Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/XvchSwuHo_kXmrXkwVblUQnrmQg.roa
File: XvchSwuHo_kXmrXkwVblUQnrmQg.roa (raw, json)
Hash identifier: KqMWZtd4E3UhDkSSDI+hPENEvU5pp9SVpEjyeG8FSUs=
Subject key identifier: 5E:F7:21:4B:0B:87:A3:F9:17:9A:B5:E4:C1:56:E5:51:09:EB:99:08
Certificate issuer: /CN=c928b63417a2e7885e33881a924aac9d40aaca60
Certificate serial: 018FDE3AD132D72B711AEB16C9E55E5C6813
Authority key identifier: C9:28:B6:34:17:A2:E7:88:5E:33:88:1A:92:4A:AC:9D:40:AA:CA:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/XvchSwuHo_kXmrXkwVblUQnrmQg.roa
Signing time: Mon 03 Jun 2024 13:12:27 +0000
ROA not before: Mon 03 Jun 2024 13:12:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25039
IP address blocks: 145.225.60.0/24 maxlen: 24
145.225.63.0/24 maxlen: 24
145.225.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 19:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:3a:d1:32:d7:2b:71:1a:eb:16:c9:e5:5e:5c:68:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c928b63417a2e7885e33881a924aac9d40aaca60
Validity
Not Before: Jun 3 13:12:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ef7214b0b87a3f9179ab5e4c156e55109eb9908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a5:74:b5:57:4d:ec:aa:7c:81:f0:6a:17:59:
51:6d:88:9e:48:3e:ec:61:53:e5:03:0c:e8:44:ba:
60:ee:e8:a5:89:34:00:65:6e:e1:f0:02:2d:86:26:
4e:cd:ce:00:83:8b:29:88:4b:61:11:79:77:a1:c4:
ec:91:c0:3d:b1:15:ef:01:0e:46:f2:39:74:72:24:
74:47:38:23:25:7a:fe:0a:28:a7:99:db:ae:b7:27:
29:36:c5:42:07:7f:80:92:0e:ff:f5:50:bd:84:c6:
8a:c4:b6:fb:0d:44:de:d8:c1:01:3f:1f:23:af:34:
cd:aa:23:de:ed:a7:17:30:2e:7c:26:3b:fc:9e:cc:
6c:1d:84:3f:21:15:34:c5:61:18:5f:4a:1c:87:69:
56:9a:10:7d:85:4a:09:d9:67:a8:19:04:0f:36:de:
97:ca:73:b4:dd:3a:5b:19:f0:25:66:60:2f:4e:13:
c1:d6:16:49:a4:c9:d7:1f:c4:07:8f:aa:c1:51:24:
e4:f1:44:e2:33:61:da:80:f2:d3:47:9b:6d:eb:5f:
2b:52:d8:44:ec:97:0a:a4:c5:ac:99:8d:73:89:42:
5c:02:e4:d1:aa:cd:ec:e8:e2:38:d5:4e:19:fc:92:
73:ad:08:88:2a:8c:9b:82:df:09:f8:95:44:df:b5:
ee:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F7:21:4B:0B:87:A3:F9:17:9A:B5:E4:C1:56:E5:51:09:EB:99:08
X509v3 Authority Key Identifier:
keyid:C9:28:B6:34:17:A2:E7:88:5E:33:88:1A:92:4A:AC:9D:40:AA:CA:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ySi2NBei54heM4gakkqsnUCqymA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/XvchSwuHo_kXmrXkwVblUQnrmQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/9d7e6a-0eae-434f-9a35-8c97161e062f/1/ySi2NBei54heM4gakkqsnUCqymA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.225.60.0/24
145.225.63.0/24
145.225.75.0/24
Signature Algorithm: sha256WithRSAEncryption
54:ab:e9:d2:78:8d:fd:ef:e3:a7:80:1a:31:6f:15:95:60:26:
9f:e5:a1:33:40:5c:82:bf:86:ca:f1:69:05:f5:2b:59:9f:b9:
01:90:af:d4:69:d5:67:18:ce:13:d3:24:cb:f9:99:28:a7:19:
ef:50:85:01:52:ca:83:75:f4:74:c4:b7:22:18:86:46:37:c9:
fa:20:20:4f:19:77:3f:31:0b:d0:b3:f0:59:0e:c8:eb:61:31:
c1:81:97:20:4b:50:6e:d1:7b:ea:e4:c6:38:2c:35:6f:cf:d5:
97:92:65:c7:6a:b4:c0:3e:4a:b4:51:0e:17:03:f7:b1:da:ad:
c8:28:fb:fc:6c:3e:71:33:e7:35:72:b4:58:46:4c:2f:7d:d9:
42:cb:b6:84:1a:a7:ef:d3:6c:ae:43:1a:e9:b8:e0:1f:a3:cb:
c1:3d:92:68:dc:8a:c7:4c:b5:6d:52:9d:7c:f4:da:95:ec:bf:
bf:ef:19:8f:1b:b1:6d:00:63:31:7a:a2:c8:df:7c:21:e7:0d:
55:68:a6:1e:b9:e3:bf:be:6e:f3:12:34:17:80:d3:ac:e0:fd:
08:1f:1f:a6:b0:c2:00:5a:e7:fd:ed:ab:6c:b8:b3:7a:36:f5:
46:54:a3:20:21:4e:ab:cb:3d:f8:6b:fd:2f:85:be:bb:8f:df:
62:91:b8:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/eOtEy1ytxGusWyeVeXGgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MjhiNjM0MTdhMmU3ODg1ZTMzODgxYTkyNGFhYzlkNDBh
YWNhNjAwHhcNMjQwNjAzMTMxMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY3MjE0YjBiODdhM2Y5MTc5YWI1ZTRjMTU2ZTU1MTA5ZWI5OTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56V0tVdN7Kp8gfBqF1lRbYieSD7s
YVPlAwzoRLpg7uiliTQAZW7h8AIthiZOzc4Ag4spiEthEXl3ocTskcA9sRXvAQ5G
8jl0ciR0RzgjJXr+CiinmduutycpNsVCB3+Akg7/9VC9hMaKxLb7DUTe2MEBPx8j
rzTNqiPe7acXMC58Jjv8nsxsHYQ/IRU0xWEYX0och2lWmhB9hUoJ2WeoGQQPNt6X
ynO03TpbGfAlZmAvThPB1hZJpMnXH8QHj6rBUSTk8UTiM2HagPLTR5tt618rUthE
7JcKpMWsmY1ziUJcAuTRqs3s6OI41U4Z/JJzrQiIKoybgt8J+JVE37XuwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF73IUsLh6P5F5q15MFW5VEJ65kIMB8GA1UdIwQY
MBaAFMkotjQXoueIXjOIGpJKrJ1AqspgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi85ZDdlNmEtMGVhZS00MzRmLTlhMzUt
OGM5NzE2MWUwNjJmLzEvWHZjaFN3dUhvX2tYbXJYa3dWYmxVUW5ybVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi85ZDdlNmEtMGVhZS00MzRmLTlhMzUtOGM5NzE2MWUwNjJm
LzEveVNpMk5CZWk1NGhlTTRnYWtrcXNuVUNxeW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkeE8AwQA
keE/AwQAkeFLMA0GCSqGSIb3DQEBCwUAA4IBAQBUq+nSeI397+OngBoxbxWVYCaf
5aEzQFyCv4bK8WkF9StZn7kBkK/UadVnGM4T0yTL+ZkopxnvUIUBUsqDdfR0xLci
GIZGN8n6ICBPGXc/MQvQs/BZDsjrYTHBgZcgS1Bu0Xvq5MY4LDVvz9WXkmXHarTA
Pkq0UQ4XA/ex2q3IKPv8bD5xM+c1crRYRkwvfdlCy7aEGqfv02yuQxrpuOAfo8vB
PZJo3IrHTLVtUp189NqV7L+/7xmPG7FtAGMxeqLI33wh5w1VaKYeueO/vm7zEjQX
gNOs4P0IHx+msMIAWuf97atsuLN6NvVGVKMgIU6ryz34a/0vhb67j99ikbgJ
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:35:52 2024 by rpki-client on console-fra.rpki-client.org