Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/XWexh7z7WsD-syFzVGQuJgjwH7E.roa
File: XWexh7z7WsD-syFzVGQuJgjwH7E.roa (raw, json)
Hash identifier: bOdVgG+TrVYtLqWR+lDEqoYNW3VhdmuZnuhgcoICR6g=
Subject key identifier: 5D:67:B1:87:BC:FB:5A:C0:FE:B3:21:73:54:64:2E:26:08:F0:1F:B1
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018CC64AD68EBFC11E99E9E1EFBB8EFFE68C
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/XWexh7z7WsD-syFzVGQuJgjwH7E.roa
Signing time: Mon 01 Jan 2024 18:30:42 +0000
ROA not before: Mon 01 Jan 2024 18:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 95.164.16.0/24 maxlen: 24
94.131.101.0/24 maxlen: 24
94.131.110.0/24 maxlen: 24
94.131.109.0/24 maxlen: 24
94.131.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 01:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d6:8e:bf:c1:1e:99:e9:e1:ef:bb:8e:ff:e6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 18:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d67b187bcfb5ac0feb3217354642e2608f01fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ab:85:8b:68:84:26:bf:25:e1:e2:94:d7:0e:
bb:45:db:bd:12:71:c9:e4:5c:8d:d2:37:0b:0f:40:
55:dd:79:87:13:17:f3:2a:64:e3:1d:18:d9:fd:3c:
c8:78:64:6b:5b:60:76:d4:05:a8:64:e7:12:79:32:
9d:4e:9f:8d:15:4b:07:e5:27:f6:e5:a1:62:9a:d2:
fa:70:3c:b1:61:17:ce:f7:9c:ca:a1:a9:f5:ab:1a:
25:06:9d:ca:7c:a1:90:e3:44:c8:5d:21:c7:a1:4e:
d7:a2:5b:68:a2:11:47:cb:b5:11:cc:f7:73:8b:46:
6d:5f:35:60:72:29:07:ee:70:fb:7b:03:73:a9:c6:
81:ad:67:d3:3d:54:8f:a2:b5:bb:ba:76:ff:9a:90:
49:9c:6c:2d:10:96:e9:a1:12:7a:e0:2a:0c:c0:72:
17:d1:22:b3:e6:35:cf:dd:8a:8c:c9:20:bb:d3:60:
cc:ee:4b:14:08:09:b2:8e:00:28:7f:55:72:cd:5c:
51:25:92:14:a5:1d:cf:d0:82:3d:20:9d:18:58:19:
7c:e8:92:26:83:8c:4c:fb:9c:79:42:79:23:d8:c1:
ab:68:6e:22:58:83:e3:b8:11:49:23:ac:9b:61:64:
08:e4:4e:39:33:a6:c7:76:b3:ee:0c:d6:f7:ce:b6:
ce:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:67:B1:87:BC:FB:5A:C0:FE:B3:21:73:54:64:2E:26:08:F0:1F:B1
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/XWexh7z7WsD-syFzVGQuJgjwH7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.101.0/24
94.131.109.0-94.131.111.255
95.164.16.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:eb:6f:3c:f7:c8:41:fb:f8:84:ab:d8:dc:3a:96:a8:8e:24:
1d:39:df:cf:c8:02:3f:00:26:ef:8d:5c:96:2c:87:86:01:fb:
a7:d5:62:49:15:6f:7c:89:60:6b:2e:1b:f6:51:ea:49:57:8e:
95:a8:43:8e:1f:33:f7:93:01:41:c0:02:cb:c5:5a:9d:54:c5:
da:c5:0f:62:17:c2:85:d7:15:f7:76:d2:64:39:89:32:70:7d:
27:4c:3b:05:30:32:7c:e3:5e:a0:8a:3e:fa:39:e1:72:7f:16:
71:a1:76:b5:4d:e4:0c:38:02:9d:ae:d4:5d:5b:83:ab:f7:ec:
ad:31:5a:05:58:0b:c9:2c:da:e5:53:c9:c4:98:c3:e7:74:2d:
c6:07:8c:7d:02:0b:4d:3d:54:f1:24:3b:b2:4d:63:a7:10:df:
9d:60:af:ba:e7:ca:90:10:c9:24:e0:a3:9a:ca:c1:13:7b:9c:
02:64:5b:9a:69:fa:e0:20:bc:f3:3f:69:36:26:e4:1c:8f:35:
da:09:5c:9d:24:8e:e6:29:12:15:16:25:86:d4:1f:e0:f3:76:
7e:b1:81:e2:69:93:62:b4:91:82:f0:35:97:85:38:46:d0:97:
31:82:76:2e:5e:cd:75:1a:ad:ca:45:bf:5a:01:40:83:38:eb:
88:96:7a:d3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGStaOv8Eemenh77uO/+aMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY3YjE4N2JjZmI1YWMwZmViMzIxNzM1NDY0MmUyNjA4ZjAxZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6uFi2iEJr8l4eKU1w67Rdu9EnHJ
5FyN0jcLD0BV3XmHExfzKmTjHRjZ/TzIeGRrW2B21AWoZOcSeTKdTp+NFUsH5Sf2
5aFimtL6cDyxYRfO95zKoan1qxolBp3KfKGQ40TIXSHHoU7XoltoohFHy7URzPdz
i0ZtXzVgcikH7nD7ewNzqcaBrWfTPVSPorW7unb/mpBJnGwtEJbpoRJ64CoMwHIX
0SKz5jXP3YqMySC702DM7ksUCAmyjgAof1VyzVxRJZIUpR3P0II9IJ0YWBl86JIm
g4xM+5x5Qnkj2MGraG4iWIPjuBFJI6ybYWQI5E45M6bHdrPuDNb3zrbOhwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF1nsYe8+1rA/rMhc1RkLiYI8B+xMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvWFdleGg3ejdXc0Qtc3lGelZHUXVKZ2p3SDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXoNlMAwD
BABeg20DBAReg2ADBABfpBAwDQYJKoZIhvcNAQELBQADggEBABrrbzz3yEH7+ISr
2Nw6lqiOJB0538/IAj8AJu+NXJYsh4YB+6fVYkkVb3yJYGsuG/ZR6klXjpWoQ44f
M/eTAUHAAsvFWp1UxdrFD2IXwoXXFfd20mQ5iTJwfSdMOwUwMnzjXqCKPvo54XJ/
FnGhdrVN5Aw4Ap2u1F1bg6v37K0xWgVYC8ks2uVTycSYw+d0LcYHjH0CC009VPEk
O7JNY6cQ351gr7rnypAQySTgo5rKwRN7nAJkW5pp+uAgvPM/aTYm5ByPNdoJXJ0k
juYpEhUWJYbUH+Dzdn6xgeJpk2K0kYLwNZeFOEbQlzGCdi5ezXUarcpFv1oBQIM4
64iWetM=
-----END CERTIFICATE-----
Generated at Tue May 7 10:00:02 2024 by rpki-client on console-fra.rpki-client.org