Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/X-yUds0raYvMDiXf2mdMuIqhC-k.roa
File: X-yUds0raYvMDiXf2mdMuIqhC-k.roa (raw, json)
Hash identifier: vZWbCCGOlPwp0UrD6VjjJ1rsH2e2JDL2ni+7691v3B4=
Subject key identifier: 5F:EC:94:76:CD:2B:69:8B:CC:0E:25:DF:DA:67:4C:B8:8A:A1:0B:E9
Certificate issuer: /CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Certificate serial: 018CC94E31F655BDBBDCB6581582F6875C97
Authority key identifier: B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/X-yUds0raYvMDiXf2mdMuIqhC-k.roa
Signing time: Tue 02 Jan 2024 08:33:14 +0000
ROA not before: Tue 02 Jan 2024 08:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39931
IP address blocks: 185.172.12.0/22 maxlen: 22
77.245.128.0/20 maxlen: 20
77.245.136.0/23 maxlen: 23
77.245.136.0/22 maxlen: 22
77.245.140.0/22 maxlen: 22
2a00:4fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:31:f6:55:bd:bb:dc:b6:58:15:82:f6:87:5c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189
Validity
Not Before: Jan 2 08:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fec9476cd2b698bcc0e25dfda674cb88aa10be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:93:54:09:ba:b2:f7:66:c1:0e:c9:b1:37:85:
d7:cc:13:e2:a2:f1:8e:a2:01:84:94:9c:55:83:dd:
8f:28:6e:f6:ae:a1:c9:6e:13:02:bd:3e:95:49:34:
50:e6:a6:15:c0:e9:25:a0:3d:6b:a4:cf:9e:51:34:
6a:4c:98:36:3b:97:9e:9b:cb:88:88:a5:3a:8d:28:
ac:52:90:18:a2:8d:ac:eb:ea:5d:94:49:e3:c8:d9:
b2:67:4a:25:39:0b:b9:fc:0f:df:71:5f:95:58:5e:
6b:3d:00:9b:49:f2:07:1d:06:27:ea:8c:42:ea:ac:
af:9a:f0:f4:91:68:ec:d1:97:cb:1f:91:7d:f6:0a:
6a:d9:bf:a3:0f:4c:2c:2b:4a:1b:c8:a7:06:eb:fc:
62:86:af:99:36:bb:36:97:bd:a3:83:51:ef:f7:5e:
43:30:6a:b9:94:84:74:5b:d5:1c:e7:d5:68:fc:f1:
1d:20:67:f0:f9:60:f7:b1:8a:79:d7:7f:6f:41:87:
0f:17:07:e8:0b:ff:73:51:a5:ce:a4:69:07:8d:69:
b8:e2:ef:4e:7b:3d:79:c3:e0:27:5d:5b:ee:1f:cf:
48:08:32:4b:82:4b:f4:28:5c:16:99:56:67:67:48:
87:70:3b:58:09:5f:77:ca:3c:fb:db:37:23:f2:95:
ee:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:EC:94:76:CD:2B:69:8B:CC:0E:25:DF:DA:67:4C:B8:8A:A1:0B:E9
X509v3 Authority Key Identifier:
keyid:B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/X-yUds0raYvMDiXf2mdMuIqhC-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.128.0/20
185.172.12.0/22
IPv6:
2a00:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
64:2d:2f:0e:2e:cd:1c:61:58:59:e3:34:c1:e4:a0:6a:5f:73:
65:51:da:40:b5:6e:19:f8:29:b5:fb:f4:19:0b:c1:3e:97:6c:
a6:77:d9:c7:d8:37:8e:e2:d9:d3:f4:62:79:51:86:72:ab:4e:
f3:33:78:b4:fb:e8:a3:d0:50:56:b5:aa:55:76:26:00:b3:6b:
71:9d:de:9c:d1:8f:10:ad:55:f8:dd:c1:f1:f3:8f:22:b9:98:
63:58:3e:27:17:f4:41:ea:81:a1:51:a3:37:6d:69:aa:ac:e5:
06:01:73:9e:85:fb:94:fc:4c:5d:50:74:fa:12:a7:76:f1:ad:
e1:04:b5:ef:39:07:1c:a1:0e:7c:35:22:41:65:2b:42:5b:c9:
14:73:15:18:36:42:80:e4:41:18:34:78:90:36:17:75:d8:bb:
e1:68:82:ca:c7:81:37:b4:96:8e:7e:5c:5d:40:ca:44:9d:5c:
42:86:96:ec:f8:01:12:88:5c:97:9b:dc:aa:ae:9b:57:59:b0:
40:e9:7e:e9:39:25:63:fb:b4:56:a1:11:05:28:92:79:ce:fe:
2f:86:ff:ea:3e:21:51:d3:2f:15:33:39:e5:3b:8d:80:96:96:
1f:ee:04:21:b7:21:a9:42:23:d7:65:54:18:98:03:68:b4:9b:
b0:4c:25:eb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJTjH2Vb273LZYFYL2h1yXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTg4MmY3MTcxYWY2ZGNkY2NjOWNkNzlmOThkZWM2NzU3
ZmUxODkwHhcNMjQwMTAyMDgzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmVjOTQ3NmNkMmI2OThiY2MwZTI1ZGZkYTY3NGNiODhhYTEwYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpNUCbqy92bBDsmxN4XXzBPiovGO
ogGElJxVg92PKG72rqHJbhMCvT6VSTRQ5qYVwOkloD1rpM+eUTRqTJg2O5eem8uI
iKU6jSisUpAYoo2s6+pdlEnjyNmyZ0olOQu5/A/fcV+VWF5rPQCbSfIHHQYn6oxC
6qyvmvD0kWjs0ZfLH5F99gpq2b+jD0wsK0obyKcG6/xihq+ZNrs2l72jg1Hv915D
MGq5lIR0W9Uc59Vo/PEdIGfw+WD3sYp5139vQYcPFwfoC/9zUaXOpGkHjWm44u9O
ez15w+AnXVvuH89ICDJLgkv0KFwWmVZnZ0iHcDtYCV93yjz72zcj8pXu+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF/slHbNK2mLzA4l39pnTLiKoQvpMB8GA1UdIwQY
MBaAFLTogvcXGvbc3Myc15+Y3sZ1f+GJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAt
ZmVmZThlMzQwMDZjLzEvWC15VWRzMHJhWXZNRGlYZjJtZE11SXFoQy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAtZmVmZThlMzQwMDZj
LzEvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfWAAwQC
uawMMA0EAgACMAcDBQAqAE/AMA0GCSqGSIb3DQEBCwUAA4IBAQBkLS8OLs0cYVhZ
4zTB5KBqX3NlUdpAtW4Z+Cm1+/QZC8E+l2ymd9nH2DeO4tnT9GJ5UYZyq07zM3i0
++ij0FBWtapVdiYAs2txnd6c0Y8QrVX43cHx848iuZhjWD4nF/RB6oGhUaM3bWmq
rOUGAXOehfuU/ExdUHT6Eqd28a3hBLXvOQccoQ58NSJBZStCW8kUcxUYNkKA5EEY
NHiQNhd12LvhaILKx4E3tJaOflxdQMpEnVxChpbs+AESiFyXm9yqrptXWbBA6X7p
OSVj+7RWoREFKJJ5zv4vhv/qPiFR0y8VMznlO42AlpYf7gQhtyGpQiPXZVQYmANo
tJuwTCXr
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:14:59 2024 by rpki-client on console-fra.rpki-client.org