Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/xr70ronZc-6PJMO2B4tNxwyw77c.roa
File: xr70ronZc-6PJMO2B4tNxwyw77c.roa (raw, json)
Hash identifier: hT/yZoL6HRO684ngwNI9dtvbySJz8R43MzPLOTnD58k=
Subject key identifier: C6:BE:F4:AE:89:D9:73:EE:8F:24:C3:B6:07:8B:4D:C7:0C:B0:EF:B7
Certificate issuer: /CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Certificate serial: 018CC8714DBC50A723491CE6664CF4B441C8
Authority key identifier: 5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/xr70ronZc-6PJMO2B4tNxwyw77c.roa
Signing time: Tue 02 Jan 2024 04:31:57 +0000
ROA not before: Tue 02 Jan 2024 04:31:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209810
IP address blocks: 176.118.170.0/23 maxlen: 23
85.92.96.0/22 maxlen: 23
194.31.188.0/22 maxlen: 22
89.190.128.0/22 maxlen: 22
2a09:1980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:4d:bc:50:a7:23:49:1c:e6:66:4c:f4:b4:41:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Validity
Not Before: Jan 2 04:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6bef4ae89d973ee8f24c3b6078b4dc70cb0efb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ed:ec:5b:b5:4c:0a:85:58:bb:06:14:93:1a:
67:c4:b5:f4:72:08:96:95:7b:16:76:1f:c6:01:28:
66:06:ea:89:ed:aa:25:f8:97:66:5c:57:73:97:df:
88:4d:27:73:df:5b:40:0a:b5:07:15:68:ba:01:b9:
56:4e:89:7f:e8:8d:7c:53:40:d2:74:2c:90:d3:f7:
33:45:43:6d:a6:76:0a:92:0e:33:fc:2a:d2:06:a4:
0a:cc:92:ca:94:8a:05:b3:60:10:c0:75:86:fb:1f:
13:f6:3a:82:1c:0f:e2:40:2b:8c:9e:d2:e9:87:ca:
e3:95:6f:d8:28:06:97:9d:5d:79:87:85:a1:e4:a4:
75:43:e0:b6:5b:40:81:38:a8:7e:24:53:61:ba:f6:
fa:e8:30:14:84:dc:d9:7e:6f:b0:6a:0d:91:83:95:
92:7f:ec:86:99:9f:8a:a6:1c:d5:64:18:ef:78:17:
24:69:38:38:3f:3e:2c:2a:61:6e:ba:a1:85:8a:75:
49:7b:53:14:f4:dc:b6:40:21:2d:69:4e:11:5b:33:
9d:0b:1f:00:b9:a7:3d:e1:ea:3b:74:6e:b3:88:a5:
18:6a:f4:1e:3d:3d:60:36:d2:44:24:80:b1:dc:e2:
fd:69:13:d7:e1:64:5d:37:cb:9d:7c:db:91:08:45:
f1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:BE:F4:AE:89:D9:73:EE:8F:24:C3:B6:07:8B:4D:C7:0C:B0:EF:B7
X509v3 Authority Key Identifier:
keyid:5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/xr70ronZc-6PJMO2B4tNxwyw77c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.96.0/22
89.190.128.0/22
176.118.170.0/23
194.31.188.0/22
IPv6:
2a09:1980::/29
Signature Algorithm: sha256WithRSAEncryption
8c:4a:15:ee:a9:25:da:bb:a8:ce:cf:2c:5e:64:18:df:e3:b1:
8a:ff:6f:ab:53:64:89:73:5e:51:50:f6:ef:6f:9e:10:a8:f6:
bb:74:06:10:77:1e:da:91:12:5f:b8:64:20:1d:23:e0:79:55:
53:f2:00:d1:ec:9c:57:64:d9:57:72:09:bc:10:74:26:fa:37:
64:38:f6:5a:eb:f9:85:d8:c1:32:5e:f6:f1:99:7e:ae:22:b2:
cc:23:65:30:d3:dd:10:b2:0c:9d:0b:bd:86:c8:28:26:02:63:
fc:41:56:7c:67:71:29:43:a6:94:1f:dc:31:67:10:60:59:b4:
02:b8:83:e3:ba:67:fb:a5:30:8d:c1:ed:6e:0d:dd:6b:5a:56:
ff:0c:ef:13:37:e1:5a:3b:ed:ae:47:c4:e7:18:95:92:e2:0f:
a0:1f:e4:34:d9:ff:6c:c7:00:46:f8:b7:c6:44:82:60:4b:4b:
1b:b1:cc:5a:49:23:5d:ed:fd:46:c4:bf:3d:47:9c:ec:ad:05:
c7:db:59:93:58:e2:f7:9d:9e:12:8e:96:29:45:e2:03:02:e0:
53:6d:38:06:9f:ac:5f:37:e5:a6:1c:9a:f8:e1:d9:17:5c:60:
56:f5:8d:a2:c5:c1:9a:02:43:88:15:1a:b6:77:3c:fb:68:cd:
e1:0e:16:6d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIcU28UKcjSRzmZkz0tEHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDJjMzU2MTJmNDVhZjQxMTAzNTIwYWYyNzYxY2RhYTUx
ZTNhYTQwHhcNMjQwMTAyMDQzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmJlZjRhZTg5ZDk3M2VlOGYyNGMzYjYwNzhiNGRjNzBjYjBlZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu3sW7VMCoVYuwYUkxpnxLX0cgiW
lXsWdh/GAShmBuqJ7aol+JdmXFdzl9+ITSdz31tACrUHFWi6AblWTol/6I18U0DS
dCyQ0/czRUNtpnYKkg4z/CrSBqQKzJLKlIoFs2AQwHWG+x8T9jqCHA/iQCuMntLp
h8rjlW/YKAaXnV15h4Wh5KR1Q+C2W0CBOKh+JFNhuvb66DAUhNzZfm+wag2Rg5WS
f+yGmZ+KphzVZBjveBckaTg4Pz4sKmFuuqGFinVJe1MU9Ny2QCEtaU4RWzOdCx8A
uac94eo7dG6ziKUYavQePT1gNtJEJICx3OL9aRPX4WRdN8udfNuRCEXx7wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMa+9K6J2XPujyTDtgeLTccMsO+3MB8GA1UdIwQY
MBaAFF5Cw1YS9Fr0EQNSCvJ2HNqlHjqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYt
ODIxMTk5NzhkNmJiLzEveHI3MHJvblpjLTZQSk1PMkI0dE54d3l3NzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYtODIxMTk5NzhkNmJi
LzEvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCVVxgAwQC
Wb6AAwQBsHaqAwQCwh+8MA0EAgACMAcDBQMqCRmAMA0GCSqGSIb3DQEBCwUAA4IB
AQCMShXuqSXau6jOzyxeZBjf47GK/2+rU2SJc15RUPbvb54QqPa7dAYQdx7akRJf
uGQgHSPgeVVT8gDR7JxXZNlXcgm8EHQm+jdkOPZa6/mF2MEyXvbxmX6uIrLMI2Uw
090QsgydC72GyCgmAmP8QVZ8Z3EpQ6aUH9wxZxBgWbQCuIPjumf7pTCNwe1uDd1r
Wlb/DO8TN+FaO+2uR8TnGJWS4g+gH+Q02f9sxwBG+LfGRIJgS0sbscxaSSNd7f1G
xL89R5zsrQXH21mTWOL3nZ4SjpYpReIDAuBTbTgGn6xfN+WmHJr44dkXXGBW9Y2i
xcGaAkOIFRq2dzz7aM3hDhZt
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:18:32 2024 by rpki-client on console-ams.rpki-client.org