Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/XIEZKQ6tOoDAI3WirMqGv12-7oQ.roa
File: XIEZKQ6tOoDAI3WirMqGv12-7oQ.roa (raw, json)
Hash identifier: zbm/iqy6oAgDIGFWNnhiv3LGuGJtGyUrHNlSd1Bdc8w=
Subject key identifier: 5C:81:19:29:0E:AD:3A:80:C0:23:75:A2:AC:CA:86:BF:5D:BE:EE:84
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 0190A2C762BDB3F150E3920058D08A860429
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/XIEZKQ6tOoDAI3WirMqGv12-7oQ.roa
Signing time: Thu 11 Jul 2024 17:11:34 +0000
ROA not before: Thu 11 Jul 2024 17:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 5.253.186.0/24 maxlen: 24
45.130.32.0/24 maxlen: 24
185.219.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:c7:62:bd:b3:f1:50:e3:92:00:58:d0:8a:86:04:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jul 11 17:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c8119290ead3a80c02375a2acca86bf5dbeee84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ef:e6:0a:a5:50:23:92:36:ff:ed:c6:02:d7:
18:d1:9a:4e:2a:66:9e:93:80:8d:2e:64:a2:a1:b4:
13:0d:ee:fe:4c:a4:f4:1b:4e:77:7a:80:75:ba:6c:
72:87:15:40:e2:04:68:52:f3:01:f6:b7:92:57:5f:
7c:1e:9e:c6:89:b0:4b:51:bd:df:98:f7:0d:d4:c3:
4d:f8:3a:19:50:c2:2c:8e:53:68:98:d8:0a:f3:5b:
af:f5:dd:89:76:4b:ef:d2:b0:cd:07:dc:38:1f:93:
88:7f:5c:fa:ad:55:f6:46:85:36:23:30:30:d3:bf:
1d:12:3b:69:da:ce:88:9d:c6:f6:bb:84:94:ff:9e:
3a:78:e0:19:f4:0f:95:c1:2a:11:e3:e1:3a:24:3a:
11:bc:fe:25:bf:31:82:2d:cc:ce:02:5c:a7:ba:5e:
70:94:88:7f:88:5e:e7:2a:26:cb:c5:ed:63:49:e0:
ed:72:82:b4:ab:c8:64:c9:78:7a:60:40:39:40:49:
06:86:74:cf:0d:a0:d0:53:5d:0b:18:4a:ae:a6:80:
88:d9:b3:8e:3f:9d:35:b1:f9:e0:96:21:92:8e:fc:
5b:98:d4:39:38:38:53:17:52:6d:b1:67:6c:da:bd:
e4:c5:64:a4:97:cf:b2:9b:fe:b3:38:7a:b9:e0:44:
40:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:81:19:29:0E:AD:3A:80:C0:23:75:A2:AC:CA:86:BF:5D:BE:EE:84
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/XIEZKQ6tOoDAI3WirMqGv12-7oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.186.0/24
45.130.32.0/24
185.219.162.0/24
Signature Algorithm: sha256WithRSAEncryption
05:85:a5:bf:4d:81:0e:c3:7b:d6:f9:59:cc:f0:0a:0a:03:25:
ce:6d:07:56:5d:b4:d5:54:c1:a2:88:be:1a:69:2c:c7:15:53:
d0:51:23:7d:98:40:b9:8a:f5:89:c6:fb:4a:8f:1a:67:78:ee:
9e:40:3b:3c:b5:a5:41:2c:37:be:b3:7b:52:26:03:92:7d:07:
e3:be:86:8f:dd:58:fe:40:f4:55:95:ea:a6:0f:dd:13:5f:0b:
e3:28:ce:4d:fa:93:d2:80:0f:49:47:b1:e1:96:0a:0c:52:65:
db:4c:89:1b:c8:db:bf:05:07:ba:f7:2b:04:ef:16:ed:61:56:
8f:74:11:d1:bb:c4:54:04:75:a3:06:a8:dc:d1:7b:ef:08:c8:
a8:1e:65:1f:c2:48:7b:31:dc:0d:0d:ee:b2:53:b1:13:52:49:
ed:0c:52:0c:4b:21:96:06:84:92:d9:72:88:60:7e:50:93:b5:
c1:d3:01:92:b7:15:0f:10:07:47:16:67:73:38:2e:af:6d:4d:
15:d0:54:49:c7:b4:bd:85:18:61:01:6b:bb:90:8c:a8:3a:6f:
56:a1:bb:b9:25:9a:96:7b:62:67:8c:45:b6:4e:de:76:5b:87:
e1:6f:e8:60:1e:bf:09:9b:ef:8a:97:0d:55:71:78:92:ae:3c:
6b:40:7d:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCix2K9s/FQ45IAWNCKhgQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwNzExMTcxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzgxMTkyOTBlYWQzYTgwYzAyMzc1YTJhY2NhODZiZjVkYmVlZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+/mCqVQI5I2/+3GAtcY0ZpOKmae
k4CNLmSiobQTDe7+TKT0G053eoB1umxyhxVA4gRoUvMB9reSV198Hp7GibBLUb3f
mPcN1MNN+DoZUMIsjlNomNgK81uv9d2Jdkvv0rDNB9w4H5OIf1z6rVX2RoU2IzAw
078dEjtp2s6Incb2u4SU/546eOAZ9A+VwSoR4+E6JDoRvP4lvzGCLczOAlynul5w
lIh/iF7nKibLxe1jSeDtcoK0q8hkyXh6YEA5QEkGhnTPDaDQU10LGEqupoCI2bOO
P501sfngliGSjvxbmNQ5ODhTF1JtsWds2r3kxWSkl8+ym/6zOHq54ERAaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFyBGSkOrTqAwCN1oqzKhr9dvu6EMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvWElFWktRNnRPb0RBSTNXaXJNcUd2MTItN29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABf26AwQA
LYIgAwQAuduiMA0GCSqGSIb3DQEBCwUAA4IBAQAFhaW/TYEOw3vW+VnM8AoKAyXO
bQdWXbTVVMGiiL4aaSzHFVPQUSN9mEC5ivWJxvtKjxpneO6eQDs8taVBLDe+s3tS
JgOSfQfjvoaP3Vj+QPRVleqmD90TXwvjKM5N+pPSgA9JR7HhlgoMUmXbTIkbyNu/
BQe69ysE7xbtYVaPdBHRu8RUBHWjBqjc0XvvCMioHmUfwkh7MdwNDe6yU7ETUknt
DFIMSyGWBoSS2XKIYH5Qk7XB0wGStxUPEAdHFmdzOC6vbU0V0FRJx7S9hRhhAWu7
kIyoOm9Wobu5JZqWe2JnjEW2Tt52W4fhb+hgHr8Jm++Klw1VcXiSrjxrQH2O
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:28:07 2024 by rpki-client on console-fra.rpki-client.org