Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/XQHo_QmwZR6_PNsZViDwQSCHyiM.roa
File: XQHo_QmwZR6_PNsZViDwQSCHyiM.roa (raw, json)
Hash identifier: HFBAz7SavybJpIEVJVs7gNYU7Dj1mOxvLOygF85Ke3Q=
Subject key identifier: 5D:01:E8:FD:09:B0:65:1E:BF:3C:DB:19:56:20:F0:41:20:87:CA:23
Certificate issuer: /CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Certificate serial: 018CC64AA541DD0C8691AADEE5BE993DC546
Authority key identifier: 83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/XQHo_QmwZR6_PNsZViDwQSCHyiM.roa
Signing time: Mon 01 Jan 2024 18:30:29 +0000
ROA not before: Mon 01 Jan 2024 18:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139070
IP address blocks: 66.22.229.0/24 maxlen: 24
66.22.228.0/24 maxlen: 24
66.22.228.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:a5:41:dd:0c:86:91:aa:de:e5:be:99:3d:c5:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Validity
Not Before: Jan 1 18:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d01e8fd09b0651ebf3cdb195620f0412087ca23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1e:55:f0:2a:eb:04:91:85:d2:81:84:e1:47:
81:8a:ed:b3:d7:95:1a:04:c0:d0:91:86:4c:f6:1c:
14:b7:2c:10:98:68:34:db:d1:e6:f0:06:83:58:4b:
a8:53:f1:78:62:cb:b1:38:96:37:34:65:1d:b1:b4:
38:3e:18:e0:d2:bd:27:bd:1a:2e:68:6c:ed:bf:ad:
f1:72:3a:77:a5:2f:95:42:8d:10:4b:76:ee:a9:27:
ab:c4:9d:9d:ad:e8:45:5e:a6:e5:4e:84:72:db:38:
3a:2c:c4:0c:8d:e6:66:fa:de:7d:d4:7c:4f:ed:7f:
bb:33:c2:b4:f2:96:41:07:3b:7e:1f:f6:d0:fa:fc:
12:bb:d9:e6:7b:41:a3:c9:27:41:25:75:bf:69:11:
ae:25:39:25:2d:39:34:23:3b:14:97:3d:24:96:65:
4f:bd:61:c6:10:91:ea:d4:e1:c6:03:e9:20:24:19:
d3:9b:11:b6:f0:a4:02:9d:57:29:34:ab:90:8c:69:
0d:8f:42:03:4e:2c:06:22:b3:21:41:7a:2b:40:d5:
44:61:cb:dc:a8:f8:be:59:57:6f:57:19:78:95:db:
f5:de:04:8d:c2:d5:ad:8d:28:5f:de:cb:09:1e:f0:
f7:d6:73:2e:6a:12:05:a1:b8:a6:56:6c:96:2e:65:
f2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:01:E8:FD:09:B0:65:1E:BF:3C:DB:19:56:20:F0:41:20:87:CA:23
X509v3 Authority Key Identifier:
keyid:83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/XQHo_QmwZR6_PNsZViDwQSCHyiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.22.228.0/23
Signature Algorithm: sha256WithRSAEncryption
92:50:3a:cd:80:7e:3a:8a:47:30:18:1e:df:e0:0f:af:9c:d7:
be:4a:ae:ad:47:cc:99:04:c8:e2:09:6c:88:86:ca:33:49:05:
4b:2c:97:24:e4:b3:17:60:c6:b5:48:cf:89:00:db:16:98:07:
e4:4a:5b:62:cb:5d:cf:c0:53:5c:66:06:fe:d4:ac:9e:3c:d2:
dd:17:7f:e6:44:7c:e6:13:17:7c:b0:71:e5:0b:ea:24:10:30:
b0:fd:04:a2:5a:4b:24:e3:03:c2:e2:89:ba:20:28:f0:ca:7f:
c9:8c:e3:be:5a:28:64:cf:0e:b0:30:b6:30:48:05:41:40:90:
17:87:ee:32:2e:51:fd:cf:ee:a5:e4:87:4b:55:3a:bd:a2:56:
93:89:a1:57:6c:88:8c:f0:81:fc:95:56:e0:cb:22:f9:d8:b2:
4a:7e:8a:77:8c:be:5a:79:6a:7e:83:8e:49:6f:50:d2:a6:67:
2f:8f:23:e4:df:16:28:6a:4f:ae:cb:c6:fc:7a:46:a2:bf:a9:
5e:28:6d:aa:d1:1f:1b:3a:0f:78:77:6d:5b:fb:f8:e2:35:58:
46:08:06:dd:4f:68:06:f0:2f:2e:b8:01:bb:f2:34:00:65:67:
8f:82:94:b6:0a:17:a9:b1:30:81:f8:f0:c9:23:ec:55:36:6f:
1e:0e:5b:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSqVB3QyGkare5b6ZPcVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzEwM2Q2NWE1NGQ2YWYxZWZiYTZhYzNlNjM3MjIwMjhh
ZjJiYjEwHhcNMjQwMTAxMTgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDAxZThmZDA5YjA2NTFlYmYzY2RiMTk1NjIwZjA0MTIwODdjYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoh5V8CrrBJGF0oGE4UeBiu2z15Ua
BMDQkYZM9hwUtywQmGg029Hm8AaDWEuoU/F4YsuxOJY3NGUdsbQ4Phjg0r0nvRou
aGztv63xcjp3pS+VQo0QS3buqSerxJ2drehFXqblToRy2zg6LMQMjeZm+t591HxP
7X+7M8K08pZBBzt+H/bQ+vwSu9nme0GjySdBJXW/aRGuJTklLTk0IzsUlz0klmVP
vWHGEJHq1OHGA+kgJBnTmxG28KQCnVcpNKuQjGkNj0IDTiwGIrMhQXorQNVEYcvc
qPi+WVdvVxl4ldv13gSNwtWtjShf3ssJHvD31nMuahIFobimVmyWLmXyQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0B6P0JsGUevzzbGVYg8EEgh8ojMB8GA1UdIwQY
MBaAFIPBA9ZaVNavHvumrD5jciAoryuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQt
YjUwY2Y1ZjJhYTIyLzEvWFFIb19RbXdaUjZfUE5zWlZpRHdRU0NIeWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQtYjUwY2Y1ZjJhYTIy
LzEvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBQhbkMA0G
CSqGSIb3DQEBCwUAA4IBAQCSUDrNgH46ikcwGB7f4A+vnNe+Sq6tR8yZBMjiCWyI
hsozSQVLLJck5LMXYMa1SM+JANsWmAfkSltiy13PwFNcZgb+1KyePNLdF3/mRHzm
Exd8sHHlC+okEDCw/QSiWksk4wPC4om6ICjwyn/JjOO+Wihkzw6wMLYwSAVBQJAX
h+4yLlH9z+6l5IdLVTq9olaTiaFXbIiM8IH8lVbgyyL52LJKfop3jL5aeWp+g45J
b1DSpmcvjyPk3xYoak+uy8b8ekaiv6leKG2q0R8bOg94d21b+/jiNVhGCAbdT2gG
8C8uuAG78jQAZWePgpS2ChepsTCB+PDJI+xVNm8eDluP
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:14:13 2024 by rpki-client on console-fra.rpki-client.org