Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/XCCExAiP5WLDnW_nhRBEcKQI-c4.roa
File: XCCExAiP5WLDnW_nhRBEcKQI-c4.roa (raw, json)
Hash identifier: mgK+ZpQHlBpEXPjOKvseAItnm8DnRj31ejU9uguRMeQ=
Subject key identifier: 5C:20:84:C4:08:8F:E5:62:C3:9D:6F:E7:85:10:44:70:A4:08:F9:CE
Certificate issuer: /CN=9a754c71d62cb23948d9119eda772fde38e67b67
Certificate serial: 018CC64B34C0F61D05006ADF7AE5AF34C475
Authority key identifier: 9A:75:4C:71:D6:2C:B2:39:48:D9:11:9E:DA:77:2F:DE:38:E6:7B:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/XCCExAiP5WLDnW_nhRBEcKQI-c4.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199286
IP address blocks: 194.110.137.0/24 maxlen: 24
194.110.117.0/24 maxlen: 24
185.122.71.0/24 maxlen: 24
185.122.68.0/22 maxlen: 22
185.122.69.0/24 maxlen: 24
185.122.68.0/24 maxlen: 24
185.122.70.0/24 maxlen: 24
194.110.132.0/24 maxlen: 24
185.12.137.0/24 maxlen: 24
185.12.136.0/22 maxlen: 22
185.12.139.0/24 maxlen: 24
185.12.138.0/24 maxlen: 24
185.12.136.0/24 maxlen: 24
194.110.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/mnVMcdYssjlI2RGe2ncv3jjme2c.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/mnVMcdYssjlI2RGe2ncv3jjme2c.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:34:c0:f6:1d:05:00:6a:df:7a:e5:af:34:c4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a754c71d62cb23948d9119eda772fde38e67b67
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c2084c4088fe562c39d6fe785104470a408f9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d3:1a:f6:0f:27:c1:4d:33:d5:3b:1c:42:99:
bb:de:7c:5c:09:4c:93:57:e2:7e:c3:ef:38:73:9b:
b5:3f:2e:fe:d0:e0:e0:59:a0:12:fc:99:0d:2f:61:
18:30:76:f6:1b:55:2e:7f:21:7e:17:d4:c7:ef:5e:
b4:31:59:91:c0:90:14:af:ce:7e:d8:73:d2:0d:96:
93:38:c7:bc:62:32:25:a5:13:cd:fc:a1:99:8a:a0:
28:eb:4e:a1:4a:04:9d:88:2a:9c:06:9f:9b:65:d3:
e8:b6:83:af:63:e3:ab:ee:91:19:13:8e:e9:07:7f:
40:32:c7:c5:3a:90:a1:eb:73:8e:37:70:ba:20:a0:
46:37:f0:1b:f0:11:89:53:6d:15:8f:06:a7:c6:4d:
16:4a:98:3a:16:5d:16:4f:9a:54:71:4d:e8:a0:7d:
69:08:e2:5e:94:db:ee:75:ba:73:30:38:fd:b3:18:
ee:26:eb:04:eb:2b:3f:f4:40:0f:a1:ba:f8:25:70:
75:4c:3b:4d:26:98:0e:8e:6e:97:e5:b9:c0:c0:9c:
9e:fc:63:e4:57:a7:6e:6c:dd:ad:f1:fa:cc:7c:5f:
55:90:4c:f2:de:90:46:77:85:09:cd:18:e9:4b:20:
1b:78:2d:88:55:d8:76:62:c5:94:0d:6a:ad:7c:ab:
1c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:20:84:C4:08:8F:E5:62:C3:9D:6F:E7:85:10:44:70:A4:08:F9:CE
X509v3 Authority Key Identifier:
keyid:9A:75:4C:71:D6:2C:B2:39:48:D9:11:9E:DA:77:2F:DE:38:E6:7B:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnVMcdYssjlI2RGe2ncv3jjme2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/XCCExAiP5WLDnW_nhRBEcKQI-c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4d2e67-5ac2-427d-8b7b-d25a9df15925/1/mnVMcdYssjlI2RGe2ncv3jjme2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.136.0/22
185.122.68.0/22
194.110.74.0/24
194.110.117.0/24
194.110.132.0/24
194.110.137.0/24
Signature Algorithm: sha256WithRSAEncryption
12:89:34:57:c5:55:7a:cd:72:09:c0:bb:31:df:bf:fb:fa:e9:
f1:81:85:98:f3:6f:e3:3f:1c:f7:ae:9d:55:dd:22:7d:05:e8:
1d:9d:32:9a:f7:20:84:4f:01:e1:3a:ea:38:74:45:a7:aa:e0:
dd:90:9a:d7:24:7b:9e:02:5f:f4:d0:a6:64:8d:a2:f8:d0:68:
74:a7:09:73:a5:66:4e:44:82:c1:e0:d2:d2:5a:f6:2e:2d:ae:
32:f0:35:7c:dd:29:98:1a:f7:36:44:0a:b4:3e:dc:6d:0b:9b:
69:f2:f3:84:c9:4d:85:1a:a6:c2:c9:33:e1:f6:42:ae:cc:41:
d3:58:4d:96:b2:2a:64:91:28:c2:51:e9:fc:67:c8:de:73:74:
4a:96:37:b0:ae:92:8e:90:76:87:08:24:fc:96:ae:e3:9e:ba:
60:d8:3f:d0:19:bb:4f:b8:8f:15:8f:b0:3d:29:f1:59:4e:ae:
e2:d0:19:0d:fb:4e:1c:58:f2:3a:02:76:e3:4e:9d:18:19:ec:
f9:d3:f5:6b:50:b9:a6:06:a7:00:ee:a6:ca:62:59:01:fa:f6:
73:da:89:39:37:f4:7a:15:84:34:87:b4:e5:4b:3f:3c:9f:98:
3e:4a:f3:2a:d8:90:7a:6f:3e:4e:1e:75:71:ae:8f:e7:17:8b:
21:d0:5f:d0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGSzTA9h0FAGrfeuWvNMR1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzU0YzcxZDYyY2IyMzk0OGQ5MTE5ZWRhNzcyZmRlMzhl
NjdiNjcwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzIwODRjNDA4OGZlNTYyYzM5ZDZmZTc4NTEwNDQ3MGE0MDhmOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldMa9g8nwU0z1TscQpm73nxcCUyT
V+J+w+84c5u1Py7+0ODgWaAS/JkNL2EYMHb2G1UufyF+F9TH7160MVmRwJAUr85+
2HPSDZaTOMe8YjIlpRPN/KGZiqAo606hSgSdiCqcBp+bZdPotoOvY+Or7pEZE47p
B39AMsfFOpCh63OON3C6IKBGN/Ab8BGJU20Vjwanxk0WSpg6Fl0WT5pUcU3ooH1p
COJelNvudbpzMDj9sxjuJusE6ys/9EAPobr4JXB1TDtNJpgOjm6X5bnAwJye/GPk
V6dubN2t8frMfF9VkEzy3pBGd4UJzRjpSyAbeC2IVdh2YsWUDWqtfKsc8QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFwghMQIj+Viw51v54UQRHCkCPnOMB8GA1UdIwQY
MBaAFJp1THHWLLI5SNkRntp3L9445ntnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5WTWNkWXNzamxJMlJHZTJuY3YzamptZTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80ZDJlNjctNWFjMi00MjdkLThiN2It
ZDI1YTlkZjE1OTI1LzEvWENDRXhBaVA1V0xEbldfbmhSQkVjS1FJLWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80ZDJlNjctNWFjMi00MjdkLThiN2ItZDI1YTlkZjE1OTI1
LzEvbW5WTWNkWXNzamxJMlJHZTJuY3YzamptZTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuQyIAwQC
uXpEAwQAwm5KAwQAwm51AwQAwm6EAwQAwm6JMA0GCSqGSIb3DQEBCwUAA4IBAQAS
iTRXxVV6zXIJwLsx37/7+unxgYWY82/jPxz3rp1V3SJ9BegdnTKa9yCETwHhOuo4
dEWnquDdkJrXJHueAl/00KZkjaL40Gh0pwlzpWZORILB4NLSWvYuLa4y8DV83SmY
Gvc2RAq0PtxtC5tp8vOEyU2FGqbCyTPh9kKuzEHTWE2WsipkkSjCUen8Z8jec3RK
ljewrpKOkHaHCCT8lq7jnrpg2D/QGbtPuI8Vj7A9KfFZTq7i0BkN+04cWPI6Anbj
Tp0YGez50/VrULmmBqcA7qbKYlkB+vZz2ok5N/R6FYQ0h7TlSz88n5g+SvMq2JB6
bz5OHnVxro/nF4sh0F/Q
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:45:11 2024 by rpki-client on console-ams.rpki-client.org