Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/XDO7GoxLJHWMTJMh6FQu-M_UYOg.roa
File: XDO7GoxLJHWMTJMh6FQu-M_UYOg.roa (raw, json)
Hash identifier: 0IUbhfRYPDXDqmX+i0LqpIKWXG0/68lJf38+jX0T2bs=
Subject key identifier: 5C:33:BB:1A:8C:4B:24:75:8C:4C:93:21:E8:54:2E:F8:CF:D4:60:E8
Certificate issuer: /CN=2b2830617c43c8cbc89af3cb2a74ea5dd00fe6ea
Certificate serial: 018CC424ECCA7AB5205C009D16CE35B198EB
Authority key identifier: 2B:28:30:61:7C:43:C8:CB:C8:9A:F3:CB:2A:74:EA:5D:D0:0F:E6:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KygwYXxDyMvImvPLKnTqXdAP5uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/XDO7GoxLJHWMTJMh6FQu-M_UYOg.roa
Signing time: Mon 01 Jan 2024 08:30:03 +0000
ROA not before: Mon 01 Jan 2024 08:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204758
IP address blocks: 185.240.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/KygwYXxDyMvImvPLKnTqXdAP5uo.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/KygwYXxDyMvImvPLKnTqXdAP5uo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KygwYXxDyMvImvPLKnTqXdAP5uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:ec:ca:7a:b5:20:5c:00:9d:16:ce:35:b1:98:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b2830617c43c8cbc89af3cb2a74ea5dd00fe6ea
Validity
Not Before: Jan 1 08:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c33bb1a8c4b24758c4c9321e8542ef8cfd460e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5d:6a:cd:2a:69:c2:94:67:90:bc:30:79:09:
13:a6:74:c1:ef:2f:96:89:09:32:e1:0e:a8:85:27:
01:ce:ce:d9:bd:31:7b:68:34:7a:5f:e0:95:af:67:
5e:2a:5e:ca:d6:fc:8d:9b:db:d2:a9:fe:61:74:c5:
ea:5f:c3:69:82:24:53:61:bf:81:f7:ea:46:5c:49:
2e:72:1c:f5:df:23:e4:69:cf:fb:b9:f0:dd:b5:56:
72:67:02:98:19:94:95:09:d8:3e:de:9c:d6:27:99:
63:2d:d5:f8:5d:cc:b6:0e:fd:07:76:ec:02:ef:95:
51:a1:67:52:6e:69:55:b4:59:b6:08:ac:fa:4a:4b:
ad:00:88:71:ef:09:0b:35:ad:a9:47:93:a7:c4:98:
f9:a8:5e:4b:a3:8d:a3:f8:31:f8:1f:91:3c:56:16:
36:30:65:1a:12:fe:f7:b5:95:e5:20:4c:be:80:07:
03:4a:28:36:31:94:36:d6:da:92:7f:f3:87:35:ed:
0b:b2:c9:64:b5:72:bd:e0:70:c2:54:d8:9a:9d:cc:
f3:f7:65:5d:12:ad:16:68:18:b5:73:03:d0:c3:65:
7d:e5:4f:78:cb:44:00:cc:f6:cf:db:1c:9c:af:24:
ca:e7:db:bf:a5:3e:b5:e9:f4:9c:bf:7e:28:4a:9a:
5b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:33:BB:1A:8C:4B:24:75:8C:4C:93:21:E8:54:2E:F8:CF:D4:60:E8
X509v3 Authority Key Identifier:
keyid:2B:28:30:61:7C:43:C8:CB:C8:9A:F3:CB:2A:74:EA:5D:D0:0F:E6:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KygwYXxDyMvImvPLKnTqXdAP5uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/XDO7GoxLJHWMTJMh6FQu-M_UYOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/KygwYXxDyMvImvPLKnTqXdAP5uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.228.0/22
Signature Algorithm: sha256WithRSAEncryption
81:e1:fb:af:13:6d:92:7f:c5:68:27:ac:23:58:39:51:ea:ad:
c3:75:a9:f1:5a:f0:34:6d:f0:49:82:26:d7:7e:6d:28:bc:95:
28:2f:a1:d6:82:cb:75:5b:40:d1:35:31:b2:b0:54:a9:44:66:
37:7f:a2:e0:77:7d:3f:5b:7a:f4:77:8d:10:d7:80:23:45:91:
59:92:c1:e0:72:bf:2e:9b:d6:78:53:5e:8a:b2:66:b4:88:be:
d4:37:9c:96:67:41:08:b3:14:21:76:02:38:76:9c:45:24:69:
8b:5d:c4:d3:bb:b8:04:fa:07:07:70:47:81:39:95:8e:25:bf:
d7:84:84:2d:52:bf:2c:ff:eb:4b:d0:2f:fc:92:24:7a:a8:2f:
b2:5d:5a:9f:2c:72:b9:9c:62:e3:0f:e1:f1:3c:48:03:f1:b2:
10:d8:c3:03:95:16:4c:3b:e5:ea:8e:d2:96:43:ed:79:58:2a:
b5:89:89:b6:f3:9c:db:3d:2f:94:07:fd:4c:04:26:68:cd:c9:
55:be:ae:48:a8:91:0d:68:33:85:8b:73:a9:4c:4d:3d:f3:4b:
4f:21:12:e2:59:49:d7:12:bc:5e:3b:c2:c3:a1:44:99:57:dc:
80:60:66:9f:a9:3d:b6:92:23:31:62:e2:d4:16:8c:b5:4e:f4:
92:a5:2f:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJOzKerUgXACdFs41sZjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjgzMDYxN2M0M2M4Y2JjODlhZjNjYjJhNzRlYTVkZDAw
ZmU2ZWEwHhcNMjQwMTAxMDgzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzMzYmIxYThjNGIyNDc1OGM0YzkzMjFlODU0MmVmOGNmZDQ2MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg11qzSppwpRnkLwweQkTpnTB7y+W
iQky4Q6ohScBzs7ZvTF7aDR6X+CVr2deKl7K1vyNm9vSqf5hdMXqX8NpgiRTYb+B
9+pGXEkuchz13yPkac/7ufDdtVZyZwKYGZSVCdg+3pzWJ5ljLdX4Xcy2Dv0HduwC
75VRoWdSbmlVtFm2CKz6SkutAIhx7wkLNa2pR5OnxJj5qF5Lo42j+DH4H5E8VhY2
MGUaEv73tZXlIEy+gAcDSig2MZQ21tqSf/OHNe0LsslktXK94HDCVNianczz92Vd
Eq0WaBi1cwPQw2V95U94y0QAzPbP2xycryTK59u/pT616fScv34oSppb2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwzuxqMSyR1jEyTIehULvjP1GDoMB8GA1UdIwQY
MBaAFCsoMGF8Q8jLyJrzyyp06l3QD+bqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lnd1lYeER5TXZJbXZQTEtuVHFYZEFQNXVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jOWVlOGMtNTc0ZC00Y2Y2LWEwMDgt
MTFiNTJjMjRhMTEyLzEvWERPN0dveExKSFdNVEpNaDZGUXUtTV9VWU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jOWVlOGMtNTc0ZC00Y2Y2LWEwMDgtMTFiNTJjMjRhMTEy
LzEvS3lnd1lYeER5TXZJbXZQTEtuVHFYZEFQNXVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufDkMA0G
CSqGSIb3DQEBCwUAA4IBAQCB4fuvE22Sf8VoJ6wjWDlR6q3DdanxWvA0bfBJgibX
fm0ovJUoL6HWgst1W0DRNTGysFSpRGY3f6Lgd30/W3r0d40Q14AjRZFZksHgcr8u
m9Z4U16Ksma0iL7UN5yWZ0EIsxQhdgI4dpxFJGmLXcTTu7gE+gcHcEeBOZWOJb/X
hIQtUr8s/+tL0C/8kiR6qC+yXVqfLHK5nGLjD+HxPEgD8bIQ2MMDlRZMO+XqjtKW
Q+15WCq1iYm285zbPS+UB/1MBCZozclVvq5IqJENaDOFi3OpTE0980tPIRLiWUnX
ErxeO8LDoUSZV9yAYGafqT22kiMxYuLUFoy1TvSSpS8W
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:56 2024 by rpki-client on console-fra.rpki-client.org