Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d4b835-f5b5-4704-ae97-c26328561030/1/mxX7ISPRikzbfG6XHtQTCsB26UI.roa
File: mxX7ISPRikzbfG6XHtQTCsB26UI.roa (raw, json)
Hash identifier: 6cyw3AynFswcEuJgGo0G+s83pNytFwRINU7SjOjEV6s=
Subject key identifier: 9B:15:FB:21:23:D1:8A:4C:DB:7C:6E:97:1E:D4:13:0A:C0:76:E9:42
Certificate issuer: /CN=1d4404c8392e82d4b7029b69cb6ee290b9b42c00
Certificate serial: 018CC726F46332AAC44F2D600A4E7DA29DF9
Authority key identifier: 1D:44:04:C8:39:2E:82:D4:B7:02:9B:69:CB:6E:E2:90:B9:B4:2C:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUQEyDkugtS3Aptpy27ikLm0LAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d4b835-f5b5-4704-ae97-c26328561030/1/mxX7ISPRikzbfG6XHtQTCsB26UI.roa
Signing time: Mon 01 Jan 2024 22:31:08 +0000
ROA not before: Mon 01 Jan 2024 22:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.112.78.0/24 maxlen: 24
185.112.76.0/22 maxlen: 22
185.112.76.0/24 maxlen: 24
185.112.79.0/24 maxlen: 24
2a06:6382::/32 maxlen: 32
2a06:6386::/32 maxlen: 32
2a06:6387::/32 maxlen: 32
2a06:6381::/32 maxlen: 32
2a06:6384::/32 maxlen: 32
2a06:6380::/32 maxlen: 32
2a06:6383::/32 maxlen: 32
2a06:6385::/32 maxlen: 32
2a06:6380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/d4b835-f5b5-4704-ae97-c26328561030/1/HUQEyDkugtS3Aptpy27ikLm0LAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/d4b835-f5b5-4704-ae97-c26328561030/1/HUQEyDkugtS3Aptpy27ikLm0LAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HUQEyDkugtS3Aptpy27ikLm0LAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f4:63:32:aa:c4:4f:2d:60:0a:4e:7d:a2:9d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d4404c8392e82d4b7029b69cb6ee290b9b42c00
Validity
Not Before: Jan 1 22:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b15fb2123d18a4cdb7c6e971ed4130ac076e942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:65:11:6b:2f:b5:63:16:35:f7:b5:62:0f:a0:
30:10:b1:d8:6a:27:0d:93:e7:77:41:8a:cf:d9:31:
29:9f:63:d0:ed:bc:50:52:57:0c:bb:0a:63:7e:23:
18:b4:a1:40:7f:96:8c:4b:89:fb:63:fa:45:62:ea:
52:b1:fc:88:ba:f4:8a:3a:78:c8:91:b8:82:fe:50:
a7:10:e7:2b:08:21:6b:66:7c:35:83:4f:b3:9a:45:
f7:61:56:96:0e:5f:20:23:7a:16:54:df:db:d5:e0:
57:e7:87:8e:5a:09:e1:05:a0:ff:72:10:62:f4:32:
a6:cd:06:7b:f5:78:c6:32:d0:a6:32:21:7a:16:53:
21:3c:f5:cd:16:9f:5f:03:59:d6:91:f6:7c:fd:6e:
f8:d1:ed:64:dd:91:8b:81:a4:9f:3e:87:64:3b:7a:
3d:96:e8:be:10:cb:6f:fb:c5:99:19:f4:ef:5c:a6:
d4:f1:98:56:16:58:d8:5e:92:a4:ab:2c:8d:22:cb:
8c:2e:76:58:24:2e:09:50:1a:90:a6:c7:72:ce:36:
eb:34:9a:75:78:dc:0b:c0:22:c5:b8:bc:90:38:b6:
12:13:ad:52:c0:76:6a:9d:a3:cd:db:6c:55:a9:0b:
c2:7e:5f:21:fe:3e:ab:07:83:af:59:88:58:5f:55:
fc:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:15:FB:21:23:D1:8A:4C:DB:7C:6E:97:1E:D4:13:0A:C0:76:E9:42
X509v3 Authority Key Identifier:
keyid:1D:44:04:C8:39:2E:82:D4:B7:02:9B:69:CB:6E:E2:90:B9:B4:2C:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUQEyDkugtS3Aptpy27ikLm0LAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d4b835-f5b5-4704-ae97-c26328561030/1/mxX7ISPRikzbfG6XHtQTCsB26UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d4b835-f5b5-4704-ae97-c26328561030/1/HUQEyDkugtS3Aptpy27ikLm0LAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.76.0/22
IPv6:
2a06:6380::/29
Signature Algorithm: sha256WithRSAEncryption
1e:ac:2f:bd:1a:77:dd:9e:e0:6b:12:82:9d:a6:ae:db:34:b5:
9a:25:0f:b4:cc:23:e5:13:75:9f:b4:d9:f4:76:92:7b:cd:59:
28:32:3f:7c:c5:39:49:6a:57:df:e1:2f:c1:12:28:82:70:04:
c9:5a:63:3f:4a:31:23:26:c2:30:f0:93:a6:b4:12:a9:13:c0:
e7:15:38:fe:2f:f7:65:7f:aa:6f:2f:a8:90:94:20:35:cb:91:
67:7d:da:7b:d4:fa:1b:19:84:4d:cd:82:16:4d:e6:b1:23:78:
da:03:28:4c:b0:13:cf:ac:81:f7:56:ab:2b:90:29:b6:a0:f3:
23:16:68:8f:c1:f7:cf:b7:b9:3c:5e:5c:ae:2b:9d:32:0a:ff:
18:e8:8a:75:17:71:66:61:9b:4c:6f:c5:5e:2c:be:c5:1b:59:
ff:63:e1:4d:55:bd:a0:49:ae:dd:17:d0:62:ef:3b:73:e1:82:
24:89:dc:92:e5:87:4d:2f:a9:b2:17:7d:d9:8b:ed:66:79:7a:
1a:49:8c:a8:b8:ef:d0:af:fc:4b:7d:db:32:ef:9c:4d:1d:fd:
93:96:55:e4:f2:d4:cb:2a:41:e9:55:a0:8a:4e:b1:a9:d5:3b:
e2:75:1a:7a:bb:5c:b4:21:55:d0:53:d7:12:77:cc:e2:18:a2:
43:0d:d3:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJvRjMqrETy1gCk59op35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDQwNGM4MzkyZTgyZDRiNzAyOWI2OWNiNmVlMjkwYjli
NDJjMDAwHhcNMjQwMTAxMjIzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE1ZmIyMTIzZDE4YTRjZGI3YzZlOTcxZWQ0MTMwYWMwNzZlOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimURay+1YxY197ViD6AwELHYaicN
k+d3QYrP2TEpn2PQ7bxQUlcMuwpjfiMYtKFAf5aMS4n7Y/pFYupSsfyIuvSKOnjI
kbiC/lCnEOcrCCFrZnw1g0+zmkX3YVaWDl8gI3oWVN/b1eBX54eOWgnhBaD/chBi
9DKmzQZ79XjGMtCmMiF6FlMhPPXNFp9fA1nWkfZ8/W740e1k3ZGLgaSfPodkO3o9
lui+EMtv+8WZGfTvXKbU8ZhWFljYXpKkqyyNIsuMLnZYJC4JUBqQpsdyzjbrNJp1
eNwLwCLFuLyQOLYSE61SwHZqnaPN22xVqQvCfl8h/j6rB4OvWYhYX1X8qwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJsV+yEj0YpM23xulx7UEwrAdulCMB8GA1UdIwQY
MBaAFB1EBMg5LoLUtwKbactu4pC5tCwAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVRRXlEa3VndFMzQXB0cHkyN2lrTG0wTEFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kNGI4MzUtZjViNS00NzA0LWFlOTct
YzI2MzI4NTYxMDMwLzEvbXhYN0lTUFJpa3piZkc2WEh0UVRDc0IyNlVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kNGI4MzUtZjViNS00NzA0LWFlOTctYzI2MzI4NTYxMDMw
LzEvSFVRRXlEa3VndFMzQXB0cHkyN2lrTG0wTEFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXBMMA0E
AgACMAcDBQMqBmOAMA0GCSqGSIb3DQEBCwUAA4IBAQAerC+9GnfdnuBrEoKdpq7b
NLWaJQ+0zCPlE3WftNn0dpJ7zVkoMj98xTlJalff4S/BEiiCcATJWmM/SjEjJsIw
8JOmtBKpE8DnFTj+L/dlf6pvL6iQlCA1y5Fnfdp71PobGYRNzYIWTeaxI3jaAyhM
sBPPrIH3VqsrkCm2oPMjFmiPwffPt7k8XlyuK50yCv8Y6Ip1F3FmYZtMb8VeLL7F
G1n/Y+FNVb2gSa7dF9Bi7ztz4YIkidyS5YdNL6myF33Zi+1meXoaSYyouO/Qr/xL
fdsy75xNHf2TllXk8tTLKkHpVaCKTrGp1TvidRp6u1y0IVXQU9cSd8ziGKJDDdOW
-----END CERTIFICATE-----
Generated at Sun May 19 20:26:40 2024 by rpki-client on console-fra.rpki-client.org