Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/iXXd8e4H4uKUMR-fVg7tJ7jM8eU.roa
File: iXXd8e4H4uKUMR-fVg7tJ7jM8eU.roa (raw, json)
Hash identifier: hhAEDnQ5yHrDhawpXxYpzBBSjZ7yZxt3Ga17s4BgjQA=
Subject key identifier: 89:75:DD:F1:EE:07:E2:E2:94:31:1F:9F:56:0E:ED:27:B8:CC:F1:E5
Certificate issuer: /CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Certificate serial: 018FA5B2F8BAC80EDACCFA61180907B9682C
Authority key identifier: 5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/iXXd8e4H4uKUMR-fVg7tJ7jM8eU.roa
Signing time: Thu 23 May 2024 13:45:20 +0000
ROA not before: Thu 23 May 2024 13:45:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48362
IP address blocks: 45.152.52.0/22 maxlen: 24
86.111.44.0/22 maxlen: 24
91.195.116.0/23 maxlen: 24
94.199.168.0/21 maxlen: 21
185.31.212.0/22 maxlen: 22
185.252.36.0/22 maxlen: 22
2a02:1688::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:b2:f8:ba:c8:0e:da:cc:fa:61:18:09:07:b9:68:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d81d1ff45b1547c00a84b46ef99eca2dfbd45bc
Validity
Not Before: May 23 13:45:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8975ddf1ee07e2e294311f9f560eed27b8ccf1e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:93:e5:a7:2e:06:89:37:82:22:cd:70:e9:f9:
f1:99:b6:3b:09:46:f6:30:86:2c:e7:4a:f9:6d:e6:
20:ad:64:fa:2b:19:22:3a:6f:d6:fe:34:5c:3c:73:
31:e7:bc:5d:ae:13:52:43:4a:df:6e:f3:12:48:c3:
04:ce:7f:26:13:a1:7b:93:6a:fb:81:a3:cc:d9:30:
4c:b9:30:1d:14:e0:6b:fe:39:57:25:98:91:29:69:
3c:5c:4c:a3:ef:62:99:81:11:05:dc:ac:94:a4:8c:
31:49:65:90:32:26:3e:45:18:06:2b:aa:22:10:90:
48:64:ed:fb:ae:30:67:f3:2a:6e:b8:9a:a7:11:ae:
6c:c2:8a:c7:84:fd:cf:65:41:6c:50:03:ef:53:1d:
4b:29:11:9f:d2:ae:f9:f9:b0:fd:10:1f:c3:f6:98:
dc:bc:99:3e:fc:59:6c:ce:8c:f6:5d:6c:a1:8f:21:
f9:42:49:f2:06:af:1c:c6:ed:53:2e:45:11:61:15:
10:bd:45:79:5b:a0:81:bf:63:ce:6f:93:47:e4:30:
5c:cb:d9:7e:be:fb:42:ea:57:e3:47:95:9b:c0:29:
10:0a:ba:54:18:71:59:f0:47:67:31:fb:23:e0:56:
30:67:19:76:34:26:a7:10:f0:9f:91:09:85:d7:17:
25:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:75:DD:F1:EE:07:E2:E2:94:31:1F:9F:56:0E:ED:27:B8:CC:F1:E5
X509v3 Authority Key Identifier:
keyid:5D:81:D1:FF:45:B1:54:7C:00:A8:4B:46:EF:99:EC:A2:DF:BD:45:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYHR_0WxVHwAqEtG75nsot-9Rbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/iXXd8e4H4uKUMR-fVg7tJ7jM8eU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/acd7e3-9c76-4ff6-b5ae-ee80a2d2952d/1/XYHR_0WxVHwAqEtG75nsot-9Rbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.52.0/22
86.111.44.0/22
91.195.116.0/23
94.199.168.0/21
185.31.212.0/22
185.252.36.0/22
IPv6:
2a02:1688::/32
Signature Algorithm: sha256WithRSAEncryption
a7:ac:72:eb:02:84:51:93:ca:1d:93:43:7c:03:3c:8d:36:41:
3c:95:82:a6:2f:2b:67:2f:03:25:56:1c:34:90:4b:bb:5c:ab:
57:15:70:4d:7d:05:ea:7f:f0:69:d4:c7:ea:b9:28:8f:34:05:
16:83:4d:ca:32:b0:7b:2e:37:9f:ee:c7:76:6b:ad:f1:f7:d7:
56:7e:95:8f:04:e2:ee:d4:59:23:c4:30:40:0f:20:38:b5:5a:
b8:d1:5c:7f:0f:12:65:32:a5:da:58:0a:c1:72:13:ac:9f:39:
78:eb:9b:21:27:24:81:86:21:35:4d:a0:1c:14:37:5b:87:08:
03:cb:1a:f7:e8:4b:33:41:01:3d:1b:0d:7e:12:cc:c5:70:cd:
07:9a:8a:9f:95:68:d0:c4:18:cd:61:29:91:9e:08:e2:1e:c9:
7e:78:3f:e5:2a:16:f8:41:5b:ab:75:c0:55:13:90:3c:fe:f9:
cc:3b:8a:60:67:18:55:69:71:0e:4a:33:72:0a:0b:cb:6e:9e:
95:22:55:76:ba:61:2d:18:24:01:6e:8e:32:a5:1a:3d:29:5c:
95:71:f6:be:4d:27:f4:9e:98:86:53:3b:12:d0:c8:4e:5f:be:
e4:31:0e:f9:44:84:32:81:29:77:fe:f6:2a:24:cb:06:00:7b:
46:a8:c7:21
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY+lsvi6yA7azPphGAkHuWgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODFkMWZmNDViMTU0N2MwMGE4NGI0NmVmOTllY2EyZGZi
ZDQ1YmMwHhcNMjQwNTIzMTM0NTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc1ZGRmMWVlMDdlMmUyOTQzMTFmOWY1NjBlZWQyN2I4Y2NmMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpPlpy4GiTeCIs1w6fnxmbY7CUb2
MIYs50r5beYgrWT6KxkiOm/W/jRcPHMx57xdrhNSQ0rfbvMSSMMEzn8mE6F7k2r7
gaPM2TBMuTAdFOBr/jlXJZiRKWk8XEyj72KZgREF3KyUpIwxSWWQMiY+RRgGK6oi
EJBIZO37rjBn8ypuuJqnEa5sworHhP3PZUFsUAPvUx1LKRGf0q75+bD9EB/D9pjc
vJk+/Flszoz2XWyhjyH5QknyBq8cxu1TLkURYRUQvUV5W6CBv2POb5NH5DBcy9l+
vvtC6lfjR5WbwCkQCrpUGHFZ8EdnMfsj4FYwZxl2NCanEPCfkQmF1xclYwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIl13fHuB+LilDEfn1YO7Se4zPHlMB8GA1UdIwQY
MBaAFF2B0f9FsVR8AKhLRu+Z7KLfvUW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUt
ZWU4MGEyZDI5NTJkLzEvaVhYZDhlNEg0dUtVTVItZlZnN3RKN2pNOGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hY2Q3ZTMtOWM3Ni00ZmY2LWI1YWUtZWU4MGEyZDI5NTJk
LzEvWFlIUl8wV3hWSHdBcUV0Rzc1bnNvdC05UmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZg0AwQC
Vm8sAwQBW8N0AwQDXseoAwQCuR/UAwQCufwkMA0EAgACMAcDBQAqAhaIMA0GCSqG
SIb3DQEBCwUAA4IBAQCnrHLrAoRRk8odk0N8AzyNNkE8lYKmLytnLwMlVhw0kEu7
XKtXFXBNfQXqf/Bp1MfquSiPNAUWg03KMrB7Ljef7sd2a63x99dWfpWPBOLu1Fkj
xDBADyA4tVq40Vx/DxJlMqXaWArBchOsnzl465shJySBhiE1TaAcFDdbhwgDyxr3
6EszQQE9Gw1+EszFcM0HmoqflWjQxBjNYSmRngjiHsl+eD/lKhb4QVurdcBVE5A8
/vnMO4pgZxhVaXEOSjNyCgvLbp6VIlV2umEtGCQBbo4ypRo9KVyVcfa+TSf0npiG
UzsS0MhOX77kMQ75RIQygSl3/vYqJMsGAHtGqMch
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:37:22 2024 by rpki-client on console-ams.rpki-client.org