Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/Xmrp2OhncDdKDehYvqqbEb4ey9w.roa
File: Xmrp2OhncDdKDehYvqqbEb4ey9w.roa (raw, json)
Hash identifier: U7440FpyFfNE5sWCCqrLfXk3Ys5BCi/KTDEmq3rL+yQ=
Subject key identifier: 5E:6A:E9:D8:E8:67:70:37:4A:0D:E8:58:BE:AA:9B:11:BE:1E:CB:DC
Certificate issuer: /CN=77a53d2e97704dbea831a6440072904ee91a71b0
Certificate serial: 018CC5DCD6B3E1F6C9938B0983B97A672A22
Authority key identifier: 77:A5:3D:2E:97:70:4D:BE:A8:31:A6:44:00:72:90:4E:E9:1A:71:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d6U9LpdwTb6oMaZEAHKQTukacbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/Xmrp2OhncDdKDehYvqqbEb4ey9w.roa
Signing time: Mon 01 Jan 2024 16:30:33 +0000
ROA not before: Mon 01 Jan 2024 16:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42510
IP address blocks: 193.200.69.0/24 maxlen: 24
193.200.68.0/24 maxlen: 24
193.200.68.0/23 maxlen: 23
176.103.64.0/21 maxlen: 21
176.103.64.0/22 maxlen: 22
176.103.68.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/d6U9LpdwTb6oMaZEAHKQTukacbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/d6U9LpdwTb6oMaZEAHKQTukacbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/d6U9LpdwTb6oMaZEAHKQTukacbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d6:b3:e1:f6:c9:93:8b:09:83:b9:7a:67:2a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77a53d2e97704dbea831a6440072904ee91a71b0
Validity
Not Before: Jan 1 16:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e6ae9d8e86770374a0de858beaa9b11be1ecbdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6e:c8:fb:1b:d7:8e:47:ce:13:57:3e:5f:87:
97:77:8d:a8:8e:22:f5:a9:5b:e4:fe:d8:68:14:cb:
46:ca:68:f6:d4:55:d6:f2:1d:70:68:a1:77:f0:8d:
7d:f9:c3:d4:dc:fe:4b:dd:15:74:84:e1:1a:90:b4:
89:44:cb:58:e7:fd:f4:46:ab:42:8d:a1:01:5d:79:
03:c4:0c:9c:0d:19:7f:d4:d0:27:d1:95:e2:25:bd:
36:6b:99:e6:3c:aa:56:2d:36:06:2f:9e:d0:72:ad:
33:9f:33:f8:65:0f:61:41:9d:f7:2a:90:a7:10:d6:
47:47:72:6f:80:de:b5:5b:55:43:79:4a:3f:cd:50:
4a:32:2e:30:33:4d:3a:45:5f:04:5f:55:a7:fa:29:
76:d4:b4:d3:c4:78:35:81:9b:51:6a:5c:bf:ae:c4:
e1:d6:64:bf:b7:18:b4:9b:2d:cf:31:3b:b6:2b:21:
ae:d5:36:21:40:02:74:dc:5c:47:e7:6f:10:59:b9:
a6:2c:1f:70:c3:a2:4e:7b:d9:98:d7:d5:08:da:eb:
87:58:80:35:a5:84:7d:33:0e:e7:8d:01:2c:e0:c2:
72:89:76:43:81:07:84:ae:bc:2e:ea:a2:86:62:93:
d8:28:fb:88:91:4c:dc:fd:83:e9:4d:68:c1:c7:04:
94:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6A:E9:D8:E8:67:70:37:4A:0D:E8:58:BE:AA:9B:11:BE:1E:CB:DC
X509v3 Authority Key Identifier:
keyid:77:A5:3D:2E:97:70:4D:BE:A8:31:A6:44:00:72:90:4E:E9:1A:71:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6U9LpdwTb6oMaZEAHKQTukacbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/Xmrp2OhncDdKDehYvqqbEb4ey9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/d6U9LpdwTb6oMaZEAHKQTukacbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.103.64.0/21
193.200.68.0/23
Signature Algorithm: sha256WithRSAEncryption
34:7c:ce:e5:00:ce:75:8f:3d:8b:b2:ec:05:09:e1:67:e1:0d:
02:a2:90:54:b6:ee:98:cf:8a:e7:84:db:47:d2:b8:f9:a8:a7:
2a:95:60:28:19:53:63:e2:b4:19:77:5d:1c:ec:d7:d8:a3:15:
52:29:73:21:5b:1e:31:83:23:da:f2:19:1f:25:ce:f5:9a:ac:
06:c2:57:b8:71:e4:05:45:fe:f0:1a:f3:83:5c:11:17:3e:3b:
ca:53:8d:62:d5:50:3f:cc:cc:59:45:30:fa:3d:66:9c:de:51:
b5:28:12:47:b0:1e:ce:19:33:46:bb:90:c4:ac:09:e2:2e:15:
6d:33:61:ac:2f:5e:a1:fe:72:23:40:56:a2:ec:15:b4:e5:25:
41:30:04:27:8e:e7:88:e9:20:4a:56:2e:6c:08:a5:54:86:f1:
8c:c2:5d:d3:8e:7f:4a:3f:f4:d5:c4:ae:7d:be:e2:e0:7a:1b:
18:3d:48:96:95:ee:f4:aa:ad:b6:38:cc:50:52:ef:92:4f:bc:
fa:ed:18:04:69:08:f0:07:43:f7:6c:15:35:e4:63:7f:2b:ae:
73:37:7b:a7:c5:98:bc:1d:32:c3:a2:1b:da:57:14:e3:c6:69:
9d:7f:6d:a5:ee:2d:b1:10:8d:9e:73:1d:6b:81:71:ac:f7:24:
24:19:9e:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3Naz4fbJk4sJg7l6ZyoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YTUzZDJlOTc3MDRkYmVhODMxYTY0NDAwNzI5MDRlZTkx
YTcxYjAwHhcNMjQwMTAxMTYzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTZhZTlkOGU4Njc3MDM3NGEwZGU4NThiZWFhOWIxMWJlMWVjYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi27I+xvXjkfOE1c+X4eXd42ojiL1
qVvk/thoFMtGymj21FXW8h1waKF38I19+cPU3P5L3RV0hOEakLSJRMtY5/30RqtC
jaEBXXkDxAycDRl/1NAn0ZXiJb02a5nmPKpWLTYGL57Qcq0znzP4ZQ9hQZ33KpCn
ENZHR3JvgN61W1VDeUo/zVBKMi4wM006RV8EX1Wn+il21LTTxHg1gZtRaly/rsTh
1mS/txi0my3PMTu2KyGu1TYhQAJ03FxH528QWbmmLB9ww6JOe9mY19UI2uuHWIA1
pYR9Mw7njQEs4MJyiXZDgQeErrwu6qKGYpPYKPuIkUzc/YPpTWjBxwSUsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF5q6djoZ3A3Sg3oWL6qmxG+HsvcMB8GA1UdIwQY
MBaAFHelPS6XcE2+qDGmRABykE7pGnGwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDZVOUxwZHdUYjZvTWFaRUFIS1FUdWthY2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMzQ5NzEtYjRkYS00YmE0LThkNmUt
ZDNjOGE0OGY3YTMyLzEvWG1ycDJPaG5jRGRLRGVoWXZxcWJFYjRleTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMzQ5NzEtYjRkYS00YmE0LThkNmUtZDNjOGE0OGY3YTMy
LzEvZDZVOUxwZHdUYjZvTWFaRUFIS1FUdWthY2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsGdAAwQB
wchEMA0GCSqGSIb3DQEBCwUAA4IBAQA0fM7lAM51jz2LsuwFCeFn4Q0CopBUtu6Y
z4rnhNtH0rj5qKcqlWAoGVNj4rQZd10c7NfYoxVSKXMhWx4xgyPa8hkfJc71mqwG
wle4ceQFRf7wGvODXBEXPjvKU41i1VA/zMxZRTD6PWac3lG1KBJHsB7OGTNGu5DE
rAniLhVtM2GsL16h/nIjQFai7BW05SVBMAQnjueI6SBKVi5sCKVUhvGMwl3Tjn9K
P/TVxK59vuLgehsYPUiWle70qq22OMxQUu+ST7z67RgEaQjwB0P3bBU15GN/K65z
N3unxZi8HTLDohvaVxTjxmmdf22l7i2xEI2ecx1rgXGs9yQkGZ66
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:29 2024 by rpki-client on console-fra.rpki-client.org