Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/cXgLfZNlPLp8AxnVIxcFFmZJQQw.roa
File: cXgLfZNlPLp8AxnVIxcFFmZJQQw.roa (raw, json)
Hash identifier: uuRDZOod+e4WkILgEf8K+nWqpz7jHJFwGUySLNTDSe4=
Subject key identifier: 71:78:0B:7D:93:65:3C:BA:7C:03:19:D5:23:17:05:16:66:49:41:0C
Certificate issuer: /CN=25a553794223e6b4c632779b51371dc4e7d70705
Certificate serial: 018FBA1EF7040D8E9729245FD06646A4FB34
Authority key identifier: 25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/cXgLfZNlPLp8AxnVIxcFFmZJQQw.roa
Signing time: Mon 27 May 2024 12:55:42 +0000
ROA not before: Mon 27 May 2024 12:55:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201471
IP address blocks: 84.40.0.0/20 maxlen: 24
84.40.32.0/21 maxlen: 24
176.223.248.0/23 maxlen: 24
176.223.250.0/23 maxlen: 24
2001:67c:4dc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:1e:f7:04:0d:8e:97:29:24:5f:d0:66:46:a4:fb:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a553794223e6b4c632779b51371dc4e7d70705
Validity
Not Before: May 27 12:55:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71780b7d93653cba7c0319d5231705166649410c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a3:bd:f5:82:bc:37:ca:b1:c6:4c:56:8b:5d:
bd:25:b7:68:47:3e:28:c5:0c:8e:2e:66:31:6b:3d:
2b:f2:12:aa:fb:5d:67:65:42:8d:b2:16:e9:ee:ae:
e5:0c:ad:d0:0f:00:a0:a7:1e:cc:ac:51:24:87:a1:
48:67:0d:c0:48:15:54:ae:7a:67:e8:04:5e:97:1b:
02:86:24:38:2b:15:ef:3c:0d:d8:e3:fe:30:86:f6:
00:d2:0e:c2:67:6d:e7:e2:59:d4:4f:3d:b8:10:f5:
4b:d2:0e:6d:16:37:4b:b9:86:93:92:46:4c:0b:1e:
9c:e2:9a:cd:7e:a7:8b:39:1c:f5:b0:ac:29:7f:d4:
2b:1d:88:fb:1e:40:ae:f5:fb:62:0b:44:bf:83:64:
96:1c:43:30:04:a1:b7:38:00:5d:08:6e:91:09:1d:
fe:c2:48:62:35:60:b9:58:56:60:55:e5:4f:5a:ec:
28:04:ab:4d:6f:d7:f6:9f:d1:8f:68:fb:40:56:1a:
0c:e1:04:37:7a:0b:a9:10:c1:e2:f4:af:32:a6:88:
83:5f:6a:b9:64:f1:1e:be:d0:b9:72:4f:5c:21:dc:
b1:55:42:99:cc:10:84:15:2e:20:aa:d2:ac:94:c3:
09:06:40:54:a3:d4:89:d6:fb:38:eb:18:6b:48:44:
85:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:78:0B:7D:93:65:3C:BA:7C:03:19:D5:23:17:05:16:66:49:41:0C
X509v3 Authority Key Identifier:
keyid:25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/cXgLfZNlPLp8AxnVIxcFFmZJQQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.40.0.0/20
84.40.32.0/21
176.223.248.0/22
IPv6:
2001:67c:4dc::/48
Signature Algorithm: sha256WithRSAEncryption
60:f9:05:55:0f:41:6f:e4:c2:19:b6:90:9a:53:30:23:0c:67:
aa:02:e5:21:dc:f9:5b:b3:c1:18:4a:76:70:b0:30:3e:94:f8:
7b:d7:58:de:12:cc:90:39:ba:09:70:fb:88:fb:80:ba:20:33:
6d:0a:5a:00:bb:7d:fc:ae:07:10:e6:a5:b0:cf:c9:62:71:18:
53:ab:1e:35:83:42:0d:38:aa:5a:fb:52:f2:3e:7e:f8:43:91:
bb:a7:6e:da:db:e4:47:36:ea:6e:41:93:cb:51:e9:71:65:32:
5d:d2:f0:2e:f0:19:0f:76:f3:77:95:c7:0d:e4:54:8d:6b:76:
63:21:0c:39:55:55:84:ad:ef:ed:62:50:f2:45:93:41:80:8f:
be:4f:59:93:26:31:dd:09:ab:d4:8c:d3:05:1f:a8:c8:ff:64:
4e:e1:92:e3:98:65:f4:65:b0:fd:58:a4:7c:2f:6f:30:f3:b5:
f9:ef:29:fc:04:54:c5:df:9b:fa:48:a2:10:f2:d5:3c:be:aa:
cd:76:53:4e:8b:be:cf:32:18:32:87:b5:58:d1:51:76:34:df:
68:66:7d:ae:e8:39:2e:02:e6:d8:f7:de:4a:af:3f:81:7d:52:
1e:69:ea:97:6c:a6:d0:94:04:37:16:28:0f:3e:5a:00:06:a8:
fe:0c:fb:4b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY+6HvcEDY6XKSRf0GZGpPs0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTU1Mzc5NDIyM2U2YjRjNjMyNzc5YjUxMzcxZGM0ZTdk
NzA3MDUwHhcNMjQwNTI3MTI1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTc4MGI3ZDkzNjUzY2JhN2MwMzE5ZDUyMzE3MDUxNjY2NDk0MTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26O99YK8N8qxxkxWi129JbdoRz4o
xQyOLmYxaz0r8hKq+11nZUKNshbp7q7lDK3QDwCgpx7MrFEkh6FIZw3ASBVUrnpn
6ARelxsChiQ4KxXvPA3Y4/4whvYA0g7CZ23n4lnUTz24EPVL0g5tFjdLuYaTkkZM
Cx6c4prNfqeLORz1sKwpf9QrHYj7HkCu9ftiC0S/g2SWHEMwBKG3OABdCG6RCR3+
wkhiNWC5WFZgVeVPWuwoBKtNb9f2n9GPaPtAVhoM4QQ3egupEMHi9K8ypoiDX2q5
ZPEevtC5ck9cIdyxVUKZzBCEFS4gqtKslMMJBkBUo9SJ1vs46xhrSESFVwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHF4C32TZTy6fAMZ1SMXBRZmSUEMMB8GA1UdIwQY
MBaAFCWlU3lCI+a0xjJ3m1E3HcTn1wcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYt
MzBlOTI5ZWQxMDYzLzEvY1hnTGZaTmxQTHA4QXhuVkl4Y0ZGbVpKUVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYtMzBlOTI5ZWQxMDYz
LzEvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQEVCgAAwQD
VCggAwQCsN/4MA8EAgACMAkDBwAgAQZ8BNwwDQYJKoZIhvcNAQELBQADggEBAGD5
BVUPQW/kwhm2kJpTMCMMZ6oC5SHc+VuzwRhKdnCwMD6U+HvXWN4SzJA5uglw+4j7
gLogM20KWgC7ffyuBxDmpbDPyWJxGFOrHjWDQg04qlr7UvI+fvhDkbunbtrb5Ec2
6m5Bk8tR6XFlMl3S8C7wGQ9283eVxw3kVI1rdmMhDDlVVYSt7+1iUPJFk0GAj75P
WZMmMd0Jq9SM0wUfqMj/ZE7hkuOYZfRlsP1YpHwvbzDztfnvKfwEVMXfm/pIohDy
1Ty+qs12U06Lvs8yGDKHtVjRUXY032hmfa7oOS4C5tj33kqvP4F9Uh5p6pdsptCU
BDcWKA8+WgAGqP4M+0s=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:42:09 2024 by rpki-client on console-fra.rpki-client.org