Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/xik6KpoZJdqhal-zxXTczkhUcGg.roa
File: xik6KpoZJdqhal-zxXTczkhUcGg.roa (raw, json)
Hash identifier: 7rFvZAA0YipF47Ng4kpfiukpxycw1AwAW8S5G18dLPE=
Subject key identifier: C6:29:3A:2A:9A:19:25:DA:A1:6A:5F:B3:C5:74:DC:CE:48:54:70:68
Certificate issuer: /CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9
Certificate serial: 018CC5DC02CED115A9148DFBBBA1E6E16410
Authority key identifier: 4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/xik6KpoZJdqhal-zxXTczkhUcGg.roa
Signing time: Mon 01 Jan 2024 16:29:39 +0000
ROA not before: Mon 01 Jan 2024 16:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199255
IP address blocks: 185.4.249.0/24 maxlen: 24
185.4.248.0/24 maxlen: 24
185.4.251.0/24 maxlen: 24
2a02:6840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:02:ce:d1:15:a9:14:8d:fb:bb:a1:e6:e1:64:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9
Validity
Not Before: Jan 1 16:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6293a2a9a1925daa16a5fb3c574dcce48547068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d1:a0:55:6f:97:32:09:60:b0:96:84:0b:02:
fa:f3:c5:b6:95:c2:02:76:c0:48:0c:ee:2b:b4:23:
2c:20:be:0a:e6:36:54:c5:60:24:f8:33:b7:5d:58:
81:eb:4b:ea:f3:45:e8:3e:f0:e4:7d:da:cd:40:ef:
58:1a:44:63:a2:6f:45:7e:5c:93:db:e0:03:54:c9:
02:c2:4d:c7:8a:97:1f:bc:bd:5e:56:c1:4f:89:fd:
95:a2:7b:03:9c:e3:47:3b:73:f5:b3:64:2f:aa:59:
59:35:ce:70:3d:1c:dc:95:ef:4f:7f:a2:68:4c:41:
43:3b:8b:39:04:51:25:1a:b0:94:f5:dd:02:9c:db:
93:93:44:52:a2:aa:b8:33:0b:ca:f0:46:59:8c:d2:
59:06:46:74:13:7f:b4:da:eb:3b:6e:78:ba:6d:1c:
ee:45:04:a6:e2:83:84:aa:5b:ea:4b:a7:51:7a:65:
8b:77:2d:dc:43:b2:58:e6:20:2a:cd:01:d9:e7:ec:
22:15:58:fe:44:d1:b2:55:cd:fa:5a:39:30:39:57:
a4:49:41:ea:c7:90:7b:18:a6:cf:91:8d:ea:87:e0:
2c:d4:c9:f3:1b:a2:26:83:90:e6:a4:99:5a:60:41:
f7:cc:d1:93:8a:d1:63:63:63:e0:30:bd:a4:7a:9f:
46:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:29:3A:2A:9A:19:25:DA:A1:6A:5F:B3:C5:74:DC:CE:48:54:70:68
X509v3 Authority Key Identifier:
keyid:4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/xik6KpoZJdqhal-zxXTczkhUcGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.248.0/23
185.4.251.0/24
IPv6:
2a02:6840::/32
Signature Algorithm: sha256WithRSAEncryption
50:d6:5b:0c:0c:07:4e:2d:04:53:39:b1:6e:73:5a:87:63:c7:
ff:94:a1:92:30:7c:8b:20:71:ec:59:c2:d0:28:21:fe:36:62:
c9:56:20:39:75:cf:79:d2:13:3e:bf:23:75:ad:a6:36:53:27:
9f:3a:b7:70:11:7f:a5:07:3e:af:a9:c9:79:4f:d6:6a:59:10:
a8:37:4d:df:21:b7:0a:64:84:cb:4b:4f:f7:1f:50:01:08:ef:
8c:d7:31:c6:5d:7d:d6:8d:79:24:36:af:df:32:af:7c:e5:4a:
99:4d:c6:f9:cc:78:ac:35:fc:8e:b9:8a:56:81:d8:d7:2d:83:
8f:15:3d:0c:5b:d1:8e:94:b5:b6:d5:ac:b5:20:fb:18:35:32:
56:1b:b1:9f:03:10:9f:89:65:4e:2e:27:4a:4d:58:e8:8b:73:
7c:59:5d:c8:1a:77:32:d0:48:bf:7b:0e:95:52:e9:47:0f:87:
8b:8c:33:f6:ef:9f:8b:b0:bb:aa:4f:7e:90:da:14:2d:5c:0d:
25:87:01:96:b8:96:cb:28:d2:40:43:e8:4d:5f:a4:c0:41:bb:
08:38:d8:36:c8:d0:f8:84:4e:b1:1a:3d:fb:22:d7:05:69:9c:
cd:37:4a:36:cb:80:65:6e:63:3d:7f:6e:88:d3:20:a4:79:8e:
79:80:c2:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3ALO0RWpFI37u6Hm4WQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMmEyOTlmMTgyYTFmZDUxZDRiMDM2Mjk5N2FmN2FhYWUw
ZDZiZTkwHhcNMjQwMTAxMTYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjI5M2EyYTlhMTkyNWRhYTE2YTVmYjNjNTc0ZGNjZTQ4NTQ3MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNGgVW+XMglgsJaECwL688W2lcIC
dsBIDO4rtCMsIL4K5jZUxWAk+DO3XViB60vq80XoPvDkfdrNQO9YGkRjom9FflyT
2+ADVMkCwk3HipcfvL1eVsFPif2VonsDnONHO3P1s2QvqllZNc5wPRzcle9Pf6Jo
TEFDO4s5BFElGrCU9d0CnNuTk0RSoqq4MwvK8EZZjNJZBkZ0E3+02us7bni6bRzu
RQSm4oOEqlvqS6dRemWLdy3cQ7JY5iAqzQHZ5+wiFVj+RNGyVc36WjkwOVekSUHq
x5B7GKbPkY3qh+As1MnzG6Img5DmpJlaYEH3zNGTitFjY2PgML2kep9GuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMYpOiqaGSXaoWpfs8V03M5IVHBoMB8GA1UdIwQY
MBaAFE4qKZ8YKh/VHUsDYpl696quDWvpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAt
ZjJjZTc3ZTMxOTFlLzEveGlrNktwb1pKZHFoYWwtenhYVGN6a2hVY0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAtZjJjZTc3ZTMxOTFl
LzEvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuQT4AwQA
uQT7MA0EAgACMAcDBQAqAmhAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ1lsMDAdOLQRT
ObFuc1qHY8f/lKGSMHyLIHHsWcLQKCH+NmLJViA5dc950hM+vyN1raY2UyefOrdw
EX+lBz6vqcl5T9ZqWRCoN03fIbcKZITLS0/3H1ABCO+M1zHGXX3WjXkkNq/fMq98
5UqZTcb5zHisNfyOuYpWgdjXLYOPFT0MW9GOlLW21ay1IPsYNTJWG7GfAxCfiWVO
LidKTVjoi3N8WV3IGncy0Ei/ew6VUulHD4eLjDP275+LsLuqT36Q2hQtXA0lhwGW
uJbLKNJAQ+hNX6TAQbsIONg2yND4hE6xGj37ItcFaZzNN0o2y4BlbmM9f26I0yCk
eY55gMKC
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:34:07 2024 by rpki-client on console-ams.rpki-client.org