Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d78293-50c5-471e-b91b-d9f301868ef3/1/xksX6LIvEuF93Twvl7HRvBiF7Q0.roa
File: xksX6LIvEuF93Twvl7HRvBiF7Q0.roa (raw, json)
Hash identifier: YuSmPImY8laNrlzs+Gzr+3ce7lVs+58nzblbb3Ays/c=
Subject key identifier: C6:4B:17:E8:B2:2F:12:E1:7D:DD:3C:2F:97:B1:D1:BC:18:85:ED:0D
Certificate issuer: /CN=037863dc3c259e60b2c986802dd6021115e8bf1f
Certificate serial: 0192F75E3E9353609DC90C33B36638368D74
Authority key identifier: 03:78:63:DC:3C:25:9E:60:B2:C9:86:80:2D:D6:02:11:15:E8:BF:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hj3DwlnmCyyYaALdYCERXovx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d78293-50c5-471e-b91b-d9f301868ef3/1/xksX6LIvEuF93Twvl7HRvBiF7Q0.roa
Signing time: Mon 04 Nov 2024 13:30:01 +0000
ROA not before: Mon 04 Nov 2024 13:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35660
IP address blocks: 185.139.44.0/24 maxlen: 24
185.139.45.0/24 maxlen: 24
185.139.46.0/24 maxlen: 24
185.139.47.0/24 maxlen: 24
185.157.140.0/24 maxlen: 24
185.157.141.0/24 maxlen: 24
185.157.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/d78293-50c5-471e-b91b-d9f301868ef3/1/A3hj3DwlnmCyyYaALdYCERXovx8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/d78293-50c5-471e-b91b-d9f301868ef3/1/A3hj3DwlnmCyyYaALdYCERXovx8.mft
rsync://rpki.ripe.net/repository/DEFAULT/A3hj3DwlnmCyyYaALdYCERXovx8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f7:5e:3e:93:53:60:9d:c9:0c:33:b3:66:38:36:8d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037863dc3c259e60b2c986802dd6021115e8bf1f
Validity
Not Before: Nov 4 13:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c64b17e8b22f12e17ddd3c2f97b1d1bc1885ed0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:28:ae:c4:18:53:30:f3:4b:b7:d9:df:16:b8:
77:3d:2f:ef:66:ff:f4:44:21:6f:d8:4e:37:64:d7:
6e:f6:33:27:ba:45:e9:1c:7d:d9:fc:f2:88:5d:27:
ed:e0:a9:8a:26:1d:28:48:66:94:79:3e:9c:aa:38:
8b:77:2b:cd:ec:3e:99:47:da:e8:4c:df:41:b9:fb:
ea:f7:6e:e6:f7:5d:09:b1:d4:5c:54:c7:e4:d6:61:
ef:e0:e7:2b:dd:cd:62:f8:bc:b9:4f:48:cc:62:3b:
ef:47:7e:5e:24:64:a6:b0:d5:e4:bf:60:36:eb:4f:
0e:2a:97:81:33:72:b5:ad:eb:e4:4f:67:61:69:05:
01:a7:ff:a7:99:35:bc:6c:a0:13:66:cb:34:2b:5b:
18:e3:2d:2c:a1:e8:cb:02:8f:17:f3:f1:41:9c:d9:
e5:5c:d9:bc:98:21:b5:b4:b4:d7:e9:03:67:11:57:
fd:80:4c:c6:ef:5f:de:05:88:60:fa:9d:0c:51:af:
bf:6c:4e:11:90:ab:a1:a0:f0:2d:86:ce:7b:03:c6:
65:ee:d4:f7:5e:20:19:b3:85:16:79:5e:d7:3a:6e:
1d:d7:cc:9f:b4:38:99:15:c2:21:ea:e0:2f:8d:66:
6f:2d:c0:d3:d1:e1:5b:77:18:65:a0:3e:9c:9e:90:
e7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4B:17:E8:B2:2F:12:E1:7D:DD:3C:2F:97:B1:D1:BC:18:85:ED:0D
X509v3 Authority Key Identifier:
keyid:03:78:63:DC:3C:25:9E:60:B2:C9:86:80:2D:D6:02:11:15:E8:BF:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hj3DwlnmCyyYaALdYCERXovx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d78293-50c5-471e-b91b-d9f301868ef3/1/xksX6LIvEuF93Twvl7HRvBiF7Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d78293-50c5-471e-b91b-d9f301868ef3/1/A3hj3DwlnmCyyYaALdYCERXovx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.44.0/22
185.157.140.0-185.157.142.255
Signature Algorithm: sha256WithRSAEncryption
55:fa:bf:23:16:fa:70:ac:98:2f:a3:1c:12:a1:3e:2e:34:98:
eb:94:7e:aa:46:2e:34:8e:ca:b7:01:38:b2:ae:33:1e:25:06:
21:05:71:6f:14:95:13:47:35:99:c5:b4:50:4c:b4:6a:b9:ba:
b9:87:58:07:2d:ef:39:d0:58:78:4c:0a:3b:70:9c:2e:4a:87:
81:fd:e5:5c:ef:ae:0e:03:07:97:8c:17:1c:a2:ea:dd:d5:6d:
2d:7c:f9:40:78:23:20:b1:68:e2:0f:24:7a:32:4a:b4:f1:4f:
95:91:4b:8e:4a:da:0d:6b:1f:ee:44:50:23:80:7d:ea:52:2b:
95:0c:68:9e:9d:86:35:b3:4f:a9:3c:c3:3e:c7:ec:32:ab:00:
ed:63:86:3c:09:e0:87:10:43:fa:09:36:ca:af:1b:d7:62:d6:
2e:db:34:21:4e:45:c9:75:c0:75:e6:3d:23:bd:e1:e4:4c:cc:
5c:2c:4e:20:32:cc:c3:02:b3:3a:c8:f4:c2:1d:1e:c3:69:6b:
c6:24:8f:7c:fc:41:13:ed:1c:15:5e:6e:4c:f9:2d:45:ce:94:
57:96:97:6e:1c:16:47:7a:ab:40:50:ca:70:46:ab:b3:41:1d:
42:42:5f:97:da:b0:b0:12:ef:95:25:d2:a4:66:c7:8b:a4:72:
8c:2e:ef:29
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZL3Xj6TU2CdyQwzs2Y4No10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNzg2M2RjM2MyNTllNjBiMmM5ODY4MDJkZDYwMjExMTVl
OGJmMWYwHhcNMjQxMTA0MTMzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRiMTdlOGIyMmYxMmUxN2RkZDNjMmY5N2IxZDFiYzE4ODVlZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviiuxBhTMPNLt9nfFrh3PS/vZv/0
RCFv2E43ZNdu9jMnukXpHH3Z/PKIXSft4KmKJh0oSGaUeT6cqjiLdyvN7D6ZR9ro
TN9Bufvq927m910JsdRcVMfk1mHv4Ocr3c1i+Ly5T0jMYjvvR35eJGSmsNXkv2A2
608OKpeBM3K1revkT2dhaQUBp/+nmTW8bKATZss0K1sY4y0soejLAo8X8/FBnNnl
XNm8mCG1tLTX6QNnEVf9gEzG71/eBYhg+p0MUa+/bE4RkKuhoPAths57A8Zl7tT3
XiAZs4UWeV7XOm4d18yftDiZFcIh6uAvjWZvLcDT0eFbdxhloD6cnpDn3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMZLF+iyLxLhfd08L5ex0bwYhe0NMB8GA1UdIwQY
MBaAFAN4Y9w8JZ5gssmGgC3WAhEV6L8fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTNoajNEd2xubUN5eVlhQUxkWUNFUlhvdng4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kNzgyOTMtNTBjNS00NzFlLWI5MWIt
ZDlmMzAxODY4ZWYzLzEveGtzWDZMSXZFdUY5M1R3dmw3SFJ2QmlGN1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kNzgyOTMtNTBjNS00NzFlLWI5MWItZDlmMzAxODY4ZWYz
LzEvQTNoajNEd2xubUN5eVlhQUxkWUNFUlhvdng4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuYssMAwD
BAK5nYwDBAC5nY4wDQYJKoZIhvcNAQELBQADggEBAFX6vyMW+nCsmC+jHBKhPi40
mOuUfqpGLjSOyrcBOLKuMx4lBiEFcW8UlRNHNZnFtFBMtGq5urmHWAct7znQWHhM
CjtwnC5Kh4H95Vzvrg4DB5eMFxyi6t3VbS18+UB4IyCxaOIPJHoySrTxT5WRS45K
2g1rH+5EUCOAfepSK5UMaJ6dhjWzT6k8wz7H7DKrAO1jhjwJ4IcQQ/oJNsqvG9di
1i7bNCFORcl1wHXmPSO94eRMzFwsTiAyzMMCszrI9MIdHsNpa8Ykj3z8QRPtHBVe
bkz5LUXOlFeWl24cFkd6q0BQynBGq7NBHUJCX5fasLAS75Ul0qRmx4ukcowu7yk=
-----END CERTIFICATE-----
Generated at Tue Nov 26 19:58:30 2024 by rpki-client on console-ams.rpki-client.org