Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/XP6ceVkWwWeVtxcTkmX2PqBbUvA.roa
File: XP6ceVkWwWeVtxcTkmX2PqBbUvA.roa (raw, json)
Hash identifier: kx/j7okttCJkBUkisBLHpZr/PGiqhXHolqvKH1F89sA=
Subject key identifier: 5C:FE:9C:79:59:16:C1:67:95:B7:17:13:92:65:F6:3E:A0:5B:52:F0
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 018CC492E167ABED2198BC6C2CB41515B177
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/XP6ceVkWwWeVtxcTkmX2PqBbUvA.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 193.36.124.0/22 maxlen: 22
171.22.188.0/24 maxlen: 24
171.22.189.0/24 maxlen: 24
171.22.190.0/24 maxlen: 24
194.110.88.0/22 maxlen: 22
185.164.66.0/23 maxlen: 23
84.252.84.0/23 maxlen: 23
84.252.86.0/24 maxlen: 24
84.252.87.0/24 maxlen: 24
212.81.42.0/24 maxlen: 24
212.81.43.0/24 maxlen: 24
80.76.36.0/22 maxlen: 22
45.11.232.0/24 maxlen: 24
45.11.234.0/23 maxlen: 23
45.153.236.0/24 maxlen: 24
45.153.237.0/24 maxlen: 24
45.153.238.0/24 maxlen: 24
77.83.46.0/23 maxlen: 23
77.83.71.0/24 maxlen: 24
45.142.52.0/22 maxlen: 22
77.83.68.0/24 maxlen: 24
77.83.69.0/24 maxlen: 24
77.83.70.0/24 maxlen: 24
45.91.188.0/22 maxlen: 22
95.214.100.0/22 maxlen: 22
185.15.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e1:67:ab:ed:21:98:bc:6c:2c:b4:15:15:b1:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cfe9c795916c16795b717139265f63ea05b52f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a8:ef:ec:26:4c:c9:cd:56:25:6f:e0:80:7b:
40:4d:61:62:c1:cf:18:71:ca:46:53:65:13:87:5b:
be:29:33:2a:62:cc:9a:4c:73:dd:1b:cf:04:dd:20:
85:f3:b7:46:d7:c4:e1:d9:bd:de:89:3b:78:f1:a5:
87:eb:74:ba:18:58:c2:92:5f:72:c5:88:81:35:73:
f2:ed:72:4c:ee:95:57:dd:7a:7b:26:4a:73:a3:42:
7c:f3:28:34:d1:be:73:7c:b9:5f:f8:c6:ea:bf:d6:
e6:80:4e:8e:52:41:b3:01:43:df:37:a0:15:62:04:
04:2f:19:3c:4a:32:44:80:d0:8c:5f:79:c8:9e:f7:
c9:bb:c7:e0:ee:70:c4:57:b7:98:8b:ef:be:55:e5:
23:80:71:a4:62:77:56:82:80:e5:6c:13:70:ff:37:
63:c8:0d:a2:82:27:26:2b:dc:0d:8e:10:ca:d0:6a:
6f:b3:0f:23:ac:ae:36:de:ab:b8:40:3b:b7:73:49:
cd:9c:11:f4:bd:9a:65:eb:a3:32:11:de:0b:67:6d:
bc:5e:91:87:a0:9c:b6:ec:58:b6:65:5c:23:eb:d4:
b6:aa:e2:3e:be:07:dd:15:7d:1a:15:35:60:bd:44:
3c:f7:a2:38:22:25:5a:cd:eb:1a:be:a5:f5:15:fa:
36:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FE:9C:79:59:16:C1:67:95:B7:17:13:92:65:F6:3E:A0:5B:52:F0
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/XP6ceVkWwWeVtxcTkmX2PqBbUvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.232.0/24
45.11.234.0/23
45.91.188.0/22
45.142.52.0/22
45.153.236.0-45.153.238.255
77.83.46.0/23
77.83.68.0/22
80.76.36.0/22
84.252.84.0/22
95.214.100.0/22
171.22.188.0-171.22.190.255
185.15.176.0/22
185.164.66.0/23
193.36.124.0/22
194.110.88.0/22
212.81.42.0/23
Signature Algorithm: sha256WithRSAEncryption
75:cf:69:06:8b:08:28:0f:87:43:62:0a:8a:1f:be:f8:c2:49:
a5:59:f8:d0:a1:a3:c9:d0:ee:eb:71:76:fd:18:4a:c3:6a:b4:
6e:94:8d:dc:1f:28:89:7b:9a:91:b2:d1:c5:9e:87:2c:33:fb:
26:0f:12:68:e7:fe:03:c7:2e:32:7e:0e:c6:45:d7:b8:21:c5:
28:d2:75:ee:2e:cf:7f:4c:81:ff:9a:86:c5:ad:a6:8e:84:76:
e0:a2:fb:22:4f:79:29:03:02:ac:13:ff:54:1b:d1:38:9b:1f:
c8:d7:d0:c8:4b:f4:0b:26:e9:e2:d8:c6:62:1e:bc:75:05:09:
b4:be:84:99:2e:b0:59:59:94:5b:b4:ca:18:57:41:43:10:91:
86:0e:b5:cc:46:f7:c0:b8:f5:ae:56:d3:7c:7d:3a:c8:1c:98:
09:ad:6c:dd:bb:ab:7f:f9:6f:21:89:43:8d:8a:3a:f4:7f:b9:
c0:52:4b:9a:89:b5:bd:33:91:8a:67:78:f6:ac:cd:be:18:a3:
8c:37:88:59:25:81:ea:a7:4c:49:9f:05:73:be:12:95:eb:e6:
55:c8:bc:10:63:79:c1:d5:92:c4:56:a5:64:e2:45:f0:ab:94:
8e:b2:8c:a2:bb:69:44:28:d4:97:3a:52:77:6e:85:56:ee:13:
d8:bf:2d:74
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYzEkuFnq+0hmLxsLLQVFbF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZlOWM3OTU5MTZjMTY3OTViNzE3MTM5MjY1ZjYzZWEwNWI1MmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhajv7CZMyc1WJW/ggHtATWFiwc8Y
ccpGU2UTh1u+KTMqYsyaTHPdG88E3SCF87dG18Th2b3eiTt48aWH63S6GFjCkl9y
xYiBNXPy7XJM7pVX3Xp7Jkpzo0J88yg00b5zfLlf+Mbqv9bmgE6OUkGzAUPfN6AV
YgQELxk8SjJEgNCMX3nInvfJu8fg7nDEV7eYi+++VeUjgHGkYndWgoDlbBNw/zdj
yA2igicmK9wNjhDK0Gpvsw8jrK423qu4QDu3c0nNnBH0vZpl66MyEd4LZ228XpGH
oJy27Fi2ZVwj69S2quI+vgfdFX0aFTVgvUQ896I4IiVazesavqX1Ffo2LQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFFz+nHlZFsFnlbcXE5Jl9j6gW1LwMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvWFA2Y2VWa1d3V2VWdHhjVGttWDJQcUJiVXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAC0L6AME
AS0L6gMEAi1bvAMEAi2ONDAMAwQCLZnsAwQALZnuAwQBTVMuAwQCTVNEAwQCUEwk
AwQCVPxUAwQCX9ZkMAwDBAKrFrwDBACrFr4DBAK5D7ADBAG5pEIDBALBJHwDBALC
blgDBAHUUSowDQYJKoZIhvcNAQELBQADggEBAHXPaQaLCCgPh0NiCoofvvjCSaVZ
+NCho8nQ7utxdv0YSsNqtG6UjdwfKIl7mpGy0cWehywz+yYPEmjn/gPHLjJ+DsZF
17ghxSjSde4uz39Mgf+ahsWtpo6EduCi+yJPeSkDAqwT/1Qb0TibH8jX0MhL9Asm
6eLYxmIevHUFCbS+hJkusFlZlFu0yhhXQUMQkYYOtcxG98C49a5W03x9OsgcmAmt
bN27q3/5byGJQ42KOvR/ucBSS5qJtb0zkYpnePaszb4Yo4w3iFklgeqnTEmfBXO+
EpXr5lXIvBBjecHVksRWpWTiRfCrlI6yjKK7aUQo1Jc6UnduhVbuE9i/LXQ=
-----END CERTIFICATE-----
Generated at Sun Apr 21 05:13:55 2024 by rpki-client on console-ams.rpki-client.org