Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/XgRDPze3aBIlzXgv8RgIYNcUNvg.roa
File: XgRDPze3aBIlzXgv8RgIYNcUNvg.roa (raw, json)
Hash identifier: PheVQyEIKyP8tF+uNb7PNY3ZrAfHwR/vEIUnyHAe7dE=
Subject key identifier: 5E:04:43:3F:37:B7:68:12:25:CD:78:2F:F1:18:08:60:D7:14:36:F8
Certificate issuer: /CN=d06989a9cd6bd2f2c3c0dec608a28be3d3ba4e81
Certificate serial: 018CC5DCED98ED7092B99A9FDB8115D7DD84
Authority key identifier: D0:69:89:A9:CD:6B:D2:F2:C3:C0:DE:C6:08:A2:8B:E3:D3:BA:4E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0GmJqc1r0vLDwN7GCKKL49O6ToE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/XgRDPze3aBIlzXgv8RgIYNcUNvg.roa
Signing time: Mon 01 Jan 2024 16:30:39 +0000
ROA not before: Mon 01 Jan 2024 16:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48661
IP address blocks: 94.230.144.0/20 maxlen: 21
185.224.112.0/22 maxlen: 23
2a00:c500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/0GmJqc1r0vLDwN7GCKKL49O6ToE.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/0GmJqc1r0vLDwN7GCKKL49O6ToE.mft
rsync://rpki.ripe.net/repository/DEFAULT/0GmJqc1r0vLDwN7GCKKL49O6ToE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:ed:98:ed:70:92:b9:9a:9f:db:81:15:d7:dd:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d06989a9cd6bd2f2c3c0dec608a28be3d3ba4e81
Validity
Not Before: Jan 1 16:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e04433f37b7681225cd782ff1180860d71436f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b7:80:0b:2a:31:d3:aa:fd:32:ee:46:05:fe:
33:13:cf:88:67:cf:6f:39:b4:33:ac:90:9a:dd:ca:
65:c6:2c:a4:53:fe:44:ff:94:c8:0f:4f:4b:5d:30:
40:20:7f:7b:bd:2e:d4:04:52:87:a3:3e:69:45:76:
b9:ef:c1:16:56:04:80:97:2a:e3:cf:65:ad:b0:37:
ef:3a:d7:57:85:97:5e:65:5a:e3:8d:4e:ef:f9:cf:
7a:60:0e:54:5f:59:94:f1:d1:5a:dc:ec:66:d7:5b:
8f:0b:aa:86:ba:39:7e:ad:9e:2a:0a:78:f6:cc:58:
30:26:5c:a6:7a:78:00:c3:24:96:4e:13:98:ee:7c:
ef:bb:47:fd:f1:b8:92:80:0d:b4:d7:db:1e:92:aa:
a9:89:12:e3:d9:92:52:f5:88:9b:2a:b8:d2:95:4a:
8f:db:71:01:f7:83:69:d5:9f:3e:9e:f3:a4:28:2d:
2c:f1:df:8b:7d:6d:51:32:9b:20:49:9d:20:66:a2:
26:e8:73:2c:28:f2:24:f6:89:c0:db:4b:94:1a:05:
fb:1c:6b:00:20:37:eb:ba:1f:4c:64:1e:d1:49:67:
36:05:6f:73:78:2e:60:42:f8:bc:78:9b:b5:18:bb:
75:71:2d:68:23:51:05:d7:9b:da:78:c0:c2:94:ad:
63:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:04:43:3F:37:B7:68:12:25:CD:78:2F:F1:18:08:60:D7:14:36:F8
X509v3 Authority Key Identifier:
keyid:D0:69:89:A9:CD:6B:D2:F2:C3:C0:DE:C6:08:A2:8B:E3:D3:BA:4E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0GmJqc1r0vLDwN7GCKKL49O6ToE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/XgRDPze3aBIlzXgv8RgIYNcUNvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/0GmJqc1r0vLDwN7GCKKL49O6ToE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.230.144.0/20
185.224.112.0/22
IPv6:
2a00:c500::/32
Signature Algorithm: sha256WithRSAEncryption
20:f0:b0:10:46:5d:66:7d:2e:a5:5f:cd:fb:1b:e1:57:7a:0c:
5a:3a:86:9e:8e:e4:fc:11:95:d4:9f:99:59:51:d1:ac:d8:8d:
01:2f:9b:b7:6e:3e:3a:62:62:b4:ae:7d:aa:1b:e5:45:e9:9d:
43:0c:ff:4e:02:33:34:7b:23:ff:bd:53:1a:e2:1c:7a:34:36:
68:2e:8b:d4:25:d0:89:67:34:ce:26:57:7c:72:af:22:7d:96:
b1:ef:5e:9f:07:e9:7c:df:85:f7:6d:93:9d:0e:38:17:06:d3:
1f:85:fc:81:01:c8:f2:51:99:79:6b:2c:08:19:79:90:40:4f:
76:2b:45:bc:74:3d:9c:60:5c:a3:c2:71:5c:72:47:b3:70:76:
15:b6:c7:73:be:3e:a6:af:7c:dd:b6:20:7f:b9:59:cd:36:2f:
1f:a7:eb:1f:ec:4a:3b:b1:a1:d3:09:3b:8d:6f:e1:57:5a:fc:
e8:00:41:93:f3:ab:c8:d1:26:ee:b1:ef:25:f8:8d:1a:58:f6:
27:dc:97:5c:44:cc:13:79:3c:65:c4:8f:b6:76:5e:09:8c:e9:
69:08:21:aa:f9:7b:4a:cc:d8:f9:44:bd:4b:94:12:42:28:5e:
39:28:ba:0e:3b:33:f3:f9:66:f0:eb:54:83:88:68:2d:f9:cb:
f5:a8:05:b0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3O2Y7XCSuZqf24EV192EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNjk4OWE5Y2Q2YmQyZjJjM2MwZGVjNjA4YTI4YmUzZDNi
YTRlODEwHhcNMjQwMTAxMTYzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA0NDMzZjM3Yjc2ODEyMjVjZDc4MmZmMTE4MDg2MGQ3MTQzNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgreACyox06r9Mu5GBf4zE8+IZ89v
ObQzrJCa3cplxiykU/5E/5TID09LXTBAIH97vS7UBFKHoz5pRXa578EWVgSAlyrj
z2WtsDfvOtdXhZdeZVrjjU7v+c96YA5UX1mU8dFa3Oxm11uPC6qGujl+rZ4qCnj2
zFgwJlymengAwySWThOY7nzvu0f98biSgA2019sekqqpiRLj2ZJS9YibKrjSlUqP
23EB94Np1Z8+nvOkKC0s8d+LfW1RMpsgSZ0gZqIm6HMsKPIk9onA20uUGgX7HGsA
IDfruh9MZB7RSWc2BW9zeC5gQvi8eJu1GLt1cS1oI1EF15vaeMDClK1j5wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF4EQz83t2gSJc14L/EYCGDXFDb4MB8GA1UdIwQY
MBaAFNBpianNa9Lyw8Dexgiii+PTuk6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEdtSnFjMXIwdkxEd043R0NLS0w0OU82VG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZTZmZDMtNjdlZi00NWFiLWE0MjAt
NDg3N2ZjNTlkMzE5LzEvWGdSRFB6ZTNhQklselhndjhSZ0lZTmNVTnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZTZmZDMtNjdlZi00NWFiLWE0MjAtNDg3N2ZjNTlkMzE5
LzEvMEdtSnFjMXIwdkxEd043R0NLS0w0OU82VG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXuaQAwQC
ueBwMA0EAgACMAcDBQAqAMUAMA0GCSqGSIb3DQEBCwUAA4IBAQAg8LAQRl1mfS6l
X837G+FXegxaOoaejuT8EZXUn5lZUdGs2I0BL5u3bj46YmK0rn2qG+VF6Z1DDP9O
AjM0eyP/vVMa4hx6NDZoLovUJdCJZzTOJld8cq8ifZax716fB+l834X3bZOdDjgX
BtMfhfyBAcjyUZl5aywIGXmQQE92K0W8dD2cYFyjwnFcckezcHYVtsdzvj6mr3zd
tiB/uVnNNi8fp+sf7Eo7saHTCTuNb+FXWvzoAEGT86vI0Sbuse8l+I0aWPYn3Jdc
RMwTeTxlxI+2dl4JjOlpCCGq+XtKzNj5RL1LlBJCKF45KLoOOzPz+Wbw61SDiGgt
+cv1qAWw
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:54:04 2024 by rpki-client on console-ams.rpki-client.org