Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/XCtZRzCrDDsdj7TlQyPohdu7M-w.roa
File: XCtZRzCrDDsdj7TlQyPohdu7M-w.roa (raw, json)
Hash identifier: LN93d8hL9OIQHJ5s+Ja5qCVXrnWHj2VUHGbjUK89lVA=
Subject key identifier: 5C:2B:59:47:30:AB:0C:3B:1D:8F:B4:E5:43:23:E8:85:DB:BB:33:EC
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 018CC64B79F6F715E9EB930B2D9FCE5E9FE9
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/XCtZRzCrDDsdj7TlQyPohdu7M-w.roa
Signing time: Mon 01 Jan 2024 18:31:24 +0000
ROA not before: Mon 01 Jan 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201971
IP address blocks: 217.145.236.0/24 maxlen: 24
217.145.238.0/24 maxlen: 24
217.145.239.0/24 maxlen: 24
139.28.204.0/24 maxlen: 24
139.28.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:79:f6:f7:15:e9:eb:93:0b:2d:9f:ce:5e:9f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c2b594730ab0c3b1d8fb4e54323e885dbbb33ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b7:ae:8c:a4:56:ab:93:6b:52:96:b4:23:dc:
d1:3d:2f:16:f7:12:02:4f:0d:12:b8:c4:6a:f2:48:
1d:9e:8f:9b:a6:5b:0d:86:fc:3d:58:f4:11:2c:c0:
f7:f4:16:53:e5:3f:8a:3f:23:82:be:39:3d:2b:c5:
be:aa:74:06:b0:df:24:1c:4c:ac:87:c3:5a:f6:fb:
33:e0:ff:fe:9f:57:20:f1:2b:74:37:3f:01:fe:44:
13:0b:96:5f:72:59:02:8e:4b:52:9f:35:60:35:e0:
62:5a:05:36:c4:3f:c5:ea:16:5c:13:e2:d8:05:99:
df:01:01:6d:76:b2:74:e0:7d:3d:c4:8b:8e:2a:c3:
14:99:3c:6b:f2:11:f1:39:be:d7:e6:b8:19:f1:d6:
48:f2:35:99:ad:81:18:3c:21:5e:7e:f3:57:fb:50:
62:5c:4b:f9:d0:d0:06:72:a9:7b:1f:6e:36:cd:61:
92:2e:c4:1f:5f:01:45:52:68:ff:97:22:d4:db:3b:
25:63:63:e7:43:d8:ee:cc:af:f5:d1:30:1d:ee:4a:
83:6b:74:11:f7:88:e7:da:d9:a3:13:1d:e1:37:10:
5c:c8:96:64:ac:57:cf:e9:49:13:2a:11:d2:54:d8:
97:c6:ed:df:3b:5f:d2:28:d9:5d:06:ab:35:ac:aa:
22:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:2B:59:47:30:AB:0C:3B:1D:8F:B4:E5:43:23:E8:85:DB:BB:33:EC
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/XCtZRzCrDDsdj7TlQyPohdu7M-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.204.0/24
139.28.207.0/24
217.145.236.0/24
217.145.238.0/23
Signature Algorithm: sha256WithRSAEncryption
48:87:4f:cb:95:bc:ce:d3:e4:f5:5c:cc:04:1d:82:21:32:96:
ed:37:2f:86:87:ad:20:c6:9d:b2:5c:b7:7d:51:ef:f1:45:10:
46:75:ea:33:09:63:75:fd:66:ed:21:4d:ae:85:db:5a:8b:b7:
3c:cb:3a:76:a4:52:b1:e4:5e:16:7a:2b:52:d7:13:3c:06:c3:
ae:24:d5:43:ca:97:a8:fc:b0:2c:89:40:10:13:1c:52:ec:e3:
c7:f7:bd:6c:07:e3:62:17:6d:20:4c:ad:9e:4f:10:39:f6:dd:
d7:16:f8:aa:ef:18:72:81:be:60:89:37:2c:b7:17:e3:45:46:
bd:2e:4b:28:d4:19:77:15:a7:af:ca:b3:84:66:81:4f:8d:9a:
be:75:19:90:eb:0b:f8:e9:c3:36:a6:8d:5e:d0:d9:3c:3d:5d:
ad:0b:0a:5c:c2:cb:84:d8:c0:b9:ae:2c:23:1e:53:73:7c:92:
b7:80:00:80:f7:90:b4:af:9e:63:fe:17:40:d5:71:82:65:61:
2f:79:43:50:9c:7e:69:b4:69:58:6c:1a:9c:49:c6:44:fa:ed:
5b:c5:e6:0d:f4:63:30:7d:61:8c:2c:c0:32:f9:c3:5a:d5:7e:
c5:00:f2:a3:e5:0f:65:fb:85:9e:c1:81:9e:15:3f:16:f0:bd:
8e:47:7f:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGS3n29xXp65MLLZ/OXp/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzJiNTk0NzMwYWIwYzNiMWQ4ZmI0ZTU0MzIzZTg4NWRiYmIzM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnreujKRWq5NrUpa0I9zRPS8W9xIC
Tw0SuMRq8kgdno+bplsNhvw9WPQRLMD39BZT5T+KPyOCvjk9K8W+qnQGsN8kHEys
h8Na9vsz4P/+n1cg8St0Nz8B/kQTC5ZfclkCjktSnzVgNeBiWgU2xD/F6hZcE+LY
BZnfAQFtdrJ04H09xIuOKsMUmTxr8hHxOb7X5rgZ8dZI8jWZrYEYPCFefvNX+1Bi
XEv50NAGcql7H242zWGSLsQfXwFFUmj/lyLU2zslY2PnQ9juzK/10TAd7kqDa3QR
94jn2tmjEx3hNxBcyJZkrFfP6UkTKhHSVNiXxu3fO1/SKNldBqs1rKoiVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFwrWUcwqww7HY+05UMj6IXbuzPsMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvWEN0WlJ6Q3JERHNkajdUbFF5UG9oZHU3TS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAixzMAwQA
ixzPAwQA2ZHsAwQB2ZHuMA0GCSqGSIb3DQEBCwUAA4IBAQBIh0/LlbzO0+T1XMwE
HYIhMpbtNy+Gh60gxp2yXLd9Ue/xRRBGdeozCWN1/WbtIU2uhdtai7c8yzp2pFKx
5F4WeitS1xM8BsOuJNVDypeo/LAsiUAQExxS7OPH971sB+NiF20gTK2eTxA59t3X
Fviq7xhygb5giTcstxfjRUa9Lkso1Bl3FaevyrOEZoFPjZq+dRmQ6wv46cM2po1e
0Nk8PV2tCwpcwsuE2MC5riwjHlNzfJK3gACA95C0r55j/hdA1XGCZWEveUNQnH5p
tGlYbBqcScZE+u1bxeYN9GMwfWGMLMAy+cNa1X7FAPKj5Q9l+4WewYGeFT8W8L2O
R3/O
-----END CERTIFICATE-----
Generated at Mon May 20 23:54:11 2024 by rpki-client on console-fra.rpki-client.org