Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/xabSMr0t07cnyFhoP3DEOX_V7ck.roa
File: xabSMr0t07cnyFhoP3DEOX_V7ck.roa (raw, json)
Hash identifier: lycHHjZwRMG7LgSDWhNw+DmdY+EuswvxamPGLJhd4vI=
Subject key identifier: C5:A6:D2:32:BD:2D:D3:B7:27:C8:58:68:3F:70:C4:39:7F:D5:ED:C9
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018CC50063190CD32A7070D958147F510158
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/xabSMr0t07cnyFhoP3DEOX_V7ck.roa
Signing time: Mon 01 Jan 2024 12:29:46 +0000
ROA not before: Mon 01 Jan 2024 12:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.mft
rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:63:19:0c:d3:2a:70:70:d9:58:14:7f:51:01:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 12:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5a6d232bd2dd3b727c858683f70c4397fd5edc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:de:4a:5f:fb:d2:b1:ba:74:50:d2:62:9c:01:
f0:6a:14:f4:e9:26:86:13:34:67:62:4c:55:e2:3e:
b3:6b:0a:bf:91:40:b9:f4:8e:59:3e:da:23:b1:4e:
4c:b7:1c:b8:2e:58:5d:89:a8:ee:15:f0:d7:35:1e:
03:f6:2f:5b:92:d1:9b:08:7f:53:64:e7:27:1a:f1:
73:8b:53:4f:5b:fa:a0:e0:3e:11:10:53:c3:91:12:
53:db:ba:26:fc:55:ce:35:5d:ef:b5:3e:2a:27:f5:
26:29:07:0b:23:fe:9f:4b:06:aa:8f:cc:88:e8:98:
ec:86:95:30:ed:c1:87:46:90:a5:3a:be:f7:6d:80:
4f:e4:c8:f5:9e:44:6f:47:3e:03:10:b7:e8:c4:65:
d8:b8:4f:94:2b:bd:f1:8f:b9:84:7c:3c:e7:f6:4f:
55:69:0b:b2:7c:4c:bf:59:ac:c9:17:c8:4c:04:4c:
1f:18:c6:63:94:53:81:56:3e:98:7e:06:d8:6e:28:
2e:b0:0f:dd:19:a9:e2:eb:83:63:e6:ec:1a:cd:01:
b4:46:f6:2a:5f:d9:77:b0:c4:c3:42:c5:0b:63:43:
e8:44:34:72:5a:5b:7c:59:9b:08:7a:a7:a6:1f:98:
9a:ab:4f:a8:13:9d:2a:8a:9e:8b:14:99:a3:89:d4:
49:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A6:D2:32:BD:2D:D3:B7:27:C8:58:68:3F:70:C4:39:7F:D5:ED:C9
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/xabSMr0t07cnyFhoP3DEOX_V7ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200:1::/48
Signature Algorithm: sha256WithRSAEncryption
80:11:d5:24:d0:44:d3:26:0e:e5:ab:f0:d2:13:94:55:3d:bc:
1d:36:6e:46:66:48:0d:6d:56:74:ba:8f:1f:28:be:3c:07:a3:
fb:34:55:70:17:77:22:5d:6c:cb:fc:44:e8:73:41:b8:ed:51:
78:ad:ef:5e:f2:ef:14:e7:66:2d:78:45:58:3b:71:3e:58:4e:
3e:84:df:0a:18:50:fe:14:33:2f:7f:56:2d:40:9e:8d:ca:e2:
fd:7b:63:0d:1b:2e:c9:61:da:50:7d:86:de:97:71:e3:a3:c4:
07:e6:84:ca:41:da:8c:3c:c0:6b:f2:57:a2:70:e0:eb:6e:b5:
96:8b:a8:70:41:3a:c0:20:77:d8:93:81:9c:ab:d4:70:45:b9:
08:3c:6f:f2:03:95:2f:c5:cd:20:3e:10:1b:3b:dd:29:38:80:
fe:a7:c1:ee:96:de:49:55:9a:11:d9:da:e4:38:06:a6:01:8f:
15:0f:ba:80:51:ca:06:58:b3:4a:48:fa:cc:41:2a:28:75:36:
b8:be:56:33:b4:ca:7e:34:14:ef:98:3b:2b:fa:f8:68:64:7e:
de:2c:17:b5:f6:dd:44:63:45:da:39:f8:a0:12:de:53:34:01:
66:9c:39:dd:58:b2:83:2a:97:45:fb:f3:15:ab:ad:5c:2c:be:
70:15:e0:f1
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzFAGMZDNMqcHDZWBR/UQFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjQwMTAxMTIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWE2ZDIzMmJkMmRkM2I3MjdjODU4NjgzZjcwYzQzOTdmZDVlZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht5KX/vSsbp0UNJinAHwahT06SaG
EzRnYkxV4j6zawq/kUC59I5ZPtojsU5Mtxy4LlhdiajuFfDXNR4D9i9bktGbCH9T
ZOcnGvFzi1NPW/qg4D4REFPDkRJT27om/FXONV3vtT4qJ/UmKQcLI/6fSwaqj8yI
6JjshpUw7cGHRpClOr73bYBP5Mj1nkRvRz4DELfoxGXYuE+UK73xj7mEfDzn9k9V
aQuyfEy/WazJF8hMBEwfGMZjlFOBVj6YfgbYbigusA/dGani64Nj5uwazQG0RvYq
X9l3sMTDQsULY0PoRDRyWlt8WZsIeqemH5iaq0+oE50qip6LFJmjidRJYwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMWm0jK9LdO3J8hYaD9wxDl/1e3JMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEveGFiU01yMHQwN2NueUZob1AzREVPWF9WN2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAIAR1STQRNMmDuWr8NITlFU9vB02bkZmSA1tVnS6jx8ovjwHo/s0VXAXdyJd
bMv8ROhzQbjtUXit717y7xTnZi14RVg7cT5YTj6E3woYUP4UMy9/Vi1Ano3K4v17
Yw0bLslh2lB9ht6XceOjxAfmhMpB2ow8wGvyV6Jw4OtutZaLqHBBOsAgd9iTgZyr
1HBFuQg8b/IDlS/FzSA+EBs73Sk4gP6nwe6W3klVmhHZ2uQ4BqYBjxUPuoBRygZY
s0pI+sxBKih1Nri+VjO0yn40FO+YOyv6+Ghkft4sF7X23URjRdo5+KAS3lM0AWac
Od1YsoMql0X78xWrrVwsvnAV4PE=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:39:49 2024 by rpki-client on console-fra.rpki-client.org