Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/XhvE_-V-P2DMeuaayoFZaUj5MSk.roa
File: XhvE_-V-P2DMeuaayoFZaUj5MSk.roa (raw, json)
Hash identifier: 59ONQCemP82H4LTJRSRNsbPP/xobZkBrt/OpveCGz/A=
Subject key identifier: 5E:1B:C4:FF:E5:7E:3F:60:CC:7A:E6:9A:CA:81:59:69:48:F9:31:29
Certificate issuer: /CN=dc0e25e17a51696923a5c02966787409aac9aa36
Certificate serial: 018CC726BCF0BECBADADEF508ED6431F0F96
Authority key identifier: DC:0E:25:E1:7A:51:69:69:23:A5:C0:29:66:78:74:09:AA:C9:AA:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3A4l4XpRaWkjpcApZnh0CarJqjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/XhvE_-V-P2DMeuaayoFZaUj5MSk.roa
Signing time: Mon 01 Jan 2024 22:30:53 +0000
ROA not before: Mon 01 Jan 2024 22:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42521
IP address blocks: 37.230.201.0/24 maxlen: 24
212.86.99.0/24 maxlen: 24
2a13:b200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/3A4l4XpRaWkjpcApZnh0CarJqjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/3A4l4XpRaWkjpcApZnh0CarJqjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3A4l4XpRaWkjpcApZnh0CarJqjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:bc:f0:be:cb:ad:ad:ef:50:8e:d6:43:1f:0f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc0e25e17a51696923a5c02966787409aac9aa36
Validity
Not Before: Jan 1 22:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e1bc4ffe57e3f60cc7ae69aca81596948f93129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:85:41:59:0e:6a:f2:96:a7:4c:c2:1e:2a:bb:
09:47:ab:b5:ae:dd:72:7d:0a:12:8a:75:20:fc:25:
e3:34:4d:1a:55:62:c6:8c:20:39:b9:89:a6:f5:75:
b4:b2:ab:be:7f:c9:69:dd:fa:10:4b:ae:2b:8d:b5:
e4:99:05:3b:d4:b4:0c:a9:cc:06:62:e6:cc:00:03:
39:e3:5c:4d:e2:8b:02:59:32:ee:75:33:30:2b:a3:
d4:32:59:67:07:d1:0e:3b:41:0b:d9:f4:ce:02:48:
6c:4f:12:8b:35:0d:13:f6:20:02:48:f8:b1:8b:b3:
8f:71:0b:f6:2f:34:7c:41:f9:1d:9b:37:e6:42:c2:
55:4f:04:30:91:a9:97:e0:8f:60:73:ff:7f:8e:42:
00:33:84:ea:13:ae:00:2d:7a:72:61:a6:1a:b8:ca:
04:89:7c:2c:e7:b1:af:2d:3b:db:13:ae:27:ba:e7:
06:49:fc:28:e7:bc:03:72:f5:7f:bc:f1:f3:97:07:
6a:f7:fd:f7:fa:da:6b:85:61:ef:d1:51:9b:cb:1a:
dd:2d:66:1c:9d:a6:45:80:fd:be:94:aa:52:90:d8:
4b:ee:5f:0c:0d:9f:a5:c6:de:ba:3f:2e:f0:13:9d:
2c:a4:ee:02:4b:9c:fb:64:ce:ab:99:65:d4:d5:31:
c3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1B:C4:FF:E5:7E:3F:60:CC:7A:E6:9A:CA:81:59:69:48:F9:31:29
X509v3 Authority Key Identifier:
keyid:DC:0E:25:E1:7A:51:69:69:23:A5:C0:29:66:78:74:09:AA:C9:AA:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3A4l4XpRaWkjpcApZnh0CarJqjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/XhvE_-V-P2DMeuaayoFZaUj5MSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/2cc46c-8c51-4330-b623-1835cc8a1d9d/1/3A4l4XpRaWkjpcApZnh0CarJqjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.201.0/24
212.86.99.0/24
IPv6:
2a13:b200::/29
Signature Algorithm: sha256WithRSAEncryption
06:cf:92:0c:ed:66:6f:9c:f8:9e:e4:31:46:1d:43:81:fc:ff:
22:07:e4:34:f5:9f:c5:07:ab:14:6c:1e:72:22:78:7e:1d:25:
ca:78:cb:e2:96:89:42:06:ac:1f:33:4d:60:c1:ae:b6:e6:aa:
75:46:da:d3:55:04:91:e4:79:61:28:de:61:51:92:25:b1:2f:
25:e5:e2:36:27:04:5f:cb:fd:df:f8:85:83:4d:05:0d:9a:60:
79:71:92:4d:2e:f6:50:9a:0a:a7:e3:37:80:c9:0d:aa:4d:70:
bb:24:54:91:03:90:a8:f6:88:86:8c:42:b5:3b:cb:0a:c2:e9:
06:2a:f3:20:f8:20:b1:3a:b4:ed:04:aa:da:6f:b3:a5:66:35:
42:7b:76:99:b1:40:10:0a:ec:9f:e7:86:b0:98:77:15:07:3f:
7a:03:2f:f2:27:06:e6:d6:25:89:50:52:dd:ff:83:b1:d2:7c:
f9:ef:b1:21:a9:99:63:38:b4:52:66:97:96:09:15:09:3c:72:
e0:4f:19:e8:17:c3:53:b5:ef:18:0a:fb:6b:fc:1a:4d:d8:9a:
e3:ca:18:dc:de:c5:79:b1:ac:c3:32:20:96:1e:ee:97:bb:1e:
40:6d:fb:04:89:33:90:45:90:9a:96:0d:cb:4e:fb:f9:33:1a:
b4:61:e8:00
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJrzwvsutre9QjtZDHw+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMGUyNWUxN2E1MTY5NjkyM2E1YzAyOTY2Nzg3NDA5YWFj
OWFhMzYwHhcNMjQwMTAxMjIzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTFiYzRmZmU1N2UzZjYwY2M3YWU2OWFjYTgxNTk2OTQ4ZjkzMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoVBWQ5q8panTMIeKrsJR6u1rt1y
fQoSinUg/CXjNE0aVWLGjCA5uYmm9XW0squ+f8lp3foQS64rjbXkmQU71LQMqcwG
YubMAAM541xN4osCWTLudTMwK6PUMllnB9EOO0EL2fTOAkhsTxKLNQ0T9iACSPix
i7OPcQv2LzR8QfkdmzfmQsJVTwQwkamX4I9gc/9/jkIAM4TqE64ALXpyYaYauMoE
iXws57GvLTvbE64nuucGSfwo57wDcvV/vPHzlwdq9/33+tprhWHv0VGbyxrdLWYc
naZFgP2+lKpSkNhL7l8MDZ+lxt66Py7wE50spO4CS5z7ZM6rmWXU1THDVwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF4bxP/lfj9gzHrmmsqBWWlI+TEpMB8GA1UdIwQY
MBaAFNwOJeF6UWlpI6XAKWZ4dAmqyao2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0E0bDRYcFJhV2tqcGNBcFpuaDBDYXJKcWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8yY2M0NmMtOGM1MS00MzMwLWI2MjMt
MTgzNWNjOGExZDlkLzEvWGh2RV8tVi1QMkRNZXVhYXlvRlphVWo1TVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8yY2M0NmMtOGM1MS00MzMwLWI2MjMtMTgzNWNjOGExZDlk
LzEvM0E0bDRYcFJhV2tqcGNBcFpuaDBDYXJKcWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAJebJAwQA
1FZjMA0EAgACMAcDBQMqE7IAMA0GCSqGSIb3DQEBCwUAA4IBAQAGz5IM7WZvnPie
5DFGHUOB/P8iB+Q09Z/FB6sUbB5yInh+HSXKeMvilolCBqwfM01gwa625qp1RtrT
VQSR5HlhKN5hUZIlsS8l5eI2JwRfy/3f+IWDTQUNmmB5cZJNLvZQmgqn4zeAyQ2q
TXC7JFSRA5Co9oiGjEK1O8sKwukGKvMg+CCxOrTtBKrab7OlZjVCe3aZsUAQCuyf
54awmHcVBz96Ay/yJwbm1iWJUFLd/4Ox0nz577EhqZljOLRSZpeWCRUJPHLgTxno
F8NTte8YCvtr/BpN2Jrjyhjc3sV5sazDMiCWHu6Xux5AbfsEiTOQRZCalg3LTvv5
Mxq0YegA
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:25:09 2024 by rpki-client on console-fra.rpki-client.org