Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/xzQvKPUP4G5a3jyFfkLwe2JT6_o.roa
File: xzQvKPUP4G5a3jyFfkLwe2JT6_o.roa (raw, json)
Hash identifier: 0US/hMCx9hgulhmZ+h39BrZDoIMUtvR6iC3cp4wLmuI=
Subject key identifier: C7:34:2F:28:F5:0F:E0:6E:5A:DE:3C:85:7E:42:F0:7B:62:53:EB:FA
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018CC2DB58C9248EC4DD0DB6C4A5A452243C
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/xzQvKPUP4G5a3jyFfkLwe2JT6_o.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35994
IP address blocks: 80.67.67.0/24 maxlen: 24
80.67.75.0/24 maxlen: 24
80.67.80.0/24 maxlen: 24
193.108.155.0/24 maxlen: 24
195.245.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:58:c9:24:8e:c4:dd:0d:b6:c4:a5:a4:52:24:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7342f28f50fe06e5ade3c857e42f07b6253ebfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c1:09:20:b1:47:eb:c5:b0:d1:26:67:cb:15:
d6:03:37:63:3f:7d:ec:27:ff:bc:c3:3e:e6:03:fb:
ef:1d:16:7b:59:49:64:cc:5c:10:97:cc:1e:ab:6a:
3d:7e:77:6f:86:77:1b:e1:ca:33:fe:b4:99:2d:c2:
cd:58:d9:ab:bc:a1:66:a0:73:90:e9:58:fe:5d:bb:
d9:6a:a8:ed:9c:1c:38:c8:91:12:d4:e0:29:90:ef:
0a:b7:1e:38:01:33:cd:33:66:04:e8:55:61:61:97:
a9:71:e7:56:2b:5f:ea:28:f6:a3:c7:e7:fd:34:33:
e2:ab:0b:a6:89:24:3f:f5:88:29:9b:a8:38:31:6c:
1e:55:26:8d:b4:b9:5e:7a:2c:97:1e:53:7d:a4:a0:
a4:3b:83:b5:dc:3e:7a:b8:ec:fd:34:ba:4e:d9:5b:
d8:01:6c:c6:5f:f0:bd:65:89:26:e3:ac:34:a0:db:
23:66:f9:89:cf:4a:be:ee:19:f0:b9:ae:15:8a:ce:
85:8c:78:c0:4d:dd:0b:d0:eb:54:be:31:17:83:fc:
fb:26:e7:91:2e:4a:e9:16:88:27:67:f0:af:be:96:
93:87:06:ec:74:8b:4d:1c:29:a7:b1:57:60:19:c9:
0c:6d:9b:4d:d2:ef:7f:5e:75:71:4d:4f:e4:4d:40:
cd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:34:2F:28:F5:0F:E0:6E:5A:DE:3C:85:7E:42:F0:7B:62:53:EB:FA
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/xzQvKPUP4G5a3jyFfkLwe2JT6_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.67.67.0/24
80.67.75.0/24
80.67.80.0/24
193.108.155.0/24
195.245.124.0/24
Signature Algorithm: sha256WithRSAEncryption
64:19:c4:a7:a6:55:45:03:6c:67:74:f9:8b:67:35:b8:8c:27:
aa:f6:20:7b:ff:38:6a:5b:7c:46:90:8b:1e:71:80:fc:d9:64:
10:1d:aa:92:ae:20:b5:1e:5d:8f:cd:84:02:e8:d3:ea:94:e9:
6f:f9:f8:f4:42:ad:af:bb:86:52:d6:c6:b5:19:5b:5f:d6:37:
34:b9:1f:7f:7f:96:b5:06:31:0f:fe:19:1a:74:c7:f5:64:a8:
d4:3f:0f:2f:cd:46:ba:81:03:15:42:dc:20:d4:9f:98:d5:96:
f6:eb:0c:fc:b2:d4:57:83:86:4c:ca:92:54:70:a1:7d:eb:15:
73:86:9e:2e:0d:b4:5c:d2:e1:bb:03:9a:e9:32:bf:4d:cd:8f:
cc:aa:1e:98:c2:87:61:9f:64:cd:b0:b7:49:a5:6a:36:6e:32:
b9:2e:ce:74:be:16:50:29:1b:63:27:6b:bb:ff:8f:23:c8:98:
66:85:23:60:4d:a7:6f:95:74:22:1c:d2:3e:a2:5a:68:17:cc:
c3:9e:d8:b8:a0:50:b2:ef:d5:e5:46:06:78:88:17:4a:f5:b7:
85:3d:9e:5c:9c:75:1d:8e:e5:53:b7:11:26:2d:49:eb:6d:a3:
bb:22:35:06:90:7d:46:a8:5c:99:7d:56:57:fa:9f:a5:10:77:
5c:02:80:67
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC21jJJI7E3Q22xKWkUiQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzM0MmYyOGY1MGZlMDZlNWFkZTNjODU3ZTQyZjA3YjYyNTNlYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8EJILFH68Ww0SZnyxXWAzdjP33s
J/+8wz7mA/vvHRZ7WUlkzFwQl8weq2o9fndvhncb4coz/rSZLcLNWNmrvKFmoHOQ
6Vj+XbvZaqjtnBw4yJES1OApkO8Ktx44ATPNM2YE6FVhYZepcedWK1/qKPajx+f9
NDPiqwumiSQ/9Ygpm6g4MWweVSaNtLleeiyXHlN9pKCkO4O13D56uOz9NLpO2VvY
AWzGX/C9ZYkm46w0oNsjZvmJz0q+7hnwua4Vis6FjHjATd0L0OtUvjEXg/z7JueR
LkrpFognZ/CvvpaThwbsdItNHCmnsVdgGckMbZtN0u9/XnVxTU/kTUDNSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMc0Lyj1D+BuWt48hX5C8HtiU+v6MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEveHpRdktQVVA0RzVhM2p5RmZrTHdlMkpUNl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUENDAwQA
UENLAwQAUENQAwQAwWybAwQAw/V8MA0GCSqGSIb3DQEBCwUAA4IBAQBkGcSnplVF
A2xndPmLZzW4jCeq9iB7/zhqW3xGkIsecYD82WQQHaqSriC1Hl2PzYQC6NPqlOlv
+fj0Qq2vu4ZS1sa1GVtf1jc0uR9/f5a1BjEP/hkadMf1ZKjUPw8vzUa6gQMVQtwg
1J+Y1Zb26wz8stRXg4ZMypJUcKF96xVzhp4uDbRc0uG7A5rpMr9NzY/Mqh6Ywodh
n2TNsLdJpWo2bjK5Ls50vhZQKRtjJ2u7/48jyJhmhSNgTadvlXQiHNI+olpoF8zD
nti4oFCy79XlRgZ4iBdK9beFPZ5cnHUdjuVTtxEmLUnrbaO7IjUGkH1GqFyZfVZX
+p+lEHdcAoBn
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:50 2024 by rpki-client on console-fra.rpki-client.org