Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/Xjg8vjiT3U92qhWXD7hgZElvyKo.roa
File: Xjg8vjiT3U92qhWXD7hgZElvyKo.roa (raw, json)
Hash identifier: A2NYZR13LLWOaczpv15r3ELOUSkLwrsjQu52Wv52uyQ=
Subject key identifier: 5E:38:3C:BE:38:93:DD:4F:76:AA:15:97:0F:B8:60:64:49:6F:C8:AA
Certificate issuer: /CN=757f9fdea350a766bb98c604d3b9c27916732209
Certificate serial: 018CC5DC98AAC9281E259C8270AA13FBFFC2
Authority key identifier: 75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/Xjg8vjiT3U92qhWXD7hgZElvyKo.roa
Signing time: Mon 01 Jan 2024 16:30:17 +0000
ROA not before: Mon 01 Jan 2024 16:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34403
IP address blocks: 85.158.98.0/24 maxlen: 24
85.158.96.0/22 maxlen: 22
85.158.96.0/24 maxlen: 24
85.158.97.0/24 maxlen: 24
85.158.99.0/24 maxlen: 24
85.158.100.0/24 maxlen: 24
85.158.101.0/24 maxlen: 24
85.158.102.0/24 maxlen: 24
85.158.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:98:aa:c9:28:1e:25:9c:82:70:aa:13:fb:ff:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757f9fdea350a766bb98c604d3b9c27916732209
Validity
Not Before: Jan 1 16:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e383cbe3893dd4f76aa15970fb86064496fc8aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b5:21:08:43:7a:d2:86:c1:15:28:57:5c:30:
70:78:6f:64:64:c6:da:59:ae:22:08:de:41:a4:c3:
cd:aa:77:08:b1:d7:1b:2b:97:99:a2:3e:99:3a:b4:
7d:4d:1c:6b:77:12:f3:ac:2c:88:f4:d4:f6:46:1f:
f6:cc:08:f2:8c:98:e9:7a:a7:55:ae:11:29:ec:48:
a4:e9:d0:6c:77:c7:4c:d2:de:d7:f2:c2:f5:e2:e5:
43:78:7d:93:c3:d7:90:6b:36:b5:47:78:30:7d:6b:
ef:b1:dd:e1:6b:67:62:85:20:80:52:e4:1f:a1:30:
b2:e6:bd:f7:61:89:1b:b5:39:a4:6d:e6:0a:ca:ca:
2c:0a:5b:93:4d:ce:c5:b9:99:da:77:72:ca:4a:cd:
6b:9c:bf:f5:d8:84:b0:c3:38:f9:1c:f8:68:09:f0:
6b:38:27:95:50:4b:75:7b:a8:28:70:ce:17:19:e6:
96:a2:4f:42:81:7b:24:68:b8:25:75:4d:af:a9:ae:
66:3a:13:00:5c:9d:37:85:c4:cd:5e:92:92:36:10:
65:65:c8:dc:a5:0b:e4:86:6d:fc:c5:ec:fd:c1:8c:
ef:8f:4d:aa:87:22:85:7c:2a:6f:b8:8b:48:0e:0c:
8b:18:ff:99:ea:ad:b7:9e:30:cb:ac:7d:62:14:fc:
c6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:38:3C:BE:38:93:DD:4F:76:AA:15:97:0F:B8:60:64:49:6F:C8:AA
X509v3 Authority Key Identifier:
keyid:75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/Xjg8vjiT3U92qhWXD7hgZElvyKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.96.0/21
Signature Algorithm: sha256WithRSAEncryption
40:65:8a:81:e3:34:38:8e:e5:23:ad:7b:1f:35:48:5c:74:65:
18:15:f1:2b:1e:fb:71:a1:08:8f:46:1e:55:91:a5:34:08:d0:
da:7d:5e:c1:88:40:9e:d4:51:f4:15:7d:d8:6f:13:65:14:31:
08:14:20:14:b8:88:97:93:7a:98:57:06:c7:6c:b6:c2:56:7d:
02:6a:cc:42:2b:55:19:96:7e:eb:bc:84:42:8b:e8:58:4e:aa:
45:6a:4f:1a:68:9e:33:65:2a:78:14:b0:9e:b2:1a:fc:ab:d7:
f0:e6:fb:d4:26:4f:0c:f4:7b:51:af:2c:60:bb:60:1f:24:9f:
6c:62:73:c3:9c:76:8a:f3:3b:7d:b1:b7:cc:34:49:3a:66:69:
80:d2:4b:66:6c:48:f2:f4:78:2c:b4:8f:11:1e:8b:72:7b:36:
2d:54:52:38:33:85:a0:c8:b6:3e:b5:19:b4:e9:66:db:e8:f4:
75:60:26:f0:00:cb:3e:22:3c:f7:fd:29:87:47:74:dd:ea:f9:
1e:3e:2e:71:6c:8e:1f:a0:4a:2e:b7:34:2d:eb:6f:f8:5c:2b:
4b:0a:02:e4:07:3c:82:f5:42:e8:f8:15:32:92:c2:25:ca:a4:
4d:40:09:ef:9e:d2:45:7e:31:4f:46:ea:35:41:06:56:63:73:
fd:b8:c6:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3JiqySgeJZyCcKoT+//CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2Y5ZmRlYTM1MGE3NjZiYjk4YzYwNGQzYjljMjc5MTY3
MzIyMDkwHhcNMjQwMTAxMTYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTM4M2NiZTM4OTNkZDRmNzZhYTE1OTcwZmI4NjA2NDQ5NmZjOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7UhCEN60obBFShXXDBweG9kZMba
Wa4iCN5BpMPNqncIsdcbK5eZoj6ZOrR9TRxrdxLzrCyI9NT2Rh/2zAjyjJjpeqdV
rhEp7Eik6dBsd8dM0t7X8sL14uVDeH2Tw9eQaza1R3gwfWvvsd3ha2dihSCAUuQf
oTCy5r33YYkbtTmkbeYKysosCluTTc7FuZnad3LKSs1rnL/12ISwwzj5HPhoCfBr
OCeVUEt1e6gocM4XGeaWok9CgXskaLgldU2vqa5mOhMAXJ03hcTNXpKSNhBlZcjc
pQvkhm38xez9wYzvj02qhyKFfCpvuItIDgyLGP+Z6q23njDLrH1iFPzGRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF44PL44k91PdqoVlw+4YGRJb8iqMB8GA1UdIwQY
MBaAFHV/n96jUKdmu5jGBNO5wnkWcyIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYt
YzI1YWJhNmI1NWFmLzEvWGpnOHZqaVQzVTkycWhXWEQ3aGdaRWx2eUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYtYzI1YWJhNmI1NWFm
LzEvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ5gMA0G
CSqGSIb3DQEBCwUAA4IBAQBAZYqB4zQ4juUjrXsfNUhcdGUYFfErHvtxoQiPRh5V
kaU0CNDafV7BiECe1FH0FX3YbxNlFDEIFCAUuIiXk3qYVwbHbLbCVn0CasxCK1UZ
ln7rvIRCi+hYTqpFak8aaJ4zZSp4FLCeshr8q9fw5vvUJk8M9HtRryxgu2AfJJ9s
YnPDnHaK8zt9sbfMNEk6ZmmA0ktmbEjy9HgstI8RHotyezYtVFI4M4WgyLY+tRm0
6Wbb6PR1YCbwAMs+Ijz3/SmHR3Td6vkePi5xbI4foEoutzQt62/4XCtLCgLkBzyC
9ULo+BUyksIlyqRNQAnvntJFfjFPRuo1QQZWY3P9uMac
-----END CERTIFICATE-----
Generated at Sat Jun 1 23:02:41 2024 by rpki-client on console-fra.rpki-client.org