Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/xIBtkeXF4ZO305tyLTh9YJpf9Fs.roa
File: xIBtkeXF4ZO305tyLTh9YJpf9Fs.roa (raw, json)
Hash identifier: iPEMDbLt8QZa4TYbOXZI1kpNaWh7/ioFHwwiLdvJqNw=
Subject key identifier: C4:80:6D:91:E5:C5:E1:93:B7:D3:9B:72:2D:38:7D:60:9A:5F:F4:5B
Certificate issuer: /CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
Certificate serial: 018CCA2A8A1CBBE718870B7D88B22915719E
Authority key identifier: 44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/xIBtkeXF4ZO305tyLTh9YJpf9Fs.roa
Signing time: Tue 02 Jan 2024 12:33:54 +0000
ROA not before: Tue 02 Jan 2024 12:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28889
IP address blocks: 85.193.128.0/20 maxlen: 20
85.193.176.0/20 maxlen: 20
80.66.32.0/19 maxlen: 19
185.54.208.0/24 maxlen: 24
185.54.209.0/24 maxlen: 24
2a00:eb40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/RM62HnGmGfIxTp2YRuxnvIihJEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/RM62HnGmGfIxTp2YRuxnvIihJEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8a:1c:bb:e7:18:87:0b:7d:88:b2:29:15:71:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
Validity
Not Before: Jan 2 12:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4806d91e5c5e193b7d39b722d387d609a5ff45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:97:dd:31:05:28:b2:7a:c0:7d:85:7d:81:7e:
bb:0c:de:48:39:e4:e6:ec:85:35:fb:17:a3:1d:74:
57:51:a0:fd:68:e7:b5:19:d0:40:42:b6:0f:c7:f1:
d2:c1:36:5d:b8:3a:65:77:8b:a4:95:2a:a3:c6:ef:
13:a4:5e:7a:ee:53:97:2c:41:a2:2d:c5:b1:0c:1b:
1f:12:2d:c2:86:9a:1f:9e:48:db:f9:5c:b5:1b:b8:
cd:6e:e1:97:14:30:d4:81:ef:e8:51:fb:cf:4d:8a:
ba:3e:e4:37:21:4d:0c:54:25:78:8f:e2:e9:d0:3b:
12:2f:b7:18:66:48:b1:37:64:25:d5:14:d9:dd:ad:
8d:f5:fb:7c:c7:e3:7c:ac:9e:e5:f3:d4:c8:6e:13:
ec:ad:c5:83:2c:93:f8:b2:cf:b3:49:8e:ac:e9:4e:
56:c8:28:ec:55:01:ab:16:cc:26:fd:cf:d6:09:5d:
ba:e4:ba:81:71:3a:a4:94:8e:33:49:b1:2e:74:6e:
ae:b5:16:20:06:61:c6:90:89:f8:8a:1b:32:17:d6:
20:e9:1c:56:2f:a2:b8:6a:f2:2f:2e:15:0e:83:51:
82:5a:b2:54:77:8c:b6:74:69:ba:e8:71:44:bf:eb:
85:26:c3:b5:1e:26:40:e0:5b:b3:06:b6:04:0a:4a:
19:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:80:6D:91:E5:C5:E1:93:B7:D3:9B:72:2D:38:7D:60:9A:5F:F4:5B
X509v3 Authority Key Identifier:
keyid:44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/xIBtkeXF4ZO305tyLTh9YJpf9Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/RM62HnGmGfIxTp2YRuxnvIihJEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.32.0/19
85.193.128.0/20
85.193.176.0/20
185.54.208.0/23
IPv6:
2a00:eb40::/32
Signature Algorithm: sha256WithRSAEncryption
89:8f:80:4c:02:b6:86:c2:9d:dc:0b:34:29:62:3b:85:29:d7:
98:15:d0:ad:96:07:15:cf:36:bc:76:9c:fc:b1:60:9e:c2:c8:
ee:dc:05:c1:29:80:08:30:51:07:47:fc:b8:45:5f:4d:b9:c9:
9f:b6:61:af:c4:5f:f4:74:d9:15:f5:7e:14:87:3e:17:df:1c:
b7:cb:3c:cf:77:c7:03:a6:aa:89:7c:0a:f6:94:e7:3b:ae:ee:
23:c4:a0:5e:14:f6:f2:90:45:6f:b7:41:85:b3:02:0d:cd:48:
b2:ae:d1:35:90:a6:c2:96:be:c8:ed:53:a4:d8:ad:b2:bb:fb:
6a:f8:95:de:1e:4a:c9:47:50:31:e7:7a:26:9a:7f:d5:9c:fd:
33:82:6f:3d:f6:4e:cc:d8:67:94:3b:f8:3c:ea:90:e0:68:9b:
6c:0c:d2:41:92:3b:9a:01:8c:ef:57:d5:df:7b:80:34:b6:44:
31:53:ca:81:92:1b:9e:43:90:a8:58:75:f4:2c:53:44:32:a2:
d7:8f:a1:4e:8b:80:92:1e:90:42:5b:b2:c5:ca:33:f4:ce:17:
93:9a:a8:ff:b1:4a:c3:18:56:04:0d:90:6a:d4:93:93:c9:73:
8b:be:0b:59:83:54:92:d3:46:33:81:cf:77:9d:55:d1:4c:e5:
73:cc:94:da
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzKKoocu+cYhwt9iLIpFXGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Y2ViNjFlNzFhNjE5ZjIzMTRlOWQ5ODQ2ZWM2N2JjODhh
MTI0NGMwHhcNMjQwMTAyMTIzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDgwNmQ5MWU1YzVlMTkzYjdkMzliNzIyZDM4N2Q2MDlhNWZmNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZfdMQUosnrAfYV9gX67DN5IOeTm
7IU1+xejHXRXUaD9aOe1GdBAQrYPx/HSwTZduDpld4uklSqjxu8TpF567lOXLEGi
LcWxDBsfEi3Chpofnkjb+Vy1G7jNbuGXFDDUge/oUfvPTYq6PuQ3IU0MVCV4j+Lp
0DsSL7cYZkixN2Ql1RTZ3a2N9ft8x+N8rJ7l89TIbhPsrcWDLJP4ss+zSY6s6U5W
yCjsVQGrFswm/c/WCV265LqBcTqklI4zSbEudG6utRYgBmHGkIn4ihsyF9Yg6RxW
L6K4avIvLhUOg1GCWrJUd4y2dGm66HFEv+uFJsO1HiZA4FuzBrYECkoZ7QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMSAbZHlxeGTt9Obci04fWCaX/RbMB8GA1UdIwQY
MBaAFETOth5xphnyMU6dmEbsZ7yIoSRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk02MkhuR21HZkl4VHAyWVJ1eG52SWloSkV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wN2VhYzctNGQ1Mi00NmQ5LWJhNDQt
ODk0NTg2MGQ1MjM4LzEveElCdGtlWEY0Wk8zMDV0eUxUaDlZSnBmOUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wN2VhYzctNGQ1Mi00NmQ5LWJhNDQtODk0NTg2MGQ1MjM4
LzEvUk02MkhuR21HZkl4VHAyWVJ1eG52SWloSkV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFUEIgAwQE
VcGAAwQEVcGwAwQBuTbQMA0EAgACMAcDBQAqAOtAMA0GCSqGSIb3DQEBCwUAA4IB
AQCJj4BMAraGwp3cCzQpYjuFKdeYFdCtlgcVzza8dpz8sWCewsju3AXBKYAIMFEH
R/y4RV9NucmftmGvxF/0dNkV9X4Uhz4X3xy3yzzPd8cDpqqJfAr2lOc7ru4jxKBe
FPbykEVvt0GFswINzUiyrtE1kKbClr7I7VOk2K2yu/tq+JXeHkrJR1Ax53ommn/V
nP0zgm899k7M2GeUO/g86pDgaJtsDNJBkjuaAYzvV9Xfe4A0tkQxU8qBkhueQ5Co
WHX0LFNEMqLXj6FOi4CSHpBCW7LFyjP0zheTmqj/sUrDGFYEDZBq1JOTyXOLvgtZ
g1SS00Yzgc93nVXRTOVzzJTa
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:30:00 2024 by rpki-client on console-ams.rpki-client.org