Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/XB5WK-EENPpEebEtuSfkYZ_nD7c.roa
File: XB5WK-EENPpEebEtuSfkYZ_nD7c.roa (raw, json)
Hash identifier: UkPIXxJyAu0j1gHghftFaoWoJpr6/4NTguw83oiWeQQ=
Subject key identifier: 5C:1E:56:2B:E1:04:34:FA:44:79:B1:2D:B9:27:E4:61:9F:E7:0F:B7
Certificate issuer: /CN=dcdcb02b61e3a15eac373b992e0e1a6545f61e52
Certificate serial: 018CC26D129C1711416F0E445D184E029ACC
Authority key identifier: DC:DC:B0:2B:61:E3:A1:5E:AC:37:3B:99:2E:0E:1A:65:45:F6:1E:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3NywK2HjoV6sNzuZLg4aZUX2HlI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/XB5WK-EENPpEebEtuSfkYZ_nD7c.roa
Signing time: Mon 01 Jan 2024 00:29:37 +0000
ROA not before: Mon 01 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 194.15.103.0/24 maxlen: 24
194.15.100.0/24 maxlen: 24
194.15.101.0/24 maxlen: 24
194.15.102.0/24 maxlen: 24
92.243.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/3NywK2HjoV6sNzuZLg4aZUX2HlI.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/3NywK2HjoV6sNzuZLg4aZUX2HlI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3NywK2HjoV6sNzuZLg4aZUX2HlI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:12:9c:17:11:41:6f:0e:44:5d:18:4e:02:9a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcdcb02b61e3a15eac373b992e0e1a6545f61e52
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c1e562be10434fa4479b12db927e4619fe70fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:14:b5:f4:cd:de:bf:64:d9:cb:c9:de:c2:13:
bf:01:7c:95:21:6c:fa:d8:6c:f9:d2:1e:c0:f9:21:
8c:e2:6d:f2:8d:fe:7d:a7:8c:a6:c5:64:d2:7a:36:
ea:66:a0:ad:b6:d8:ed:c7:bd:d3:ad:82:e0:c8:9f:
a4:8a:ed:ea:bb:70:72:13:29:9f:40:87:d7:58:ae:
3f:7a:e3:e7:a0:8f:2a:02:2a:a9:89:43:67:ce:a9:
4f:d9:ec:dc:db:99:3a:51:4f:98:c2:ff:70:86:5b:
2c:9f:00:03:6e:ba:20:4a:94:de:cf:31:ca:a2:5f:
89:34:ac:b4:03:77:8e:0f:90:16:d3:9d:5f:f9:de:
55:ca:f4:d4:9e:c7:c9:56:fe:fe:03:86:58:2a:7f:
e0:a3:6c:eb:45:ad:17:11:5f:0f:e6:df:bb:8c:2f:
ac:aa:95:72:16:13:f9:cf:c0:67:e6:01:4e:66:13:
05:8b:7e:d2:4a:0f:8f:13:09:35:ed:da:ac:81:d5:
ec:6b:64:9e:d7:a6:e1:be:08:9e:99:be:9c:1a:ca:
11:aa:b8:4f:b1:30:94:59:ba:4c:b4:b0:2e:5c:0f:
d6:ae:46:e2:80:a4:5d:be:b1:c0:45:48:58:8e:59:
26:00:4d:ab:56:a8:d9:a0:04:9e:69:ee:25:9b:e9:
f7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1E:56:2B:E1:04:34:FA:44:79:B1:2D:B9:27:E4:61:9F:E7:0F:B7
X509v3 Authority Key Identifier:
keyid:DC:DC:B0:2B:61:E3:A1:5E:AC:37:3B:99:2E:0E:1A:65:45:F6:1E:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3NywK2HjoV6sNzuZLg4aZUX2HlI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/XB5WK-EENPpEebEtuSfkYZ_nD7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/3NywK2HjoV6sNzuZLg4aZUX2HlI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.243.85.0/24
194.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
c6:af:04:e2:4f:ae:f9:4a:8d:bf:fd:89:5e:da:d2:05:69:3c:
59:8d:22:12:55:f9:ba:42:1b:ca:47:c4:7e:5c:68:30:19:c8:
8a:9f:d6:0f:2b:05:1c:a2:29:ee:06:51:e1:98:99:0e:88:e2:
53:a1:df:a2:e1:64:20:0f:18:3e:ee:4f:62:d7:7f:df:54:2a:
ac:f0:20:41:4e:85:3c:9e:6a:71:1c:cc:9c:25:64:f8:b6:4d:
88:a9:f9:2a:ad:3a:c2:59:ca:ec:a4:9b:57:bd:57:0d:2f:dc:
47:80:fa:e7:21:38:e5:6b:19:b1:76:fc:a3:8e:82:ae:9e:65:
f8:52:91:55:74:14:39:32:45:c9:81:19:64:0e:68:6f:ff:46:
62:2f:64:e0:53:7b:fa:ae:83:fb:d3:27:96:32:a3:a7:a9:15:
46:32:ee:c9:4f:f3:a1:5e:44:d6:01:df:d1:e3:a8:45:7a:a1:
dc:07:d2:f4:92:00:0a:e4:ab:03:06:2c:78:aa:ec:6c:e6:55:
fe:fe:67:2d:2c:e7:5f:9d:f0:09:34:22:54:3d:12:06:4c:12:
51:5a:12:c9:7b:ec:ba:5d:6f:88:8c:2a:07:21:b4:05:58:5b:
db:61:ab:3e:79:ee:f7:63:34:f8:40:7f:84:e1:ed:6e:28:14:
6f:e6:07:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbRKcFxFBbw5EXRhOAprMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZGNiMDJiNjFlM2ExNWVhYzM3M2I5OTJlMGUxYTY1NDVm
NjFlNTIwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFlNTYyYmUxMDQzNGZhNDQ3OWIxMmRiOTI3ZTQ2MTlmZTcwZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRS19M3ev2TZy8newhO/AXyVIWz6
2Gz50h7A+SGM4m3yjf59p4ymxWTSejbqZqCtttjtx73TrYLgyJ+kiu3qu3ByEymf
QIfXWK4/euPnoI8qAiqpiUNnzqlP2ezc25k6UU+Ywv9whlssnwADbrogSpTezzHK
ol+JNKy0A3eOD5AW051f+d5VyvTUnsfJVv7+A4ZYKn/go2zrRa0XEV8P5t+7jC+s
qpVyFhP5z8Bn5gFOZhMFi37SSg+PEwk17dqsgdXsa2Se16bhvgiemb6cGsoRqrhP
sTCUWbpMtLAuXA/WrkbigKRdvrHARUhYjlkmAE2rVqjZoASeae4lm+n3LQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFweVivhBDT6RHmxLbkn5GGf5w+3MB8GA1UdIwQY
MBaAFNzcsCth46FerDc7mS4OGmVF9h5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM055d0sySGpvVjZzTnp1WkxnNGFaVVgySGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yYjQ4MjMtNDI2Mi00N2QzLTliODAt
NjY3NTg0Nzk4NjNlLzEvWEI1V0stRUVOUHBFZWJFdHVTZmtZWl9uRDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yYjQ4MjMtNDI2Mi00N2QzLTliODAtNjY3NTg0Nzk4NjNl
LzEvM055d0sySGpvVjZzTnp1WkxnNGFaVVgySGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXPNVAwQC
wg9kMA0GCSqGSIb3DQEBCwUAA4IBAQDGrwTiT675So2//Yle2tIFaTxZjSISVfm6
QhvKR8R+XGgwGciKn9YPKwUcoinuBlHhmJkOiOJTod+i4WQgDxg+7k9i13/fVCqs
8CBBToU8nmpxHMycJWT4tk2IqfkqrTrCWcrspJtXvVcNL9xHgPrnITjlaxmxdvyj
joKunmX4UpFVdBQ5MkXJgRlkDmhv/0ZiL2TgU3v6roP70yeWMqOnqRVGMu7JT/Oh
XkTWAd/R46hFeqHcB9L0kgAK5KsDBix4quxs5lX+/mctLOdfnfAJNCJUPRIGTBJR
WhLJe+y6XW+IjCoHIbQFWFvbYas+ee73YzT4QH+E4e1uKBRv5gfE
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:30 2024 by rpki-client on console-fra.rpki-client.org