Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/xliANCt49iI2_u-jDN_qmqO4woI.roa
File: xliANCt49iI2_u-jDN_qmqO4woI.roa (raw, json)
Hash identifier: KB2NA65afl5vZKoUN0Sktfu90zovLQgnUFNFR5wKtoo=
Subject key identifier: C6:58:80:34:2B:78:F6:22:36:FE:EF:A3:0C:DF:EA:9A:A3:B8:C2:82
Certificate issuer: /CN=8f137200c9ea1560a3f42fd7e100ed28411416bc
Certificate serial: 018CC86EEE06FFEC466A4CA346EBE110A01E
Authority key identifier: 8F:13:72:00:C9:EA:15:60:A3:F4:2F:D7:E1:00:ED:28:41:14:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxNyAMnqFWCj9C_X4QDtKEEUFrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/xliANCt49iI2_u-jDN_qmqO4woI.roa
Signing time: Tue 02 Jan 2024 04:29:22 +0000
ROA not before: Tue 02 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 194.37.85.0/24 maxlen: 24
194.37.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/jxNyAMnqFWCj9C_X4QDtKEEUFrw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/jxNyAMnqFWCj9C_X4QDtKEEUFrw.mft
rsync://rpki.ripe.net/repository/DEFAULT/jxNyAMnqFWCj9C_X4QDtKEEUFrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:ee:06:ff:ec:46:6a:4c:a3:46:eb:e1:10:a0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f137200c9ea1560a3f42fd7e100ed28411416bc
Validity
Not Before: Jan 2 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c65880342b78f62236feefa30cdfea9aa3b8c282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a8:9e:28:41:6d:25:f1:72:16:11:95:df:49:
a7:19:87:12:76:ae:24:4e:f5:52:95:87:f3:a7:4c:
c1:eb:3b:38:68:39:6b:96:70:cb:00:b9:d1:42:01:
4d:42:be:fa:b0:8a:28:f2:36:13:ca:13:0b:d6:34:
55:cf:69:2a:b8:c3:ae:a2:33:7f:73:5c:16:e4:20:
bb:f3:95:e5:3d:b8:72:bb:de:c2:e8:c2:ba:fe:db:
df:3a:53:05:ae:9f:40:76:46:e6:f2:86:fd:4e:53:
df:60:05:42:ea:9b:8e:a3:b5:4b:b0:52:79:70:ea:
61:3a:c7:92:55:27:1b:96:21:9c:5e:29:ee:ca:69:
14:a9:5f:3d:f0:94:90:c4:8c:0f:c2:19:09:34:34:
4b:03:88:44:7f:51:f5:87:66:85:28:00:5d:01:82:
6a:6c:9e:48:3c:3c:a7:cd:6a:27:a4:83:b4:e7:87:
bb:b9:8f:59:a0:8f:1e:bd:68:7e:bf:fa:66:c1:b4:
18:39:9a:9a:9c:0f:c6:17:c1:05:94:96:e9:2e:7c:
a8:07:c5:31:6a:21:71:e8:2f:12:94:00:42:11:20:
8b:75:0e:c7:37:ef:7f:ac:cd:7f:30:90:13:c5:06:
df:42:2b:6c:64:aa:cf:be:56:9e:53:97:91:3c:fa:
fb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:58:80:34:2B:78:F6:22:36:FE:EF:A3:0C:DF:EA:9A:A3:B8:C2:82
X509v3 Authority Key Identifier:
keyid:8F:13:72:00:C9:EA:15:60:A3:F4:2F:D7:E1:00:ED:28:41:14:16:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxNyAMnqFWCj9C_X4QDtKEEUFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/xliANCt49iI2_u-jDN_qmqO4woI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ddbbab-5edc-4a14-b0e7-eb80221e538d/1/jxNyAMnqFWCj9C_X4QDtKEEUFrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.37.85.0/24
194.37.87.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:d5:c1:b2:bc:b0:38:e1:e7:a7:61:c9:92:cc:97:d2:b8:f7:
47:c9:9a:fc:57:26:38:99:ba:e4:fb:6b:e3:e5:f9:6e:fd:6d:
85:fa:25:c2:e1:89:76:0c:42:ed:4c:54:34:19:4c:af:5b:51:
95:5c:d2:bd:74:61:9c:1e:c2:66:5b:e4:2e:66:14:0d:9f:69:
ee:57:4a:dc:e2:07:b5:eb:5d:fe:58:be:68:19:a2:5d:5e:76:
c1:10:33:18:69:d4:37:6d:a5:cd:6d:fc:ae:5a:63:0f:c2:0b:
b3:97:1b:8b:5e:e5:05:72:81:c9:1a:66:80:85:fb:e6:f4:1c:
07:ac:52:e3:af:92:9c:5b:de:ef:f4:e2:a2:7b:77:e9:fc:4e:
ce:6c:d8:bb:aa:21:51:67:dc:7a:cf:19:03:e6:d7:89:ef:79:
4c:07:0b:1a:21:59:9e:e4:e3:5d:c3:26:f9:e1:cf:82:b6:b0:
19:8e:21:48:cc:81:1c:57:b7:11:35:28:07:26:28:48:4d:94:
d1:7b:7f:5f:48:7a:55:c0:00:a4:11:c9:57:03:80:ee:9e:22:
94:6e:be:b8:28:e0:81:a5:07:c1:00:09:94:0b:29:ac:4f:34:
e8:5b:fd:8c:da:66:e3:6c:41:61:9a:89:7d:10:d2:f0:e8:ee:
45:6b:81:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbu4G/+xGakyjRuvhEKAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTM3MjAwYzllYTE1NjBhM2Y0MmZkN2UxMDBlZDI4NDEx
NDE2YmMwHhcNMjQwMTAyMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjU4ODAzNDJiNzhmNjIyMzZmZWVmYTMwY2RmZWE5YWEzYjhjMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKieKEFtJfFyFhGV30mnGYcSdq4k
TvVSlYfzp0zB6zs4aDlrlnDLALnRQgFNQr76sIoo8jYTyhML1jRVz2kquMOuojN/
c1wW5CC785XlPbhyu97C6MK6/tvfOlMFrp9Adkbm8ob9TlPfYAVC6puOo7VLsFJ5
cOphOseSVScbliGcXinuymkUqV898JSQxIwPwhkJNDRLA4hEf1H1h2aFKABdAYJq
bJ5IPDynzWonpIO054e7uY9ZoI8evWh+v/pmwbQYOZqanA/GF8EFlJbpLnyoB8Ux
aiFx6C8SlABCESCLdQ7HN+9/rM1/MJATxQbfQitsZKrPvlaeU5eRPPr71QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMZYgDQrePYiNv7vowzf6pqjuMKCMB8GA1UdIwQY
MBaAFI8TcgDJ6hVgo/Qv1+EA7ShBFBa8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhOeUFNbnFGV0NqOUNfWDRRRHRLRUVVRnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kZGJiYWItNWVkYy00YTE0LWIwZTct
ZWI4MDIyMWU1MzhkLzEveGxpQU5DdDQ5aUkyX3UtakROX3FtcU80d29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kZGJiYWItNWVkYy00YTE0LWIwZTctZWI4MDIyMWU1Mzhk
LzEvanhOeUFNbnFGV0NqOUNfWDRRRHRLRUVVRnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwiVVAwQA
wiVXMA0GCSqGSIb3DQEBCwUAA4IBAQA71cGyvLA44eenYcmSzJfSuPdHyZr8VyY4
mbrk+2vj5flu/W2F+iXC4Yl2DELtTFQ0GUyvW1GVXNK9dGGcHsJmW+QuZhQNn2nu
V0rc4ge1613+WL5oGaJdXnbBEDMYadQ3baXNbfyuWmMPwguzlxuLXuUFcoHJGmaA
hfvm9BwHrFLjr5KcW97v9OKie3fp/E7ObNi7qiFRZ9x6zxkD5teJ73lMBwsaIVme
5ONdwyb54c+CtrAZjiFIzIEcV7cRNSgHJihITZTRe39fSHpVwACkEclXA4DuniKU
br64KOCBpQfBAAmUCymsTzToW/2M2mbjbEFhmol9ENLw6O5Fa4E+
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:20:24 2024 by rpki-client on console-ams.rpki-client.org