Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/xZJaJtCOk2PyB-FRbQG7i5dMPr8.roa
File: xZJaJtCOk2PyB-FRbQG7i5dMPr8.roa (raw, json)
Hash identifier: zyR4br+MKUAH69BAWYHAz3qmbnc9zNPCkrGrSBRSf2g=
Subject key identifier: C5:92:5A:26:D0:8E:93:63:F2:07:E1:51:6D:01:BB:8B:97:4C:3E:BF
Certificate issuer: /CN=3edf7b2d68ba76a0bd1ba7e9d29fac5852316b9c
Certificate serial: 018CC94C01553882A0D4589D64462DCA3521
Authority key identifier: 3E:DF:7B:2D:68:BA:76:A0:BD:1B:A7:E9:D2:9F:AC:58:52:31:6B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/xZJaJtCOk2PyB-FRbQG7i5dMPr8.roa
Signing time: Tue 02 Jan 2024 08:30:50 +0000
ROA not before: Tue 02 Jan 2024 08:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44489
IP address blocks: 109.164.108.0/22 maxlen: 22
109.164.117.0/24 maxlen: 24
109.164.118.0/24 maxlen: 24
109.164.116.0/24 maxlen: 24
178.217.144.0/21 maxlen: 21
45.92.236.0/22 maxlen: 22
185.15.144.0/22 maxlen: 22
91.235.200.0/23 maxlen: 23
89.31.40.0/21 maxlen: 21
109.164.0.0/17 maxlen: 17
185.131.60.0/22 maxlen: 22
178.255.172.0/22 maxlen: 22
185.173.248.0/22 maxlen: 22
178.255.168.0/22 maxlen: 22
178.255.168.0/21 maxlen: 21
92.62.224.0/20 maxlen: 20
2a0b:7f00::/29 maxlen: 29
2a03:3a00::/29 maxlen: 29
2a02:768::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/Pt97LWi6dqC9G6fp0p-sWFIxa5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/Pt97LWi6dqC9G6fp0p-sWFIxa5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 02:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:01:55:38:82:a0:d4:58:9d:64:46:2d:ca:35:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3edf7b2d68ba76a0bd1ba7e9d29fac5852316b9c
Validity
Not Before: Jan 2 08:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5925a26d08e9363f207e1516d01bb8b974c3ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:97:03:04:52:53:e0:a3:e9:dd:a8:3f:8e:
de:a7:d7:ba:d1:f0:23:e6:22:c0:a9:24:72:75:8e:
f1:87:ca:29:14:87:88:69:9b:de:21:db:56:d3:77:
56:5c:4c:f1:a9:82:03:02:c1:cc:e6:fa:75:14:d3:
55:9c:1d:3d:1d:2e:19:b7:d8:1c:b0:d9:54:bf:73:
90:b7:20:84:72:8c:6f:3a:5e:85:d7:03:48:7c:f1:
30:04:75:0a:57:f0:86:e5:db:48:3d:42:35:44:27:
a4:2d:2b:09:96:62:16:3a:d0:b9:c5:f6:68:a1:ca:
35:30:eb:ec:7f:e7:25:d2:8c:ea:70:83:50:3f:9c:
0f:49:01:4e:b9:da:1d:e9:6d:11:e3:ff:d8:a6:13:
70:b6:08:83:3a:56:9a:9f:a3:a3:82:95:31:90:a2:
c9:d9:8d:c6:b4:c4:38:b9:49:91:23:7d:ca:e8:ee:
6d:d7:b1:b5:01:3d:df:31:30:a1:34:bd:43:b3:c0:
40:8b:e9:20:83:5f:ac:e4:f2:95:65:f0:7a:51:36:
76:19:8d:23:4b:db:fb:4d:54:54:18:1f:88:1b:1a:
8c:fa:a7:92:de:84:39:2e:e2:cf:3c:26:37:66:27:
33:25:98:a5:4f:44:72:03:f8:f2:a4:a0:c2:6c:22:
5a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:92:5A:26:D0:8E:93:63:F2:07:E1:51:6D:01:BB:8B:97:4C:3E:BF
X509v3 Authority Key Identifier:
keyid:3E:DF:7B:2D:68:BA:76:A0:BD:1B:A7:E9:D2:9F:AC:58:52:31:6B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pt97LWi6dqC9G6fp0p-sWFIxa5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/xZJaJtCOk2PyB-FRbQG7i5dMPr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/fe9d1d-4ade-4630-8aba-f8f0c7d662e7/1/Pt97LWi6dqC9G6fp0p-sWFIxa5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.236.0/22
89.31.40.0/21
91.235.200.0/23
92.62.224.0/20
109.164.0.0/17
178.217.144.0/21
178.255.168.0/21
185.15.144.0/22
185.131.60.0/22
185.173.248.0/22
IPv6:
2a02:768::/32
2a03:3a00::/29
2a0b:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
00:c1:c4:4e:88:95:eb:26:87:0d:20:c7:10:01:21:53:a4:be:
16:24:f2:98:ce:76:83:79:dd:a8:1a:3b:a5:35:b0:1c:a4:a4:
5f:a7:63:44:37:6d:ae:0c:98:d0:9a:da:70:ee:b6:8d:66:20:
b4:8b:dd:ad:0c:43:74:f6:37:59:30:4a:8c:8b:fe:6b:b1:dd:
84:2b:0d:b8:bb:81:0f:18:d9:bc:dc:e4:a8:aa:57:36:0f:bf:
1a:16:69:58:df:59:44:d5:a2:d2:f2:cd:b0:dd:64:37:a2:9c:
4d:71:69:f6:6d:b0:92:83:49:0f:74:fd:ed:55:54:f8:16:8f:
0e:2f:ef:6b:4d:a8:39:26:cd:f7:dd:1f:85:fe:04:31:3b:d4:
a7:88:d9:32:4f:f6:10:c4:d6:92:f0:9f:09:df:c2:71:ec:10:
6b:55:12:ab:87:d2:a3:a0:63:8d:93:02:6b:85:ae:7e:24:fc:
32:90:cc:08:4c:9e:96:bb:a1:8b:71:b0:1b:e7:af:1a:44:5b:
0f:0b:81:c1:33:9d:8b:8a:0d:ce:ab:a3:a2:c9:19:e2:d3:9a:
0d:07:a0:ff:36:b8:4f:ae:ed:fb:34:b3:c1:7f:57:05:9e:54:
8d:e8:d1:a6:99:e2:f8:83:0f:18:ce:5e:84:48:f7:70:99:64:
4e:5c:22:c6
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYzJTAFVOIKg1FidZEYtyjUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZGY3YjJkNjhiYTc2YTBiZDFiYTdlOWQyOWZhYzU4NTIz
MTZiOWMwHhcNMjQwMTAyMDgzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTkyNWEyNmQwOGU5MzYzZjIwN2UxNTE2ZDAxYmI4Yjk3NGMzZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2GXAwRSU+Cj6d2oP47ep9e60fAj
5iLAqSRydY7xh8opFIeIaZveIdtW03dWXEzxqYIDAsHM5vp1FNNVnB09HS4Zt9gc
sNlUv3OQtyCEcoxvOl6F1wNIfPEwBHUKV/CG5dtIPUI1RCekLSsJlmIWOtC5xfZo
oco1MOvsf+cl0ozqcINQP5wPSQFOudod6W0R4//YphNwtgiDOlaan6OjgpUxkKLJ
2Y3GtMQ4uUmRI33K6O5t17G1AT3fMTChNL1Ds8BAi+kgg1+s5PKVZfB6UTZ2GY0j
S9v7TVRUGB+IGxqM+qeS3oQ5LuLPPCY3ZiczJZilT0RyA/jypKDCbCJaIQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFMWSWibQjpNj8gfhUW0Bu4uXTD6/MB8GA1UdIwQY
MBaAFD7fey1ounagvRun6dKfrFhSMWucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHQ5N0xXaTZkcUM5RzZmcDBwLXNXRkl4YTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mZTlkMWQtNGFkZS00NjMwLThhYmEt
ZjhmMGM3ZDY2MmU3LzEveFpKYUp0Q09rMlB5Qi1GUmJRRzdpNWRNUHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mZTlkMWQtNGFkZS00NjMwLThhYmEtZjhmMGM3ZDY2MmU3
LzEvUHQ5N0xXaTZkcUM5RzZmcDBwLXNXRkl4YTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBCBAIAATA8AwQCLVzsAwQD
WR8oAwQBW+vIAwQEXD7gAwQHbaQAAwQDstmQAwQDsv+oAwQCuQ+QAwQCuYM8AwQC
ua34MBsEAgACMBUDBQAqAgdoAwUDKgM6AAMFAyoLfwAwDQYJKoZIhvcNAQELBQAD
ggEBAADBxE6Ilesmhw0gxxABIVOkvhYk8pjOdoN53agaO6U1sBykpF+nY0Q3ba4M
mNCa2nDuto1mILSL3a0MQ3T2N1kwSoyL/mux3YQrDbi7gQ8Y2bzc5KiqVzYPvxoW
aVjfWUTVotLyzbDdZDeinE1xafZtsJKDSQ90/e1VVPgWjw4v72tNqDkmzffdH4X+
BDE71KeI2TJP9hDE1pLwnwnfwnHsEGtVEquH0qOgY42TAmuFrn4k/DKQzAhMnpa7
oYtxsBvnrxpEWw8LgcEznYuKDc6ro6LJGeLTmg0HoP82uE+u7fs0s8F/VwWeVI3o
0aaZ4viDDxjOXoRI93CZZE5cIsY=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:42:19 2024 by rpki-client on console-fra.rpki-client.org