT7ANQRqbdJ5CFLZ2ykICv9VjdSpJ
AaKbyY5LdJn2FvTvIr7VFj1cibPZvYNpmvyRXMjnJs3iM/HN5ZOkElaJ7O060urH
2KHBHPUPfZY=
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:27:05 2024 by rpki-client on console-ams.rpki-client.org