Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/XRL63XeVur8ezt32CXft2o7J1SY.roa
File: XRL63XeVur8ezt32CXft2o7J1SY.roa (raw, json)
Hash identifier: f1Id5Xi5Q1qL66wfgWWh7ZhtRW2u9za7fCxs28FPwkg=
Subject key identifier: 5D:12:FA:DD:77:95:BA:BF:1E:CE:DD:F6:09:77:ED:DA:8E:C9:D5:26
Certificate issuer: /CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
Certificate serial: 018CC726FB772D3DD6CE74ED24C58470971B
Authority key identifier: 4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/XRL63XeVur8ezt32CXft2o7J1SY.roa
Signing time: Mon 01 Jan 2024 22:31:09 +0000
ROA not before: Mon 01 Jan 2024 22:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44932
IP address blocks: 91.228.132.0/23 maxlen: 24
185.147.176.0/24 maxlen: 24
185.147.176.0/22 maxlen: 24
185.147.177.0/24 maxlen: 24
185.147.178.0/24 maxlen: 24
185.147.179.0/24 maxlen: 24
91.229.46.0/23 maxlen: 24
188.209.119.0/24 maxlen: 24
185.80.198.0/23 maxlen: 24
188.209.117.0/24 maxlen: 24
188.209.118.0/24 maxlen: 24
188.209.116.0/24 maxlen: 24
188.209.116.0/22 maxlen: 24
2a0b:1fc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/TsOgYsuW2aPyGostqEj4HG9zv5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/TsOgYsuW2aPyGostqEj4HG9zv5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:fb:77:2d:3d:d6:ce:74:ed:24:c5:84:70:97:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ec3a062cb96d9a3f21a8b2da848f81c6f73bf95
Validity
Not Before: Jan 1 22:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d12fadd7795babf1eceddf60977edda8ec9d526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:45:e5:5b:6b:a2:01:06:73:6d:f7:71:57:97:
02:1f:8f:f5:99:16:91:cc:17:7c:f4:7d:9f:ff:15:
83:0a:90:db:0a:7f:de:5c:a9:7a:78:7b:f9:82:4d:
b1:6e:0d:80:30:40:a3:ea:09:8d:72:97:42:95:ab:
e4:52:43:8a:39:a4:d8:cb:db:3e:22:9c:c6:53:8a:
f0:5d:9d:56:76:78:1a:d6:41:43:24:d2:6b:97:2e:
31:a1:70:2d:e1:f4:25:ef:a5:25:97:f9:3b:a3:20:
5c:2a:f9:14:49:67:3c:41:81:e7:9b:ca:ec:ad:26:
4e:32:4b:ca:33:b2:3c:d7:46:1d:d2:16:99:51:0c:
57:af:e6:d6:c3:42:18:83:77:ea:45:95:d0:fe:9f:
2a:22:f2:d2:fc:05:2d:f5:20:18:fd:ce:73:54:87:
9a:ca:09:a0:a8:fb:48:7f:b5:d8:ec:b7:db:77:74:
7d:19:ac:4d:60:7c:79:ee:53:66:c1:6b:91:3f:83:
08:fb:95:d3:fe:18:98:7f:a2:d2:f1:f2:be:42:14:
52:7b:b3:a3:38:ae:34:a8:3c:4b:dc:d0:92:6d:48:
d9:97:15:0e:da:12:f3:19:7e:74:76:20:db:3e:d4:
6d:0a:73:3d:da:7c:65:9c:5d:74:1c:3d:7f:bc:78:
82:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:12:FA:DD:77:95:BA:BF:1E:CE:DD:F6:09:77:ED:DA:8E:C9:D5:26
X509v3 Authority Key Identifier:
keyid:4E:C3:A0:62:CB:96:D9:A3:F2:1A:8B:2D:A8:48:F8:1C:6F:73:BF:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsOgYsuW2aPyGostqEj4HG9zv5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/XRL63XeVur8ezt32CXft2o7J1SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/786b51-e2df-4fd6-9c9b-f567c3e9f5ff/1/TsOgYsuW2aPyGostqEj4HG9zv5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.132.0/23
91.229.46.0/23
185.80.198.0/23
185.147.176.0/22
188.209.116.0/22
IPv6:
2a0b:1fc0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:85:f4:8f:9f:c2:9d:62:70:f0:27:57:24:a9:b4:20:63:f0:
84:20:9c:27:37:b8:bc:37:1b:44:6f:ac:9e:d1:76:e5:62:25:
b2:86:46:06:94:be:9f:6e:7d:fe:b1:2c:f0:1d:73:2e:4f:52:
fd:df:fc:95:bc:23:0c:b9:db:db:8b:2c:92:bc:23:07:7a:4a:
b8:e9:55:2b:38:ae:ee:40:b7:d2:8e:f1:8e:a4:51:dd:4a:e1:
8c:b8:c2:1d:c1:3f:38:40:5d:ba:78:d1:03:b4:e8:9b:80:b1:
fc:35:af:61:b1:37:81:65:13:e1:f7:3c:52:bd:12:f8:d8:3d:
43:1c:30:4a:7c:1f:aa:27:37:2e:e3:1d:cb:95:db:fe:2e:88:
86:b3:b6:f2:8e:73:fa:a5:23:d1:c2:7e:93:f7:1e:0c:23:30:
3a:ef:5f:b3:16:7f:35:0c:98:e9:04:ce:9f:b5:bc:8c:ce:0e:
a7:bf:46:a9:5c:79:51:6c:bc:1e:3e:7c:09:8a:8b:b9:cd:38:
3e:8d:56:96:55:a5:bd:f0:4d:43:35:a3:cd:ba:d1:e9:2b:bb:
5c:50:84:f2:2a:e4:72:29:14:ee:fd:7e:3e:34:ca:ba:99:47:
f2:10:b0:f9:c3:bc:ed:a6:9f:f3:60:2e:ef:17:1a:a7:59:fe:
fc:c7:55:5d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHJvt3LT3WznTtJMWEcJcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYzNhMDYyY2I5NmQ5YTNmMjFhOGIyZGE4NDhmODFjNmY3
M2JmOTUwHhcNMjQwMTAxMjIzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDEyZmFkZDc3OTViYWJmMWVjZWRkZjYwOTc3ZWRkYThlYzlkNTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukXlW2uiAQZzbfdxV5cCH4/1mRaR
zBd89H2f/xWDCpDbCn/eXKl6eHv5gk2xbg2AMECj6gmNcpdClavkUkOKOaTYy9s+
IpzGU4rwXZ1Wdnga1kFDJNJrly4xoXAt4fQl76Ull/k7oyBcKvkUSWc8QYHnm8rs
rSZOMkvKM7I810Yd0haZUQxXr+bWw0IYg3fqRZXQ/p8qIvLS/AUt9SAY/c5zVIea
ygmgqPtIf7XY7Lfbd3R9GaxNYHx57lNmwWuRP4MI+5XT/hiYf6LS8fK+QhRSe7Oj
OK40qDxL3NCSbUjZlxUO2hLzGX50diDbPtRtCnM92nxlnF10HD1/vHiC0wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFF0S+t13lbq/Hs7d9gl37dqOydUmMB8GA1UdIwQY
MBaAFE7DoGLLltmj8hqLLahI+Bxvc7+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHNPZ1lzdVcyYVB5R29zdHFFajRIRzl6djVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83ODZiNTEtZTJkZi00ZmQ2LTljOWIt
ZjU2N2MzZTlmNWZmLzEvWFJMNjNYZVZ1cjhlenQzMkNYZnQybzdKMVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83ODZiNTEtZTJkZi00ZmQ2LTljOWItZjU2N2MzZTlmNWZm
LzEvVHNPZ1lzdVcyYVB5R29zdHFFajRIRzl6djVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBW+SEAwQB
W+UuAwQBuVDGAwQCuZOwAwQCvNF0MA0EAgACMAcDBQMqCx/AMA0GCSqGSIb3DQEB
CwUAA4IBAQAshfSPn8KdYnDwJ1ckqbQgY/CEIJwnN7i8NxtEb6ye0XblYiWyhkYG
lL6fbn3+sSzwHXMuT1L93/yVvCMMudvbiyySvCMHekq46VUrOK7uQLfSjvGOpFHd
SuGMuMIdwT84QF26eNEDtOibgLH8Na9hsTeBZRPh9zxSvRL42D1DHDBKfB+qJzcu
4x3Lldv+LoiGs7byjnP6pSPRwn6T9x4MIzA671+zFn81DJjpBM6ftbyMzg6nv0ap
XHlRbLwePnwJiou5zTg+jVaWVaW98E1DNaPNutHpK7tcUITyKuRyKRTu/X4+NMq6
mUfyELD5w7ztpp/zYC7vFxqnWf78x1Vd
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:34:36 2024 by rpki-client on console-fra.rpki-client.org