Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/X1MjkEyxW3J0C0tlKdQVgQs6Nfs.roa
File: X1MjkEyxW3J0C0tlKdQVgQs6Nfs.roa (raw, json)
Hash identifier: CtSgvCm5jnxUhH6kzeYDbgUsYryXhurHzaxOwmrWxCo=
Subject key identifier: 5F:53:23:90:4C:B1:5B:72:74:0B:4B:65:29:D4:15:81:0B:3A:35:FB
Certificate issuer: /CN=29b79380fe407439cc2ecd3fac18157db36cf768
Certificate serial: 018CC6B92472833F65F1A38130EB5E9E27A3
Authority key identifier: 29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/X1MjkEyxW3J0C0tlKdQVgQs6Nfs.roa
Signing time: Mon 01 Jan 2024 20:31:11 +0000
ROA not before: Mon 01 Jan 2024 20:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206228
IP address blocks: 185.77.252.0/23 maxlen: 23
185.77.254.0/23 maxlen: 23
2a05:6740:40c0::/48 maxlen: 48
2a05:6740:4060::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.mft
rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:24:72:83:3f:65:f1:a3:81:30:eb:5e:9e:27:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b79380fe407439cc2ecd3fac18157db36cf768
Validity
Not Before: Jan 1 20:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f5323904cb15b72740b4b6529d415810b3a35fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:74:1d:7d:ea:7f:79:a3:b2:ed:c9:0e:9f:e2:
61:f1:13:b7:5b:f6:5f:09:67:fb:5f:75:77:b4:2c:
3b:17:b0:ae:76:06:6d:69:24:29:9f:21:47:f0:4e:
74:18:36:45:b7:e3:d9:cd:43:e7:2a:e3:8d:49:de:
bb:4f:e1:b2:34:c7:77:f0:c0:15:f7:d2:09:7f:ba:
1b:6d:e0:d0:6b:4d:ca:1f:f0:e2:11:eb:73:33:d9:
d7:ac:ae:3f:6b:30:f0:72:85:78:63:a6:b4:0d:2a:
05:69:54:0b:a3:ef:44:2b:e8:ec:bb:9a:ca:48:82:
da:a5:1c:b9:bc:ca:7c:06:17:df:2a:e7:4f:ef:c9:
be:94:e8:48:e2:0b:35:b2:28:ef:53:e8:9f:ed:c5:
71:35:61:a2:c2:57:16:ab:aa:dd:4f:5c:82:1a:ac:
dc:ca:9c:00:5f:e1:a5:7a:c5:f9:72:4f:19:d7:e9:
8c:0b:ba:26:f7:6c:c1:f7:de:ac:73:c4:fb:97:36:
e2:b8:32:99:6c:14:99:32:e8:72:db:f4:70:51:57:
09:71:2f:a3:f7:97:9e:dc:f2:a3:26:71:3a:3e:bd:
bf:48:81:8f:51:7f:84:f7:d1:1f:0b:ec:63:4f:43:
c7:c3:ae:2d:68:98:7a:7c:3e:17:5c:a8:40:13:30:
cd:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:53:23:90:4C:B1:5B:72:74:0B:4B:65:29:D4:15:81:0B:3A:35:FB
X509v3 Authority Key Identifier:
keyid:29:B7:93:80:FE:40:74:39:CC:2E:CD:3F:AC:18:15:7D:B3:6C:F7:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbeTgP5AdDnMLs0_rBgVfbNs92g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/X1MjkEyxW3J0C0tlKdQVgQs6Nfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/393842-e7ef-4893-9c1b-1e842118db6f/1/KbeTgP5AdDnMLs0_rBgVfbNs92g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.252.0/22
IPv6:
2a05:6740:4060::/46
2a05:6740:40c0::/48
Signature Algorithm: sha256WithRSAEncryption
48:aa:5f:6b:2d:73:7b:eb:12:8b:5a:06:95:fb:de:39:29:f5:
43:22:9d:00:ca:f7:29:ca:17:9c:81:5f:74:00:5b:e0:f4:f6:
31:7c:71:5e:e2:3e:8e:9d:74:96:e6:9b:ed:54:d8:a0:30:66:
36:75:c7:ea:a6:59:77:4e:f1:8d:64:91:da:84:7e:39:d6:59:
43:44:ac:21:41:4e:87:6d:fe:1b:86:17:41:d1:9f:2e:20:c7:
9a:9a:2f:58:91:34:e5:29:6a:9b:ab:eb:40:22:d9:39:62:96:
c7:f2:1f:6d:47:91:a1:80:13:f3:11:5c:0d:d0:aa:67:5d:5b:
a8:32:33:98:2a:fb:b8:a7:ca:e3:5b:e7:97:75:76:76:3d:44:
c0:ae:02:c9:1f:4a:5e:c4:e2:9c:b2:ac:1e:12:17:1e:d4:cd:
ab:cf:ca:0b:05:29:81:05:36:20:95:65:2e:66:53:22:6f:4e:
14:af:6a:a1:ba:2e:ba:87:5d:e7:b4:82:2c:cc:21:2d:c4:46:
8a:26:2b:c5:51:e4:67:bc:2b:3e:5f:ce:a7:4b:36:db:ba:cb:
55:55:d8:8a:d0:75:5f:77:62:4b:29:6c:1f:62:45:89:68:f3:
2e:0d:5b:52:6d:97:36:9c:f5:86:b9:37:35:dc:e9:b4:73:50:
2c:d5:5d:69
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzGuSRygz9l8aOBMOteniejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Yjc5MzgwZmU0MDc0MzljYzJlY2QzZmFjMTgxNTdkYjM2
Y2Y3NjgwHhcNMjQwMTAxMjAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjUzMjM5MDRjYjE1YjcyNzQwYjRiNjUyOWQ0MTU4MTBiM2EzNWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3Qdfep/eaOy7ckOn+Jh8RO3W/Zf
CWf7X3V3tCw7F7CudgZtaSQpnyFH8E50GDZFt+PZzUPnKuONSd67T+GyNMd38MAV
99IJf7obbeDQa03KH/DiEetzM9nXrK4/azDwcoV4Y6a0DSoFaVQLo+9EK+jsu5rK
SILapRy5vMp8BhffKudP78m+lOhI4gs1sijvU+if7cVxNWGiwlcWq6rdT1yCGqzc
ypwAX+GlesX5ck8Z1+mMC7om92zB996sc8T7lzbiuDKZbBSZMuhy2/RwUVcJcS+j
95ee3PKjJnE6Pr2/SIGPUX+E99EfC+xjT0PHw64taJh6fD4XXKhAEzDNMwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF9TI5BMsVtydAtLZSnUFYELOjX7MB8GA1UdIwQY
MBaAFCm3k4D+QHQ5zC7NP6wYFX2zbPdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWIt
MWU4NDIxMThkYjZmLzEvWDFNamtFeXhXM0owQzB0bEtkUVZnUXM2TmZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zOTM4NDItZTdlZi00ODkzLTljMWItMWU4NDIxMThkYjZm
LzEvS2JlVGdQNUFkRG5NTHMwX3JCZ1ZmYk5zOTJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuU38MBgE
AgACMBIDBwIqBWdAQGADBwAqBWdAQMAwDQYJKoZIhvcNAQELBQADggEBAEiqX2st
c3vrEotaBpX73jkp9UMinQDK9ynKF5yBX3QAW+D09jF8cV7iPo6ddJbmm+1U2KAw
ZjZ1x+qmWXdO8Y1kkdqEfjnWWUNErCFBTodt/huGF0HRny4gx5qaL1iRNOUpapur
60Ai2TlilsfyH21HkaGAE/MRXA3QqmddW6gyM5gq+7inyuNb55d1dnY9RMCuAskf
Sl7E4pyyrB4SFx7UzavPygsFKYEFNiCVZS5mUyJvThSvaqG6LrqHXee0gizMIS3E
RoomK8VR5Ge8Kz5fzqdLNtu6y1VV2IrQdV93YkspbB9iRYlo8y4NW1Jtlzac9Ya5
NzXc6bRzUCzVXWk=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:11:31 2024 by rpki-client on console-fra.rpki-client.org