Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4ef53-30bf-4897-b210-d519b82afc36/1/xMXDFpTIimi84uVN0qhOEh11a_Y.roa
File: xMXDFpTIimi84uVN0qhOEh11a_Y.roa (raw, json)
Hash identifier: ytcFNyEHOotq2mRX/hFxxO4wEbkzIluJt/js4fgl2aU=
Subject key identifier: C4:C5:C3:16:94:C8:8A:68:BC:E2:E5:4D:D2:A8:4E:12:1D:75:6B:F6
Certificate issuer: /CN=29d313a7fd2ba3d995c44a7ab4af332f875cc40c
Certificate serial: 018CC94D8DD854D64FC3309F366EEC45CE54
Authority key identifier: 29:D3:13:A7:FD:2B:A3:D9:95:C4:4A:7A:B4:AF:33:2F:87:5C:C4:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdMTp_0ro9mVxEp6tK8zL4dcxAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e4ef53-30bf-4897-b210-d519b82afc36/1/xMXDFpTIimi84uVN0qhOEh11a_Y.roa
Signing time: Tue 02 Jan 2024 08:32:32 +0000
ROA not before: Tue 02 Jan 2024 08:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24634
IP address blocks: 185.44.152.0/22 maxlen: 24
2a04:9cc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/e4ef53-30bf-4897-b210-d519b82afc36/1/KdMTp_0ro9mVxEp6tK8zL4dcxAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/e4ef53-30bf-4897-b210-d519b82afc36/1/KdMTp_0ro9mVxEp6tK8zL4dcxAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdMTp_0ro9mVxEp6tK8zL4dcxAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 08:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:8d:d8:54:d6:4f:c3:30:9f:36:6e:ec:45:ce:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d313a7fd2ba3d995c44a7ab4af332f875cc40c
Validity
Not Before: Jan 2 08:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4c5c31694c88a68bce2e54dd2a84e121d756bf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b1:85:5f:bd:24:48:4a:b5:2f:ef:37:e2:b5:
8f:ab:6c:02:cc:12:09:88:a7:86:86:b0:5f:78:60:
8d:57:12:e4:41:b4:07:71:16:da:80:76:f6:9b:c5:
3d:06:ac:b7:c3:4a:64:d4:90:1a:2a:18:33:ba:b8:
d6:69:87:2d:a9:fd:6f:d1:c6:12:57:22:01:45:e6:
4c:df:aa:3f:43:35:fe:85:8a:95:42:cf:11:a6:59:
2a:fe:dc:02:6f:79:82:cc:2e:36:a5:2f:f5:f0:35:
d9:f6:ed:1c:74:89:5f:5e:57:60:f0:a0:5c:f2:e1:
4b:27:97:a4:00:8e:45:20:6d:56:56:ca:c5:1b:d7:
58:3a:2a:2d:0a:38:67:2e:68:1f:56:23:c4:19:43:
fe:b7:d1:b4:09:cd:a9:d3:35:5e:b9:a2:eb:71:22:
db:d4:ae:3f:2a:d0:81:a4:f9:87:bd:b4:1e:12:0d:
35:40:61:e4:38:36:55:41:56:88:dc:92:41:b0:0e:
13:e7:10:60:01:05:ff:a4:24:a6:e9:d1:0f:f7:89:
23:34:80:da:53:ca:56:34:4e:ab:76:a5:61:11:48:
cd:30:9a:b6:30:07:92:8f:2d:81:40:86:87:7c:af:
7a:aa:0d:f8:a8:19:eb:52:62:31:36:b0:7e:7f:21:
c7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C5:C3:16:94:C8:8A:68:BC:E2:E5:4D:D2:A8:4E:12:1D:75:6B:F6
X509v3 Authority Key Identifier:
keyid:29:D3:13:A7:FD:2B:A3:D9:95:C4:4A:7A:B4:AF:33:2F:87:5C:C4:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdMTp_0ro9mVxEp6tK8zL4dcxAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4ef53-30bf-4897-b210-d519b82afc36/1/xMXDFpTIimi84uVN0qhOEh11a_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4ef53-30bf-4897-b210-d519b82afc36/1/KdMTp_0ro9mVxEp6tK8zL4dcxAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.152.0/22
IPv6:
2a04:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:04:5d:6d:32:71:54:7a:fa:eb:f9:62:fc:17:dd:8e:b1:47:
b8:a9:da:7e:51:f6:dd:d4:0f:8f:42:ff:13:4b:a0:1e:4c:6e:
e6:6b:91:6c:5c:45:3b:ee:29:bd:88:05:c8:db:09:70:7c:38:
6c:76:3e:9b:2a:1f:41:70:4e:a1:64:cf:8d:23:59:2e:87:8c:
e0:67:40:a7:41:7a:e4:4e:6d:82:62:47:2d:15:d5:64:05:5b:
e3:1f:26:4b:66:66:3a:c2:36:1c:9d:58:5f:e5:9d:58:fa:87:
35:ea:42:28:42:c4:a3:6c:e9:ee:24:a2:94:77:f2:aa:32:bb:
f3:f6:1a:85:df:20:15:39:d4:f6:67:02:a3:13:0c:a9:12:c4:
01:6d:7b:6c:91:f7:3d:ad:58:9c:9a:d7:81:e4:03:3e:90:e4:
a2:4a:73:75:2c:23:da:86:a4:96:e0:22:a6:09:7a:5e:6d:71:
77:1f:05:9f:7e:c3:95:68:b5:4d:f2:54:bd:1a:8f:76:da:fa:
f1:74:ee:52:09:6b:19:d6:50:43:a1:da:38:5d:ef:0e:f1:c7:
43:2e:92:21:76:4e:00:59:fd:e5:23:a4:ea:eb:60:6b:05:85:
7c:21:a8:2d:f0:bd:f3:87:8d:75:af:11:fc:66:05:fe:8b:0d:
6b:e6:b4:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTY3YVNZPwzCfNm7sRc5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDMxM2E3ZmQyYmEzZDk5NWM0NGE3YWI0YWYzMzJmODc1
Y2M0MGMwHhcNMjQwMTAyMDgzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGM1YzMxNjk0Yzg4YTY4YmNlMmU1NGRkMmE4NGUxMjFkNzU2YmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7GFX70kSEq1L+834rWPq2wCzBIJ
iKeGhrBfeGCNVxLkQbQHcRbagHb2m8U9Bqy3w0pk1JAaKhgzurjWaYctqf1v0cYS
VyIBReZM36o/QzX+hYqVQs8Rplkq/twCb3mCzC42pS/18DXZ9u0cdIlfXldg8KBc
8uFLJ5ekAI5FIG1WVsrFG9dYOiotCjhnLmgfViPEGUP+t9G0Cc2p0zVeuaLrcSLb
1K4/KtCBpPmHvbQeEg01QGHkODZVQVaI3JJBsA4T5xBgAQX/pCSm6dEP94kjNIDa
U8pWNE6rdqVhEUjNMJq2MAeSjy2BQIaHfK96qg34qBnrUmIxNrB+fyHHEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMTFwxaUyIpovOLlTdKoThIddWv2MB8GA1UdIwQY
MBaAFCnTE6f9K6PZlcRKerSvMy+HXMQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RNVHBfMHJvOW1WeEVwNnRLOHpMNGRjeEF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNGVmNTMtMzBiZi00ODk3LWIyMTAt
ZDUxOWI4MmFmYzM2LzEveE1YREZwVElpbWk4NHVWTjBxaE9FaDExYV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNGVmNTMtMzBiZi00ODk3LWIyMTAtZDUxOWI4MmFmYzM2
LzEvS2RNVHBfMHJvOW1WeEVwNnRLOHpMNGRjeEF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSyYMA0E
AgACMAcDBQMqBJzAMA0GCSqGSIb3DQEBCwUAA4IBAQCwBF1tMnFUevrr+WL8F92O
sUe4qdp+Ufbd1A+PQv8TS6AeTG7ma5FsXEU77im9iAXI2wlwfDhsdj6bKh9BcE6h
ZM+NI1kuh4zgZ0CnQXrkTm2CYkctFdVkBVvjHyZLZmY6wjYcnVhf5Z1Y+oc16kIo
QsSjbOnuJKKUd/KqMrvz9hqF3yAVOdT2ZwKjEwypEsQBbXtskfc9rVicmteB5AM+
kOSiSnN1LCPahqSW4CKmCXpebXF3HwWffsOVaLVN8lS9Go922vrxdO5SCWsZ1lBD
odo4Xe8O8cdDLpIhdk4AWf3lI6Tq62BrBYV8Iagt8L3zh411rxH8ZgX+iw1r5rR9
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:56:39 2024 by rpki-client on console-ams.rpki-client.org