Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/XMnUTiUUdkAA8t65zENuNfj4fHI.roa
File: XMnUTiUUdkAA8t65zENuNfj4fHI.roa (raw, json)
Hash identifier: bgwJuYj2zm4DVe36rt/HSYblapAeB2YxCHmnQ3EmdHI=
Subject key identifier: 5C:C9:D4:4E:25:14:76:40:00:F2:DE:B9:CC:43:6E:35:F8:F8:7C:72
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 018F4CE17BA1E186805B2854D73BF404D15C
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/XMnUTiUUdkAA8t65zENuNfj4fHI.roa
Signing time: Mon 06 May 2024 07:49:56 +0000
ROA not before: Mon 06 May 2024 07:49:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39216
IP address blocks: 185.72.252.0/24 maxlen: 24
185.72.253.0/24 maxlen: 24
188.72.2.0/24 maxlen: 24
188.72.4.0/24 maxlen: 24
188.72.5.0/24 maxlen: 24
188.72.6.0/24 maxlen: 24
188.72.7.0/24 maxlen: 24
188.72.34.0/24 maxlen: 24
188.72.35.0/24 maxlen: 24
188.72.59.0/24 maxlen: 24
188.72.60.0/24 maxlen: 24
188.72.61.0/24 maxlen: 24
188.72.62.0/24 maxlen: 24
188.72.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jul 2024 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:e1:7b:a1:e1:86:80:5b:28:54:d7:3b:f4:04:d1:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: May 6 07:49:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cc9d44e2514764000f2deb9cc436e35f8f87c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:91:a0:e9:f7:fa:40:22:dc:ac:96:9d:83:2d:
b8:e2:96:f0:ea:ca:97:8d:49:e5:5c:44:b6:34:3b:
d0:e6:31:a1:87:50:ff:63:98:bd:ff:48:ec:ff:0f:
99:c6:4f:a7:8a:08:1f:51:27:32:12:5c:26:d4:6b:
80:a1:c2:79:7d:e2:37:62:68:3a:16:97:c8:54:14:
8f:34:80:15:6d:5d:0b:6d:46:01:e6:6a:78:c4:f6:
f2:0b:e1:5f:dc:79:f4:43:21:d7:35:54:23:a8:a7:
88:ec:03:b5:d5:28:45:99:14:f6:0d:cf:0e:73:5a:
c2:2e:f0:1d:4c:12:d3:11:61:84:b6:81:6c:69:bd:
ac:2d:f1:14:d5:29:ac:45:ca:02:6b:c6:50:7e:c5:
61:aa:b6:5f:c0:9a:a0:cb:b0:d2:66:6b:be:8e:4b:
cb:e8:4d:5e:48:47:ef:da:25:a7:c6:35:81:08:0c:
f1:2d:92:41:7e:c1:d0:56:ce:be:0a:06:b6:ed:52:
3b:73:b8:e7:8a:9f:60:bf:5f:20:93:cc:7a:74:60:
db:db:13:67:41:52:35:77:ca:40:56:8b:6a:4a:e1:
c6:a9:41:f6:7f:54:04:40:af:44:63:f4:c9:a0:ed:
9b:36:91:f7:9a:eb:1f:5d:29:db:1c:8a:09:6a:83:
38:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C9:D4:4E:25:14:76:40:00:F2:DE:B9:CC:43:6E:35:F8:F8:7C:72
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/XMnUTiUUdkAA8t65zENuNfj4fHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.252.0/23
188.72.2.0/24
188.72.4.0/22
188.72.34.0/23
188.72.59.0-188.72.63.255
Signature Algorithm: sha256WithRSAEncryption
9e:66:4a:0b:1c:89:e1:db:45:b5:d8:d8:31:1e:c5:4a:fb:bc:
b1:56:e4:b8:f9:d6:76:2a:ef:61:df:c4:b1:5b:4a:25:b7:75:
bb:12:e4:14:08:39:73:28:ec:bc:8d:48:60:bb:45:46:b6:9f:
63:7b:18:59:8b:f5:96:07:0f:e6:6c:03:bb:f9:0b:c6:ff:b9:
9a:db:a3:30:1e:01:b7:55:be:4b:81:9e:df:16:6b:47:4e:43:
37:df:0b:c9:a0:5b:f3:f6:10:7d:41:8f:55:7d:6f:42:04:89:
29:53:70:0b:6d:c7:0e:93:85:a6:5a:52:77:51:24:ea:68:6b:
3a:f0:fa:73:e5:b1:00:6e:59:0d:2a:5a:c4:e5:98:7e:74:de:
69:11:2e:4f:c4:7e:14:a3:25:41:29:b9:5f:f5:6d:72:9b:16:
24:23:17:9d:c7:9f:1c:22:2c:f0:96:eb:70:fd:0c:cb:e8:a0:
b5:1a:f2:6e:b6:a5:4a:ef:e4:55:7b:00:23:5d:fe:c7:a3:19:
21:42:e0:f0:f9:a0:98:a9:3d:7e:c9:3a:a0:e8:fd:77:9e:44:
dd:cf:b4:76:4a:57:b7:65:6a:45:7e:3f:8c:c5:0e:ab:59:85:
ab:7a:3a:e7:7c:fd:65:06:a2:4e:f4:d9:f3:59:2c:9a:2f:32:
99:df:8c:b9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY9M4Xuh4YaAWyhU1zv0BNFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjQwNTA2MDc0OTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M5ZDQ0ZTI1MTQ3NjQwMDBmMmRlYjljYzQzNmUzNWY4Zjg3YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JGg6ff6QCLcrJadgy244pbw6sqX
jUnlXES2NDvQ5jGhh1D/Y5i9/0js/w+Zxk+niggfUScyElwm1GuAocJ5feI3Ymg6
FpfIVBSPNIAVbV0LbUYB5mp4xPbyC+Ff3Hn0QyHXNVQjqKeI7AO11ShFmRT2Dc8O
c1rCLvAdTBLTEWGEtoFsab2sLfEU1SmsRcoCa8ZQfsVhqrZfwJqgy7DSZmu+jkvL
6E1eSEfv2iWnxjWBCAzxLZJBfsHQVs6+Cga27VI7c7jnip9gv18gk8x6dGDb2xNn
QVI1d8pAVotqSuHGqUH2f1QEQK9EY/TJoO2bNpH3musfXSnbHIoJaoM4swIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFzJ1E4lFHZAAPLeucxDbjX4+HxyMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvWE1uVVRpVVVka0FBOHQ2NXpFTnVOZmo0ZkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBuUj8AwQA
vEgCAwQCvEgEAwQBvEgiMAwDBAC8SDsDBAa8SAAwDQYJKoZIhvcNAQELBQADggEB
AJ5mSgscieHbRbXY2DEexUr7vLFW5Lj51nYq72HfxLFbSiW3dbsS5BQIOXMo7LyN
SGC7RUa2n2N7GFmL9ZYHD+ZsA7v5C8b/uZrbozAeAbdVvkuBnt8Wa0dOQzffC8mg
W/P2EH1Bj1V9b0IEiSlTcAttxw6ThaZaUndRJOpoazrw+nPlsQBuWQ0qWsTlmH50
3mkRLk/EfhSjJUEpuV/1bXKbFiQjF53HnxwiLPCW63D9DMvooLUa8m62pUrv5FV7
ACNd/sejGSFC4PD5oJipPX7JOqDo/XeeRN3PtHZKV7dlakV+P4zFDqtZhat6Oud8
/WUGok702fNZLJovMpnfjLk=
-----END CERTIFICATE-----
Generated at Thu Jul 4 13:41:29 2024 by rpki-client on console-fra.rpki-client.org