Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/fadff6-5cc0-4694-9c62-1358c2b5d541/1/XB23gi2f-EhXMiKkmL8fU9PDDBQ.roa
File: XB23gi2f-EhXMiKkmL8fU9PDDBQ.roa (raw, json)
Hash identifier: hA3iSkL/ACxgzBc9pcR+GrFx+TOBBSivCpNwtRcQVsI=
Subject key identifier: 5C:1D:B7:82:2D:9F:F8:48:57:32:22:A4:98:BF:1F:53:D3:C3:0C:14
Certificate issuer: /CN=5230b65d6116d4b60d36fdf7b6c6d5e5b954639e
Certificate serial: 018CC8013DDA67EA0000A2BC72B756BA2137
Authority key identifier: 52:30:B6:5D:61:16:D4:B6:0D:36:FD:F7:B6:C6:D5:E5:B9:54:63:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UjC2XWEW1LYNNv33tsbV5blUY54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/fadff6-5cc0-4694-9c62-1358c2b5d541/1/XB23gi2f-EhXMiKkmL8fU9PDDBQ.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25593
IP address blocks: 217.19.48.0/20 maxlen: 20
89.107.168.0/21 maxlen: 21
46.19.176.0/21 maxlen: 21
93.188.168.0/21 maxlen: 21
185.48.44.0/22 maxlen: 22
212.67.32.0/20 maxlen: 20
185.48.46.0/24 maxlen: 24
2a00:1a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/fadff6-5cc0-4694-9c62-1358c2b5d541/1/UjC2XWEW1LYNNv33tsbV5blUY54.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/fadff6-5cc0-4694-9c62-1358c2b5d541/1/UjC2XWEW1LYNNv33tsbV5blUY54.mft
rsync://rpki.ripe.net/repository/DEFAULT/UjC2XWEW1LYNNv33tsbV5blUY54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3d:da:67:ea:00:00:a2:bc:72:b7:56:ba:21:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5230b65d6116d4b60d36fdf7b6c6d5e5b954639e
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c1db7822d9ff848573222a498bf1f53d3c30c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:67:41:1d:04:29:67:59:d8:67:d8:45:e1:38:
03:fa:e3:82:cc:70:bd:d5:ba:c7:2b:db:27:fa:34:
d2:f0:a0:32:d2:2f:c2:9f:7d:bc:9a:56:d9:08:28:
f3:35:6b:1c:88:49:6c:35:6b:16:78:44:d5:79:dd:
26:31:71:ee:41:01:d5:5b:8d:71:f7:25:c1:53:0f:
9d:7d:58:69:c4:3c:43:4d:1e:f8:79:20:11:03:c2:
1d:96:9e:f8:20:15:20:c4:28:52:ba:99:31:d8:9c:
35:a4:2a:cd:0a:52:25:b0:cb:e2:2e:1a:f1:c0:20:
09:13:7f:71:8c:79:ff:33:2f:d6:a3:89:38:83:a9:
a3:40:19:f8:5d:9d:6d:82:77:77:ec:51:1e:12:8d:
da:66:c7:f0:63:a7:68:b0:0c:0f:3b:89:76:04:17:
b4:5b:61:7c:0d:04:19:c2:93:48:ab:a5:d3:7f:69:
7d:40:48:61:0e:71:be:a3:f7:7b:fa:09:63:13:8a:
b4:69:1d:7f:3e:23:c1:e8:3e:fc:9a:1e:03:5a:01:
46:4b:91:77:46:dd:fb:5f:88:88:d2:7e:04:25:c0:
34:d1:dd:63:7a:c4:d8:ef:f7:8e:d4:11:6a:35:2b:
a8:bb:e4:39:67:04:38:39:da:35:17:e8:38:9f:27:
c2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1D:B7:82:2D:9F:F8:48:57:32:22:A4:98:BF:1F:53:D3:C3:0C:14
X509v3 Authority Key Identifier:
keyid:52:30:B6:5D:61:16:D4:B6:0D:36:FD:F7:B6:C6:D5:E5:B9:54:63:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UjC2XWEW1LYNNv33tsbV5blUY54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/fadff6-5cc0-4694-9c62-1358c2b5d541/1/XB23gi2f-EhXMiKkmL8fU9PDDBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/fadff6-5cc0-4694-9c62-1358c2b5d541/1/UjC2XWEW1LYNNv33tsbV5blUY54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.176.0/21
89.107.168.0/21
93.188.168.0/21
185.48.44.0/22
212.67.32.0/20
217.19.48.0/20
IPv6:
2a00:1a00::/32
Signature Algorithm: sha256WithRSAEncryption
53:2d:af:aa:5c:3d:97:77:bc:d1:96:7f:fe:e9:a4:0a:bd:ce:
fe:05:90:84:53:ed:16:04:13:2e:32:9f:66:18:10:63:31:59:
6b:5f:c5:31:d2:1b:fe:d5:03:42:05:ac:02:46:74:e8:d3:27:
84:10:93:d4:d1:39:37:65:c8:a2:55:4b:d7:71:b1:68:4a:ae:
55:51:5c:08:92:37:6e:80:fe:bf:8c:fd:86:61:12:20:09:71:
4e:0b:b9:ae:ff:37:a1:05:a1:af:8f:a2:88:18:f1:f4:3e:b3:
52:5e:03:84:3d:ff:d3:4c:78:97:99:06:90:c6:eb:ea:de:c9:
91:e4:1a:be:c5:b1:5b:c0:3e:2f:a8:ce:70:c8:3e:92:65:63:
c3:60:08:a4:db:27:f2:f3:f5:be:0c:70:d6:f8:a2:59:2d:ce:
ad:45:4e:86:f3:ca:d1:be:4e:65:7d:1c:9b:13:c5:ad:63:62:
de:4e:cb:b1:91:85:04:2e:9e:4f:80:99:0b:1c:15:4f:be:c7:
ae:ef:36:43:eb:21:3d:de:f7:c4:e6:15:ce:9e:7f:7d:12:f5:
ba:5c:94:f8:9a:a4:e4:fd:cc:57:97:8b:6b:8f:4b:21:7e:60:
8c:e2:2d:16:a8:f0:3e:04:ec:bc:a9:34:6f:28:ac:e6:33:79:
49:6d:c4:e5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzIAT3aZ+oAAKK8crdWuiE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMzBiNjVkNjExNmQ0YjYwZDM2ZmRmN2I2YzZkNWU1Yjk1
NDYzOWUwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFkYjc4MjJkOWZmODQ4NTczMjIyYTQ5OGJmMWY1M2QzYzMwYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGdBHQQpZ1nYZ9hF4TgD+uOCzHC9
1brHK9sn+jTS8KAy0i/Cn328mlbZCCjzNWsciElsNWsWeETVed0mMXHuQQHVW41x
9yXBUw+dfVhpxDxDTR74eSARA8Idlp74IBUgxChSupkx2Jw1pCrNClIlsMviLhrx
wCAJE39xjHn/My/Wo4k4g6mjQBn4XZ1tgnd37FEeEo3aZsfwY6dosAwPO4l2BBe0
W2F8DQQZwpNIq6XTf2l9QEhhDnG+o/d7+gljE4q0aR1/PiPB6D78mh4DWgFGS5F3
Rt37X4iI0n4EJcA00d1jesTY7/eO1BFqNSuou+Q5ZwQ4Odo1F+g4nyfCawIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFwdt4Itn/hIVzIipJi/H1PTwwwUMB8GA1UdIwQY
MBaAFFIwtl1hFtS2DTb997bG1eW5VGOeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWpDMlhXRVcxTFlOTnYzM3RzYlY1YmxVWTU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mYWRmZjYtNWNjMC00Njk0LTljNjIt
MTM1OGMyYjVkNTQxLzEvWEIyM2dpMmYtRWhYTWlLa21MOGZVOVBEREJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mYWRmZjYtNWNjMC00Njk0LTljNjItMTM1OGMyYjVkNTQx
LzEvVWpDMlhXRVcxTFlOTnYzM3RzYlY1YmxVWTU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLhOwAwQD
WWuoAwQDXbyoAwQCuTAsAwQE1EMgAwQE2RMwMA0EAgACMAcDBQAqABoAMA0GCSqG
SIb3DQEBCwUAA4IBAQBTLa+qXD2Xd7zRln/+6aQKvc7+BZCEU+0WBBMuMp9mGBBj
MVlrX8Ux0hv+1QNCBawCRnTo0yeEEJPU0Tk3ZciiVUvXcbFoSq5VUVwIkjdugP6/
jP2GYRIgCXFOC7mu/zehBaGvj6KIGPH0PrNSXgOEPf/TTHiXmQaQxuvq3smR5Bq+
xbFbwD4vqM5wyD6SZWPDYAik2yfy8/W+DHDW+KJZLc6tRU6G88rRvk5lfRybE8Wt
Y2LeTsuxkYUELp5PgJkLHBVPvseu7zZD6yE93vfE5hXOnn99EvW6XJT4mqTk/cxX
l4trj0shfmCM4i0WqPA+BOy8qTRvKKzmM3lJbcTl
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:24:24 2024 by rpki-client on console-ams.rpki-client.org