Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/xnZfmAWBdnTCSbljxO6ZKYtSVjM.roa
File: xnZfmAWBdnTCSbljxO6ZKYtSVjM.roa (raw, json)
Hash identifier: Qdt5UTClx7ajt4EUW8ugphjro5l46wvfDtIyotmhr1I=
Subject key identifier: C6:76:5F:98:05:81:76:74:C2:49:B9:63:C4:EE:99:29:8B:52:56:33
Certificate issuer: /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial: 018CCA96EAF1843EAB7F33267AFB1A4C0D2E
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/xnZfmAWBdnTCSbljxO6ZKYtSVjM.roa
Signing time: Tue 02 Jan 2024 14:32:17 +0000
ROA not before: Tue 02 Jan 2024 14:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60484
IP address blocks: 185.159.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.mft
rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:96:ea:f1:84:3e:ab:7f:33:26:7a:fb:1a:4c:0d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
Validity
Not Before: Jan 2 14:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6765f9805817674c249b963c4ee99298b525633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2a:13:10:5b:36:39:fb:a2:e0:23:5a:f9:b2:
1e:f1:d1:28:e8:00:c0:91:0d:8e:35:73:9e:24:ea:
8f:a2:09:30:83:67:d6:6b:94:b4:a9:bd:95:5e:2a:
fc:2a:e1:01:e0:84:fc:0a:55:ba:35:fd:8b:4f:d9:
e2:9e:7e:66:d2:87:da:b7:f9:31:2b:b9:ef:10:cb:
0c:a5:35:26:db:08:1f:39:a1:bf:e4:c9:c0:3f:4f:
05:44:f0:09:f0:59:13:10:67:18:c9:5d:43:b7:53:
27:b7:48:b6:12:f4:84:32:7e:18:28:d4:93:fc:c0:
fa:49:e7:8f:d6:8d:bf:56:b0:76:0c:05:fc:50:3e:
8f:8e:3b:1b:1c:ea:d8:e2:dc:d1:4a:69:25:df:5a:
30:df:86:01:5e:da:a2:d6:a4:9c:c5:b2:90:7f:ca:
a9:3f:a9:91:1f:0a:f1:54:93:be:48:4e:42:6d:67:
92:f9:e9:3a:fd:26:58:91:49:26:e8:a7:28:1b:3e:
67:bc:df:ca:e3:43:7c:f9:26:aa:21:41:8c:70:39:
bc:03:a9:23:11:01:23:f5:71:a8:d1:99:ad:78:c5:
52:37:b7:b1:90:d8:c3:fe:cf:a2:dd:f6:43:de:9f:
eb:5f:e8:77:a7:51:12:f2:0d:38:9b:2e:16:b5:e9:
53:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:76:5F:98:05:81:76:74:C2:49:B9:63:C4:EE:99:29:8B:52:56:33
X509v3 Authority Key Identifier:
keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/xnZfmAWBdnTCSbljxO6ZKYtSVjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.172.0/22
Signature Algorithm: sha256WithRSAEncryption
70:1a:e2:d1:a3:6e:f0:9e:79:b7:b2:c7:f2:92:e3:0c:fd:5d:
de:b7:78:b4:88:f3:90:08:a4:74:a7:bf:71:39:9e:bd:63:7e:
70:43:4a:6f:da:88:5d:54:c3:47:41:68:57:fe:63:7d:f8:78:
24:53:00:c2:c6:32:32:19:f9:42:12:4f:f0:db:46:81:e9:a2:
38:c4:73:fe:8e:e1:00:0d:92:d0:84:60:ca:75:bd:32:10:8b:
35:38:1b:a3:7b:06:58:6d:23:c5:2c:23:ef:a0:f0:c6:89:db:
8c:6b:ec:97:e5:0f:b9:93:b5:68:52:4d:9d:30:5c:bc:a0:00:
85:3d:e9:30:c3:fb:e0:07:ec:c7:f9:34:db:97:2a:4f:83:76:
9f:bb:8d:a7:47:85:30:16:6e:d2:29:88:23:05:b8:6b:e2:3a:
40:1b:ce:98:a5:f3:d7:65:d3:28:fc:06:db:e3:68:5b:cf:55:
65:85:0c:5f:18:ef:66:df:f3:c1:5b:59:1d:c4:36:77:6d:a3:
18:83:06:20:ff:bf:46:e9:1d:5a:d0:0a:49:b2:c2:1b:f4:11:
90:2a:64:01:14:17:24:2e:0c:a2:cd:f6:7e:68:d6:fe:3d:f9:
9a:af:9a:3e:ee:28:1f:db:c1:64:4b:a0:b9:e1:d9:d8:97:47:
57:38:f8:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKlurxhD6rfzMmevsaTA0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjQwMTAyMTQzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjc2NWY5ODA1ODE3Njc0YzI0OWI5NjNjNGVlOTkyOThiNTI1NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyoTEFs2Ofui4CNa+bIe8dEo6ADA
kQ2ONXOeJOqPogkwg2fWa5S0qb2VXir8KuEB4IT8ClW6Nf2LT9ninn5m0ofat/kx
K7nvEMsMpTUm2wgfOaG/5MnAP08FRPAJ8FkTEGcYyV1Dt1Mnt0i2EvSEMn4YKNST
/MD6SeeP1o2/VrB2DAX8UD6PjjsbHOrY4tzRSmkl31ow34YBXtqi1qScxbKQf8qp
P6mRHwrxVJO+SE5CbWeS+ek6/SZYkUkm6KcoGz5nvN/K40N8+SaqIUGMcDm8A6kj
EQEj9XGo0ZmteMVSN7exkNjD/s+i3fZD3p/rX+h3p1ES8g04my4WtelTNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMZ2X5gFgXZ0wkm5Y8TumSmLUlYzMB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEveG5aZm1BV0JkblRDU2JsanhPNlpLWXRTVmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ+sMA0G
CSqGSIb3DQEBCwUAA4IBAQBwGuLRo27wnnm3ssfykuMM/V3et3i0iPOQCKR0p79x
OZ69Y35wQ0pv2ohdVMNHQWhX/mN9+HgkUwDCxjIyGflCEk/w20aB6aI4xHP+juEA
DZLQhGDKdb0yEIs1OBujewZYbSPFLCPvoPDGiduMa+yX5Q+5k7VoUk2dMFy8oACF
Pekww/vgB+zH+TTblypPg3afu42nR4UwFm7SKYgjBbhr4jpAG86YpfPXZdMo/Abb
42hbz1VlhQxfGO9m3/PBW1kdxDZ3baMYgwYg/79G6R1a0ApJssIb9BGQKmQBFBck
LgyizfZ+aNb+Pfmar5o+7igf28FkS6C54dnYl0dXOPgG
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:53 2024 by rpki-client on console-fra.rpki-client.org