Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/xt1zJ8XQOAnm1Hprvnf3B5aHcBQ.roa
File: xt1zJ8XQOAnm1Hprvnf3B5aHcBQ.roa (raw, json)
Hash identifier: RnLNKFZIfVlvYtaz7gx/czPP/tgExdAC8IRVO9aSTFg=
Subject key identifier: C6:DD:73:27:C5:D0:38:09:E6:D4:7A:6B:BE:77:F7:07:96:87:70:14
Certificate issuer: /CN=167782bea46fd271768ff46d9b45c057a9df5481
Certificate serial: 018CC2DABC131F63FFE8FEFC32CFC77AF1AA
Authority key identifier: 16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/xt1zJ8XQOAnm1Hprvnf3B5aHcBQ.roa
Signing time: Mon 01 Jan 2024 02:29:23 +0000
ROA not before: Mon 01 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205399
IP address blocks: 194.26.108.0/24 maxlen: 24
194.26.109.0/24 maxlen: 24
194.26.115.0/24 maxlen: 24
194.26.114.0/24 maxlen: 24
185.229.13.0/24 maxlen: 24
185.229.12.0/24 maxlen: 24
185.229.12.0/22 maxlen: 24
185.229.15.0/24 maxlen: 24
141.98.118.0/24 maxlen: 24
185.181.208.0/22 maxlen: 24
185.181.208.0/24 maxlen: 24
185.181.210.0/24 maxlen: 24
185.181.209.0/24 maxlen: 24
185.181.211.0/24 maxlen: 24
141.98.117.0/24 maxlen: 24
141.98.116.0/24 maxlen: 24
141.98.119.0/24 maxlen: 24
185.219.132.0/24 maxlen: 24
185.219.134.0/24 maxlen: 24
185.219.133.0/24 maxlen: 24
185.219.135.0/24 maxlen: 24
2a0a:e080::/29 maxlen: 29
2a0d:ae00::/29 maxlen: 48
2a0b:e8c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:bc:13:1f:63:ff:e8:fe:fc:32:cf:c7:7a:f1:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=167782bea46fd271768ff46d9b45c057a9df5481
Validity
Not Before: Jan 1 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6dd7327c5d03809e6d47a6bbe77f70796877014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:66:99:5b:cb:12:87:9b:d1:e0:e9:d2:e1:f9:
f6:c1:25:24:5f:f6:f1:05:94:19:9f:cb:b5:dd:66:
20:17:36:cc:35:50:0b:5d:a3:a4:89:9c:58:19:9b:
89:af:ca:d8:1f:d8:25:cf:85:74:ac:23:97:ff:e4:
f5:8f:d1:d9:c6:75:5a:10:51:1f:37:4d:fe:e8:a4:
6e:ab:79:46:05:17:19:32:15:a0:45:9b:db:60:c8:
a8:00:8d:56:4a:98:ea:56:46:bf:02:43:6c:71:df:
33:5c:ac:52:b7:60:80:9a:4a:68:c4:39:99:21:d7:
a7:cf:0b:cf:cd:fa:dc:70:a9:fe:4a:c4:a1:4c:9d:
5b:a9:62:b1:a9:40:32:66:4f:ee:e7:6c:18:5e:f2:
55:df:35:05:69:8d:24:ea:64:3a:41:9e:b4:a5:40:
b0:af:d6:06:74:63:33:b6:01:3e:4f:d2:ba:b7:fe:
84:14:9c:ee:e1:05:df:0d:8f:6d:88:88:81:6e:72:
03:6f:40:8d:f5:9a:45:e9:94:f2:95:12:6d:1d:fe:
aa:f8:c8:de:83:8a:94:bd:15:92:48:cc:ef:c3:f8:
f0:41:9b:62:df:4f:2e:68:5d:d7:06:db:e0:7e:a7:
d8:39:c2:d2:d3:06:b1:c7:ae:51:b8:ca:9a:5b:35:
bb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DD:73:27:C5:D0:38:09:E6:D4:7A:6B:BE:77:F7:07:96:87:70:14
X509v3 Authority Key Identifier:
keyid:16:77:82:BE:A4:6F:D2:71:76:8F:F4:6D:9B:45:C0:57:A9:DF:54:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FneCvqRv0nF2j_Rtm0XAV6nfVIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/xt1zJ8XQOAnm1Hprvnf3B5aHcBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ef0b92-5d85-4792-b551-9a358362829c/1/FneCvqRv0nF2j_Rtm0XAV6nfVIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.116.0/22
185.181.208.0/22
185.219.132.0/22
185.229.12.0/22
194.26.108.0/23
194.26.114.0/23
IPv6:
2a0a:e080::/29
2a0b:e8c0::/29
2a0d:ae00::/29
Signature Algorithm: sha256WithRSAEncryption
33:37:a6:85:3a:f0:1d:7a:d4:3f:76:6a:38:fe:8a:d0:0c:2d:
74:2f:ca:6b:09:ff:b5:e8:1b:80:b7:a7:d0:8a:4f:ca:7c:42:
1f:db:48:89:20:c8:ad:38:ba:fe:54:5d:39:b9:72:1e:e1:41:
6d:06:e1:9a:dd:f9:43:48:c7:de:4e:9a:de:f1:3c:d8:f6:b0:
23:f3:5c:94:b6:35:35:38:72:b1:0a:b6:de:fb:8c:4f:ac:3e:
19:1b:55:bb:a1:ff:23:f3:95:71:6d:00:3b:23:98:7f:1f:2d:
12:8a:03:7e:cd:99:5a:14:bc:2f:ba:9d:10:3b:89:00:57:f3:
8f:de:21:0e:35:1c:6e:fc:c2:ba:26:f4:0e:13:27:6c:2c:c1:
ed:43:08:4f:b4:d8:7a:90:cf:fb:85:33:b9:69:d9:54:a6:e3:
94:85:17:f1:3f:91:de:95:db:d2:f6:35:31:9f:db:51:97:a5:
11:a2:6f:e0:89:0c:1f:27:b6:bb:80:3a:e1:a6:90:34:2a:7a:
4a:c0:f3:db:fa:75:c1:33:0f:8c:b4:dc:7b:5b:0a:c8:f4:ee:
10:65:3f:66:3e:dc:98:20:5b:3f:c3:53:e5:65:1b:aa:7c:63:
88:d5:5e:60:64:1f:ed:67:a9:38:21:1d:96:25:aa:2f:1a:c4:
b4:11:7c:f0
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzC2rwTH2P/6P78Ms/HevGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2Nzc4MmJlYTQ2ZmQyNzE3NjhmZjQ2ZDliNDVjMDU3YTlk
ZjU0ODEwHhcNMjQwMTAxMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRkNzMyN2M1ZDAzODA5ZTZkNDdhNmJiZTc3ZjcwNzk2ODc3MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWaZW8sSh5vR4OnS4fn2wSUkX/bx
BZQZn8u13WYgFzbMNVALXaOkiZxYGZuJr8rYH9glz4V0rCOX/+T1j9HZxnVaEFEf
N03+6KRuq3lGBRcZMhWgRZvbYMioAI1WSpjqVka/AkNscd8zXKxSt2CAmkpoxDmZ
IdenzwvPzfrccKn+SsShTJ1bqWKxqUAyZk/u52wYXvJV3zUFaY0k6mQ6QZ60pUCw
r9YGdGMztgE+T9K6t/6EFJzu4QXfDY9tiIiBbnIDb0CN9ZpF6ZTylRJtHf6q+Mje
g4qUvRWSSMzvw/jwQZti308uaF3XBtvgfqfYOcLS0waxx65RuMqaWzW7SwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMbdcyfF0DgJ5tR6a7539weWh3AUMB8GA1UdIwQY
MBaAFBZ3gr6kb9Jxdo/0bZtFwFep31SBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEt
OWEzNTgzNjI4MjljLzEveHQxeko4WFFPQW5tMUhwcnZuZjNCNWFIY0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9lZjBiOTItNWQ4NS00NzkyLWI1NTEtOWEzNTgzNjI4Mjlj
LzEvRm5lQ3ZxUnYwbkYyal9SdG0wWEFWNm5mVklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQCjWJ0AwQC
ubXQAwQCuduEAwQCueUMAwQBwhpsAwQBwhpyMBsEAgACMBUDBQMqCuCAAwUDKgvo
wAMFAyoNrgAwDQYJKoZIhvcNAQELBQADggEBADM3poU68B161D92ajj+itAMLXQv
ymsJ/7XoG4C3p9CKT8p8Qh/bSIkgyK04uv5UXTm5ch7hQW0G4Zrd+UNIx95Omt7x
PNj2sCPzXJS2NTU4crEKtt77jE+sPhkbVbuh/yPzlXFtADsjmH8fLRKKA37NmVoU
vC+6nRA7iQBX84/eIQ41HG78wrom9A4TJ2wswe1DCE+02HqQz/uFM7lp2VSm45SF
F/E/kd6V29L2NTGf21GXpRGib+CJDB8ntruAOuGmkDQqekrA89v6dcEzD4y03Htb
Csj07hBlP2Y+3JggWz/DU+VlG6p8Y4jVXmBkH+1nqTghHZYlqi8axLQRfPA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:06 2024 by rpki-client on console-ams.rpki-client.org