Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/XJfFefhMCk9mzkAm3UOEZbGtM8c.roa
File: XJfFefhMCk9mzkAm3UOEZbGtM8c.roa (raw, json)
Hash identifier: 4eK/FUjO+nRrg2sWYAtP01gPKca1CRQMkaQem1CqWx4=
Subject key identifier: 5C:97:C5:79:F8:4C:0A:4F:66:CE:40:26:DD:43:84:65:B1:AD:33:C7
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018CC56E13118D5180A1FD8AF27A67124532
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/XJfFefhMCk9mzkAm3UOEZbGtM8c.roa
Signing time: Mon 01 Jan 2024 14:29:34 +0000
ROA not before: Mon 01 Jan 2024 14:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200923
IP address blocks: 188.255.218.0/24 maxlen: 24
93.186.74.0/23 maxlen: 23
93.186.76.0/24 maxlen: 24
93.186.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:13:11:8d:51:80:a1:fd:8a:f2:7a:67:12:45:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 1 14:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c97c579f84c0a4f66ce4026dd438465b1ad33c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cb:74:47:fd:a8:4c:52:ff:24:8c:0c:c6:bd:
04:4d:e3:9c:68:a3:2d:45:81:37:0b:c5:97:a0:b4:
c3:e1:50:5d:ed:b9:95:22:09:ff:d3:1c:5b:70:02:
3f:65:1c:e4:4a:0b:7f:3d:d2:08:fd:e2:93:3f:e6:
10:f2:ed:66:b3:0e:32:0b:a8:e4:61:2c:7b:f6:74:
9f:07:15:8d:5b:69:31:d6:57:76:41:43:91:82:0f:
f0:10:15:63:a9:13:c1:cf:4a:78:5b:8e:e1:a6:fe:
6e:50:be:fc:0e:36:df:4a:83:9b:84:d5:28:1d:b8:
a7:fd:68:79:13:6c:a5:54:f6:b1:3b:25:10:aa:e9:
80:6e:c7:fb:69:f3:61:9f:83:f2:6f:87:3b:c5:08:
23:a6:cc:04:a8:c3:55:e2:b7:77:ba:fb:0b:de:b8:
e3:19:de:2a:9f:7d:49:b4:3f:b9:b4:a3:e3:05:1f:
39:1f:eb:f5:48:f3:57:4a:fe:b5:28:b6:5b:94:09:
92:86:cb:69:29:1b:73:70:52:fb:3e:7a:5e:d8:4d:
92:e6:ee:21:30:94:5a:90:c3:d9:b3:1a:5f:74:a9:
c4:06:30:76:94:2f:89:bd:27:4e:c4:0a:f9:16:a9:
91:29:8d:3f:86:cb:f3:de:c3:c4:57:76:45:59:db:
64:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:97:C5:79:F8:4C:0A:4F:66:CE:40:26:DD:43:84:65:B1:AD:33:C7
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/XJfFefhMCk9mzkAm3UOEZbGtM8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.186.74.0-93.186.76.255
93.186.78.0/24
188.255.218.0/24
Signature Algorithm: sha256WithRSAEncryption
92:65:f6:59:96:c5:d2:03:00:02:c7:64:69:05:99:dd:b6:be:
06:bc:bb:ce:fd:2c:0e:5b:85:ae:8a:3b:dd:96:ea:2f:9a:b2:
78:54:10:41:b9:be:ed:7a:d2:a4:62:09:63:26:86:39:d9:8f:
42:de:a5:39:3a:9f:b4:46:5f:23:8f:0a:1d:0e:28:a9:6c:87:
3f:e6:99:fa:9f:f0:14:c6:6f:9d:cb:7f:19:e1:89:9a:1a:f7:
71:7f:c6:2d:f2:97:22:11:c4:0e:6f:d4:23:f8:f5:b8:0f:36:
dc:95:e2:65:1a:f8:fa:07:1d:2d:1d:43:a5:81:e8:4f:ae:fc:
ad:b4:d3:cc:92:47:87:f7:e4:3e:2f:b0:e5:90:cf:34:0e:55:
d9:c0:92:5b:eb:d9:60:52:4f:e4:6e:28:0b:e2:ad:f3:1f:95:
d5:c6:0f:b8:c9:e3:a2:7f:88:d9:c0:70:ff:a5:37:e3:81:5b:
14:5f:25:d8:5a:34:02:5c:1d:ba:09:72:65:a9:5e:1f:ad:b5:
54:85:63:e4:c7:f8:d0:4f:9e:cb:a6:ea:01:26:8e:d0:87:9b:
5f:cc:06:7c:0f:28:75:57:aa:28:ea:d3:78:74:36:63:bc:b6:
cc:bd:fe:ce:d9:32:e3:8d:14:32:f8:24:d3:7f:05:4d:1e:67:
4c:2a:75:72
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbhMRjVGAof2K8npnEkUyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTAxMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk3YzU3OWY4NGMwYTRmNjZjZTQwMjZkZDQzODQ2NWIxYWQzM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMt0R/2oTFL/JIwMxr0ETeOcaKMt
RYE3C8WXoLTD4VBd7bmVIgn/0xxbcAI/ZRzkSgt/PdII/eKTP+YQ8u1msw4yC6jk
YSx79nSfBxWNW2kx1ld2QUORgg/wEBVjqRPBz0p4W47hpv5uUL78DjbfSoObhNUo
Hbin/Wh5E2ylVPaxOyUQqumAbsf7afNhn4Pyb4c7xQgjpswEqMNV4rd3uvsL3rjj
Gd4qn31JtD+5tKPjBR85H+v1SPNXSv61KLZblAmShstpKRtzcFL7Pnpe2E2S5u4h
MJRakMPZsxpfdKnEBjB2lC+JvSdOxAr5FqmRKY0/hsvz3sPEV3ZFWdtkywIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFyXxXn4TApPZs5AJt1DhGWxrTPHMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvWEpmRmVmaE1DazltemtBbTNVT0VaYkd0TThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFdukoD
BABdukwDBABduk4DBAC8/9owDQYJKoZIhvcNAQELBQADggEBAJJl9lmWxdIDAALH
ZGkFmd22vga8u879LA5bha6KO92W6i+asnhUEEG5vu160qRiCWMmhjnZj0LepTk6
n7RGXyOPCh0OKKlshz/mmfqf8BTGb53LfxnhiZoa93F/xi3ylyIRxA5v1CP49bgP
NtyV4mUa+PoHHS0dQ6WB6E+u/K2008ySR4f35D4vsOWQzzQOVdnAklvr2WBST+Ru
KAvirfMfldXGD7jJ46J/iNnAcP+lN+OBWxRfJdhaNAJcHboJcmWpXh+ttVSFY+TH
+NBPnsum6gEmjtCHm1/MBnwPKHVXqijq03h0NmO8tsy9/s7ZMuONFDL4JNN/BU0e
Z0wqdXI=
-----END CERTIFICATE-----
Generated at Sat May 25 12:53:32 2024 by rpki-client on console-ams.rpki-client.org