Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/XH2TX0aX7JErOl6drYYdh8S-WxM.roa
File: XH2TX0aX7JErOl6drYYdh8S-WxM.roa (raw, json)
Hash identifier: Ug8150MoxV3FmzoyRuNTFq8/LJYcdQ8Tx+D+WMNR85c=
Subject key identifier: 5C:7D:93:5F:46:97:EC:91:2B:3A:5E:9D:AD:86:1D:87:C4:BE:5B:13
Certificate issuer: /CN=1d6d9ccb02715849b3a1ecbcd34b6887f649940f
Certificate serial: 018CC349191D02DA981B5C48DB34D6AFE628
Authority key identifier: 1D:6D:9C:CB:02:71:58:49:B3:A1:EC:BC:D3:4B:68:87:F6:49:94:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HW2cywJxWEmzoey800toh_ZJlA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/XH2TX0aX7JErOl6drYYdh8S-WxM.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 193.141.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/HW2cywJxWEmzoey800toh_ZJlA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/HW2cywJxWEmzoey800toh_ZJlA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HW2cywJxWEmzoey800toh_ZJlA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:19:1d:02:da:98:1b:5c:48:db:34:d6:af:e6:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d6d9ccb02715849b3a1ecbcd34b6887f649940f
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c7d935f4697ec912b3a5e9dad861d87c4be5b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b3:fd:64:19:fb:94:5b:16:eb:f0:f1:8c:10:
b8:e6:6a:d8:95:14:44:c2:22:38:0e:c5:71:60:d3:
92:7c:94:13:e8:43:28:0d:3e:3c:a2:05:b8:5c:a0:
93:bb:4d:e6:10:79:92:40:82:0a:b4:d9:1c:65:f0:
e2:61:2c:36:df:4a:c2:66:bd:f6:9e:72:9b:57:e5:
0c:31:94:a1:40:c4:d8:c6:cc:ca:e8:f0:9c:21:d9:
c8:fd:c2:c8:f8:a1:28:0c:d4:10:ad:d1:e2:48:bd:
7a:3f:d2:61:5f:0b:b7:4a:c9:a8:5b:32:b4:a5:0e:
3c:a4:91:96:26:8b:6f:3e:29:90:69:3a:01:66:98:
18:a9:c1:95:f9:71:42:17:d1:65:af:05:b6:8a:d3:
49:ac:cd:02:99:21:b1:20:e6:19:c6:85:b8:28:57:
67:41:96:1d:02:b3:2b:24:15:9e:98:67:a9:e0:39:
9d:11:ac:90:ec:00:95:c6:40:a6:08:80:b6:5a:76:
f7:d7:bd:5a:1b:28:2d:22:55:80:6f:12:b3:52:60:
ea:dc:68:f5:e1:66:8b:7b:a9:6b:6d:1c:f2:bd:a4:
d6:d7:c9:95:99:8c:b3:f1:41:7d:6f:21:ce:8b:6c:
66:e3:94:60:c0:1a:0d:ba:fe:ab:9b:4d:77:a3:de:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7D:93:5F:46:97:EC:91:2B:3A:5E:9D:AD:86:1D:87:C4:BE:5B:13
X509v3 Authority Key Identifier:
keyid:1D:6D:9C:CB:02:71:58:49:B3:A1:EC:BC:D3:4B:68:87:F6:49:94:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HW2cywJxWEmzoey800toh_ZJlA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/XH2TX0aX7JErOl6drYYdh8S-WxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/HW2cywJxWEmzoey800toh_ZJlA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.141.139.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:96:52:c6:92:14:22:80:3c:b0:dc:4b:47:f4:12:e0:69:71:
c0:ee:18:f5:d6:45:b0:77:45:e7:b9:c3:7d:d6:63:51:b7:97:
38:bd:e7:b2:31:e2:c6:79:6e:4a:30:85:88:25:11:19:cb:7e:
bc:ae:69:c1:6d:d3:0c:29:64:22:ec:e0:d6:e9:58:5e:9c:2a:
d8:89:ad:22:bb:31:a4:73:b3:74:fd:63:c6:f0:09:5b:eb:86:
df:0c:d5:bc:0a:9a:4b:2e:83:5d:bf:41:cc:ec:9c:5c:6f:30:
0e:cd:11:45:dc:e3:c6:78:2a:94:6d:fa:ad:3b:40:51:35:31:
03:01:cc:58:c7:53:16:20:b9:88:78:e1:63:55:a7:c8:98:bd:
ff:7e:36:0f:46:cc:fe:fd:de:87:71:0c:d9:35:b2:28:9b:cc:
4d:d1:62:96:7a:35:b2:4e:74:87:00:c8:0d:f3:ad:66:74:15:
8f:d5:01:35:30:ca:5b:bd:00:36:61:d6:fb:52:7c:0f:e2:83:
d9:3a:52:09:a4:e9:e3:29:00:71:d0:be:59:05:01:66:61:37:
68:34:e0:e6:23:35:89:30:ec:6c:81:c5:f8:c0:a7:74:ae:41:
52:b5:6f:63:16:34:52:f1:d1:93:c2:b6:a1:4a:c4:f0:40:32:
62:9c:d3:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSRkdAtqYG1xI2zTWr+YoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNmQ5Y2NiMDI3MTU4NDliM2ExZWNiY2QzNGI2ODg3ZjY0
OTk0MGYwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzdkOTM1ZjQ2OTdlYzkxMmIzYTVlOWRhZDg2MWQ4N2M0YmU1YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7P9ZBn7lFsW6/DxjBC45mrYlRRE
wiI4DsVxYNOSfJQT6EMoDT48ogW4XKCTu03mEHmSQIIKtNkcZfDiYSw230rCZr32
nnKbV+UMMZShQMTYxszK6PCcIdnI/cLI+KEoDNQQrdHiSL16P9JhXwu3SsmoWzK0
pQ48pJGWJotvPimQaToBZpgYqcGV+XFCF9FlrwW2itNJrM0CmSGxIOYZxoW4KFdn
QZYdArMrJBWemGep4DmdEayQ7ACVxkCmCIC2Wnb3171aGygtIlWAbxKzUmDq3Gj1
4WaLe6lrbRzyvaTW18mVmYyz8UF9byHOi2xm45RgwBoNuv6rm013o946hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFx9k19Gl+yRKzpena2GHYfEvlsTMB8GA1UdIwQY
MBaAFB1tnMsCcVhJs6HsvNNLaIf2SZQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFcyY3l3SnhXRW16b2V5ODAwdG9oX1pKbEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wZWY2ZGUtYjNmMS00NDMwLThiNDkt
MTE0ZmZjMjBmOWFhLzEvWEgyVFgwYVg3SkVyT2w2ZHJZWWRoOFMtV3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wZWY2ZGUtYjNmMS00NDMwLThiNDktMTE0ZmZjMjBmOWFh
LzEvSFcyY3l3SnhXRW16b2V5ODAwdG9oX1pKbEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY2LMA0G
CSqGSIb3DQEBCwUAA4IBAQA9llLGkhQigDyw3EtH9BLgaXHA7hj11kWwd0XnucN9
1mNRt5c4veeyMeLGeW5KMIWIJREZy368rmnBbdMMKWQi7ODW6VhenCrYia0iuzGk
c7N0/WPG8Alb64bfDNW8CppLLoNdv0HM7JxcbzAOzRFF3OPGeCqUbfqtO0BRNTED
AcxYx1MWILmIeOFjVafImL3/fjYPRsz+/d6HcQzZNbIom8xN0WKWejWyTnSHAMgN
861mdBWP1QE1MMpbvQA2Ydb7UnwP4oPZOlIJpOnjKQBx0L5ZBQFmYTdoNODmIzWJ
MOxsgcX4wKd0rkFStW9jFjRS8dGTwrahSsTwQDJinNPV
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:32:30 2024 by rpki-client on console-fra.rpki-client.org