Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/xQVGlZTM70ncoGL6KdPlDLtCSvU.roa
File: xQVGlZTM70ncoGL6KdPlDLtCSvU.roa (raw, json)
Hash identifier: uHEdKsRMSDOLiRMsOwXUnaAJd3VZnqGuZ9DaYX6l67E=
Subject key identifier: C5:05:46:95:94:CC:EF:49:DC:A0:62:FA:29:D3:E5:0C:BB:42:4A:F5
Certificate issuer: /CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c
Certificate serial: 018CC26D463A3A7DA101C78CC81CEB245414
Authority key identifier: EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/xQVGlZTM70ncoGL6KdPlDLtCSvU.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62214
IP address blocks: 79.139.56.0/21 maxlen: 21
92.119.120.0/22 maxlen: 22
193.39.12.0/22 maxlen: 22
185.187.72.0/22 maxlen: 22
185.43.204.0/22 maxlen: 22
193.201.184.0/21 maxlen: 21
46.29.136.0/21 maxlen: 21
185.80.48.0/22 maxlen: 22
2a01:6ee0::/40 maxlen: 40
2a01:6ee0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:46:3a:3a:7d:a1:01:c7:8c:c8:1c:eb:24:54:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c505469594ccef49dca062fa29d3e50cbb424af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:95:a6:20:21:68:30:3a:01:6e:7b:00:13:
29:bf:99:32:98:95:cd:0d:8d:1a:90:9a:38:cc:e3:
0e:2d:cf:42:9a:59:7a:04:61:06:be:26:5d:96:58:
27:13:ab:b9:e0:5e:e7:e8:c9:fc:35:e8:7d:59:22:
97:4c:33:a9:7c:c3:62:d4:39:31:91:9b:c2:3b:93:
c3:5d:d6:5a:3b:5e:77:08:4e:45:f2:22:4f:70:3e:
85:dd:f4:eb:54:52:4d:b5:92:b8:f8:9a:f5:cd:0b:
95:39:bf:7a:3f:5f:80:bf:74:7c:40:e8:02:e4:67:
35:1a:ed:c8:7e:4b:c8:47:4c:17:39:68:ee:ec:81:
06:6a:10:06:b4:41:c5:2d:07:30:a2:d9:d3:de:2e:
92:8a:7e:68:f5:f2:70:f3:10:36:6c:26:30:e5:31:
90:2a:b7:48:e5:20:2f:b1:a1:0c:76:d5:ec:bb:e3:
82:39:64:72:42:d8:84:ad:e0:99:a6:6a:bd:4e:35:
ab:32:ed:ed:5f:1e:d9:c1:f0:91:55:de:21:01:a0:
ea:12:ef:49:d9:e6:cc:56:cc:7c:ad:3e:e8:77:a0:
22:1c:ca:42:40:1c:7e:0f:2f:14:cd:78:f5:5f:a4:
7c:f1:21:a0:be:8f:d8:a5:33:9f:c7:3d:16:ea:41:
5c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:05:46:95:94:CC:EF:49:DC:A0:62:FA:29:D3:E5:0C:BB:42:4A:F5
X509v3 Authority Key Identifier:
keyid:EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/xQVGlZTM70ncoGL6KdPlDLtCSvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.136.0/21
79.139.56.0/21
92.119.120.0/22
185.43.204.0/22
185.80.48.0/22
185.187.72.0/22
193.39.12.0/22
193.201.184.0/21
IPv6:
2a01:6ee0::/32
Signature Algorithm: sha256WithRSAEncryption
97:a8:8d:3c:cd:96:48:f2:72:b3:8c:2c:b8:9d:24:c7:74:a5:
6e:0a:63:49:22:bc:21:ba:34:b5:6e:0f:ea:8c:14:05:f6:be:
b4:05:31:d9:c3:1a:f3:57:3e:2c:c6:72:86:55:4f:b2:39:54:
29:a4:21:5c:54:4c:27:b0:97:4e:29:d6:8a:c7:a0:1a:2e:f7:
5e:7e:bc:63:79:c0:f1:03:1a:09:77:37:71:dc:91:45:dd:af:
cc:a6:e8:1c:50:7d:9f:7a:a1:8e:6e:76:7d:94:a6:ea:af:7d:
8b:87:44:7c:6b:ab:26:47:02:45:1a:cb:24:c8:e1:fe:95:fd:
35:e2:31:69:81:2b:bc:51:0b:b4:c1:a1:c1:e1:a7:72:3f:fc:
ce:4f:88:f6:cb:d0:33:12:89:32:2b:33:cd:49:2c:42:09:2f:
73:00:d8:b1:20:55:c7:20:51:2f:d9:cd:13:86:5c:f2:0d:e9:
ed:d1:ec:c0:08:3c:da:7e:d1:a5:c6:46:5e:07:7b:8e:90:63:
8b:02:93:78:2d:c2:c5:d3:44:a4:77:db:fd:1c:ee:04:3e:39:
44:3e:59:ba:1a:99:78:e1:c1:86:5a:35:47:d9:25:a6:54:8d:
bb:aa:99:5b:17:2a:94:1c:8e:46:cb:8d:d7:5f:a8:42:aa:e9:
c8:64:01:c4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzCbUY6On2hAceMyBzrJFQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYjFlYTVhMTA1MGE4MjkyMjRlYTQ4NmMwZTIyZWJmYzc1
ZDY0MGMwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTA1NDY5NTk0Y2NlZjQ5ZGNhMDYyZmEyOWQzZTUwY2JiNDI0YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl16VpiAhaDA6AW57ABMpv5kymJXN
DY0akJo4zOMOLc9Cmll6BGEGviZdllgnE6u54F7n6Mn8Neh9WSKXTDOpfMNi1Dkx
kZvCO5PDXdZaO153CE5F8iJPcD6F3fTrVFJNtZK4+Jr1zQuVOb96P1+Av3R8QOgC
5Gc1Gu3IfkvIR0wXOWju7IEGahAGtEHFLQcwotnT3i6Sin5o9fJw8xA2bCYw5TGQ
KrdI5SAvsaEMdtXsu+OCOWRyQtiEreCZpmq9TjWrMu3tXx7ZwfCRVd4hAaDqEu9J
2ebMVsx8rT7od6AiHMpCQBx+Dy8UzXj1X6R88SGgvo/YpTOfxz0W6kFcFQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFMUFRpWUzO9J3KBi+inT5Qy7Qkr1MB8GA1UdIwQY
MBaAFOyx6loQUKgpIk6khsDiLr/HXWQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2Ut
MDJmZmNlZmYxYWNjLzEveFFWR2xaVE03MG5jb0dMNktkUGxETHRDU3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2UtMDJmZmNlZmYxYWNj
LzEvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDLh2IAwQD
T4s4AwQCXHd4AwQCuSvMAwQCuVAwAwQCubtIAwQCwScMAwQDwcm4MA0EAgACMAcD
BQAqAW7gMA0GCSqGSIb3DQEBCwUAA4IBAQCXqI08zZZI8nKzjCy4nSTHdKVuCmNJ
IrwhujS1bg/qjBQF9r60BTHZwxrzVz4sxnKGVU+yOVQppCFcVEwnsJdOKdaKx6Aa
LvdefrxjecDxAxoJdzdx3JFF3a/MpugcUH2feqGObnZ9lKbqr32Lh0R8a6smRwJF
GsskyOH+lf014jFpgSu8UQu0waHB4adyP/zOT4j2y9AzEokyKzPNSSxCCS9zANix
IFXHIFEv2c0ThlzyDent0ezACDzaftGlxkZeB3uOkGOLApN4LcLF00Skd9v9HO4E
PjlEPlm6Gpl44cGGWjVH2SWmVI27qplbFyqUHI5Gy43XX6hCqunIZAHE
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:33 2024 by rpki-client on console-ams.rpki-client.org