Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/XUu2OUD-_o6mta9UODj4NLBluRc.roa
File: XUu2OUD-_o6mta9UODj4NLBluRc.roa (raw, json)
Hash identifier: ff74+RRE7XN0WAf6tGVhFS9XOuFBCpGN5ZwZA+P3Y3o=
Subject key identifier: 5D:4B:B6:39:40:FE:FE:8E:A6:B5:AF:54:38:38:F8:34:B0:65:B9:17
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B7336D161C1B222510AEFC13C37CB9
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/XUu2OUD-_o6mta9UODj4NLBluRc.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25186
IP address blocks: 194.3.255.0/24 maxlen: 24
217.167.104.0/24 maxlen: 24
81.80.72.0/24 maxlen: 24
195.6.171.0/24 maxlen: 24
195.6.67.0/24 maxlen: 24
195.6.174.0/24 maxlen: 24
195.6.66.0/24 maxlen: 24
81.80.17.0/24 maxlen: 24
195.6.9.0/24 maxlen: 24
195.6.230.0/24 maxlen: 24
195.6.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 10:36:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:33:6d:16:1c:1b:22:25:10:ae:fc:13:c3:7c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d4bb63940fefe8ea6b5af543838f834b065b917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:58:d7:a3:7b:0e:a5:89:4d:b7:b2:81:ad:b2:
b1:41:b9:f2:d0:0a:b7:58:8d:b2:11:75:29:7f:e0:
16:23:31:91:97:33:1a:c7:4b:af:88:d4:10:29:2e:
c9:2e:23:43:2f:84:dd:72:7d:f9:ff:25:6d:b3:5f:
8a:72:ff:a4:4b:58:37:f0:1a:29:ee:83:e7:45:70:
cb:f5:45:3c:0a:b3:3c:d4:8e:ad:b8:e3:ff:7f:0e:
4a:65:be:96:8b:6e:22:68:c1:cd:44:3b:fe:a4:ba:
cb:8a:7b:43:7f:6e:23:d1:80:d6:44:d6:f9:21:99:
6e:07:a2:a3:5e:a9:85:6f:47:dc:f0:1c:89:40:7c:
38:22:93:e9:e6:ca:96:a5:07:83:ff:67:32:28:59:
43:16:af:38:6c:5c:cd:43:ff:01:51:26:90:82:fc:
c8:51:2b:ab:67:b7:50:36:70:04:71:26:b2:38:2b:
f4:66:ec:a5:23:2a:45:15:9b:5a:19:7b:cc:b2:ff:
d8:f9:50:44:2a:a4:25:75:71:72:f2:b5:f8:fc:f2:
64:a4:c4:b2:9d:54:77:f4:31:cc:6a:af:6c:f0:90:
32:22:ce:d4:3f:1a:fa:7c:e4:88:1f:66:89:b8:87:
52:14:12:9b:12:2c:e4:be:a6:14:1b:e5:47:8f:a2:
fe:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4B:B6:39:40:FE:FE:8E:A6:B5:AF:54:38:38:F8:34:B0:65:B9:17
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/XUu2OUD-_o6mta9UODj4NLBluRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.80.17.0/24
81.80.72.0/24
194.3.255.0/24
195.6.9.0/24
195.6.20.0/24
195.6.66.0/23
195.6.171.0/24
195.6.174.0/24
195.6.230.0/24
217.167.104.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:38:fd:4d:88:10:44:90:23:c5:e4:18:f7:ee:d9:bb:48:b3:
77:2f:84:46:fe:01:5a:e9:ca:40:24:57:d5:8b:8e:7b:bf:f3:
61:fb:fa:a7:c1:f2:00:ae:93:aa:bb:9d:ea:02:66:b3:c8:19:
81:fc:19:9c:ff:8b:56:54:03:89:31:2e:cf:73:ee:fc:a4:4d:
97:e4:31:a1:5a:d4:4b:17:5b:be:89:42:79:65:88:24:92:9c:
79:3d:f8:a3:14:e1:4a:ca:e3:a5:74:4a:69:25:53:4a:8e:8c:
c8:6a:e5:b2:02:0a:c3:dc:09:90:11:a4:ed:12:9e:a3:0c:b5:
bf:04:86:f4:34:c6:1b:94:da:9e:e1:70:38:ed:e9:3b:81:5c:
c7:ac:1d:e7:bb:fa:7e:c6:79:fa:85:29:c5:df:75:51:1c:39:
c4:35:64:c8:31:aa:41:f1:59:aa:34:a9:d1:cd:56:a4:50:4a:
11:2d:55:e3:dc:e3:18:6a:9a:d0:62:94:f6:7f:37:a4:16:36:
59:87:11:3e:ef:44:ae:6f:7e:ed:f5:3e:8f:68:67:b1:e4:4b:
f4:ef:e0:67:63:bf:4a:32:4c:50:83:3b:be:56:1b:6f:bf:c8:
aa:ee:b0:55:9d:09:e0:54:74:8c:dc:5a:05:51:cf:02:14:f7:
fb:76:8c:5a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzDtzNtFhwbIiUQrvwTw3y5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDRiYjYzOTQwZmVmZThlYTZiNWFmNTQzODM4ZjgzNGIwNjViOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFjXo3sOpYlNt7KBrbKxQbny0Aq3
WI2yEXUpf+AWIzGRlzMax0uviNQQKS7JLiNDL4Tdcn35/yVts1+Kcv+kS1g38Bop
7oPnRXDL9UU8CrM81I6tuOP/fw5KZb6Wi24iaMHNRDv+pLrLintDf24j0YDWRNb5
IZluB6KjXqmFb0fc8ByJQHw4IpPp5sqWpQeD/2cyKFlDFq84bFzNQ/8BUSaQgvzI
USurZ7dQNnAEcSayOCv0ZuylIypFFZtaGXvMsv/Y+VBEKqQldXFy8rX4/PJkpMSy
nVR39DHMaq9s8JAyIs7UPxr6fOSIH2aJuIdSFBKbEizkvqYUG+VHj6L+cwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFF1LtjlA/v6OprWvVDg4+DSwZbkXMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvWFV1Mk9VRC1fbzZtdGE5VU9EajROTEJsdVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUVARAwQA
UVBIAwQAwgP/AwQAwwYJAwQAwwYUAwQBwwZCAwQAwwarAwQAwwauAwQAwwbmAwQA
2adoMA0GCSqGSIb3DQEBCwUAA4IBAQBqOP1NiBBEkCPF5Bj37tm7SLN3L4RG/gFa
6cpAJFfVi457v/Nh+/qnwfIArpOqu53qAmazyBmB/Bmc/4tWVAOJMS7Pc+78pE2X
5DGhWtRLF1u+iUJ5ZYgkkpx5PfijFOFKyuOldEppJVNKjozIauWyAgrD3AmQEaTt
Ep6jDLW/BIb0NMYblNqe4XA47ek7gVzHrB3nu/p+xnn6hSnF33VRHDnENWTIMapB
8VmqNKnRzVakUEoRLVXj3OMYaprQYpT2fzekFjZZhxE+70Sub37t9T6PaGex5Ev0
7+BnY79KMkxQgzu+Vhtvv8iq7rBVnQngVHSM3FoFUc8CFPf7doxa
-----END CERTIFICATE-----
Generated at Thu May 30 14:26:53 2024 by rpki-client on console-fra.rpki-client.org