Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/3db08b-01a8-4016-b240-035078ad19ae/1/sxEh9CHK20m_JZ--Tiv-q8Wab2A.roa
File: sxEh9CHK20m_JZ--Tiv-q8Wab2A.roa (raw, json)
Hash identifier: uDtluRyJ/A8BkqQbyzMN0ub/Rz2C7WOHTU0QXnSdjSM=
Subject key identifier: B3:11:21:F4:21:CA:DB:49:BF:25:9F:BE:4E:2B:FE:AB:C5:9A:6F:60
Certificate issuer: /CN=54aa31a9f74bb8552d714a0d185d13c7040644ee
Certificate serial: 018CC2DADC3E7B2BBD4E1990436AD6AC5C5D
Authority key identifier: 54:AA:31:A9:F7:4B:B8:55:2D:71:4A:0D:18:5D:13:C7:04:06:44:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VKoxqfdLuFUtcUoNGF0TxwQGRO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/3db08b-01a8-4016-b240-035078ad19ae/1/sxEh9CHK20m_JZ--Tiv-q8Wab2A.roa
Signing time: Mon 01 Jan 2024 02:29:32 +0000
ROA not before: Mon 01 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39233
IP address blocks: 193.202.90.0/24 maxlen: 24
193.202.112.0/24 maxlen: 24
193.202.114.0/24 maxlen: 24
194.213.29.0/24 maxlen: 24
193.203.4.0/24 maxlen: 24
45.155.28.0/22 maxlen: 22
45.155.28.0/24 maxlen: 24
45.155.29.0/24 maxlen: 24
185.237.53.0/24 maxlen: 24
185.237.52.0/22 maxlen: 22
185.237.54.0/24 maxlen: 24
185.237.55.0/24 maxlen: 24
2a02:1600::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/3db08b-01a8-4016-b240-035078ad19ae/1/VKoxqfdLuFUtcUoNGF0TxwQGRO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/3db08b-01a8-4016-b240-035078ad19ae/1/VKoxqfdLuFUtcUoNGF0TxwQGRO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VKoxqfdLuFUtcUoNGF0TxwQGRO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:dc:3e:7b:2b:bd:4e:19:90:43:6a:d6:ac:5c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54aa31a9f74bb8552d714a0d185d13c7040644ee
Validity
Not Before: Jan 1 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b31121f421cadb49bf259fbe4e2bfeabc59a6f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f5:bb:23:43:05:b8:97:91:a4:65:fe:44:4a:
86:d6:dd:45:0b:25:9c:90:c8:b6:ef:1d:fd:7a:73:
fe:6d:77:3b:3d:05:1b:b3:65:61:bb:06:0a:07:49:
5a:fd:86:20:59:15:f6:9e:4c:02:6e:cf:39:d2:24:
0c:4e:01:d8:59:8c:ee:20:ba:ae:a5:ec:07:15:5a:
27:31:e5:fd:92:b8:be:3f:5f:2e:3b:bf:49:a5:f1:
6d:14:07:65:cc:a7:15:be:35:74:1c:97:cf:83:70:
5a:7a:11:4e:41:23:99:2c:02:97:9c:1a:15:da:5f:
9a:18:47:ee:0d:ee:0f:04:71:2b:ca:f8:5e:c5:1a:
93:e4:6b:d8:e9:76:90:1d:ad:91:aa:5c:de:00:84:
d5:d9:9c:d2:a6:ba:d9:5f:9d:24:b4:92:8e:10:64:
ac:46:e7:8c:c4:16:50:19:27:53:0a:b4:54:91:f4:
b1:a6:ce:7d:07:eb:e6:64:52:86:c0:ec:19:1b:69:
92:fc:60:f2:d3:c9:72:99:b1:50:45:2e:df:b3:1b:
a5:f2:a3:70:37:cf:c9:10:12:0f:74:a9:a1:86:f0:
a2:93:c9:01:08:87:0b:c1:41:24:98:7f:0b:73:36:
c1:d3:76:69:a6:9b:01:b2:f1:64:2d:5e:c7:4d:f5:
7c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:11:21:F4:21:CA:DB:49:BF:25:9F:BE:4E:2B:FE:AB:C5:9A:6F:60
X509v3 Authority Key Identifier:
keyid:54:AA:31:A9:F7:4B:B8:55:2D:71:4A:0D:18:5D:13:C7:04:06:44:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VKoxqfdLuFUtcUoNGF0TxwQGRO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/3db08b-01a8-4016-b240-035078ad19ae/1/sxEh9CHK20m_JZ--Tiv-q8Wab2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/3db08b-01a8-4016-b240-035078ad19ae/1/VKoxqfdLuFUtcUoNGF0TxwQGRO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.28.0/22
185.237.52.0/22
193.202.90.0/24
193.202.112.0/24
193.202.114.0/24
193.203.4.0/24
194.213.29.0/24
IPv6:
2a02:1600::/29
Signature Algorithm: sha256WithRSAEncryption
b8:6a:d5:82:8e:a7:28:da:b5:3e:dc:ad:cd:db:36:45:16:7d:
ee:b3:65:7d:70:03:cc:0f:e2:29:7c:23:cc:b0:c7:20:c9:53:
ce:b4:26:7c:3e:55:d8:dd:2b:4f:5e:e6:67:7b:2f:31:f5:58:
d3:97:23:98:7d:d9:3c:60:bd:fb:7b:a5:bf:69:e5:1f:34:13:
45:f3:73:6a:63:3e:1c:f3:e5:3d:4b:51:17:2a:9b:2f:82:7a:
c2:cd:2c:1d:96:18:f5:8f:2e:01:bb:ec:16:17:df:3e:c6:16:
d1:a3:c8:57:36:a9:ab:59:f5:d7:b5:10:f2:a7:0d:0d:58:27:
42:c0:14:78:34:4f:7e:e6:26:81:63:59:60:62:3c:c7:99:eb:
24:7d:87:eb:8e:e7:b1:63:98:46:d2:63:9a:a6:93:1f:76:db:
ac:b8:78:77:68:3f:db:c8:24:93:1d:0c:b9:70:64:81:1c:29:
eb:34:e4:39:89:b4:05:20:56:58:f4:0f:ac:1d:2a:d0:f6:75:
08:bd:9b:0e:85:2d:05:fd:56:96:ac:75:03:b4:2d:4e:d6:f9:
77:35:f9:84:8c:35:23:6e:4e:8c:3d:22:dd:f1:29:15:62:7c:
52:7e:08:e8:5e:ee:8f:85:43:a7:4b:8a:4b:85:b4:68:9f:5d:
e2:a1:d1:d3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzC2tw+eyu9ThmQQ2rWrFxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YWEzMWE5Zjc0YmI4NTUyZDcxNGEwZDE4NWQxM2M3MDQw
NjQ0ZWUwHhcNMjQwMTAxMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzExMjFmNDIxY2FkYjQ5YmYyNTlmYmU0ZTJiZmVhYmM1OWE2ZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/W7I0MFuJeRpGX+REqG1t1FCyWc
kMi27x39enP+bXc7PQUbs2VhuwYKB0la/YYgWRX2nkwCbs850iQMTgHYWYzuILqu
pewHFVonMeX9kri+P18uO79JpfFtFAdlzKcVvjV0HJfPg3BaehFOQSOZLAKXnBoV
2l+aGEfuDe4PBHEryvhexRqT5GvY6XaQHa2RqlzeAITV2ZzSprrZX50ktJKOEGSs
RueMxBZQGSdTCrRUkfSxps59B+vmZFKGwOwZG2mS/GDy08lymbFQRS7fsxul8qNw
N8/JEBIPdKmhhvCik8kBCIcLwUEkmH8LczbB03ZpppsBsvFkLV7HTfV8ZQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLMRIfQhyttJvyWfvk4r/qvFmm9gMB8GA1UdIwQY
MBaAFFSqMan3S7hVLXFKDRhdE8cEBkTuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVktveHFmZEx1RlV0Y1VvTkdGMFR4d1FHUk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zZGIwOGItMDFhOC00MDE2LWIyNDAt
MDM1MDc4YWQxOWFlLzEvc3hFaDlDSEsyMG1fSlotLVRpdi1xOFdhYjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8zZGIwOGItMDFhOC00MDE2LWIyNDAtMDM1MDc4YWQxOWFl
LzEvVktveHFmZEx1RlV0Y1VvTkdGMFR4d1FHUk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLZscAwQC
ue00AwQAwcpaAwQAwcpwAwQAwcpyAwQAwcsEAwQAwtUdMA0EAgACMAcDBQMqAhYA
MA0GCSqGSIb3DQEBCwUAA4IBAQC4atWCjqco2rU+3K3N2zZFFn3us2V9cAPMD+Ip
fCPMsMcgyVPOtCZ8PlXY3StPXuZney8x9VjTlyOYfdk8YL37e6W/aeUfNBNF83Nq
Yz4c8+U9S1EXKpsvgnrCzSwdlhj1jy4Bu+wWF98+xhbRo8hXNqmrWfXXtRDypw0N
WCdCwBR4NE9+5iaBY1lgYjzHmeskfYfrjuexY5hG0mOappMfdtusuHh3aD/byCST
HQy5cGSBHCnrNOQ5ibQFIFZY9A+sHSrQ9nUIvZsOhS0F/VaWrHUDtC1O1vl3NfmE
jDUjbk6MPSLd8SkVYnxSfgjoXu6PhUOnS4pLhbRon13iodHT
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:55:55 2024 by rpki-client on console-ams.rpki-client.org