Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/XgDrXBRwfW9iVRtHalmiD5Aj_w8.roa
File: XgDrXBRwfW9iVRtHalmiD5Aj_w8.roa (raw, json)
Hash identifier: P/1yMcOK3MhYVQM6RBJG7LQDfbGajswCbA/1CTB3YmI=
Subject key identifier: 5E:00:EB:5C:14:70:7D:6F:62:55:1B:47:6A:59:A2:0F:90:23:FF:0F
Certificate issuer: /CN=c47a84061671603ddc2ae8eea9cad51ee75aaec6
Certificate serial: 018CC8714BA5D25D9CA4782622321197D003
Authority key identifier: C4:7A:84:06:16:71:60:3D:DC:2A:E8:EE:A9:CA:D5:1E:E7:5A:AE:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHqEBhZxYD3cKujuqcrVHudarsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/XgDrXBRwfW9iVRtHalmiD5Aj_w8.roa
Signing time: Tue 02 Jan 2024 04:31:57 +0000
ROA not before: Tue 02 Jan 2024 04:31:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204226
IP address blocks: 194.105.148.0/24 maxlen: 24
185.89.9.0/24 maxlen: 24
185.89.10.0/24 maxlen: 24
185.89.11.0/24 maxlen: 24
185.89.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/xHqEBhZxYD3cKujuqcrVHudarsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/xHqEBhZxYD3cKujuqcrVHudarsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xHqEBhZxYD3cKujuqcrVHudarsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:4b:a5:d2:5d:9c:a4:78:26:22:32:11:97:d0:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c47a84061671603ddc2ae8eea9cad51ee75aaec6
Validity
Not Before: Jan 2 04:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e00eb5c14707d6f62551b476a59a20f9023ff0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:45:24:4f:87:d0:dd:3d:bc:19:16:62:1e:cd:
ff:67:ea:ff:7e:8f:9e:a0:38:e4:17:2c:e5:88:42:
0f:55:36:2f:28:1c:04:51:54:48:bc:59:72:db:8e:
da:9b:16:d2:c1:19:c5:e8:8f:59:dc:fb:63:f0:91:
d0:af:64:38:81:d5:8f:05:30:f0:55:ae:38:14:7c:
fe:b1:28:9e:22:c3:6a:fc:65:dd:52:60:af:99:de:
28:df:25:16:31:80:20:f0:98:63:2d:92:e6:1f:75:
19:53:8c:8e:b8:c2:f7:3f:cd:af:eb:6b:be:55:5b:
da:e3:27:86:5c:5d:35:c7:60:1b:ba:0a:ee:c6:c9:
a4:a1:97:fc:1d:03:49:50:ec:04:d0:ab:24:d6:f7:
e3:e6:34:1f:cf:b5:13:b4:97:ea:e3:ba:b4:dc:3c:
01:99:1f:e4:77:68:42:5d:a7:ac:b9:cf:71:e2:8b:
d8:5c:57:b7:10:61:89:8b:79:12:52:f3:db:42:38:
15:3f:e9:bb:27:ab:af:08:7d:a0:73:06:bd:58:ae:
ef:28:2e:5d:6a:7a:70:36:44:e6:78:74:84:39:5c:
1f:3f:f1:cb:83:93:a4:73:53:e9:57:a7:36:b9:c1:
52:56:d9:f1:fb:95:17:2a:af:d2:27:20:a5:ec:5e:
f1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:00:EB:5C:14:70:7D:6F:62:55:1B:47:6A:59:A2:0F:90:23:FF:0F
X509v3 Authority Key Identifier:
keyid:C4:7A:84:06:16:71:60:3D:DC:2A:E8:EE:A9:CA:D5:1E:E7:5A:AE:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHqEBhZxYD3cKujuqcrVHudarsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/XgDrXBRwfW9iVRtHalmiD5Aj_w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/53f252-f3fe-467a-bccf-b291f97b7096/1/xHqEBhZxYD3cKujuqcrVHudarsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.8.0/22
194.105.148.0/24
Signature Algorithm: sha256WithRSAEncryption
35:75:df:3c:16:b2:a1:16:1c:0c:50:b6:14:39:64:89:8d:7f:
3a:6b:7c:f4:c1:a5:0b:62:48:ad:13:36:60:41:b4:75:ec:7a:
fa:04:93:3b:1f:33:cb:c7:12:be:74:cd:ae:b1:f0:26:08:01:
63:ca:d6:e1:af:f1:81:bd:b9:cd:f8:72:32:0d:64:bc:fd:20:
a1:91:60:7a:8d:2e:77:b2:64:ae:5d:c6:0b:cc:f4:26:a6:a2:
3e:eb:c3:88:ab:1a:71:e1:a5:6c:03:be:09:d5:42:29:7d:32:
d3:86:40:c8:c4:22:63:4f:0b:12:c2:c5:d5:d3:8a:9c:bb:fb:
29:48:c8:4d:40:7d:f2:98:a7:b3:2b:3c:75:e8:bb:ba:62:58:
47:eb:88:69:34:f5:2e:ae:d6:b3:ff:ad:47:de:09:56:1d:32:
5b:75:14:8a:66:07:11:ed:01:e0:44:8c:bd:5a:b9:81:7f:09:
69:23:3c:b4:b6:bc:d3:b1:04:7e:22:f0:20:26:12:bd:04:14:
6c:80:14:1b:0a:d7:25:43:c5:d6:7b:2f:d1:16:ff:5c:6f:c1:
7b:c6:29:02:9d:e4:47:3a:dd:83:c4:eb:07:1f:57:8d:24:b6:
3c:d5:62:af:c6:6b:d8:83:6d:c2:a4:0a:a5:ea:ad:a3:ef:2c:
d4:b1:27:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcUul0l2cpHgmIjIRl9ADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0N2E4NDA2MTY3MTYwM2RkYzJhZThlZWE5Y2FkNTFlZTc1
YWFlYzYwHhcNMjQwMTAyMDQzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTAwZWI1YzE0NzA3ZDZmNjI1NTFiNDc2YTU5YTIwZjkwMjNmZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUUkT4fQ3T28GRZiHs3/Z+r/fo+e
oDjkFyzliEIPVTYvKBwEUVRIvFly247amxbSwRnF6I9Z3Ptj8JHQr2Q4gdWPBTDw
Va44FHz+sSieIsNq/GXdUmCvmd4o3yUWMYAg8JhjLZLmH3UZU4yOuML3P82v62u+
VVva4yeGXF01x2AbugruxsmkoZf8HQNJUOwE0Ksk1vfj5jQfz7UTtJfq47q03DwB
mR/kd2hCXaesuc9x4ovYXFe3EGGJi3kSUvPbQjgVP+m7J6uvCH2gcwa9WK7vKC5d
anpwNkTmeHSEOVwfP/HLg5Okc1PpV6c2ucFSVtnx+5UXKq/SJyCl7F7xVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF4A61wUcH1vYlUbR2pZog+QI/8PMB8GA1UdIwQY
MBaAFMR6hAYWcWA93Cro7qnK1R7nWq7GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhxRUJoWnhZRDNjS3VqdXFjclZIdWRhcnNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC81M2YyNTItZjNmZS00NjdhLWJjY2Yt
YjI5MWY5N2I3MDk2LzEvWGdEclhCUndmVzlpVlJ0SGFsbWlENUFqX3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC81M2YyNTItZjNmZS00NjdhLWJjY2YtYjI5MWY5N2I3MDk2
LzEveEhxRUJoWnhZRDNjS3VqdXFjclZIdWRhcnNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVkIAwQA
wmmUMA0GCSqGSIb3DQEBCwUAA4IBAQA1dd88FrKhFhwMULYUOWSJjX86a3z0waUL
YkitEzZgQbR17Hr6BJM7HzPLxxK+dM2usfAmCAFjytbhr/GBvbnN+HIyDWS8/SCh
kWB6jS53smSuXcYLzPQmpqI+68OIqxpx4aVsA74J1UIpfTLThkDIxCJjTwsSwsXV
04qcu/spSMhNQH3ymKezKzx16Lu6YlhH64hpNPUurtaz/61H3glWHTJbdRSKZgcR
7QHgRIy9WrmBfwlpIzy0trzTsQR+IvAgJhK9BBRsgBQbCtclQ8XWey/RFv9cb8F7
xikCneRHOt2DxOsHH1eNJLY81WKvxmvYg23CpAql6q2j7yzUsSdn
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:00 2024 by rpki-client on console-fra.rpki-client.org