Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/xWCW2TR7t7YrZbyMwjahB7EY_Yo.roa
File: xWCW2TR7t7YrZbyMwjahB7EY_Yo.roa (raw, json)
Hash identifier: 2iihj7H1MLPp5SVR9Q77tZW7Zxl0Li0uc95zjV56x2E=
Subject key identifier: C5:60:96:D9:34:7B:B7:B6:2B:65:BC:8C:C2:36:A1:07:B1:18:FD:8A
Certificate issuer: /CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Certificate serial: 018CC3B7038CF2E7516B263A38D64DCBE40E
Authority key identifier: 32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/xWCW2TR7t7YrZbyMwjahB7EY_Yo.roa
Signing time: Mon 01 Jan 2024 06:30:00 +0000
ROA not before: Mon 01 Jan 2024 06:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8823
IP address blocks: 185.45.240.0/22 maxlen: 22
213.137.192.0/19 maxlen: 19
212.63.64.0/19 maxlen: 19
213.214.0.0/19 maxlen: 19
77.76.192.0/18 maxlen: 18
2001:ad8::/29 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/MlDVjXew-l3OxPQq6W80e8gNqj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/MlDVjXew-l3OxPQq6W80e8gNqj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:03:8c:f2:e7:51:6b:26:3a:38:d6:4d:cb:e4:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Validity
Not Before: Jan 1 06:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c56096d9347bb7b62b65bc8cc236a107b118fd8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5b:45:f0:68:59:2f:a2:07:2c:9b:fd:68:bc:
3c:0e:95:a2:a2:ec:ed:b1:1f:2e:a0:57:5f:bf:19:
00:0f:b3:30:fc:2c:4c:6c:13:d0:8a:b1:29:d5:6b:
69:4c:0d:fd:2f:c1:18:45:ec:97:a6:1c:78:1e:d6:
88:73:07:1b:e9:ea:21:5c:c2:8e:92:be:61:92:1b:
3a:33:cc:ad:10:63:8d:ff:5e:c6:97:ec:93:45:06:
89:c7:a1:e0:f4:14:0d:32:4a:af:ea:93:10:d0:54:
83:92:89:57:99:d5:d5:db:f2:98:80:a8:65:d1:62:
6b:af:40:60:da:0d:33:0c:8e:76:90:b7:e0:82:b2:
0b:14:f9:0c:9f:4c:40:3f:c9:ad:c2:56:64:a0:68:
f0:de:48:ee:c9:82:0d:55:f8:2a:c1:a4:c7:dc:b2:
e0:df:e4:a5:4f:97:5e:7b:79:ee:d8:78:73:34:58:
f7:9b:0e:14:b9:ed:0b:18:50:1a:34:7e:ae:a9:05:
be:c0:93:32:bd:68:61:6b:e1:bf:cd:bd:b9:08:c9:
98:22:62:dc:30:f1:3d:90:ba:ab:2f:0d:8d:85:f7:
26:95:0d:ce:c3:7c:0b:4c:e4:d5:23:88:3f:6b:b7:
2a:eb:4f:7f:23:7d:00:f4:20:9c:84:42:2a:8c:46:
07:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:60:96:D9:34:7B:B7:B6:2B:65:BC:8C:C2:36:A1:07:B1:18:FD:8A
X509v3 Authority Key Identifier:
keyid:32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/xWCW2TR7t7YrZbyMwjahB7EY_Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/MlDVjXew-l3OxPQq6W80e8gNqj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.192.0/18
185.45.240.0/22
212.63.64.0/19
213.137.192.0/19
213.214.0.0/19
IPv6:
2001:ad8::/29
Signature Algorithm: sha256WithRSAEncryption
8b:8b:5d:c3:7e:91:80:45:67:bd:bb:ee:dc:44:dc:3f:91:fc:
d4:2e:3f:a3:51:43:47:23:c9:ad:0f:fa:ce:76:a5:b9:0b:62:
73:ac:51:17:cd:7c:52:14:7e:04:77:59:f7:21:f1:8f:d9:58:
fe:54:66:81:75:3a:43:e8:39:2a:58:e7:65:da:09:7f:62:62:
c9:93:79:f5:1d:97:26:ba:4d:ac:57:0a:98:e5:bc:b6:fd:5d:
4d:87:b7:0a:63:1a:a0:97:67:91:cb:d1:e4:40:c9:6b:bf:81:
6a:a2:c8:e9:6f:f4:93:37:b3:64:39:34:4c:e5:c4:7e:0b:55:
1f:fb:64:8f:1e:9e:67:04:e3:96:d4:cc:4f:eb:d4:bb:1d:ee:
8f:04:9f:e2:7f:ea:38:f1:af:96:aa:07:7d:66:cf:61:9e:85:
6a:11:74:21:2e:40:63:c9:8f:1f:b8:af:9a:a2:c7:5c:dc:80:
28:69:cc:fa:4a:35:1a:ef:a7:90:27:6d:0c:76:c9:18:a3:35:
e2:00:b2:bd:cc:65:d7:68:8f:be:c7:1e:e4:e8:59:01:bb:14:
72:c2:34:49:94:e0:2e:ed:fe:57:49:1d:98:56:60:aa:85:c9:
49:27:6a:03:0b:71:8b:e2:fc:99:70:f0:eb:23:3f:d7:59:d8:
9d:a6:67:79
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtwOM8udRayY6ONZNy+QOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTBkNThkNzdiMGZhNWRjZWM0ZjQyYWU5NmYzNDdiYzgw
ZGFhM2UwHhcNMjQwMTAxMDYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTYwOTZkOTM0N2JiN2I2MmI2NWJjOGNjMjM2YTEwN2IxMThmZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FtF8GhZL6IHLJv9aLw8DpWiouzt
sR8uoFdfvxkAD7Mw/CxMbBPQirEp1WtpTA39L8EYReyXphx4HtaIcwcb6eohXMKO
kr5hkhs6M8ytEGON/17Gl+yTRQaJx6Hg9BQNMkqv6pMQ0FSDkolXmdXV2/KYgKhl
0WJrr0Bg2g0zDI52kLfggrILFPkMn0xAP8mtwlZkoGjw3kjuyYINVfgqwaTH3LLg
3+SlT5dee3nu2HhzNFj3mw4Uue0LGFAaNH6uqQW+wJMyvWhha+G/zb25CMmYImLc
MPE9kLqrLw2NhfcmlQ3Ow3wLTOTVI4g/a7cq609/I30A9CCchEIqjEYHSwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMVgltk0e7e2K2W8jMI2oQexGP2KMB8GA1UdIwQY
MBaAFDJQ1Y13sPpdzsT0KulvNHvIDao+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUt
M2UzMGE0YzRiODI2LzEveFdDVzJUUjd0N1lyWmJ5TXdqYWhCN0VZX1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUtM2UzMGE0YzRiODI2
LzEvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGTUzAAwQC
uS3wAwQF1D9AAwQF1YnAAwQF1dYAMA0EAgACMAcDBQMgAQrYMA0GCSqGSIb3DQEB
CwUAA4IBAQCLi13DfpGARWe9u+7cRNw/kfzULj+jUUNHI8mtD/rOdqW5C2JzrFEX
zXxSFH4Ed1n3IfGP2Vj+VGaBdTpD6DkqWOdl2gl/YmLJk3n1HZcmuk2sVwqY5by2
/V1Nh7cKYxqgl2eRy9HkQMlrv4Fqosjpb/STN7NkOTRM5cR+C1Uf+2SPHp5nBOOW
1MxP69S7He6PBJ/if+o48a+Wqgd9Zs9hnoVqEXQhLkBjyY8fuK+aosdc3IAoacz6
SjUa76eQJ20MdskYozXiALK9zGXXaI++xx7k6FkBuxRywjRJlOAu7f5XSR2YVmCq
hclJJ2oDC3GL4vyZcPDrIz/XWdidpmd5
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:08 2024 by rpki-client on console-fra.rpki-client.org