Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/XKocDW4jSAFM_OqUOenHjsTKqls.roa
File: XKocDW4jSAFM_OqUOenHjsTKqls.roa (raw, json)
Hash identifier: Brmoq7TsgzCtSc9DwrUGO3JxRsXBRBzKdo5mR7DMQMQ=
Subject key identifier: 5C:AA:1C:0D:6E:23:48:01:4C:FC:EA:94:39:E9:C7:8E:C4:CA:AA:5B
Certificate issuer: /CN=213e1d50d52288bee80eea435577018712409bbe
Certificate serial: 018CC3B6F96CE72481BCC55C3D557640919C
Authority key identifier: 21:3E:1D:50:D5:22:88:BE:E8:0E:EA:43:55:77:01:87:12:40:9B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/XKocDW4jSAFM_OqUOenHjsTKqls.roa
Signing time: Mon 01 Jan 2024 06:29:57 +0000
ROA not before: Mon 01 Jan 2024 06:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 185.195.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.mft
rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f9:6c:e7:24:81:bc:c5:5c:3d:55:76:40:91:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=213e1d50d52288bee80eea435577018712409bbe
Validity
Not Before: Jan 1 06:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5caa1c0d6e2348014cfcea9439e9c78ec4caaa5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d2:7b:25:5e:2b:e8:4f:42:88:dc:e4:7e:fe:
f3:15:27:f0:ed:4d:57:2e:53:a9:98:86:7a:29:5c:
ad:65:d6:6d:18:88:16:08:8e:10:d1:df:5e:f1:3a:
e8:9f:bd:f2:37:02:1b:78:25:02:bb:12:f0:56:8a:
22:13:fb:69:7f:03:8b:6a:91:cb:4d:ed:a1:3a:db:
06:d9:fe:36:56:10:8e:bf:2b:f8:f9:f0:34:ca:c8:
8b:4e:19:61:8e:84:63:9a:03:79:a7:0a:62:3b:37:
5d:88:ac:71:a7:fa:0b:0a:7a:5f:ba:b3:96:94:4d:
d9:7b:08:79:9f:2b:6d:2c:0a:7e:57:1e:18:71:4d:
fa:39:fe:df:b7:e1:79:0e:c4:3e:1a:e9:cd:cf:71:
57:1d:5a:fa:98:79:6d:a3:bc:c1:1b:5f:e6:e4:80:
97:4f:64:02:36:d4:6d:ca:5f:be:56:ea:ea:b0:4d:
22:d1:1e:69:fc:22:1b:4b:cd:7d:cf:b8:df:13:79:
86:cb:94:df:d9:27:12:6a:b5:67:25:6e:49:a8:64:
98:bf:46:c6:da:4e:c9:c2:20:19:5f:20:3e:4f:52:
13:c4:98:73:b9:80:1f:e9:be:08:cb:76:e8:b8:ed:
29:e3:6e:af:4a:13:ff:42:a5:31:21:6d:3c:c3:13:
09:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AA:1C:0D:6E:23:48:01:4C:FC:EA:94:39:E9:C7:8E:C4:CA:AA:5B
X509v3 Authority Key Identifier:
keyid:21:3E:1D:50:D5:22:88:BE:E8:0E:EA:43:55:77:01:87:12:40:9B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/XKocDW4jSAFM_OqUOenHjsTKqls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.252.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:0d:2f:83:44:f3:34:7b:b4:9f:a2:11:44:6b:7f:0d:52:cb:
02:ed:25:1e:e5:13:47:da:f8:c8:e3:f5:58:d6:55:05:c9:95:
d5:49:1a:e2:dd:ac:50:e7:8c:1c:ee:02:44:30:09:45:92:b3:
9a:a3:22:e0:c6:da:db:00:78:a5:a8:8c:2f:b6:2a:34:b8:ed:
fc:40:89:27:f2:4f:e4:fc:ce:3e:3a:0d:88:a6:24:1b:69:f8:
dc:e4:b1:81:68:cb:f5:4a:37:9d:79:61:f7:28:27:5d:39:a2:
a0:cc:3c:96:17:76:ee:36:0d:ac:79:5f:56:24:01:0a:eb:21:
a0:1e:17:6a:7a:85:01:80:59:58:84:80:64:ba:01:31:d2:65:
2f:1f:f2:0b:2c:45:46:12:df:7c:03:ad:9a:14:55:3f:59:d9:
2f:70:10:67:d1:29:bb:79:e7:7a:f3:f2:9a:3e:02:95:ca:06:
b0:3c:d5:8e:2d:da:d6:d7:d3:c1:40:08:30:51:a8:a9:e2:c7:
0e:2f:c0:73:e4:57:8c:a9:40:2e:f0:f6:bc:47:1d:83:16:3d:
97:c6:b7:4f:2d:aa:c9:58:a8:2c:c5:e9:44:6d:76:64:24:81:
7a:e0:f2:bd:50:84:2c:99:52:2e:87:fc:d2:aa:2f:02:ea:8b:
a8:c0:32:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtvls5ySBvMVcPVV2QJGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxM2UxZDUwZDUyMjg4YmVlODBlZWE0MzU1NzcwMTg3MTI0
MDliYmUwHhcNMjQwMTAxMDYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FhMWMwZDZlMjM0ODAxNGNmY2VhOTQzOWU5Yzc4ZWM0Y2FhYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dJ7JV4r6E9CiNzkfv7zFSfw7U1X
LlOpmIZ6KVytZdZtGIgWCI4Q0d9e8Tron73yNwIbeCUCuxLwVooiE/tpfwOLapHL
Te2hOtsG2f42VhCOvyv4+fA0ysiLThlhjoRjmgN5pwpiOzddiKxxp/oLCnpfurOW
lE3Zewh5nyttLAp+Vx4YcU36Of7ft+F5DsQ+GunNz3FXHVr6mHlto7zBG1/m5ICX
T2QCNtRtyl++VurqsE0i0R5p/CIbS819z7jfE3mGy5Tf2ScSarVnJW5JqGSYv0bG
2k7JwiAZXyA+T1ITxJhzuYAf6b4Iy3bouO0p426vShP/QqUxIW08wxMJwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyqHA1uI0gBTPzqlDnpx47EyqpbMB8GA1UdIwQY
MBaAFCE+HVDVIoi+6A7qQ1V3AYcSQJu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVQ0ZFVOVWlpTDdvRHVwRFZYY0JoeEpBbTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yYTFjZTktZmI0Yy00MWVlLTlmZjYt
MzE2ZWYyNjFmNGE1LzEvWEtvY0RXNGpTQUZNX09xVU9lbkhqc1RLcWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yYTFjZTktZmI0Yy00MWVlLTlmZjYtMzE2ZWYyNjFmNGE1
LzEvSVQ0ZFVOVWlpTDdvRHVwRFZYY0JoeEpBbTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucP8MA0G
CSqGSIb3DQEBCwUAA4IBAQA8DS+DRPM0e7SfohFEa38NUssC7SUe5RNH2vjI4/VY
1lUFyZXVSRri3axQ54wc7gJEMAlFkrOaoyLgxtrbAHilqIwvtio0uO38QIkn8k/k
/M4+Og2IpiQbafjc5LGBaMv1SjedeWH3KCddOaKgzDyWF3buNg2seV9WJAEK6yGg
HhdqeoUBgFlYhIBkugEx0mUvH/ILLEVGEt98A62aFFU/WdkvcBBn0Sm7eed68/Ka
PgKVygawPNWOLdrW19PBQAgwUaip4scOL8Bz5FeMqUAu8Pa8Rx2DFj2XxrdPLarJ
WKgsxelEbXZkJIF64PK9UIQsmVIuh/zSqi8C6ouowDIt
-----END CERTIFICATE-----
Generated at Wed May 22 23:42:49 2024 by rpki-client on console-ams.rpki-client.org