Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/XyzcYVw2HYrpBFbSbSyR8dnVIL8.roa
File: XyzcYVw2HYrpBFbSbSyR8dnVIL8.roa (raw, json)
Hash identifier: X5At6D+W7rWbHtkjoz1FBx0ZcEStdKza9pLcryvCi1Q=
Subject key identifier: 5F:2C:DC:61:5C:36:1D:8A:E9:04:56:D2:6D:2C:91:F1:D9:D5:20:BF
Certificate issuer: /CN=864b0e13cf27aff66be730bece98e04b00fdfb9e
Certificate serial: 01909BF579E38559E5364DF0F5BD1E379196
Authority key identifier: 86:4B:0E:13:CF:27:AF:F6:6B:E7:30:BE:CE:98:E0:4B:00:FD:FB:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/XyzcYVw2HYrpBFbSbSyR8dnVIL8.roa
Signing time: Wed 10 Jul 2024 09:24:34 +0000
ROA not before: Wed 10 Jul 2024 09:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8312
IP address blocks: 77.74.48.0/21 maxlen: 24
77.74.48.0/22 maxlen: 22
77.74.52.0/22 maxlen: 22
185.58.56.0/22 maxlen: 24
185.58.59.0/24 maxlen: 24
193.16.154.0/24 maxlen: 24
193.189.149.0/24 maxlen: 24
195.210.56.0/23 maxlen: 24
2a01:310::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/hksOE88nr_Zr5zC-zpjgSwD9-54.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/hksOE88nr_Zr5zC-zpjgSwD9-54.mft
rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:f5:79:e3:85:59:e5:36:4d:f0:f5:bd:1e:37:91:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=864b0e13cf27aff66be730bece98e04b00fdfb9e
Validity
Not Before: Jul 10 09:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f2cdc615c361d8ae90456d26d2c91f1d9d520bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ab:39:5a:3d:9e:71:4e:4b:89:2c:b8:d7:d2:
54:4e:c8:8c:bf:d8:d1:6f:30:ad:c0:ce:8f:22:b8:
3a:1f:1f:73:36:b6:c0:9e:88:5d:24:71:a5:6b:94:
08:e2:d4:14:36:48:51:9a:8d:9c:d8:e1:d5:aa:2f:
32:16:96:b3:5f:55:78:16:e3:64:aa:58:ae:5b:d0:
36:f7:96:0b:60:53:88:f4:b4:ba:4d:cd:9d:03:68:
32:53:40:06:60:ab:51:8b:d9:f1:24:93:96:b8:0b:
c9:2e:29:e5:4a:84:18:8d:e9:43:52:80:99:73:75:
6c:18:bd:89:50:2e:e3:61:d5:e8:d0:57:ea:7d:61:
6a:9a:3e:03:dd:5d:56:9f:1f:76:ac:e4:10:55:ad:
24:7f:74:8c:13:de:c2:a0:14:63:f8:fd:b2:a4:8f:
4e:67:dd:02:7c:ad:a0:55:27:a1:07:61:ff:c8:86:
a0:58:0a:9e:42:83:4f:34:45:bf:ee:8f:b6:03:fd:
9d:80:b0:af:e8:a7:ae:4d:11:76:8a:0e:b7:f4:a2:
99:48:18:ae:ed:2e:d8:64:07:8a:e2:1a:35:67:cf:
f1:73:4b:73:0d:ec:3a:d5:3a:34:a0:8e:22:fb:0d:
44:53:92:e5:e3:3e:3a:c3:00:50:7c:72:f8:0a:42:
c3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2C:DC:61:5C:36:1D:8A:E9:04:56:D2:6D:2C:91:F1:D9:D5:20:BF
X509v3 Authority Key Identifier:
keyid:86:4B:0E:13:CF:27:AF:F6:6B:E7:30:BE:CE:98:E0:4B:00:FD:FB:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hksOE88nr_Zr5zC-zpjgSwD9-54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/XyzcYVw2HYrpBFbSbSyR8dnVIL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/302863-5689-43fc-872f-fc44a8ace370/1/hksOE88nr_Zr5zC-zpjgSwD9-54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.48.0/21
185.58.56.0/22
193.16.154.0/24
193.189.149.0/24
195.210.56.0/23
IPv6:
2a01:310::/32
Signature Algorithm: sha256WithRSAEncryption
23:1b:91:21:06:af:e9:66:59:22:bd:17:25:21:bc:80:b3:32:
82:a0:60:1d:a4:32:c8:75:1b:10:df:40:b0:a7:ec:f8:39:7b:
ba:75:c1:29:13:5b:17:f3:2b:be:e6:e4:3c:47:24:02:89:9b:
f4:1c:b6:bb:ea:f0:41:09:5c:2f:7a:5c:38:d1:ca:d8:9c:73:
47:bb:bc:1e:79:3e:f3:aa:a8:0d:3b:86:b8:30:2a:fc:cc:57:
15:c6:d2:b0:15:1b:5a:64:99:9d:d9:0d:be:34:02:c6:1c:96:
9c:c4:69:3b:74:db:88:d3:39:29:33:30:d2:a8:df:1e:b5:2b:
c7:74:11:b8:a0:a2:82:8e:44:78:36:d2:5b:b7:7f:18:e6:4a:
f2:ee:71:4f:af:3b:b2:ef:6b:b7:f0:a4:ff:e3:31:2d:86:0d:
b7:c7:5b:7d:fb:a6:01:61:b9:39:3e:62:b6:8f:16:d7:a9:d4:
5a:2e:84:5c:ab:92:5c:01:70:2c:e5:72:5f:93:70:34:b7:2a:
85:e3:41:74:eb:3f:0a:7b:1e:f2:47:75:33:c1:33:24:92:1e:
0b:a7:b8:3a:c7:74:20:34:02:5f:d0:7a:18:77:0b:e1:01:83:
68:dc:98:dc:5a:32:80:d4:33:f3:a6:62:aa:ec:9e:29:2e:ae:
c4:c0:f7:d3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZCb9XnjhVnlNk3w9b0eN5GWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NGIwZTEzY2YyN2FmZjY2YmU3MzBiZWNlOThlMDRiMDBm
ZGZiOWUwHhcNMjQwNzEwMDkyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjJjZGM2MTVjMzYxZDhhZTkwNDU2ZDI2ZDJjOTFmMWQ5ZDUyMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ks5Wj2ecU5LiSy419JUTsiMv9jR
bzCtwM6PIrg6Hx9zNrbAnohdJHGla5QI4tQUNkhRmo2c2OHVqi8yFpazX1V4FuNk
qliuW9A295YLYFOI9LS6Tc2dA2gyU0AGYKtRi9nxJJOWuAvJLinlSoQYjelDUoCZ
c3VsGL2JUC7jYdXo0FfqfWFqmj4D3V1Wnx92rOQQVa0kf3SME97CoBRj+P2ypI9O
Z90CfK2gVSehB2H/yIagWAqeQoNPNEW/7o+2A/2dgLCv6KeuTRF2ig639KKZSBiu
7S7YZAeK4ho1Z8/xc0tzDew61To0oI4i+w1EU5Ll4z46wwBQfHL4CkLD1QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFF8s3GFcNh2K6QRW0m0skfHZ1SC/MB8GA1UdIwQY
MBaAFIZLDhPPJ6/2a+cwvs6Y4EsA/fueMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtzT0U4OG5yX1pyNXpDLXpwamdTd0Q5LTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zMDI4NjMtNTY4OS00M2ZjLTg3MmYt
ZmM0NGE4YWNlMzcwLzEvWHl6Y1lWdzJIWXJwQkZiU2JTeVI4ZG5WSUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zMDI4NjMtNTY4OS00M2ZjLTg3MmYtZmM0NGE4YWNlMzcw
LzEvaGtzT0U4OG5yX1pyNXpDLXpwamdTd0Q5LTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUowAwQC
uTo4AwQAwRCaAwQAwb2VAwQBw9I4MA0EAgACMAcDBQAqAQMQMA0GCSqGSIb3DQEB
CwUAA4IBAQAjG5EhBq/pZlkivRclIbyAszKCoGAdpDLIdRsQ30Cwp+z4OXu6dcEp
E1sX8yu+5uQ8RyQCiZv0HLa76vBBCVwvelw40crYnHNHu7weeT7zqqgNO4a4MCr8
zFcVxtKwFRtaZJmd2Q2+NALGHJacxGk7dNuI0zkpMzDSqN8etSvHdBG4oKKCjkR4
NtJbt38Y5kry7nFPrzuy72u38KT/4zEthg23x1t9+6YBYbk5PmK2jxbXqdRaLoRc
q5JcAXAs5XJfk3A0tyqF40F06z8Kex7yR3UzwTMkkh4Lp7g6x3QgNAJf0HoYdwvh
AYNo3JjcWjKA1DPzpmKq7J4pLq7EwPfT
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:15:02 2024 by rpki-client on console-ams.rpki-client.org