Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/pxuoe7Zdm8ZlOm-tW9ChRYIk55U.roa
File: pxuoe7Zdm8ZlOm-tW9ChRYIk55U.roa (raw, json)
Hash identifier: +1USPd1VSVtWckgk0tAbETPmFBHWI+GlUEMJbTckV/c=
Subject key identifier: A7:1B:A8:7B:B6:5D:9B:C6:65:3A:6F:AD:5B:D0:A1:45:82:24:E7:95
Certificate issuer: /CN=b40d849cc43b732dab6641fc6fd5a4db3a2db947
Certificate serial: 018CC50088D4931BD5BE155A794160EC16F5
Authority key identifier: B4:0D:84:9C:C4:3B:73:2D:AB:66:41:FC:6F:D5:A4:DB:3A:2D:B9:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tA2EnMQ7cy2rZkH8b9Wk2zotuUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/pxuoe7Zdm8ZlOm-tW9ChRYIk55U.roa
Signing time: Mon 01 Jan 2024 12:29:55 +0000
ROA not before: Mon 01 Jan 2024 12:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49898
IP address blocks: 185.169.169.0/24 maxlen: 24
185.169.170.0/24 maxlen: 24
185.169.171.0/24 maxlen: 24
185.169.168.0/24 maxlen: 24
2a0a:5306::/32 maxlen: 32
2a0a:5301::/32 maxlen: 32
2a0a:5304::/32 maxlen: 32
2a0a:5303::/32 maxlen: 32
2a0a:5307::/32 maxlen: 32
2a0a:5302::/32 maxlen: 32
2a0a:5305::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/tA2EnMQ7cy2rZkH8b9Wk2zotuUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/tA2EnMQ7cy2rZkH8b9Wk2zotuUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tA2EnMQ7cy2rZkH8b9Wk2zotuUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:88:d4:93:1b:d5:be:15:5a:79:41:60:ec:16:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b40d849cc43b732dab6641fc6fd5a4db3a2db947
Validity
Not Before: Jan 1 12:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a71ba87bb65d9bc6653a6fad5bd0a1458224e795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1c:ea:52:93:85:b2:62:10:e8:7b:28:4e:48:
0b:33:9a:88:d3:ef:7f:54:98:7b:96:77:19:33:f5:
da:1b:bc:36:1e:89:4b:64:a6:e4:91:e2:5e:82:44:
44:03:26:8a:16:bd:c5:4f:49:3a:1e:f1:27:d9:e2:
c7:f4:51:f8:2d:ee:3a:1c:08:1b:fd:43:6c:1b:29:
e8:6e:f8:4e:8c:42:14:1c:3e:bd:d3:72:ff:e7:11:
e7:b9:e4:c6:57:b8:61:10:44:9d:41:28:8a:60:cc:
c0:95:e2:52:d6:7a:53:fd:33:58:c7:a5:a2:1f:5c:
a8:76:46:b5:18:f7:a5:db:f4:1d:02:3a:80:45:99:
22:91:24:3b:2a:95:ab:07:a3:89:35:1d:79:55:f4:
38:3f:2b:8e:76:6f:69:1e:bd:9c:bb:c7:eb:e1:f7:
fe:ec:8c:74:c9:3c:fb:7d:0d:9c:36:6b:7e:7c:71:
c8:ac:c4:2a:10:20:ff:a0:7e:22:ee:16:64:87:ee:
43:6d:b7:fe:ea:d3:43:74:b8:d4:d7:f5:48:8a:3e:
94:7f:15:51:14:95:bf:51:a9:2f:a9:3e:a1:12:f0:
1d:f3:48:b9:ef:fb:ff:ef:b0:19:4a:c2:8f:30:2c:
5a:e7:1a:2c:42:60:bb:bc:e5:f8:0b:01:81:03:18:
a2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:1B:A8:7B:B6:5D:9B:C6:65:3A:6F:AD:5B:D0:A1:45:82:24:E7:95
X509v3 Authority Key Identifier:
keyid:B4:0D:84:9C:C4:3B:73:2D:AB:66:41:FC:6F:D5:A4:DB:3A:2D:B9:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tA2EnMQ7cy2rZkH8b9Wk2zotuUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/pxuoe7Zdm8ZlOm-tW9ChRYIk55U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/134ccb-b0ab-446b-8172-62e27cd1e975/1/tA2EnMQ7cy2rZkH8b9Wk2zotuUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.168.0/22
IPv6:
2a0a:5301::-2a0a:5307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
cf:ea:f5:0e:56:0a:8c:8f:0b:c8:25:dc:cb:4d:a8:c5:96:45:
dc:f5:15:13:6d:d0:37:54:97:e1:96:9f:3f:e4:27:ef:95:3b:
ab:79:76:d2:98:41:60:79:58:7a:6d:4b:d4:57:be:c3:d4:cf:
d2:3f:70:ac:de:8a:8b:68:65:02:57:59:4e:a7:54:92:af:70:
2d:ef:c2:3c:c2:85:3f:bc:c1:a7:bb:22:f1:50:02:35:a3:49:
16:b0:dd:b1:ed:30:a4:39:c4:5f:ac:88:f8:ee:94:a5:42:b5:
e8:23:6f:cb:e1:ec:ec:e1:47:a4:5f:3a:e4:fb:5f:96:a0:b6:
e6:b6:b4:c6:10:83:fd:a3:14:89:36:e4:6f:66:03:0d:2a:af:
68:f9:a3:a1:9e:d2:cf:51:36:1c:8b:6a:a7:9d:ec:7e:c0:ca:
eb:a9:9d:21:b1:a0:e2:3a:7c:f2:65:40:e8:3a:fc:c2:d8:61:
4d:66:b4:f3:21:14:6e:8f:b8:c2:54:08:50:2c:db:81:a5:5c:
be:7b:17:f7:17:e7:ae:51:24:c0:5b:e6:9e:c3:08:3f:14:ce:
3f:33:08:87:57:f5:a5:24:77:6c:b7:63:ac:7d:d8:93:cb:4e:
32:4f:09:ca:76:69:04:ba:59:93:12:99:60:5e:79:a3:98:10:
61:de:2e:01
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFAIjUkxvVvhVaeUFg7Bb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MGQ4NDljYzQzYjczMmRhYjY2NDFmYzZmZDVhNGRiM2Ey
ZGI5NDcwHhcNMjQwMTAxMTIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzFiYTg3YmI2NWQ5YmM2NjUzYTZmYWQ1YmQwYTE0NTgyMjRlNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BzqUpOFsmIQ6HsoTkgLM5qI0+9/
VJh7lncZM/XaG7w2HolLZKbkkeJegkREAyaKFr3FT0k6HvEn2eLH9FH4Le46HAgb
/UNsGynobvhOjEIUHD6903L/5xHnueTGV7hhEESdQSiKYMzAleJS1npT/TNYx6Wi
H1yodka1GPel2/QdAjqARZkikSQ7KpWrB6OJNR15VfQ4PyuOdm9pHr2cu8fr4ff+
7Ix0yTz7fQ2cNmt+fHHIrMQqECD/oH4i7hZkh+5Dbbf+6tNDdLjU1/VIij6UfxVR
FJW/UakvqT6hEvAd80i57/v/77AZSsKPMCxa5xosQmC7vOX4CwGBAxiifQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKcbqHu2XZvGZTpvrVvQoUWCJOeVMB8GA1UdIwQY
MBaAFLQNhJzEO3Mtq2ZB/G/VpNs6LblHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEEyRW5NUTdjeTJyWmtIOGI5V2syem90dVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xMzRjY2ItYjBhYi00NDZiLTgxNzIt
NjJlMjdjZDFlOTc1LzEvcHh1b2U3WmRtOFpsT20tdFc5Q2hSWUlrNTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xMzRjY2ItYjBhYi00NDZiLTgxNzItNjJlMjdjZDFlOTc1
LzEvdEEyRW5NUTdjeTJyWmtIOGI5V2syem90dVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuamoMBYE
AgACMBAwDgMFACoKUwEDBQMqClMAMA0GCSqGSIb3DQEBCwUAA4IBAQDP6vUOVgqM
jwvIJdzLTajFlkXc9RUTbdA3VJfhlp8/5CfvlTureXbSmEFgeVh6bUvUV77D1M/S
P3Cs3oqLaGUCV1lOp1SSr3At78I8woU/vMGnuyLxUAI1o0kWsN2x7TCkOcRfrIj4
7pSlQrXoI2/L4ezs4UekXzrk+1+WoLbmtrTGEIP9oxSJNuRvZgMNKq9o+aOhntLP
UTYci2qnnex+wMrrqZ0hsaDiOnzyZUDoOvzC2GFNZrTzIRRuj7jCVAhQLNuBpVy+
exf3F+euUSTAW+aewwg/FM4/MwiHV/WlJHdst2OsfdiTy04yTwnKdmkEulmTEplg
XnmjmBBh3i4B
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:25:34 2024 by rpki-client on console-fra.rpki-client.org