Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/Xfwxl6eGNXBUihssx-tJAobIaeE.roa
File: Xfwxl6eGNXBUihssx-tJAobIaeE.roa (raw, json)
Hash identifier: nqeNvZBZhA6T159XnfW/5babl5AelAIhZtRKiVE5eW8=
Subject key identifier: 5D:FC:31:97:A7:86:35:70:54:8A:1B:2C:C7:EB:49:02:86:C8:69:E1
Certificate issuer: /CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Certificate serial: 018CC6B919BF1BB1B7D42B352CC8B0712F2D
Authority key identifier: BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/Xfwxl6eGNXBUihssx-tJAobIaeE.roa
Signing time: Mon 01 Jan 2024 20:31:08 +0000
ROA not before: Mon 01 Jan 2024 20:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49349
IP address blocks: 185.38.140.0/22 maxlen: 24
185.236.229.0/24 maxlen: 24
185.236.231.0/24 maxlen: 24
185.236.230.0/24 maxlen: 24
188.93.232.0/21 maxlen: 24
5.206.224.0/21 maxlen: 24
2a00:1c60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.mft
rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:19:bf:1b:b1:b7:d4:2b:35:2c:c8:b0:71:2f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Validity
Not Before: Jan 1 20:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dfc3197a7863570548a1b2cc7eb490286c869e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:61:c3:bc:6b:44:ea:ca:b1:ec:b7:6b:2f:b9:
de:72:3e:81:fd:e8:e7:cb:69:b2:74:2d:f8:13:15:
ca:32:71:1c:26:c9:a4:fb:4b:d3:5e:20:e9:5f:72:
c4:31:cc:ad:73:1d:93:47:c2:43:bd:f9:a2:c7:37:
fc:bb:9f:fc:26:13:09:a7:98:01:62:c0:65:6e:13:
25:ca:1e:ef:a3:00:2e:ae:56:dc:36:c0:a1:09:8b:
26:e3:8f:01:e3:a6:99:f5:47:98:1c:a0:f3:6c:65:
1a:b8:cb:e6:d7:19:da:5f:e8:db:7f:a1:5d:bd:2c:
d0:f2:d2:12:a2:c9:fa:8b:8c:68:f6:f4:35:d5:0b:
18:d3:26:a5:ce:65:e6:cc:4c:e4:c9:ea:63:6a:bf:
62:f2:af:82:16:77:94:28:19:c3:89:51:43:1b:1f:
5c:6b:02:54:8f:5b:e1:18:28:5c:31:a5:74:9f:40:
0f:36:2b:ca:cd:73:d6:4d:e0:a1:82:19:0d:58:49:
49:f1:51:ed:d4:38:0a:11:ed:aa:7b:7e:b4:71:e4:
d0:2e:92:8e:bd:9d:b6:d2:33:d3:43:23:a2:be:5e:
28:1f:c3:7d:35:ab:c5:59:19:4e:6b:dc:07:fe:8c:
f0:11:7a:0a:07:b3:c1:9c:02:11:53:71:84:1a:88:
8a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FC:31:97:A7:86:35:70:54:8A:1B:2C:C7:EB:49:02:86:C8:69:E1
X509v3 Authority Key Identifier:
keyid:BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/Xfwxl6eGNXBUihssx-tJAobIaeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.224.0/21
185.38.140.0/22
185.236.229.0-185.236.231.255
188.93.232.0/21
IPv6:
2a00:1c60::/32
Signature Algorithm: sha256WithRSAEncryption
d2:8f:63:0c:a2:03:1a:10:06:16:4e:7b:7c:dc:00:9b:80:d6:
1a:47:11:be:22:09:6d:9d:0c:1f:05:a0:9b:d8:1e:c9:eb:5b:
11:c6:4d:f4:e0:5a:52:8d:97:47:ec:5f:6b:ef:4c:b6:7a:54:
ad:b9:d7:6d:0c:08:d2:e6:a2:a4:3c:29:01:41:65:4d:7a:f7:
f5:63:46:02:a2:24:ac:38:30:93:7d:f4:de:5a:84:3b:96:7f:
73:38:4b:69:41:11:46:28:00:a4:7a:9a:c4:cd:b9:0b:a1:16:
77:ff:f5:2d:fd:f9:7d:9f:2c:3e:42:4d:a8:b9:1c:cf:5c:45:
00:1a:12:8a:ad:db:e5:cb:96:fd:7b:90:9f:c0:c4:75:1e:c1:
91:3d:4e:1c:4c:d4:30:60:d5:e8:af:4f:23:2e:54:c8:e7:cc:
2f:db:af:25:a6:1c:61:b1:8e:1c:1e:cf:ac:53:10:fa:99:de:
73:88:cf:67:a4:55:f4:da:13:52:97:fa:ea:83:51:40:85:9d:
1f:71:5f:44:87:15:db:50:80:86:a1:f5:5d:82:32:9c:96:28:
c3:c6:3d:30:d2:aa:df:c9:8a:b4:ea:84:1a:88:00:7b:22:b1:
ee:6c:33:b0:77:34:b2:6e:2f:d2:a4:93:85:d3:19:30:7f:40:
aa:8f:3d:fc
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzGuRm/G7G31Cs1LMiwcS8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWYwYjlhYzFkNTY1MmYzZGNhMWVmMTYyM2JmOTlhYjI5
NjQ3ZGYwHhcNMjQwMTAxMjAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGZjMzE5N2E3ODYzNTcwNTQ4YTFiMmNjN2ViNDkwMjg2Yzg2OWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2HDvGtE6sqx7LdrL7necj6B/ejn
y2mydC34ExXKMnEcJsmk+0vTXiDpX3LEMcytcx2TR8JDvfmixzf8u5/8JhMJp5gB
YsBlbhMlyh7vowAurlbcNsChCYsm448B46aZ9UeYHKDzbGUauMvm1xnaX+jbf6Fd
vSzQ8tISosn6i4xo9vQ11QsY0yalzmXmzEzkyepjar9i8q+CFneUKBnDiVFDGx9c
awJUj1vhGChcMaV0n0APNivKzXPWTeChghkNWElJ8VHt1DgKEe2qe360ceTQLpKO
vZ220jPTQyOivl4oH8N9NavFWRlOa9wH/ozwEXoKB7PBnAIRU3GEGoiKiQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFF38MZenhjVwVIobLMfrSQKGyGnhMB8GA1UdIwQY
MBaAFLyfC5rB1WUvPcoe8WI7+ZqylkffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2Ut
OTVjODk0MmRmNzI0LzEvWGZ3eGw2ZUdOWEJVaWhzc3gtdEpBb2JJYWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2UtOTVjODk0MmRmNzI0
LzEvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDBc7gAwQC
uSaMMAwDBAC57OUDBAO57OADBAO8XegwDQQCAAIwBwMFACoAHGAwDQYJKoZIhvcN
AQELBQADggEBANKPYwyiAxoQBhZOe3zcAJuA1hpHEb4iCW2dDB8FoJvYHsnrWxHG
TfTgWlKNl0fsX2vvTLZ6VK25120MCNLmoqQ8KQFBZU169/VjRgKiJKw4MJN99N5a
hDuWf3M4S2lBEUYoAKR6msTNuQuhFnf/9S39+X2fLD5CTai5HM9cRQAaEoqt2+XL
lv17kJ/AxHUewZE9ThxM1DBg1eivTyMuVMjnzC/bryWmHGGxjhwez6xTEPqZ3nOI
z2ekVfTaE1KX+uqDUUCFnR9xX0SHFdtQgIah9V2CMpyWKMPGPTDSqt/JirTqhBqI
AHsise5sM7B3NLJuL9Kkk4XTGTB/QKqPPfw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:39:18 2024 by rpki-client on console-ams.rpki-client.org