Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/x_w-hOW1SYNhs733MeXtP6yvs_I.roa
File: x_w-hOW1SYNhs733MeXtP6yvs_I.roa (raw, json)
Hash identifier: lyZUdbvhfzTtNpsO2DBVGhy/De7vg0zZwFFqYo6RODw=
Subject key identifier: C7:FC:3E:84:E5:B5:49:83:61:B3:BD:F7:31:E5:ED:3F:AC:AF:B3:F2
Certificate issuer: /CN=c6135e4acf96139ce5ff2cfdd95f55a8176d7324
Certificate serial: 018CC5DC3C68D0388A4A02497D87FCD96746
Authority key identifier: C6:13:5E:4A:CF:96:13:9C:E5:FF:2C:FD:D9:5F:55:A8:17:6D:73:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhNeSs-WE5zl_yz92V9VqBdtcyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/x_w-hOW1SYNhs733MeXtP6yvs_I.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34555
IP address blocks: 185.4.240.0/22 maxlen: 22
31.24.216.0/24 maxlen: 24
31.24.217.0/24 maxlen: 24
31.24.218.0/24 maxlen: 24
31.24.219.0/24 maxlen: 24
31.24.220.0/24 maxlen: 24
31.24.223.0/24 maxlen: 24
31.24.221.0/24 maxlen: 24
31.24.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/xhNeSs-WE5zl_yz92V9VqBdtcyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/xhNeSs-WE5zl_yz92V9VqBdtcyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhNeSs-WE5zl_yz92V9VqBdtcyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3c:68:d0:38:8a:4a:02:49:7d:87:fc:d9:67:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6135e4acf96139ce5ff2cfdd95f55a8176d7324
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7fc3e84e5b5498361b3bdf731e5ed3facafb3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:b3:cf:be:96:c9:c1:05:6a:0a:4f:c4:e6:
b2:32:90:07:65:f7:92:b2:cc:34:47:e7:fb:bc:c4:
ad:4a:1b:93:5e:3d:0d:0c:69:aa:fa:63:3f:74:2c:
c2:d1:c0:54:a1:e9:6b:73:f6:41:b5:82:0d:62:1f:
aa:26:ec:7d:cf:9e:45:50:24:14:c5:87:2d:9d:83:
aa:e7:9d:f3:41:61:0f:c6:92:44:a5:f6:d8:21:d2:
5b:4e:fc:0a:99:12:2e:dd:df:14:9b:23:04:d4:73:
a5:4c:f9:51:e6:69:34:5f:53:b5:99:79:a4:9d:74:
2c:ff:11:eb:7c:65:6d:1f:40:45:a0:32:cc:56:d2:
06:3b:56:e2:ee:24:f9:3d:9c:e3:4b:69:fa:44:30:
5d:a5:20:92:fc:01:7a:3d:9b:2b:8e:36:43:f3:47:
2a:89:f4:71:55:7a:7e:6a:62:a6:3a:e6:8d:47:3c:
f2:27:fb:2b:1b:6d:65:53:38:3e:de:45:a7:7f:74:
5d:b4:02:bc:cd:e5:51:78:7e:6d:c0:8d:dc:28:c1:
c1:8f:45:2a:dc:01:14:d8:1f:2d:2d:2c:2f:51:b6:
20:f2:20:e7:82:59:4b:9b:9d:03:a1:98:99:ac:32:
86:d4:6a:7b:e0:76:3c:96:9d:f1:71:3e:38:0e:ad:
be:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FC:3E:84:E5:B5:49:83:61:B3:BD:F7:31:E5:ED:3F:AC:AF:B3:F2
X509v3 Authority Key Identifier:
keyid:C6:13:5E:4A:CF:96:13:9C:E5:FF:2C:FD:D9:5F:55:A8:17:6D:73:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhNeSs-WE5zl_yz92V9VqBdtcyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/x_w-hOW1SYNhs733MeXtP6yvs_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/xhNeSs-WE5zl_yz92V9VqBdtcyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.216.0/21
185.4.240.0/22
Signature Algorithm: sha256WithRSAEncryption
53:4e:51:b6:56:31:e7:d8:01:2e:9b:0d:b6:3b:b3:19:4b:9d:
64:1e:e6:46:12:66:36:a0:5f:b1:94:50:f3:47:79:10:70:02:
27:0f:51:cf:e7:91:c4:6c:25:32:f8:2e:95:7d:28:11:c8:c8:
ee:48:c3:ad:60:d7:f7:ef:dc:22:e5:47:54:10:07:9c:17:ea:
ce:37:b1:ea:db:92:12:a7:94:8b:1e:cf:5d:7a:2b:68:50:e6:
82:11:02:42:05:f2:22:99:67:1a:12:89:90:5d:f6:5a:58:40:
91:49:66:ce:9a:03:28:89:57:f6:2f:2c:aa:4d:82:5e:83:49:
ec:06:90:a4:83:fc:ec:9d:74:84:b3:0a:a8:b1:91:0a:72:da:
3d:e9:29:b9:63:af:06:5e:2a:15:dd:fb:08:b9:34:69:86:f0:
23:06:06:e1:ed:c2:54:0b:2d:1a:94:42:cb:c4:fe:39:9f:07:
63:43:7d:a3:0b:e8:5a:ba:02:8a:53:74:2f:17:21:c0:95:ee:
8f:85:95:df:27:b7:76:70:0a:42:e2:8d:82:47:55:16:4c:7a:
da:72:6b:2a:54:2e:34:c7:e9:02:da:90:ea:3d:65:9e:6d:c2:
f4:82:94:44:e1:78:de:e1:a9:95:7b:af:7d:d1:51:72:92:e6:
92:ae:a3:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3Dxo0DiKSgJJfYf82WdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTM1ZTRhY2Y5NjEzOWNlNWZmMmNmZGQ5NWY1NWE4MTc2
ZDczMjQwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ZjM2U4NGU1YjU0OTgzNjFiM2JkZjczMWU1ZWQzZmFjYWZiM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTCzz76WycEFagpPxOayMpAHZfeS
ssw0R+f7vMStShuTXj0NDGmq+mM/dCzC0cBUoelrc/ZBtYINYh+qJux9z55FUCQU
xYctnYOq553zQWEPxpJEpfbYIdJbTvwKmRIu3d8UmyME1HOlTPlR5mk0X1O1mXmk
nXQs/xHrfGVtH0BFoDLMVtIGO1bi7iT5PZzjS2n6RDBdpSCS/AF6PZsrjjZD80cq
ifRxVXp+amKmOuaNRzzyJ/srG21lUzg+3kWnf3RdtAK8zeVReH5twI3cKMHBj0Uq
3AEU2B8tLSwvUbYg8iDngllLm50DoZiZrDKG1Gp74HY8lp3xcT44Dq2+5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMf8PoTltUmDYbO99zHl7T+sr7PyMB8GA1UdIwQY
MBaAFMYTXkrPlhOc5f8s/dlfVagXbXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhOZVNzLVdFNXpsX3l6OTJWOVZxQmR0Y3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS82ZjZmMGQtZTZkZi00ZjJiLTgwZGYt
NDY2YjBjZDhiNzVhLzEveF93LWhPVzFTWU5oczczM01lWHRQNnl2c19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS82ZjZmMGQtZTZkZi00ZjJiLTgwZGYtNDY2YjBjZDhiNzVh
LzEveGhOZVNzLVdFNXpsX3l6OTJWOVZxQmR0Y3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDHxjYAwQC
uQTwMA0GCSqGSIb3DQEBCwUAA4IBAQBTTlG2VjHn2AEumw22O7MZS51kHuZGEmY2
oF+xlFDzR3kQcAInD1HP55HEbCUy+C6VfSgRyMjuSMOtYNf379wi5UdUEAecF+rO
N7Hq25ISp5SLHs9deitoUOaCEQJCBfIimWcaEomQXfZaWECRSWbOmgMoiVf2Lyyq
TYJeg0nsBpCkg/zsnXSEswqosZEKcto96Sm5Y68GXioV3fsIuTRphvAjBgbh7cJU
Cy0alELLxP45nwdjQ32jC+haugKKU3QvFyHAle6PhZXfJ7d2cApC4o2CR1UWTHra
cmsqVC40x+kC2pDqPWWebcL0gpRE4Xje4amVe6990VFykuaSrqPX
-----END CERTIFICATE-----
Generated at Tue Dec 3 14:43:23 2024 by rpki-client on console-fra.rpki-client.org