Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/xZwybaFpgQFHdbQ4KCpmu9UOq6g.roa
File: xZwybaFpgQFHdbQ4KCpmu9UOq6g.roa (raw, json)
Hash identifier: dNbNIbi8mK1TlLFjH/zRpC91e7rd9WvPJPQZb7htLtk=
Subject key identifier: C5:9C:32:6D:A1:69:81:01:47:75:B4:38:28:2A:66:BB:D5:0E:AB:A8
Certificate issuer: /CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Certificate serial: 018CC500F02A2031A1840552B40510F37DAE
Authority key identifier: DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/xZwybaFpgQFHdbQ4KCpmu9UOq6g.roa
Signing time: Mon 01 Jan 2024 12:30:22 +0000
ROA not before: Mon 01 Jan 2024 12:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33854
IP address blocks: 194.150.253.0/24 maxlen: 24
194.150.252.0/24 maxlen: 24
217.172.128.0/20 maxlen: 24
92.60.96.0/20 maxlen: 24
80.93.170.0/24 maxlen: 24
2a00:1a90::/32 maxlen: 34
2a00:1a90:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f0:2a:20:31:a1:84:05:52:b4:05:10:f3:7d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Validity
Not Before: Jan 1 12:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c59c326da16981014775b438282a66bbd50eaba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:08:22:e0:c1:63:bb:4f:00:b9:ed:20:b6:74:
7e:08:46:07:e8:16:b3:df:7b:32:70:96:c2:26:4b:
22:88:78:1a:f9:1b:74:dd:83:1e:86:fd:26:e8:04:
69:79:6e:9a:40:ba:97:a3:9a:a5:97:5c:53:04:2a:
42:e5:76:8a:4c:a5:8c:03:27:a6:e1:01:a1:6a:1c:
8f:a8:fd:51:2b:ad:aa:fb:d5:3e:d4:d8:fc:31:f4:
d5:ee:a9:07:0c:27:4c:f5:db:02:5d:96:70:a1:de:
00:c2:2e:69:06:aa:30:5a:3e:75:19:85:c2:a2:64:
dc:a9:89:4d:0a:0c:e4:fc:18:3f:9f:1d:a2:5f:25:
c1:4b:91:2e:09:19:ce:c8:a9:25:e7:82:7d:da:f5:
a2:85:ba:34:4f:06:52:89:77:54:04:78:06:03:c2:
04:ae:b9:26:fb:9b:8f:3a:a9:0d:27:1d:cb:d7:1a:
21:b0:2c:1d:9d:7e:71:0a:0d:55:68:cd:f1:2c:54:
e8:8d:39:91:85:03:10:ad:75:b9:bb:f9:ef:e3:4c:
9a:e1:b0:d7:2f:24:47:32:db:d3:4d:5a:4d:73:e6:
9b:7a:fb:b1:14:53:7b:87:54:b4:13:04:03:e2:f5:
f4:ba:19:84:fd:1c:ca:c6:71:1a:ba:59:d9:1e:cb:
64:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9C:32:6D:A1:69:81:01:47:75:B4:38:28:2A:66:BB:D5:0E:AB:A8
X509v3 Authority Key Identifier:
keyid:DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/xZwybaFpgQFHdbQ4KCpmu9UOq6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.170.0/24
92.60.96.0/20
194.150.252.0/23
217.172.128.0/20
IPv6:
2a00:1a90::/32
Signature Algorithm: sha256WithRSAEncryption
58:33:87:01:ab:27:6a:49:5c:a2:29:c0:31:97:1d:bc:58:c5:
a9:b3:ef:24:c0:b2:20:99:eb:58:8f:72:80:58:52:43:af:9f:
27:26:68:e1:7b:5e:c7:47:af:95:87:86:11:98:9d:9f:9c:1d:
47:90:b5:1a:0f:58:9b:b6:46:2f:ef:e9:a2:ae:ca:22:a4:d6:
cd:6a:d8:b9:b1:a6:cc:25:37:54:b1:49:00:aa:64:88:05:59:
00:4a:e2:85:43:16:9c:34:99:e4:5f:a4:b0:86:bd:e2:f8:bd:
54:bb:f3:fd:74:62:31:8a:b3:b2:90:30:8c:35:b5:e0:72:55:
7c:73:0c:42:ef:9c:09:6a:05:5e:6f:ed:62:e4:2e:15:74:0d:
04:2b:16:dd:4a:76:d9:20:0d:23:e3:dd:4c:78:39:70:2f:82:
35:9d:1f:af:5d:cb:3d:27:cb:60:06:99:10:49:75:f7:4a:fc:
5e:bf:26:20:cf:65:dc:5d:46:f6:83:93:1b:6a:45:79:85:4d:
30:9e:a1:e1:7e:f5:36:5b:ef:94:50:cf:50:aa:74:cc:f5:d6:
c8:fe:e4:c3:65:56:ec:cc:8d:4a:3a:d8:48:6a:59:7d:07:5a:
80:67:77:fa:3c:cf:fb:80:ef:a1:f4:84:34:40:08:52:20:2c:
4a:aa:d8:fc
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAPAqIDGhhAVStAUQ832uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYTdjMWUwZThhMWM3YWQwMmQwYmI4MjhiNDExODhh
ZTUyNDMwHhcNMjQwMTAxMTIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTljMzI2ZGExNjk4MTAxNDc3NWI0MzgyODJhNjZiYmQ1MGVhYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjggi4MFju08Aue0gtnR+CEYH6Baz
33sycJbCJksiiHga+Rt03YMehv0m6ARpeW6aQLqXo5qll1xTBCpC5XaKTKWMAyem
4QGhahyPqP1RK62q+9U+1Nj8MfTV7qkHDCdM9dsCXZZwod4Awi5pBqowWj51GYXC
omTcqYlNCgzk/Bg/nx2iXyXBS5EuCRnOyKkl54J92vWihbo0TwZSiXdUBHgGA8IE
rrkm+5uPOqkNJx3L1xohsCwdnX5xCg1VaM3xLFTojTmRhQMQrXW5u/nv40ya4bDX
LyRHMtvTTVpNc+abevuxFFN7h1S0EwQD4vX0uhmE/RzKxnEaulnZHstkvwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMWcMm2haYEBR3W0OCgqZrvVDquoMB8GA1UdIwQY
MBaAFNvgynweDoocetAtC7gotBGIrlJDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMt
NGY5MTEyZWRlOTY4LzEveFp3eWJhRnBnUUZIZGJRNEtDcG11OVVPcTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMtNGY5MTEyZWRlOTY4
LzEvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAUF2qAwQE
XDxgAwQBwpb8AwQE2ayAMA0EAgACMAcDBQAqABqQMA0GCSqGSIb3DQEBCwUAA4IB
AQBYM4cBqydqSVyiKcAxlx28WMWps+8kwLIgmetYj3KAWFJDr58nJmjhe17HR6+V
h4YRmJ2fnB1HkLUaD1ibtkYv7+mirsoipNbNati5sabMJTdUsUkAqmSIBVkASuKF
QxacNJnkX6Swhr3i+L1Uu/P9dGIxirOykDCMNbXgclV8cwxC75wJagVeb+1i5C4V
dA0EKxbdSnbZIA0j491MeDlwL4I1nR+vXcs9J8tgBpkQSXX3SvxevyYgz2XcXUb2
g5MbakV5hU0wnqHhfvU2W++UUM9QqnTM9dbI/uTDZVbszI1KOthIall9B1qAZ3f6
PM/7gO+h9IQ0QAhSICxKqtj8
-----END CERTIFICATE-----
Generated at Fri May 10 14:56:15 2024 by rpki-client on console-fra.rpki-client.org