Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/XBxjnE_4cvoehaXae9-B0zkCaZc.roa
File: XBxjnE_4cvoehaXae9-B0zkCaZc.roa (raw, json)
Hash identifier: 2f/5yRRK2taSawqZj0/KAjzVmXk5TL1TwypkMSrtVC8=
Subject key identifier: 5C:1C:63:9C:4F:F8:72:FA:1E:85:A5:DA:7B:DF:81:D3:39:02:69:97
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018CC424F893D3C6971D72AF70E876D6528A
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/XBxjnE_4cvoehaXae9-B0zkCaZc.roa
Signing time: Mon 01 Jan 2024 08:30:06 +0000
ROA not before: Mon 01 Jan 2024 08:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211237
IP address blocks: 109.236.50.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f8:93:d3:c6:97:1d:72:af:70:e8:76:d6:52:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 08:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c1c639c4ff872fa1e85a5da7bdf81d339026997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:f4:b5:8d:47:89:33:33:e7:ff:fe:94:21:
2f:a2:7b:fa:03:99:8c:d3:61:68:8a:8d:43:f8:d3:
5c:c6:f1:52:59:6b:cc:98:51:4c:aa:44:1b:cb:67:
76:83:08:2f:f2:47:2e:eb:7d:b0:35:05:9a:97:a2:
bd:82:ee:a6:62:7c:fb:7c:35:8f:e2:94:88:4e:57:
ff:f5:61:8c:22:e4:c7:90:3a:cc:ae:b5:54:87:c6:
d0:23:d4:55:33:81:73:66:75:2a:dc:c8:b8:98:55:
79:38:ae:da:31:d6:66:b4:66:76:d8:bd:24:42:71:
1f:1c:56:9d:d3:18:19:8b:ca:ff:80:db:16:19:0c:
93:e9:5c:0b:71:99:cb:01:97:e3:9d:a9:81:b4:88:
6d:c8:3f:90:71:27:63:f5:e0:58:a3:b4:a2:28:5b:
31:8c:41:d0:3f:4f:ae:3e:42:3f:6f:26:20:32:a6:
db:55:11:53:97:8a:b0:a7:d7:0b:c3:2b:05:7b:d4:
15:cb:54:c0:e1:7a:89:4d:7d:18:4b:74:de:56:b0:
e7:a7:01:bc:30:6c:a8:42:7d:e4:2f:dd:38:af:a0:
f4:a3:b8:61:a6:d9:98:83:5c:84:1b:8b:b3:8a:08:
1d:4d:82:6f:9d:2e:9f:21:7f:35:cd:f3:59:ac:09:
15:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1C:63:9C:4F:F8:72:FA:1E:85:A5:DA:7B:DF:81:D3:39:02:69:97
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/XBxjnE_4cvoehaXae9-B0zkCaZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0-109.236.50.255
193.160.141.0/24
193.160.143.0/24
Signature Algorithm: sha256WithRSAEncryption
89:de:11:70:df:7f:f5:ca:9c:fc:d9:1a:d1:96:00:c6:31:cd:
95:84:32:68:35:cd:95:b4:2d:53:c6:3e:74:f7:4e:5f:de:29:
c1:e1:21:24:0f:d8:a3:a3:33:80:b5:6e:a7:c4:cb:d4:82:a0:
2e:3b:42:bf:0b:9b:c4:a5:0b:e4:6b:cb:7b:3b:13:20:6b:a5:
32:ba:77:d9:9a:8d:34:f9:00:bd:06:67:c6:58:9c:93:72:e4:
78:90:88:11:8d:a4:f8:ba:6b:19:78:ad:bc:89:0a:0d:47:dc:
20:d4:09:38:b0:62:8c:d6:9e:9e:2b:68:01:00:a2:bb:40:11:
3e:24:57:d9:b2:a6:c7:df:3c:05:5c:d6:f7:ef:47:90:15:94:
b1:c1:00:00:f6:bf:82:9d:45:42:9a:04:ca:71:0d:d0:7b:91:
ac:53:22:2e:bb:2d:95:19:ba:65:ca:d6:3a:1b:c2:91:26:c8:
da:04:32:e7:19:5f:60:2e:4c:92:6d:d2:31:ad:ac:88:95:8c:
5d:79:11:5a:99:97:54:d7:ee:ac:e5:cb:53:c9:0b:77:a4:d4:
2a:c5:31:d0:31:3f:53:5d:42:89:d5:9c:04:c7:bf:5e:95:9d:
16:77:28:e3:18:de:31:b0:5c:b6:0f:76:b4:db:43:8b:bf:b9:
f3:e6:0b:76
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEJPiT08aXHXKvcOh21lKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFjNjM5YzRmZjg3MmZhMWU4NWE1ZGE3YmRmODFkMzM5MDI2OTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhP0tY1HiTMz5//+lCEvonv6A5mM
02Foio1D+NNcxvFSWWvMmFFMqkQby2d2gwgv8kcu632wNQWal6K9gu6mYnz7fDWP
4pSITlf/9WGMIuTHkDrMrrVUh8bQI9RVM4FzZnUq3Mi4mFV5OK7aMdZmtGZ22L0k
QnEfHFad0xgZi8r/gNsWGQyT6VwLcZnLAZfjnamBtIhtyD+QcSdj9eBYo7SiKFsx
jEHQP0+uPkI/byYgMqbbVRFTl4qwp9cLwysFe9QVy1TA4XqJTX0YS3TeVrDnpwG8
MGyoQn3kL904r6D0o7hhptmYg1yEG4uziggdTYJvnS6fIX81zfNZrAkVQwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFwcY5xP+HL6HoWl2nvfgdM5AmmXMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvWEJ4am5FXzRjdm9laGFYYWU5LUIwemtDYVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABt7DED
BABt7DIDBADBoI0DBADBoI8wDQYJKoZIhvcNAQELBQADggEBAIneEXDff/XKnPzZ
GtGWAMYxzZWEMmg1zZW0LVPGPnT3Tl/eKcHhISQP2KOjM4C1bqfEy9SCoC47Qr8L
m8SlC+Rry3s7EyBrpTK6d9majTT5AL0GZ8ZYnJNy5HiQiBGNpPi6axl4rbyJCg1H
3CDUCTiwYozWnp4raAEAortAET4kV9mypsffPAVc1vfvR5AVlLHBAAD2v4KdRUKa
BMpxDdB7kaxTIi67LZUZumXK1jobwpEmyNoEMucZX2AuTJJt0jGtrIiVjF15EVqZ
l1TX7qzly1PJC3ek1CrFMdAxP1NdQonVnATHv16VnRZ3KOMY3jGwXLYPdrTbQ4u/
ufPmC3Y=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:26:18 2024 by rpki-client on console-fra.rpki-client.org