Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XYFz47_Uj-ifiVyJZ8cqmb_HKLE.roa
File: XYFz47_Uj-ifiVyJZ8cqmb_HKLE.roa (raw, json)
Hash identifier: ks+KNqa2awzwUjN0Pqc6IzOrdywceQg/MmTLMJgv9Ic=
Subject key identifier: 5D:81:73:E3:BF:D4:8F:E8:9F:89:5C:89:67:C7:2A:99:BF:C7:28:B1
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018EC7F78A750244DDC04B9786B01354D97B
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XYFz47_Uj-ifiVyJZ8cqmb_HKLE.roa
Signing time: Wed 10 Apr 2024 12:24:32 +0000
ROA not before: Wed 10 Apr 2024 12:24:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 85.254.178.0/23 maxlen: 23
159.148.131.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:f7:8a:75:02:44:dd:c0:4b:97:86:b0:13:54:d9:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 10 12:24:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d8173e3bfd48fe89f895c8967c72a99bfc728b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:84:b5:14:e0:7e:94:0c:93:d7:f3:cb:11:e8:
f0:5a:25:d1:90:96:ac:17:49:06:0a:0f:0e:05:38:
5c:fe:78:ae:1a:23:7c:87:ca:4f:67:9c:79:93:66:
09:8b:a9:7b:e4:2e:19:7d:85:94:cc:70:c3:80:d4:
e6:e7:94:83:53:f9:d8:85:ab:ac:36:4e:e3:68:87:
b0:02:30:5e:aa:f5:28:a4:4f:01:b5:bf:79:55:06:
f0:f6:e2:04:93:3e:25:0b:3e:bc:20:49:1b:b3:45:
c1:b1:f1:82:de:b3:ff:47:0a:43:19:2e:1f:44:0e:
ea:41:82:1b:94:74:c2:7a:6e:12:a0:1c:40:b3:69:
dd:a4:73:d5:3c:24:18:c5:71:a5:8a:18:55:2e:7c:
8b:43:5d:6f:15:82:20:81:a5:8d:7d:b6:51:9e:cb:
eb:86:67:69:ec:04:78:c0:e2:e4:5c:bd:55:84:b9:
5f:bf:15:38:a3:8e:4f:4f:ba:35:40:cb:fb:31:c8:
a3:28:f7:a8:43:af:2f:0e:38:f8:15:a5:e5:5e:8f:
84:a0:91:7b:dc:b4:33:56:12:08:6f:9a:b6:63:04:
5b:ee:f1:fe:35:fd:96:7c:db:b2:d1:b6:39:70:a2:
d0:45:e5:59:af:d8:36:cf:1f:85:a1:72:29:66:b8:
6c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:81:73:E3:BF:D4:8F:E8:9F:89:5C:89:67:C7:2A:99:BF:C7:28:B1
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XYFz47_Uj-ifiVyJZ8cqmb_HKLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.178.0/23
159.148.131.0/24
159.148.169.0/24
159.148.177.0/24
185.27.92.0/23
185.27.95.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:45:6d:ea:30:5d:50:f4:47:eb:4e:ce:7f:31:1c:48:84:7b:
18:d1:85:2b:f5:d0:15:3f:e5:4d:ce:c5:54:b7:39:91:2c:cf:
ea:01:d3:6d:c7:62:59:e5:66:7f:71:7d:8b:b3:a0:c3:b2:0d:
7c:46:94:62:d1:1c:59:cc:26:9b:f6:a6:d4:56:89:cb:72:de:
df:13:9b:b3:8b:58:7c:c4:e6:1e:b4:b2:57:8b:7e:e9:76:42:
bd:76:4e:70:0b:8e:24:15:8c:cc:a0:38:7d:a3:4b:fc:06:38:
d4:46:df:f7:8d:cb:d9:f5:69:cf:41:b5:7c:e2:8d:1e:6e:99:
72:54:85:21:77:28:58:75:5c:f6:6c:54:fd:f1:ca:6f:59:8e:
ed:2a:9a:66:7e:fa:65:25:f8:9e:f1:ac:79:9b:25:3d:4f:e9:
2f:d0:20:07:08:1c:e3:60:c9:3b:e6:38:7e:30:21:3f:69:ad:
b7:f2:1d:75:ed:0d:e4:15:bf:7a:f9:42:7b:f5:e2:89:91:21:
e4:52:ba:b0:a4:23:8f:52:50:c7:95:ad:e4:b3:02:87:04:3c:
e7:a1:9b:73:71:1b:fe:75:e4:d4:61:47:81:1a:55:fc:e7:a8:
82:34:b6:46:b5:cc:02:e6:d0:04:c9:5b:5a:61:dc:7a:3c:c2:
f9:53:12:24
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7H94p1AkTdwEuXhrATVNl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNDEwMTIyNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDgxNzNlM2JmZDQ4ZmU4OWY4OTVjODk2N2M3MmE5OWJmYzcyOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4S1FOB+lAyT1/PLEejwWiXRkJas
F0kGCg8OBThc/niuGiN8h8pPZ5x5k2YJi6l75C4ZfYWUzHDDgNTm55SDU/nYhaus
Nk7jaIewAjBeqvUopE8Btb95VQbw9uIEkz4lCz68IEkbs0XBsfGC3rP/RwpDGS4f
RA7qQYIblHTCem4SoBxAs2ndpHPVPCQYxXGlihhVLnyLQ11vFYIggaWNfbZRnsvr
hmdp7AR4wOLkXL1VhLlfvxU4o45PT7o1QMv7McijKPeoQ68vDjj4FaXlXo+EoJF7
3LQzVhIIb5q2YwRb7vH+Nf2WfNuy0bY5cKLQReVZr9g2zx+FoXIpZrhskQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF2Bc+O/1I/on4lciWfHKpm/xyixMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvWFlGejQ3X1VqLWlmaVZ5Slo4Y3FtYl9IS0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVf6yAwQA
n5SDAwQAn5SpAwQAn5SxAwQBuRtcAwQAuRtfMA0GCSqGSIb3DQEBCwUAA4IBAQBO
RW3qMF1Q9EfrTs5/MRxIhHsY0YUr9dAVP+VNzsVUtzmRLM/qAdNtx2JZ5WZ/cX2L
s6DDsg18RpRi0RxZzCab9qbUVonLct7fE5uzi1h8xOYetLJXi37pdkK9dk5wC44k
FYzMoDh9o0v8BjjURt/3jcvZ9WnPQbV84o0ebplyVIUhdyhYdVz2bFT98cpvWY7t
KppmfvplJfie8ax5myU9T+kv0CAHCBzjYMk75jh+MCE/aa238h117Q3kFb96+UJ7
9eKJkSHkUrqwpCOPUlDHla3kswKHBDznoZtzcRv+deTUYUeBGlX856iCNLZGtcwC
5tAEyVtaYdx6PML5UxIk
-----END CERTIFICATE-----
Generated at Mon Apr 29 13:13:55 2024 by rpki-client on console-ams.rpki-client.org