Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/XR70_rooecfRATtAUuU86RsAGq8.roa
File: XR70_rooecfRATtAUuU86RsAGq8.roa (raw, json)
Hash identifier: jf+501BF/EhHmBPS5cfdqgvkpcdwXoKJlveN/cVnsR0=
Subject key identifier: 5D:1E:F4:FE:BA:28:79:C7:D1:01:3B:40:52:E5:3C:E9:1B:00:1A:AF
Certificate issuer: /CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
Certificate serial: 018CC56F0570DE9BC70CAC60CA9ACC25E93C
Authority key identifier: 08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/XR70_rooecfRATtAUuU86RsAGq8.roa
Signing time: Mon 01 Jan 2024 14:30:36 +0000
ROA not before: Mon 01 Jan 2024 14:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20495
IP address blocks: 185.33.119.0/24 maxlen: 32
185.33.116.0/24 maxlen: 32
185.33.116.0/23 maxlen: 23
185.33.118.0/24 maxlen: 32
185.33.117.0/24 maxlen: 32
185.33.118.0/23 maxlen: 23
2a00:cc20::/33 maxlen: 33
2a00:cc20:4000::/34 maxlen: 128
2a00:cc20::/34 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:05:70:de:9b:c7:0c:ac:60:ca:9a:cc:25:e9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
Validity
Not Before: Jan 1 14:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d1ef4feba2879c7d1013b4052e53ce91b001aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5d:53:28:ca:fa:84:4b:c5:f3:0b:15:9d:55:
8f:14:4c:ec:7a:55:a1:06:b2:2e:b1:e8:37:ce:7c:
fc:47:ea:cc:9a:72:fc:10:50:03:98:62:a2:4c:d4:
ab:cb:32:3f:e5:27:4e:b6:80:1b:70:78:1d:f7:7a:
ea:ad:3f:e4:f6:f7:5a:52:0c:2d:40:59:12:ea:6c:
07:9b:d9:eb:40:2b:21:b8:9c:e4:2e:0c:1b:10:88:
4b:ba:ca:22:20:41:fa:16:a0:1c:17:ce:48:52:8b:
20:8e:de:44:3c:c3:ba:7b:ac:5a:7e:ee:75:2f:43:
46:4c:7e:ed:99:39:5f:06:ab:45:81:43:7b:96:99:
0b:70:2b:dc:d7:01:a9:03:b2:19:f9:2c:e1:4a:21:
b5:75:96:c5:1e:78:b0:2b:70:c3:26:63:16:6a:c8:
9d:b3:cf:ce:17:81:af:30:ff:81:fa:4c:d8:c0:81:
f0:55:85:8e:39:d0:c8:16:71:93:2d:14:f0:ee:8f:
50:f4:8d:d9:bf:f1:af:9f:54:ae:ae:0a:2d:10:7b:
44:76:e1:15:ae:26:21:ab:d4:ec:64:3e:c0:bf:ce:
b6:94:77:a6:3d:64:7e:ba:15:d2:70:d4:9a:8f:6d:
fe:e4:9d:f8:62:50:26:b8:c7:58:7e:44:6c:dc:ce:
82:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1E:F4:FE:BA:28:79:C7:D1:01:3B:40:52:E5:3C:E9:1B:00:1A:AF
X509v3 Authority Key Identifier:
keyid:08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/XR70_rooecfRATtAUuU86RsAGq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.116.0/22
IPv6:
2a00:cc20::/33
Signature Algorithm: sha256WithRSAEncryption
75:6b:1c:78:78:97:87:2f:65:a2:17:2b:26:6b:49:70:da:b3:
a2:43:19:a6:df:62:50:37:81:a4:05:58:7e:0e:22:01:4e:4a:
8f:00:ae:f5:ed:e1:2a:a9:c8:c6:a9:1c:4b:b1:62:8a:60:f1:
94:c9:7a:80:b0:f6:2f:fd:42:11:c2:ed:96:7f:3c:93:58:e7:
2a:60:f2:d5:e0:ce:20:23:64:9c:22:8f:ad:a2:62:ad:c2:c9:
aa:e9:42:8c:c8:f4:23:da:ed:1f:df:46:94:6b:0b:5c:8c:e2:
1b:e4:4f:ab:8e:88:37:a1:70:94:4b:28:33:81:5f:13:1a:18:
46:9b:a6:fb:4a:e3:38:e8:57:3c:ca:aa:55:53:de:86:da:b0:
d7:b0:3a:9a:c5:70:71:12:e0:4a:da:cc:a8:c7:f2:80:df:d1:
8e:e9:d4:28:25:0a:c9:60:bb:9a:82:bc:c4:41:54:96:7c:49:
ce:1b:a1:5f:fc:83:e9:d5:49:9d:15:b9:d6:95:d0:9c:ab:16:
ec:b9:af:4b:c9:c4:1c:95:9d:bc:1c:24:d3:a1:bd:44:97:c4:
18:20:ad:d2:e3:47:21:df:09:97:7d:63:b8:cf:20:b4:40:58:
79:cc:df:88:3f:06:dd:41:d0:0d:ee:36:49:6e:49:ee:72:82:
bd:0f:39:17
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzFbwVw3pvHDKxgyprMJek8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MTFiYzUwY2ZlZDlkMDJlNTgxOTZhMmM4MWM5ODhlMzBi
YTEyNjAwHhcNMjQwMTAxMTQzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFlZjRmZWJhMjg3OWM3ZDEwMTNiNDA1MmU1M2NlOTFiMDAxYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp11TKMr6hEvF8wsVnVWPFEzselWh
BrIuseg3znz8R+rMmnL8EFADmGKiTNSryzI/5SdOtoAbcHgd93rqrT/k9vdaUgwt
QFkS6mwHm9nrQCshuJzkLgwbEIhLusoiIEH6FqAcF85IUosgjt5EPMO6e6xafu51
L0NGTH7tmTlfBqtFgUN7lpkLcCvc1wGpA7IZ+SzhSiG1dZbFHniwK3DDJmMWasid
s8/OF4GvMP+B+kzYwIHwVYWOOdDIFnGTLRTw7o9Q9I3Zv/Gvn1SurgotEHtEduEV
riYhq9TsZD7Av862lHemPWR+uhXScNSaj23+5J34YlAmuMdYfkRs3M6CzQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF0e9P66KHnH0QE7QFLlPOkbABqvMB8GA1UdIwQY
MBaAFAgRvFDP7Z0C5YGWosgcmI4wuhJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYt
ZWU1YTY3NDNiZTU2LzEvWFI3MF9yb29lY2ZSQVR0QVV1VTg2UnNBR3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYtZWU1YTY3NDNiZTU2
LzEvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuSF0MA4E
AgACMAgDBgcqAMwgADANBgkqhkiG9w0BAQsFAAOCAQEAdWsceHiXhy9lohcrJmtJ
cNqzokMZpt9iUDeBpAVYfg4iAU5KjwCu9e3hKqnIxqkcS7FiimDxlMl6gLD2L/1C
EcLtln88k1jnKmDy1eDOICNknCKPraJircLJqulCjMj0I9rtH99GlGsLXIziG+RP
q46IN6FwlEsoM4FfExoYRpum+0rjOOhXPMqqVVPehtqw17A6msVwcRLgStrMqMfy
gN/RjunUKCUKyWC7moK8xEFUlnxJzhuhX/yD6dVJnRW51pXQnKsW7LmvS8nEHJWd
vBwk06G9RJfEGCCt0uNHId8Jl31juM8gtEBYeczfiD8G3UHQDe42SW5J7nKCvQ85
Fw==
-----END CERTIFICATE-----
Generated at Fri May 17 08:29:48 2024 by rpki-client on console-fra.rpki-client.org