Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/XvYHGxG2tuJ_snAqHlHxHulXhz4.roa
File: XvYHGxG2tuJ_snAqHlHxHulXhz4.roa (raw, json)
Hash identifier: 5EBS6qIbX/u+oHBX/xQVx7M/mmII/D0dkHese5Uoptk=
Subject key identifier: 5E:F6:07:1B:11:B6:B6:E2:7F:B2:70:2A:1E:51:F1:1E:E9:57:87:3E
Certificate issuer: /CN=9e0374d71bc57db96dc393e91febb9e9d59fef9a
Certificate serial: 018CC94DBFC0DA85AC7C05A3C9021B105F18
Authority key identifier: 9E:03:74:D7:1B:C5:7D:B9:6D:C3:93:E9:1F:EB:B9:E9:D5:9F:EF:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ngN01xvFfbltw5PpH-u56dWf75o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/XvYHGxG2tuJ_snAqHlHxHulXhz4.roa
Signing time: Tue 02 Jan 2024 08:32:44 +0000
ROA not before: Tue 02 Jan 2024 08:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200571
IP address blocks: 185.97.9.0/24 maxlen: 24
185.97.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/ngN01xvFfbltw5PpH-u56dWf75o.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/ngN01xvFfbltw5PpH-u56dWf75o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ngN01xvFfbltw5PpH-u56dWf75o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:bf:c0:da:85:ac:7c:05:a3:c9:02:1b:10:5f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e0374d71bc57db96dc393e91febb9e9d59fef9a
Validity
Not Before: Jan 2 08:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ef6071b11b6b6e27fb2702a1e51f11ee957873e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:28:ab:5b:39:d7:5c:30:2e:ef:53:13:5b:9f:
37:8b:02:ea:f4:30:9f:50:bb:9b:2a:e4:eb:98:95:
fb:22:0a:f4:98:c3:1e:48:11:3a:af:e9:aa:e5:d8:
9f:9e:ac:21:af:09:ae:e6:ef:bc:f3:8a:df:fe:dc:
38:ef:21:6c:a9:3a:38:9e:b6:d1:be:23:f5:fc:7e:
9a:65:48:ba:88:c4:39:7d:d6:3d:f4:37:9c:1a:e0:
2f:a8:09:ed:85:30:81:3e:fb:f6:4a:02:5d:59:14:
e8:91:23:44:e1:92:49:e2:10:1d:0f:f8:2a:b9:db:
19:26:8a:da:39:71:50:2f:b1:60:aa:6d:66:0b:86:
83:d9:86:e6:b0:b0:70:dd:82:f8:e4:30:c2:79:69:
ea:09:eb:c5:50:0c:0f:b8:ad:cb:49:54:21:e6:b2:
af:17:79:fa:58:05:51:66:5d:6e:13:3d:05:a8:61:
a7:03:eb:3d:bc:bc:0f:c8:73:44:6f:1f:ef:c4:fd:
ce:df:8b:04:be:f0:a8:ab:27:4e:a5:c2:5c:13:4d:
1d:0c:10:fb:79:d7:10:8f:7c:35:4a:ae:1d:6c:3e:
fe:c5:33:26:22:f7:f2:7d:ba:41:90:01:7f:f5:2f:
b9:9a:5e:27:6e:a0:b1:b6:63:3c:c6:95:78:57:03:
c2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F6:07:1B:11:B6:B6:E2:7F:B2:70:2A:1E:51:F1:1E:E9:57:87:3E
X509v3 Authority Key Identifier:
keyid:9E:03:74:D7:1B:C5:7D:B9:6D:C3:93:E9:1F:EB:B9:E9:D5:9F:EF:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ngN01xvFfbltw5PpH-u56dWf75o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/XvYHGxG2tuJ_snAqHlHxHulXhz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/ngN01xvFfbltw5PpH-u56dWf75o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.9.0/24
185.97.11.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f6:3a:3d:5d:5c:a3:5c:9a:f5:55:64:6e:6e:d1:2b:ff:60:
89:e3:f7:be:fc:ec:2c:b0:09:4b:da:4c:8f:89:98:25:02:03:
7d:e8:89:94:58:db:db:9a:a2:41:a1:e0:08:21:ea:79:c4:6a:
09:20:b3:da:c6:7b:22:67:f7:8c:ad:87:c9:57:34:20:48:af:
e8:a5:99:60:0f:4c:97:72:42:75:33:e4:a0:ff:dd:86:35:cf:
7b:57:ee:79:57:a3:b1:ca:e9:5f:f5:84:b8:2b:bd:4d:ae:e7:
cc:51:36:b9:05:c6:45:22:f7:10:cd:a1:98:9f:e0:81:2d:1d:
54:dd:f9:b7:3a:f3:f7:d5:3f:f1:e6:ec:a2:2a:c6:b6:77:3a:
ad:01:9a:38:9d:77:bf:24:cb:96:8b:ee:fe:b0:69:a4:da:04:
43:cd:48:dc:11:95:e9:75:8f:72:0d:b9:5f:12:f7:ca:93:4c:
ca:da:0a:af:a0:47:28:37:6b:41:a9:9e:95:56:6f:70:b0:6b:
49:ff:7c:ee:71:e6:1a:e7:32:41:63:a7:2a:c7:cb:11:af:a8:
e5:d2:e6:f4:a7:4e:75:40:c8:69:31:eb:27:bd:30:63:8e:d4:
f2:2d:88:79:e9:63:46:0b:bd:c2:f0:87:5f:2b:54:73:b9:b8:
53:bb:69:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTb/A2oWsfAWjyQIbEF8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMDM3NGQ3MWJjNTdkYjk2ZGMzOTNlOTFmZWJiOWU5ZDU5
ZmVmOWEwHhcNMjQwMTAyMDgzMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY2MDcxYjExYjZiNmUyN2ZiMjcwMmExZTUxZjExZWU5NTc4NzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiirWznXXDAu71MTW583iwLq9DCf
ULubKuTrmJX7Igr0mMMeSBE6r+mq5difnqwhrwmu5u+884rf/tw47yFsqTo4nrbR
viP1/H6aZUi6iMQ5fdY99DecGuAvqAnthTCBPvv2SgJdWRTokSNE4ZJJ4hAdD/gq
udsZJoraOXFQL7Fgqm1mC4aD2YbmsLBw3YL45DDCeWnqCevFUAwPuK3LSVQh5rKv
F3n6WAVRZl1uEz0FqGGnA+s9vLwPyHNEbx/vxP3O34sEvvCoqydOpcJcE00dDBD7
edcQj3w1Sq4dbD7+xTMmIvfyfbpBkAF/9S+5ml4nbqCxtmM8xpV4VwPCQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF72BxsRtrbif7JwKh5R8R7pV4c+MB8GA1UdIwQY
MBaAFJ4DdNcbxX25bcOT6R/ruenVn++aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmdOMDF4dkZmYmx0dzVQcEgtdTU2ZFdmNzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNDNhNzUtYTMyNi00YzZkLTg3Y2Et
ODE3ZDg0ZTUzZDUzLzEvWHZZSEd4RzJ0dUpfc25BcUhsSHhIdWxYaHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jNDNhNzUtYTMyNi00YzZkLTg3Y2EtODE3ZDg0ZTUzZDUz
LzEvbmdOMDF4dkZmYmx0dzVQcEgtdTU2ZFdmNzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWEJAwQA
uWELMA0GCSqGSIb3DQEBCwUAA4IBAQCt9jo9XVyjXJr1VWRubtEr/2CJ4/e+/Ows
sAlL2kyPiZglAgN96ImUWNvbmqJBoeAIIep5xGoJILPaxnsiZ/eMrYfJVzQgSK/o
pZlgD0yXckJ1M+Sg/92GNc97V+55V6Oxyulf9YS4K71NrufMUTa5BcZFIvcQzaGY
n+CBLR1U3fm3OvP31T/x5uyiKsa2dzqtAZo4nXe/JMuWi+7+sGmk2gRDzUjcEZXp
dY9yDblfEvfKk0zK2gqvoEcoN2tBqZ6VVm9wsGtJ/3zuceYa5zJBY6cqx8sRr6jl
0ub0p051QMhpMesnvTBjjtTyLYh56WNGC73C8IdfK1RzubhTu2kx
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:45:14 2024 by rpki-client on console-fra.rpki-client.org