Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/XrVcR1cVzzUj52za7vLMllNCVD4.roa
File: XrVcR1cVzzUj52za7vLMllNCVD4.roa (raw, json)
Hash identifier: rpFcna8/YV6QXlBcLG5k6C9E5WkGzGXG4rdnWjRPIDc=
Subject key identifier: 5E:B5:5C:47:57:15:CF:35:23:E7:6C:DA:EE:F2:CC:96:53:42:54:3E
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018F0ADA48FE8A526F35985F9317745F9A04
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/XrVcR1cVzzUj52za7vLMllNCVD4.roa
Signing time: Tue 23 Apr 2024 12:07:08 +0000
ROA not before: Tue 23 Apr 2024 12:07:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211415
IP address blocks: 185.242.108.0/22 maxlen: 22
194.15.150.0/24 maxlen: 24
212.52.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:da:48:fe:8a:52:6f:35:98:5f:93:17:74:5f:9a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 23 12:07:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5eb55c475715cf3523e76cdaeef2cc965342543e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:01:08:bf:8e:66:4a:56:cd:5f:b8:6d:df:65:
70:5b:a5:e3:1c:76:5a:22:10:76:68:ae:47:ee:bb:
80:b9:31:0c:20:b4:12:67:fc:3e:ef:aa:e9:73:08:
f1:1e:a1:28:c4:22:04:98:59:7d:6d:12:50:92:8a:
5e:9a:a0:30:21:4f:cc:0e:95:59:ba:09:35:7f:c1:
0b:d6:ce:fe:18:02:e7:99:1a:18:28:7f:64:48:54:
fb:0f:d0:67:8d:14:61:f8:7f:6b:7e:be:77:f2:60:
65:28:79:18:78:63:7a:66:84:64:0b:63:cd:73:f0:
22:87:87:ab:2d:3a:0a:e5:f4:f0:ab:11:d8:13:4b:
e3:d7:c4:75:c1:6d:39:a6:4d:74:12:12:a6:4a:31:
b3:94:32:76:83:65:d2:f0:64:b9:9b:71:c6:f3:3a:
04:ef:36:b1:72:69:d7:a6:b8:ec:f9:9b:3e:1c:a3:
aa:cb:e6:df:39:20:b3:85:6f:c2:69:e2:b5:f3:af:
1d:69:0f:1e:cb:71:08:77:6b:ea:7e:10:fd:22:8f:
f7:27:0d:a6:6d:13:79:c9:7a:ce:2d:57:8e:c9:0b:
5b:01:0d:8a:bc:e0:3c:c8:8c:80:e6:d8:47:7d:8c:
1e:8a:7c:b6:a6:0b:e9:22:88:c0:eb:fe:87:c3:bf:
3a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B5:5C:47:57:15:CF:35:23:E7:6C:DA:EE:F2:CC:96:53:42:54:3E
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/XrVcR1cVzzUj52za7vLMllNCVD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.108.0/22
194.15.150.0/24
212.52.2.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:20:9b:ff:f1:b8:e6:17:02:41:09:b2:4a:e5:0b:34:7e:33:
61:43:37:a4:26:ce:7f:a8:b6:32:09:c5:04:f4:68:11:fb:0a:
47:9c:0b:5c:3f:96:f9:49:9b:24:d3:c8:9b:b0:ca:51:b7:92:
10:42:ca:35:95:db:e3:e9:b3:07:20:ed:14:8f:a4:a1:94:3a:
b9:ca:a1:eb:c5:eb:96:84:7e:a3:64:5b:94:87:98:9f:bb:94:
e9:05:b7:6a:58:30:ca:7e:38:82:e9:44:29:fe:11:2f:1d:8f:
b3:38:19:b3:84:c9:36:e9:eb:4d:c5:a2:89:05:1f:b8:51:0c:
cf:ed:e1:e8:cf:32:88:e3:fe:d3:90:bd:e5:d6:dd:cb:09:75:
cc:cc:1b:c3:87:7d:19:d6:cc:35:01:ba:2d:54:87:2f:e6:e2:
70:18:a6:ae:27:8b:62:88:c3:03:c3:9c:ce:83:59:c5:a6:a8:
4e:ee:57:3e:be:8b:e6:43:af:7c:20:0c:df:14:8a:32:0e:29:
71:94:a8:93:a2:c7:cb:67:3d:0b:09:6c:f8:bf:7d:b6:d4:a1:
d7:c0:c6:8e:43:30:1f:39:e0:9d:cc:8c:be:25:5b:40:35:02:
0c:cc:b3:a1:11:1e:7d:a1:d4:39:8e:31:54:66:ea:11:a3:4d:
47:05:2b:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8K2kj+ilJvNZhfkxd0X5oEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNDIzMTIwNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWI1NWM0NzU3MTVjZjM1MjNlNzZjZGFlZWYyY2M5NjUzNDI1NDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwEIv45mSlbNX7ht32VwW6XjHHZa
IhB2aK5H7ruAuTEMILQSZ/w+76rpcwjxHqEoxCIEmFl9bRJQkopemqAwIU/MDpVZ
ugk1f8EL1s7+GALnmRoYKH9kSFT7D9BnjRRh+H9rfr538mBlKHkYeGN6ZoRkC2PN
c/Aih4erLToK5fTwqxHYE0vj18R1wW05pk10EhKmSjGzlDJ2g2XS8GS5m3HG8zoE
7zaxcmnXprjs+Zs+HKOqy+bfOSCzhW/CaeK1868daQ8ey3EId2vqfhD9Io/3Jw2m
bRN5yXrOLVeOyQtbAQ2KvOA8yIyA5thHfYweiny2pgvpIojA6/6Hw786GwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF61XEdXFc81I+ds2u7yzJZTQlQ+MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvWHJWY1IxY1Z6elVqNTJ6YTd2TE1sbE5DVkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCufJsAwQA
wg+WAwQA1DQCMA0GCSqGSIb3DQEBCwUAA4IBAQBMIJv/8bjmFwJBCbJK5Qs0fjNh
QzekJs5/qLYyCcUE9GgR+wpHnAtcP5b5SZsk08ibsMpRt5IQQso1ldvj6bMHIO0U
j6ShlDq5yqHrxeuWhH6jZFuUh5ifu5TpBbdqWDDKfjiC6UQp/hEvHY+zOBmzhMk2
6etNxaKJBR+4UQzP7eHozzKI4/7TkL3l1t3LCXXMzBvDh30Z1sw1AbotVIcv5uJw
GKauJ4tiiMMDw5zOg1nFpqhO7lc+vovmQ698IAzfFIoyDilxlKiTosfLZz0LCWz4
v3221KHXwMaOQzAfOeCdzIy+JVtANQIMzLOhER59odQ5jjFUZuoRo01HBSsk
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:24 2024 by rpki-client on console-ams.rpki-client.org