Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/0am32q3oDTJFjZBepKofru_xhcc.roa
File: 0am32q3oDTJFjZBepKofru_xhcc.roa (raw, json)
Hash identifier: fRDFKMYwKDozv3vtUCYaa0fD1oGGywDMuiP6HsIzaso=
Subject key identifier: D1:A9:B7:DA:AD:E8:0D:32:45:8D:90:5E:A4:AA:1F:AE:EF:F1:85:C7
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DAD8250CB1ABCF33F25078FB7318DD
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/0am32q3oDTJFjZBepKofru_xhcc.roa
Signing time: Mon 01 Jan 2024 02:29:31 +0000
ROA not before: Mon 01 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196928
IP address blocks: 82.177.138.0/23 maxlen: 23
82.177.163.0/24 maxlen: 24
88.220.182.0/23 maxlen: 23
88.220.98.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d8:25:0c:b1:ab:cf:33:f2:50:78:fb:73:18:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1a9b7daade80d32458d905ea4aa1faeeff185c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:12:9f:b5:bf:b1:3a:38:91:02:07:c7:fb:36:
b9:37:68:10:04:f3:8f:fc:95:9c:9d:ad:d7:35:71:
c3:ee:bc:cc:90:16:6c:2e:d7:e6:5f:68:3f:e5:d6:
49:c9:6c:19:d8:5c:4b:b5:21:f0:63:8b:fc:e8:f9:
0a:0c:ef:79:b9:5f:74:b9:0a:24:27:b5:28:2e:b5:
63:a4:eb:77:b0:95:8b:93:4c:d6:0a:75:81:5e:6f:
be:b6:3a:82:0e:48:a9:47:a0:28:31:9c:f9:99:6e:
6c:01:fd:b8:30:99:2c:0e:be:36:fc:8e:1a:40:8c:
0b:c2:b4:5a:d9:a4:76:3c:05:02:62:6c:31:f9:66:
35:0f:4a:cf:ec:df:db:53:b4:50:35:e5:3e:ce:89:
36:82:d7:0c:ab:f4:4b:d0:f6:da:2e:e3:ca:e1:ab:
37:37:1f:cd:43:4d:0c:bc:2a:9c:83:31:a3:70:a7:
3d:ff:55:ef:37:98:c4:53:81:c6:86:a3:02:35:5e:
76:db:49:11:82:43:47:1d:63:6c:1f:fb:d2:9a:af:
9e:32:0d:b4:2c:12:72:9b:71:a2:a7:52:65:ec:e0:
01:6e:b5:57:d9:03:5c:a5:58:35:b5:35:8d:1f:61:
9b:98:bb:a9:93:90:04:73:1a:53:57:8b:ac:be:1a:
50:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A9:B7:DA:AD:E8:0D:32:45:8D:90:5E:A4:AA:1F:AE:EF:F1:85:C7
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/0am32q3oDTJFjZBepKofru_xhcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.177.138.0/23
82.177.163.0/24
88.220.98.0/23
88.220.182.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:88:a5:f6:ac:ca:ab:af:52:b5:21:58:ab:0e:7b:34:31:5d:
77:95:26:74:1e:b9:1c:24:a3:4f:93:7c:1f:33:54:b2:25:b0:
72:16:09:ad:f6:b1:df:8b:14:15:c9:fa:c6:97:04:97:9c:f5:
2b:7a:fe:26:10:39:b3:49:fb:42:6e:38:e3:19:f8:76:01:fc:
db:77:7b:df:3e:a1:b7:7d:26:de:57:54:4b:60:e0:1d:95:a9:
56:01:b5:30:0d:ce:53:24:a1:fe:04:c9:7b:69:b1:90:e1:f9:
ff:ee:63:92:98:cd:f4:7e:c7:93:63:68:4c:dd:6e:bd:74:89:
6b:f5:fd:33:8f:12:1e:08:56:4b:40:1b:4d:1e:c5:fb:c2:53:
a0:6c:8c:83:58:f9:ae:e1:6b:f2:55:7d:92:3c:5c:f4:6c:97:
a4:97:71:3e:cb:4b:5d:1d:a0:62:c7:e0:93:f0:40:c5:6a:1e:
4a:02:83:7b:41:9d:cb:37:10:60:a0:44:db:42:68:0a:25:fc:
61:9e:da:5f:60:da:03:6f:0d:24:d1:db:6e:1e:02:08:55:ef:
fd:14:38:c4:8e:1c:1a:f6:46:b8:84:9f:b5:46:63:b5:dc:c3:
5c:86:64:16:25:cb:1c:90:37:64:6c:42:5a:a2:62:7c:30:c1:
28:bd:08:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2tglDLGrzzPyUHj7cxjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWE5YjdkYWFkZTgwZDMyNDU4ZDkwNWVhNGFhMWZhZWVmZjE4NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRKftb+xOjiRAgfH+za5N2gQBPOP
/JWcna3XNXHD7rzMkBZsLtfmX2g/5dZJyWwZ2FxLtSHwY4v86PkKDO95uV90uQok
J7UoLrVjpOt3sJWLk0zWCnWBXm++tjqCDkipR6AoMZz5mW5sAf24MJksDr42/I4a
QIwLwrRa2aR2PAUCYmwx+WY1D0rP7N/bU7RQNeU+zok2gtcMq/RL0PbaLuPK4as3
Nx/NQ00MvCqcgzGjcKc9/1XvN5jEU4HGhqMCNV5220kRgkNHHWNsH/vSmq+eMg20
LBJym3Gip1Jl7OABbrVX2QNcpVg1tTWNH2GbmLupk5AEcxpTV4usvhpQwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNGpt9qt6A0yRY2QXqSqH67v8YXHMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvMGFtMzJxM29EVEpGalpCZXBLb2ZydV94aGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUrGKAwQA
UrGjAwQBWNxiAwQBWNy2MA0GCSqGSIb3DQEBCwUAA4IBAQAMiKX2rMqrr1K1IVir
Dns0MV13lSZ0HrkcJKNPk3wfM1SyJbByFgmt9rHfixQVyfrGlwSXnPUrev4mEDmz
SftCbjjjGfh2Afzbd3vfPqG3fSbeV1RLYOAdlalWAbUwDc5TJKH+BMl7abGQ4fn/
7mOSmM30fseTY2hM3W69dIlr9f0zjxIeCFZLQBtNHsX7wlOgbIyDWPmu4WvyVX2S
PFz0bJekl3E+y0tdHaBix+CT8EDFah5KAoN7QZ3LNxBgoETbQmgKJfxhntpfYNoD
bw0k0dtuHgIIVe/9FDjEjhwa9ka4hJ+1RmO13MNchmQWJcsckDdkbEJaomJ8MMEo
vQim
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:14:50 2024 by rpki-client on console-fra.rpki-client.org