Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/xSG1Qmh3Xyy87boZUiJ1cLosQfI.roa
File: xSG1Qmh3Xyy87boZUiJ1cLosQfI.roa (raw, json)
Hash identifier: jRBUsao9GqNyyV8VZDoetjvLZQCYPvAAtQjvd3zma1I=
Subject key identifier: C5:21:B5:42:68:77:5F:2C:BC:ED:BA:19:52:22:75:70:BA:2C:41:F2
Certificate issuer: /CN=7938dfb9eb924079bb706cb616eda572864a9e13
Certificate serial: 018CC9BCAB28A53FA2D15A3B4232793651B4
Authority key identifier: 79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/xSG1Qmh3Xyy87boZUiJ1cLosQfI.roa
Signing time: Tue 02 Jan 2024 10:33:54 +0000
ROA not before: Tue 02 Jan 2024 10:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44400
IP address blocks: 185.51.40.0/24 maxlen: 24
185.51.41.0/24 maxlen: 24
2a04:c140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.mft
rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 19:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ab:28:a5:3f:a2:d1:5a:3b:42:32:79:36:51:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7938dfb9eb924079bb706cb616eda572864a9e13
Validity
Not Before: Jan 2 10:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c521b54268775f2cbcedba1952227570ba2c41f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d1:2b:1e:bf:f5:44:86:cf:86:f0:ce:43:34:
07:14:26:ad:4d:4c:58:66:e8:69:a5:87:c2:d7:73:
1d:f1:c4:05:38:fa:7d:42:7c:0c:9a:e2:c2:a5:4a:
b2:7f:9d:96:ec:7c:3f:e4:ae:cf:4f:7d:48:02:fa:
05:9a:aa:fc:11:80:cd:06:51:0b:fc:a1:2f:40:2f:
90:0c:8e:91:7b:4e:bf:04:2c:07:d3:e2:a4:e0:e4:
65:79:f7:cf:ad:b6:ab:79:9f:0e:00:26:f8:61:77:
b6:38:9b:75:d2:34:1f:f5:39:e3:d5:47:82:ed:ab:
11:61:43:75:27:94:7d:27:88:c4:07:81:a4:cc:87:
fc:60:c5:bc:07:ba:f1:16:a9:59:31:a9:4f:20:96:
04:b7:ec:e1:13:18:3f:11:b1:d2:e5:06:b0:b5:7e:
83:29:33:58:2d:e5:4d:cc:0f:ae:ed:68:37:8e:99:
90:f4:7c:d1:4c:93:7d:f3:0d:1c:3c:67:2f:fb:d0:
b2:a2:40:26:75:13:ce:4c:10:f0:af:9a:f9:3d:89:
f0:d5:3c:82:91:b2:75:58:1a:8e:f2:0f:5b:3e:85:
8e:4b:12:05:25:cc:84:86:13:9c:b7:ad:93:2f:5e:
85:75:07:27:5e:2a:a4:ac:9b:04:f0:ac:23:33:a2:
b6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:21:B5:42:68:77:5F:2C:BC:ED:BA:19:52:22:75:70:BA:2C:41:F2
X509v3 Authority Key Identifier:
keyid:79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/xSG1Qmh3Xyy87boZUiJ1cLosQfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.40.0/23
IPv6:
2a04:c140::/29
Signature Algorithm: sha256WithRSAEncryption
32:83:ef:39:09:53:b2:ac:3e:f5:d2:05:55:f0:15:b4:0b:5a:
7e:da:97:d4:2e:bb:a8:cf:fb:b1:bb:73:06:e5:ac:4c:c7:4f:
f1:e4:9d:82:1f:77:7e:bf:b3:1f:44:47:29:c8:86:01:8a:55:
4b:52:20:20:08:30:c5:d6:b3:ae:7a:0d:45:db:0e:64:75:5e:
ef:7d:38:dd:4b:31:a5:6c:04:bc:0a:4f:54:f5:ed:65:21:97:
b6:7d:64:b1:36:63:09:07:86:c9:f4:e3:fa:2f:c3:c7:54:b4:
50:37:a5:b7:15:12:1e:39:33:e4:e5:d1:03:5d:77:68:4b:3e:
6a:0f:41:1b:bb:5f:11:ec:6c:9a:f0:cc:26:5b:6b:6b:74:f8:
e6:ea:90:24:61:dc:5a:3f:a9:7d:7e:83:ba:d6:d7:29:2f:a2:
02:ab:78:78:6f:9e:85:5f:17:ee:96:32:9b:c1:bd:d9:3c:9a:
b2:6a:9b:ec:65:82:b7:7c:6a:4d:f4:14:a6:f9:13:4b:18:da:
68:5f:e5:62:7c:d1:71:a9:d0:df:b5:34:16:30:a3:6a:0f:4d:
fc:52:f8:46:7e:02:ed:e6:36:7d:b1:49:31:99:06:ac:9a:ba:
f2:76:ee:85:8d:29:c8:f9:c2:ea:d6:4d:08:db:5d:0e:88:cf:
7d:f5:d8:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvKsopT+i0Vo7QjJ5NlG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MzhkZmI5ZWI5MjQwNzliYjcwNmNiNjE2ZWRhNTcyODY0
YTllMTMwHhcNMjQwMTAyMTAzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTIxYjU0MjY4Nzc1ZjJjYmNlZGJhMTk1MjIyNzU3MGJhMmM0MWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9ErHr/1RIbPhvDOQzQHFCatTUxY
ZuhppYfC13Md8cQFOPp9QnwMmuLCpUqyf52W7Hw/5K7PT31IAvoFmqr8EYDNBlEL
/KEvQC+QDI6Re06/BCwH0+Kk4ORleffPrbareZ8OACb4YXe2OJt10jQf9Tnj1UeC
7asRYUN1J5R9J4jEB4GkzIf8YMW8B7rxFqlZMalPIJYEt+zhExg/EbHS5QawtX6D
KTNYLeVNzA+u7Wg3jpmQ9HzRTJN98w0cPGcv+9CyokAmdRPOTBDwr5r5PYnw1TyC
kbJ1WBqO8g9bPoWOSxIFJcyEhhOct62TL16FdQcnXiqkrJsE8KwjM6K24QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMUhtUJod18svO26GVIidXC6LEHyMB8GA1UdIwQY
MBaAFHk437nrkkB5u3BsthbtpXKGSp4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQt
MDZkYTJiYjA2MDcxLzEveFNHMVFtaDNYeXk4N2JvWlVpSjFjTG9zUWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQtMDZkYTJiYjA2MDcx
LzEvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuTMoMA0E
AgACMAcDBQMqBMFAMA0GCSqGSIb3DQEBCwUAA4IBAQAyg+85CVOyrD710gVV8BW0
C1p+2pfULruoz/uxu3MG5axMx0/x5J2CH3d+v7MfREcpyIYBilVLUiAgCDDF1rOu
eg1F2w5kdV7vfTjdSzGlbAS8Ck9U9e1lIZe2fWSxNmMJB4bJ9OP6L8PHVLRQN6W3
FRIeOTPk5dEDXXdoSz5qD0Ebu18R7Gya8MwmW2trdPjm6pAkYdxaP6l9foO61tcp
L6ICq3h4b56FXxfuljKbwb3ZPJqyapvsZYK3fGpN9BSm+RNLGNpoX+VifNFxqdDf
tTQWMKNqD038UvhGfgLt5jZ9sUkxmQasmrrydu6FjSnI+cLq1k0I210OiM999di4
-----END CERTIFICATE-----
Generated at Tue Jun 4 03:18:08 2024 by rpki-client on console-ams.rpki-client.org