Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/XbKzSfIKBBtvznVGfAb0_SGPaXY.roa
File: XbKzSfIKBBtvznVGfAb0_SGPaXY.roa (raw, json)
Hash identifier: qBNAHL5m5Ar8pmv3lQ7Y0IdfntDirwmStJGHoRdip2g=
Subject key identifier: 5D:B2:B3:49:F2:0A:04:1B:6F:CE:75:46:7C:06:F4:FD:21:8F:69:76
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 018F19AA76E402B2BA5D5516E1AAA254037A
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/XbKzSfIKBBtvznVGfAb0_SGPaXY.roa
Signing time: Fri 26 Apr 2024 09:09:12 +0000
ROA not before: Fri 26 Apr 2024 09:09:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25311
IP address blocks: 86.105.206.0/23 maxlen: 24
89.34.180.0/22 maxlen: 24
188.209.96.0/20 maxlen: 24
195.182.220.0/23 maxlen: 24
2a01:4700:8000::/33 maxlen: 48
2a03:9c20:2002::/48 maxlen: 56
2a03:9c20:3000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:aa:76:e4:02:b2:ba:5d:55:16:e1:aa:a2:54:03:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Apr 26 09:09:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5db2b349f20a041b6fce75467c06f4fd218f6976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4a:78:7b:3d:e1:d3:66:91:e2:fe:fc:27:4e:
ca:e7:d5:8d:d7:8c:0e:70:6b:77:9a:7e:b3:12:b9:
66:18:0e:e3:30:e8:b1:9b:0c:ba:32:a7:ce:87:7e:
7c:d2:93:c2:ab:75:2f:f1:73:f3:29:8e:ec:cb:b5:
b7:44:06:c4:29:0e:d8:bc:cf:dd:d6:5c:e4:93:d9:
40:c2:25:2f:7c:5b:f4:6d:58:e0:97:81:2b:d8:c4:
62:b5:c4:f1:55:33:0a:2d:e7:32:d7:55:6f:cb:ff:
73:4b:49:67:a5:c7:45:f9:df:84:52:e8:56:e4:92:
30:c5:1b:89:aa:b8:4b:b9:32:53:67:e6:80:b7:8e:
3e:be:b2:b8:a7:07:cd:ed:4c:41:09:fe:4e:7a:f9:
77:df:00:14:3c:00:ed:79:67:e8:f0:e8:e8:89:dc:
be:bb:1c:97:81:5e:da:3d:5f:ca:cd:07:62:34:78:
20:40:41:26:51:01:c8:b2:f1:66:b2:65:b0:b2:49:
78:76:1a:17:49:73:56:93:54:5f:96:f8:0f:3f:3e:
ee:2f:73:b5:a3:12:2a:99:4e:cf:63:57:aa:08:4c:
89:7e:dd:5f:db:93:3f:98:bb:9f:4c:73:c4:aa:ab:
33:25:c9:8a:03:7a:db:77:c3:2a:f9:34:61:2f:5e:
63:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B2:B3:49:F2:0A:04:1B:6F:CE:75:46:7C:06:F4:FD:21:8F:69:76
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/XbKzSfIKBBtvznVGfAb0_SGPaXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.206.0/23
89.34.180.0/22
188.209.96.0/20
195.182.220.0/23
IPv6:
2a01:4700:8000::/33
2a03:9c20:2002::/48
2a03:9c20:3000::/36
Signature Algorithm: sha256WithRSAEncryption
20:7e:6f:40:3e:e6:8b:33:d5:ae:7a:e3:93:0b:00:65:72:2b:
7c:34:f3:a1:c2:56:07:6c:2d:8a:20:06:f1:ec:4e:a0:17:3f:
bd:b0:e7:73:c7:85:19:67:87:06:11:7f:6f:bb:4b:ec:16:c0:
f5:fc:30:8d:49:5c:8b:6d:e5:50:0a:52:36:58:ec:a6:bd:65:
ed:68:d9:0a:a8:0e:f7:1f:ae:b2:f8:95:12:9f:9d:98:95:11:
f6:fb:5e:75:8e:14:e8:94:5b:6b:34:ea:67:06:49:c6:11:55:
c5:60:90:96:32:bc:f5:cc:e7:98:68:7e:af:81:6c:77:b8:ed:
7c:33:fb:ff:8f:f4:c1:1c:7e:c6:7e:ab:9f:73:6c:0d:8c:72:
49:66:e6:51:d2:1b:37:c3:fb:8f:9c:4f:9c:a7:97:de:1f:57:
58:f8:93:37:16:a4:08:44:c2:70:d7:83:da:45:5e:70:e2:2a:
2e:81:d8:0b:1b:0a:ee:18:ff:0e:39:b1:6f:35:bf:77:b3:87:
db:99:ae:d6:93:56:57:bb:d3:3f:05:d3:ff:a6:41:9b:33:bd:
8a:29:86:62:45:0c:23:11:5c:61:d4:17:c3:dc:19:a9:0c:54:
a7:31:10:2f:c5:30:e6:00:e8:e4:b0:a3:67:26:2a:12:11:40:
cd:76:7f:7a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY8ZqnbkArK6XVUW4aqiVAN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjQwNDI2MDkwOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGIyYjM0OWYyMGEwNDFiNmZjZTc1NDY3YzA2ZjRmZDIxOGY2OTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkp4ez3h02aR4v78J07K59WN14wO
cGt3mn6zErlmGA7jMOixmwy6MqfOh3580pPCq3Uv8XPzKY7sy7W3RAbEKQ7YvM/d
1lzkk9lAwiUvfFv0bVjgl4Er2MRitcTxVTMKLecy11Vvy/9zS0lnpcdF+d+EUuhW
5JIwxRuJqrhLuTJTZ+aAt44+vrK4pwfN7UxBCf5Oevl33wAUPADteWfo8Ojoidy+
uxyXgV7aPV/KzQdiNHggQEEmUQHIsvFmsmWwskl4dhoXSXNWk1RflvgPPz7uL3O1
oxIqmU7PY1eqCEyJft1f25M/mLufTHPEqqszJcmKA3rbd8Mq+TRhL15jOQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFF2ys0nyCgQbb851RnwG9P0hj2l2MB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvWGJLelNmSUtCQnR2em5WR2ZBYjBfU0dQYVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAeBAIAATAYAwQBVmnOAwQC
WSK0AwQEvNFgAwQBw7bcMB8EAgACMBkDBgcqAUcAgAMHACoDnCAgAgMGBCoDnCAw
MA0GCSqGSIb3DQEBCwUAA4IBAQAgfm9APuaLM9WueuOTCwBlcit8NPOhwlYHbC2K
IAbx7E6gFz+9sOdzx4UZZ4cGEX9vu0vsFsD1/DCNSVyLbeVQClI2WOymvWXtaNkK
qA73H66y+JUSn52YlRH2+151jhTolFtrNOpnBknGEVXFYJCWMrz1zOeYaH6vgWx3
uO18M/v/j/TBHH7Gfqufc2wNjHJJZuZR0hs3w/uPnE+cp5feH1dY+JM3FqQIRMJw
14PaRV5w4iougdgLGwruGP8OObFvNb93s4fbma7Wk1ZXu9M/BdP/pkGbM72KKYZi
RQwjEVxh1BfD3BmpDFSnMRAvxTDmAOjksKNnJioSEUDNdn96
-----END CERTIFICATE-----
Generated at Wed May 22 07:05:30 2024 by rpki-client on console-fra.rpki-client.org