Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/Xx5KjMoqulF7ibybolKuIO4OwoE.roa
File: Xx5KjMoqulF7ibybolKuIO4OwoE.roa (raw, json)
Hash identifier: +93PxjGVo/3lZLkoSB20fnB3upB1QwLJUCCa1HCr5BI=
Subject key identifier: 5F:1E:4A:8C:CA:2A:BA:51:7B:89:BC:9B:A2:52:AE:20:EE:0E:C2:81
Certificate issuer: /CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Certificate serial: 018CC8DF767F4D2F53E26F617D1DCDC9D2FC
Authority key identifier: C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/Xx5KjMoqulF7ibybolKuIO4OwoE.roa
Signing time: Tue 02 Jan 2024 06:32:17 +0000
ROA not before: Tue 02 Jan 2024 06:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31043
IP address blocks: 195.47.232.0/24 maxlen: 24
185.117.112.0/22 maxlen: 22
2a0c:3180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:76:7f:4d:2f:53:e2:6f:61:7d:1d:cd:c9:d2:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Validity
Not Before: Jan 2 06:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f1e4a8cca2aba517b89bc9ba252ae20ee0ec281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:05:37:93:7c:38:45:50:d4:6f:ad:52:56:87:
75:bf:33:9c:eb:d5:4e:35:d6:e8:89:45:69:00:2f:
3d:c8:89:10:37:b9:42:a9:1b:b6:fb:f9:d8:90:77:
62:f6:b7:2f:92:f5:06:37:d3:b5:83:d7:00:d7:c4:
f5:aa:5e:c4:71:2a:21:cb:f9:fe:56:35:25:70:7b:
01:7f:5f:f2:a7:10:38:26:95:8b:2d:78:06:c9:9c:
15:40:c9:32:bb:2b:e5:f1:d9:3b:35:0d:dd:59:d8:
ca:a3:52:fb:1b:6c:90:ae:d3:2b:cf:59:88:80:b9:
e7:5d:72:ae:20:7e:75:b2:ff:59:36:f8:0e:79:d8:
56:f0:d3:9f:55:fe:e6:5a:b8:7b:2c:0d:94:a1:55:
c5:d6:61:83:ec:5e:b3:da:ef:0c:74:b7:f1:d5:c1:
57:a1:cd:24:97:6c:04:83:c8:a5:5f:46:ef:05:62:
bb:d1:44:e7:46:1d:e3:96:0f:98:48:5b:94:38:36:
07:9a:a2:30:41:be:2f:da:4d:2c:28:b1:e5:7c:ce:
30:b5:b6:38:2b:50:e1:5f:51:14:bd:b8:e2:b4:93:
3a:fa:5d:0e:be:46:1d:3a:f2:5c:dc:a7:87:03:ed:
de:a7:a3:6e:a6:49:d1:9a:18:44:a8:5f:85:cf:58:
a8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1E:4A:8C:CA:2A:BA:51:7B:89:BC:9B:A2:52:AE:20:EE:0E:C2:81
X509v3 Authority Key Identifier:
keyid:C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/Xx5KjMoqulF7ibybolKuIO4OwoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.112.0/22
195.47.232.0/24
IPv6:
2a0c:3180::/32
Signature Algorithm: sha256WithRSAEncryption
15:3b:b3:df:6d:d5:d4:f5:0b:7e:53:67:ff:34:d3:4f:f4:46:
35:64:8f:c0:f8:dc:b5:ef:e0:b4:90:9a:fe:82:5f:14:88:4b:
6c:29:ae:67:46:bd:c5:63:45:1c:3e:f2:38:e1:53:7a:36:96:
7f:dc:1f:ae:ad:8e:88:62:fc:23:19:a4:94:be:39:cf:ed:cf:
3e:d8:52:10:a2:c9:48:8e:e8:15:ed:2e:85:06:7b:67:99:e2:
6d:3f:c1:06:e5:0b:96:aa:d0:8e:35:3d:26:44:dc:5a:6e:ca:
cd:65:1f:9c:e0:ad:2d:70:3d:ca:1c:b5:d8:a0:ff:6b:ff:39:
9a:15:31:d6:dd:28:1d:f0:96:8b:22:9d:ac:4c:28:68:ae:f9:
cf:53:00:ff:de:e9:4c:60:78:be:60:ef:50:e8:d9:93:bb:3c:
39:ed:15:01:5b:bb:4c:d3:0f:b3:bd:57:7e:e7:8c:81:3e:16:
fa:7d:fc:d9:f6:66:81:ad:19:21:22:ed:38:5d:22:76:ef:5f:
21:7c:17:ea:46:61:a0:8a:1e:04:b6:84:3b:0f:c9:57:b2:93:
8e:ea:88:09:4a:22:25:24:ba:1c:82:0b:9e:52:2e:48:7e:af:
0c:9e:b9:65:90:b5:d6:3e:b8:3f:a7:c7:19:ca:6f:4f:64:87:
aa:f6:ae:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI33Z/TS9T4m9hfR3NydL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYTQ5ZjY1YTNkNjgwYzQyOGZkOTRkNjdlNjVhMjcwOWYw
MjkyY2YwHhcNMjQwMTAyMDYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFlNGE4Y2NhMmFiYTUxN2I4OWJjOWJhMjUyYWUyMGVlMGVjMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwU3k3w4RVDUb61SVod1vzOc69VO
NdboiUVpAC89yIkQN7lCqRu2+/nYkHdi9rcvkvUGN9O1g9cA18T1ql7EcSohy/n+
VjUlcHsBf1/ypxA4JpWLLXgGyZwVQMkyuyvl8dk7NQ3dWdjKo1L7G2yQrtMrz1mI
gLnnXXKuIH51sv9ZNvgOedhW8NOfVf7mWrh7LA2UoVXF1mGD7F6z2u8MdLfx1cFX
oc0kl2wEg8ilX0bvBWK70UTnRh3jlg+YSFuUODYHmqIwQb4v2k0sKLHlfM4wtbY4
K1DhX1EUvbjitJM6+l0OvkYdOvJc3KeHA+3ep6NupknRmhhEqF+Fz1ionQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF8eSozKKrpRe4m8m6JSriDuDsKBMB8GA1UdIwQY
MBaAFMOkn2Wj1oDEKP2U1n5lonCfApLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQt
ZjMzNzk3ZTM5YmIyLzEvWHg1S2pNb3F1bEY3aWJ5Ym9sS3VJTzRPd29FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQtZjMzNzk3ZTM5YmIy
LzEvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXVwAwQA
wy/oMA0EAgACMAcDBQAqDDGAMA0GCSqGSIb3DQEBCwUAA4IBAQAVO7PfbdXU9Qt+
U2f/NNNP9EY1ZI/A+Ny17+C0kJr+gl8UiEtsKa5nRr3FY0UcPvI44VN6NpZ/3B+u
rY6IYvwjGaSUvjnP7c8+2FIQoslIjugV7S6FBntnmeJtP8EG5QuWqtCONT0mRNxa
bsrNZR+c4K0tcD3KHLXYoP9r/zmaFTHW3Sgd8JaLIp2sTChorvnPUwD/3ulMYHi+
YO9Q6NmTuzw57RUBW7tM0w+zvVd+54yBPhb6ffzZ9maBrRkhIu04XSJ2718hfBfq
RmGgih4EtoQ7D8lXspOO6ogJSiIlJLocggueUi5Ifq8MnrllkLXWPrg/p8cZym9P
ZIeq9q6e
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:34:01 2024 by rpki-client on console-ams.rpki-client.org