Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/XLYAPTD2no7p509qKAMCL1mF5Kw.roa
File: XLYAPTD2no7p509qKAMCL1mF5Kw.roa (raw, json)
Hash identifier: 6fVzPn2OvDKI7tMg9uZxaVzB70BMWrRH9hLnWPXyA9Y=
Subject key identifier: 5C:B6:00:3D:30:F6:9E:8E:E9:E7:4F:6A:28:03:02:2F:59:85:E4:AC
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 018CC794DD9B863A08C583AAE3E71BBEE9AD
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/XLYAPTD2no7p509qKAMCL1mF5Kw.roa
Signing time: Tue 02 Jan 2024 00:31:11 +0000
ROA not before: Tue 02 Jan 2024 00:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 81.19.139.0/24 maxlen: 32
81.19.141.0/24 maxlen: 32
81.19.140.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:dd:9b:86:3a:08:c5:83:aa:e3:e7:1b:be:e9:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Jan 2 00:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cb6003d30f69e8ee9e74f6a2803022f5985e4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e9:2f:4a:df:1b:c3:71:e0:06:63:e5:90:bc:
a4:f1:5c:bd:df:ee:9a:fa:5f:f5:9f:d1:5a:43:c0:
13:4c:b2:75:35:a5:37:5b:8d:2b:2e:14:d6:c0:d4:
3a:4c:26:88:6e:36:df:2d:f8:c0:16:05:33:cf:f7:
b9:c6:73:09:f6:b0:97:ed:77:14:47:fe:d9:07:39:
e2:8d:4e:c8:7c:c6:30:5a:78:6e:0a:98:85:20:45:
c0:fe:9c:24:b6:17:de:50:28:f0:c4:18:23:28:56:
18:fe:fc:25:3f:91:c2:c5:46:c8:35:a6:00:f2:d2:
aa:3a:f3:eb:7a:23:bb:36:f9:aa:a1:61:b3:35:3d:
b8:b9:a8:bd:11:43:3c:c2:58:3b:d9:15:0e:02:d3:
32:29:9d:a8:a1:9d:d6:f9:ff:1e:74:e1:11:01:8c:
c3:7a:60:e6:47:e4:5a:0d:85:01:50:a2:b4:46:46:
88:17:3a:38:c4:5b:fc:ff:eb:d1:89:c9:ca:08:69:
a1:f3:e0:bd:b4:7e:a3:f9:4b:b8:a3:e6:e2:a2:29:
2d:a2:ea:ad:2e:a8:db:1d:fb:ea:7a:ec:4a:eb:b1:
a3:22:b2:5b:c0:29:be:48:da:32:8d:99:95:c1:44:
35:2b:26:8e:9c:52:e1:0a:95:3f:34:7c:f9:34:34:
d8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B6:00:3D:30:F6:9E:8E:E9:E7:4F:6A:28:03:02:2F:59:85:E4:AC
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/XLYAPTD2no7p509qKAMCL1mF5Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.139.0-81.19.141.255
Signature Algorithm: sha256WithRSAEncryption
27:05:5b:47:11:5b:45:96:e9:3a:be:95:1d:0f:d4:35:ca:bf:
d4:4d:bc:bd:20:dc:b4:27:c2:69:1e:5f:0d:b4:d8:18:da:78:
c5:32:19:43:c8:6a:51:bc:5d:f0:f4:98:e8:8b:d2:bd:bc:42:
cd:a0:8c:12:0d:f6:b4:02:17:bc:d3:1e:af:8a:ee:4b:b7:ad:
3e:89:d0:ea:38:29:7b:cf:f4:dd:19:4d:49:d5:7d:9b:a6:1f:
b8:57:07:38:ef:f4:51:6e:f7:ea:76:70:20:39:dc:e9:c4:bf:
29:d4:bd:34:9e:5d:61:fd:02:fc:83:87:d5:1e:40:ee:8b:56:
91:cf:52:c6:b8:14:c5:a9:24:4d:1f:6b:74:74:6d:9f:8f:5f:
06:af:f1:ed:fe:5a:81:97:6e:03:63:b4:1c:24:df:68:5c:17:
fc:f4:1a:2c:9e:c9:01:0f:11:71:0b:5e:19:67:be:4e:b2:b4:
ac:db:ba:ae:e2:aa:57:70:5c:d1:41:84:76:d0:76:d5:f1:cc:
3a:8a:0c:e8:e8:5f:e2:9a:b4:6c:ae:bf:89:14:61:1c:82:d6:
d4:e8:6d:62:4e:21:93:1a:8e:57:70:1f:95:9b:5a:8d:b7:a0:
b4:29:e5:48:b4:71:ee:44:c1:4c:c1:6a:ff:d9:97:c8:9c:e6:
7c:2d:aa:81
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlN2bhjoIxYOq4+cbvumtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjQwMTAyMDAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2I2MDAzZDMwZjY5ZThlZTllNzRmNmEyODAzMDIyZjU5ODVlNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsukvSt8bw3HgBmPlkLyk8Vy93+6a
+l/1n9FaQ8ATTLJ1NaU3W40rLhTWwNQ6TCaIbjbfLfjAFgUzz/e5xnMJ9rCX7XcU
R/7ZBznijU7IfMYwWnhuCpiFIEXA/pwkthfeUCjwxBgjKFYY/vwlP5HCxUbINaYA
8tKqOvPreiO7NvmqoWGzNT24uai9EUM8wlg72RUOAtMyKZ2ooZ3W+f8edOERAYzD
emDmR+RaDYUBUKK0RkaIFzo4xFv8/+vRicnKCGmh8+C9tH6j+Uu4o+bioiktouqt
LqjbHfvqeuxK67GjIrJbwCm+SNoyjZmVwUQ1KyaOnFLhCpU/NHz5NDTY7wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFy2AD0w9p6O6edPaigDAi9ZheSsMB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvWExZQVBURDJubzdwNTA5cUtBTUNMMW1GNUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABRE4sD
BAFRE4wwDQYJKoZIhvcNAQELBQADggEBACcFW0cRW0WW6Tq+lR0P1DXKv9RNvL0g
3LQnwmkeXw202BjaeMUyGUPIalG8XfD0mOiL0r28Qs2gjBIN9rQCF7zTHq+K7ku3
rT6J0Oo4KXvP9N0ZTUnVfZumH7hXBzjv9FFu9+p2cCA53OnEvynUvTSeXWH9AvyD
h9UeQO6LVpHPUsa4FMWpJE0fa3R0bZ+PXwav8e3+WoGXbgNjtBwk32hcF/z0Giye
yQEPEXELXhlnvk6ytKzbuq7iqldwXNFBhHbQdtXxzDqKDOjoX+KatGyuv4kUYRyC
1tTobWJOIZMajldwH5WbWo23oLQp5Ui0ce5EwUzBav/Zl8ic5nwtqoE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:48:56 2024 by rpki-client on console-ams.rpki-client.org