Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/XTKi22OUwqs2vJn3TGqMDVaRVJc.roa
File: XTKi22OUwqs2vJn3TGqMDVaRVJc.roa (raw, json)
Hash identifier: w1+ndMi5nUusWYuzC1Jar+sdoFD96W4ErnAJ+acc4QQ=
Subject key identifier: 5D:32:A2:DB:63:94:C2:AB:36:BC:99:F7:4C:6A:8C:0D:56:91:54:97
Certificate issuer: /CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Certificate serial: 018CC79378C7072EE84C6C94C966C38650F8
Authority key identifier: 1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/XTKi22OUwqs2vJn3TGqMDVaRVJc.roa
Signing time: Tue 02 Jan 2024 00:29:39 +0000
ROA not before: Tue 02 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198930
IP address blocks: 185.161.144.0/22 maxlen: 22
185.78.60.0/22 maxlen: 24
170.133.0.0/18 maxlen: 24
91.106.128.0/18 maxlen: 24
2a07:c540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:78:c7:07:2e:e8:4c:6c:94:c9:66:c3:86:50:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Validity
Not Before: Jan 2 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d32a2db6394c2ab36bc99f74c6a8c0d56915497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8f:38:d4:fd:f3:6a:f0:16:ac:5b:eb:4b:35:
d9:e4:e6:9c:18:74:43:0d:4d:2e:e5:41:c0:b2:1e:
de:93:5c:e3:16:5d:57:ee:19:2a:fa:08:1c:2d:06:
ed:67:07:df:40:52:ea:af:20:d0:97:70:9f:44:88:
39:f8:50:cb:4f:09:89:5b:58:08:39:a8:51:fd:1c:
09:f0:83:da:ac:fd:56:7e:5c:3c:58:04:49:ac:0d:
a7:7a:92:16:57:db:e8:a3:9c:02:a4:e5:f5:fc:d2:
3a:6f:17:30:87:9a:3c:56:fb:68:1f:b9:4a:d8:a8:
94:e6:30:27:9a:68:70:ef:59:9c:4e:aa:1d:e8:f4:
61:cd:b8:4c:25:2c:0a:e1:13:87:fe:61:32:49:1d:
89:77:b0:c0:81:09:17:af:65:af:8d:6c:84:e3:c9:
b6:90:9d:a4:e6:99:83:d8:1a:ee:4c:2c:ad:6a:a7:
8c:61:a7:7c:35:d7:8f:35:3f:c7:0e:3b:a9:21:61:
9d:3b:89:1c:34:b9:18:44:8e:7c:b7:b3:a3:66:8c:
34:09:d7:b9:c8:2c:05:50:16:f0:50:19:1d:09:d8:
52:f9:6d:8e:76:e7:4e:83:f0:52:89:7d:7a:e2:b8:
9e:96:f4:b8:f3:2c:fc:4d:b8:ae:ce:01:45:39:2d:
ae:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:32:A2:DB:63:94:C2:AB:36:BC:99:F7:4C:6A:8C:0D:56:91:54:97
X509v3 Authority Key Identifier:
keyid:1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/XTKi22OUwqs2vJn3TGqMDVaRVJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.128.0/18
170.133.0.0/18
185.78.60.0/22
185.161.144.0/22
IPv6:
2a07:c540::/29
Signature Algorithm: sha256WithRSAEncryption
17:e1:a1:1b:32:3b:e0:36:14:32:f9:29:44:65:79:c4:e5:07:
6c:02:18:b0:56:5a:50:7d:6f:e1:6d:46:bf:f8:b8:27:6a:b2:
c2:d1:05:c5:13:8c:d3:60:4f:00:89:c3:3a:35:a9:61:77:17:
84:24:31:2b:34:87:9d:ba:66:36:9a:2e:04:8b:98:bd:05:93:
7a:92:7e:d3:b6:6c:4c:9f:d5:02:ac:47:3c:bb:dc:32:7f:e9:
82:02:77:a1:df:fb:ba:fd:d5:83:a3:49:57:71:50:65:23:64:
a1:eb:de:72:78:21:3c:62:7a:9c:55:b2:50:d0:8f:93:6b:87:
69:83:bc:e3:5f:32:46:04:c0:fe:f3:3e:fa:be:95:fc:20:ee:
57:8c:ad:9a:78:42:82:16:21:63:31:b8:19:ea:47:09:99:fa:
4c:5e:f0:48:cb:6a:72:4b:7a:e6:4e:75:57:1a:86:df:2e:50:
ee:b7:6f:6b:89:9f:23:b5:70:34:7d:1c:66:a8:7b:7b:40:31:
27:ec:4a:fc:d9:aa:b6:02:4a:b5:48:30:da:84:dc:56:45:8a:
a4:b0:ac:e9:09:6b:5c:5c:d9:0e:99:b4:90:b1:1f:56:a2:f0:
b0:54:ea:da:c3:07:15:eb:db:3d:98:40:16:63:79:45:87:2b:
e2:2c:bb:e4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHk3jHBy7oTGyUyWbDhlD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZjJlYzgyNWZhNjM4MWU4ZTk0ZmQzOWIwNmVhMzhiNjNl
NDFhMTAwHhcNMjQwMTAyMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDMyYTJkYjYzOTRjMmFiMzZiYzk5Zjc0YzZhOGMwZDU2OTE1NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY841P3zavAWrFvrSzXZ5OacGHRD
DU0u5UHAsh7ek1zjFl1X7hkq+ggcLQbtZwffQFLqryDQl3CfRIg5+FDLTwmJW1gI
OahR/RwJ8IParP1Wflw8WARJrA2nepIWV9voo5wCpOX1/NI6bxcwh5o8VvtoH7lK
2KiU5jAnmmhw71mcTqod6PRhzbhMJSwK4ROH/mEySR2Jd7DAgQkXr2WvjWyE48m2
kJ2k5pmD2BruTCytaqeMYad8NdePNT/HDjupIWGdO4kcNLkYRI58t7OjZow0Cde5
yCwFUBbwUBkdCdhS+W2OdudOg/BSiX164rielvS48yz8TbiuzgFFOS2u9QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFF0yottjlMKrNryZ90xqjA1WkVSXMB8GA1UdIwQY
MBaAFBzy7IJfpjgejpT9ObBuo4tj5BoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2Ut
YzRjNjM5ODNiNTBjLzEvWFRLaTIyT1V3cXMydkpuM1RHcU1EVmFSVkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2UtYzRjNjM5ODNiNTBj
LzEvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGW2qAAwQG
qoUAAwQCuU48AwQCuaGQMA0EAgACMAcDBQMqB8VAMA0GCSqGSIb3DQEBCwUAA4IB
AQAX4aEbMjvgNhQy+SlEZXnE5QdsAhiwVlpQfW/hbUa/+LgnarLC0QXFE4zTYE8A
icM6NalhdxeEJDErNIedumY2mi4Ei5i9BZN6kn7TtmxMn9UCrEc8u9wyf+mCAneh
3/u6/dWDo0lXcVBlI2Sh695yeCE8YnqcVbJQ0I+Ta4dpg7zjXzJGBMD+8z76vpX8
IO5XjK2aeEKCFiFjMbgZ6kcJmfpMXvBIy2pyS3rmTnVXGobfLlDut29riZ8jtXA0
fRxmqHt7QDEn7Er82aq2Akq1SDDahNxWRYqksKzpCWtcXNkOmbSQsR9WovCwVOra
wwcV69s9mEAWY3lFhyviLLvk
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:39 2024 by rpki-client on console-ams.rpki-client.org