Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/6683ca-a688-4141-ad41-8adf0da22545/1/xbyKD-XLecl0g8UyngzEsYQVsSA.roa
File: xbyKD-XLecl0g8UyngzEsYQVsSA.roa (raw, json)
Hash identifier: 9Adz2Zemp9wx114Q5s5HBnQehIfSnu1Gh8EvZO/kcbI=
Subject key identifier: C5:BC:8A:0F:E5:CB:79:C9:74:83:C5:32:9E:0C:C4:B1:84:15:B1:20
Certificate issuer: /CN=b094780ffbb06b7b57f0214e84552b964c5041d6
Certificate serial: 018CC86F689A0AA00D90BD52C96A33091BB4
Authority key identifier: B0:94:78:0F:FB:B0:6B:7B:57:F0:21:4E:84:55:2B:96:4C:50:41:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sJR4D_uwa3tX8CFOhFUrlkxQQdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/6683ca-a688-4141-ad41-8adf0da22545/1/xbyKD-XLecl0g8UyngzEsYQVsSA.roa
Signing time: Tue 02 Jan 2024 04:29:53 +0000
ROA not before: Tue 02 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9180
IP address blocks: 195.214.225.0/24 maxlen: 24
195.214.226.0/24 maxlen: 24
195.214.224.0/24 maxlen: 24
195.214.229.0/24 maxlen: 24
195.214.227.0/24 maxlen: 24
195.214.230.0/24 maxlen: 24
195.214.228.0/24 maxlen: 24
195.214.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/6683ca-a688-4141-ad41-8adf0da22545/1/sJR4D_uwa3tX8CFOhFUrlkxQQdY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/6683ca-a688-4141-ad41-8adf0da22545/1/sJR4D_uwa3tX8CFOhFUrlkxQQdY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sJR4D_uwa3tX8CFOhFUrlkxQQdY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:68:9a:0a:a0:0d:90:bd:52:c9:6a:33:09:1b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b094780ffbb06b7b57f0214e84552b964c5041d6
Validity
Not Before: Jan 2 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5bc8a0fe5cb79c97483c5329e0cc4b18415b120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d6:3e:9f:73:d0:1e:a7:3d:65:93:58:79:59:
70:2f:4e:4e:84:66:3e:f1:a6:c1:f7:52:0c:ba:1d:
0a:59:e4:a5:9f:d5:7c:4f:4b:2e:a1:08:53:c8:15:
3b:e5:48:14:fc:29:b6:09:06:63:02:4d:11:a4:fa:
ed:7d:be:be:6f:d3:40:61:34:28:96:5d:32:d1:a7:
7e:99:35:80:88:46:75:d8:1a:b6:90:3c:57:6c:72:
9e:fc:22:aa:d8:be:41:c5:4d:01:14:61:1e:89:cf:
19:72:62:0f:1e:08:5d:63:29:95:a1:32:a1:f1:0d:
a4:1e:4a:a3:45:c5:a7:20:b7:09:86:c7:4a:de:e2:
41:bc:5d:7d:69:d7:92:09:51:d9:b1:a5:ad:e3:3a:
18:4d:32:6e:88:68:b1:34:93:ca:2c:ee:5e:60:67:
54:44:8e:44:af:21:a1:36:43:ef:07:28:39:e3:53:
37:ae:a6:4a:79:74:e2:3a:85:18:d1:0f:74:97:a6:
34:54:c8:fa:6c:cf:e1:f7:ac:41:fc:67:70:02:bf:
0e:59:eb:c7:b4:d3:14:55:9a:67:e3:a1:ac:5a:78:
46:6e:cd:a0:94:d1:f6:90:db:37:38:ca:c4:bb:f0:
d9:7a:58:67:f6:3b:b5:c2:05:ff:a0:3e:79:80:a9:
49:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:BC:8A:0F:E5:CB:79:C9:74:83:C5:32:9E:0C:C4:B1:84:15:B1:20
X509v3 Authority Key Identifier:
keyid:B0:94:78:0F:FB:B0:6B:7B:57:F0:21:4E:84:55:2B:96:4C:50:41:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sJR4D_uwa3tX8CFOhFUrlkxQQdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6683ca-a688-4141-ad41-8adf0da22545/1/xbyKD-XLecl0g8UyngzEsYQVsSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6683ca-a688-4141-ad41-8adf0da22545/1/sJR4D_uwa3tX8CFOhFUrlkxQQdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.224.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:ec:f4:86:0b:8e:c6:4d:5c:25:9c:8a:56:f8:08:7b:eb:7e:
05:54:3e:e8:fb:dc:ce:bb:da:3c:36:94:de:d9:8e:5f:9b:d5:
4d:6d:49:5e:c2:d3:8a:dd:b6:d3:d5:87:82:be:5c:f8:9b:78:
30:b1:2c:0d:f2:bd:e4:59:5b:a8:af:b7:1d:ba:f9:90:85:f7:
7c:61:6d:6f:0c:48:15:13:c9:e7:1e:e2:e3:18:fd:18:c5:38:
33:ed:2a:19:24:2c:c8:48:3f:42:18:a9:14:98:b2:00:09:a9:
f2:a2:bf:47:f9:09:20:6f:aa:98:2d:f0:23:48:66:ab:22:1d:
1a:af:0b:dd:81:02:db:26:48:e9:01:4d:09:f0:0d:ac:77:b9:
ee:04:7d:97:97:6c:72:f1:6b:58:86:59:4f:aa:59:9d:82:5e:
40:3b:6d:92:79:41:d2:28:b0:f5:a7:80:b5:0d:ec:e3:b5:7a:
89:0e:a6:d8:66:ea:e3:23:2c:4c:53:8c:59:9d:5e:a6:f8:75:
7e:5b:f4:cd:07:c0:2f:9a:cd:87:19:b3:7d:8b:c6:bf:c1:8e:
92:2b:97:97:ab:b4:e9:62:3c:6d:ca:9d:d3:b3:dd:aa:82:67:
d5:52:70:a2:cf:f9:5c:58:c7:5f:90:e2:ed:88:89:d8:9b:dd:
07:e2:ac:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb2iaCqANkL1SyWozCRu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwOTQ3ODBmZmJiMDZiN2I1N2YwMjE0ZTg0NTUyYjk2NGM1
MDQxZDYwHhcNMjQwMTAyMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWJjOGEwZmU1Y2I3OWM5NzQ4M2M1MzI5ZTBjYzRiMTg0MTViMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9Y+n3PQHqc9ZZNYeVlwL05OhGY+
8abB91IMuh0KWeSln9V8T0suoQhTyBU75UgU/Cm2CQZjAk0RpPrtfb6+b9NAYTQo
ll0y0ad+mTWAiEZ12Bq2kDxXbHKe/CKq2L5BxU0BFGEeic8ZcmIPHghdYymVoTKh
8Q2kHkqjRcWnILcJhsdK3uJBvF19adeSCVHZsaWt4zoYTTJuiGixNJPKLO5eYGdU
RI5EryGhNkPvByg541M3rqZKeXTiOoUY0Q90l6Y0VMj6bM/h96xB/GdwAr8OWevH
tNMUVZpn46GsWnhGbs2glNH2kNs3OMrEu/DZelhn9ju1wgX/oD55gKlJDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMW8ig/ly3nJdIPFMp4MxLGEFbEgMB8GA1UdIwQY
MBaAFLCUeA/7sGt7V/AhToRVK5ZMUEHWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0pSNERfdXdhM3RYOENGT2hGVXJsa3hRUWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82NjgzY2EtYTY4OC00MTQxLWFkNDEt
OGFkZjBkYTIyNTQ1LzEveGJ5S0QtWExlY2wwZzhVeW5nekVzWVFWc1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82NjgzY2EtYTY4OC00MTQxLWFkNDEtOGFkZjBkYTIyNTQ1
LzEvc0pSNERfdXdhM3RYOENGT2hGVXJsa3hRUWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDw9bgMA0G
CSqGSIb3DQEBCwUAA4IBAQBL7PSGC47GTVwlnIpW+Ah7634FVD7o+9zOu9o8NpTe
2Y5fm9VNbUlewtOK3bbT1YeCvlz4m3gwsSwN8r3kWVuor7cduvmQhfd8YW1vDEgV
E8nnHuLjGP0YxTgz7SoZJCzISD9CGKkUmLIACanyor9H+Qkgb6qYLfAjSGarIh0a
rwvdgQLbJkjpAU0J8A2sd7nuBH2Xl2xy8WtYhllPqlmdgl5AO22SeUHSKLD1p4C1
DezjtXqJDqbYZurjIyxMU4xZnV6m+HV+W/TNB8Avms2HGbN9i8a/wY6SK5eXq7Tp
Yjxtyp3Ts92qgmfVUnCiz/lcWMdfkOLtiInYm90H4qwP
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:04:58 2024 by rpki-client on console-ams.rpki-client.org