Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/XaoSBMvoSmUyR1JPGkObullZ3DE.roa
File: XaoSBMvoSmUyR1JPGkObullZ3DE.roa (raw, json)
Hash identifier: T57/kL+Cx/6RtQ9ybMrMhJPDSvQ435bNy6qighrywtA=
Subject key identifier: 5D:AA:12:04:CB:E8:4A:65:32:47:52:4F:1A:43:9B:BA:59:59:DC:31
Certificate issuer: /CN=6f3d89a81fc299f39c092e4f6d0173a9a9cfbc65
Certificate serial: 018CC80116C9273410EA020448A625E86EEE
Authority key identifier: 6F:3D:89:A8:1F:C2:99:F3:9C:09:2E:4F:6D:01:73:A9:A9:CF:BC:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/XaoSBMvoSmUyR1JPGkObullZ3DE.roa
Signing time: Tue 02 Jan 2024 02:29:23 +0000
ROA not before: Tue 02 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16024
IP address blocks: 156.67.56.0/23 maxlen: 23
156.67.56.0/24 maxlen: 24
156.67.57.0/24 maxlen: 24
149.232.184.0/22 maxlen: 24
217.70.160.0/20 maxlen: 24
149.232.190.0/23 maxlen: 24
185.47.232.0/22 maxlen: 24
46.28.32.0/21 maxlen: 24
185.159.32.0/22 maxlen: 24
149.232.244.0/22 maxlen: 24
149.232.248.0/22 maxlen: 24
2a02:1670::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/bz2JqB_CmfOcCS5PbQFzqanPvGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/bz2JqB_CmfOcCS5PbQFzqanPvGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 07:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:16:c9:27:34:10:ea:02:04:48:a6:25:e8:6e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3d89a81fc299f39c092e4f6d0173a9a9cfbc65
Validity
Not Before: Jan 2 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5daa1204cbe84a653247524f1a439bba5959dc31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:94:53:2e:df:b4:a9:d7:75:29:84:5d:87:9c:
59:14:9e:b0:1d:8d:cd:ce:81:aa:ad:81:34:e9:6a:
5a:29:7b:bc:85:5b:4c:79:35:4e:d9:70:c4:d1:8d:
6b:fa:98:23:5a:05:57:3a:5b:3f:07:6d:fc:b9:c2:
9a:f5:46:d3:ef:79:e5:53:60:56:32:58:56:75:b3:
8b:16:84:55:26:96:15:ca:43:30:d4:b0:14:96:ae:
51:21:c2:de:b8:70:e0:bc:63:33:92:09:e8:15:2b:
a8:d5:26:7a:9a:7d:32:f1:f1:a9:19:0c:72:04:02:
d7:8c:2e:84:f0:93:c3:af:de:05:3e:07:08:a4:be:
1d:55:73:2b:0e:a5:6b:27:4a:d4:43:70:18:9c:9a:
a9:b0:af:5b:02:2e:a3:19:8f:44:a5:82:a6:46:ad:
d8:32:00:f2:49:09:4e:ff:71:03:c8:45:5b:3a:1b:
a9:39:e9:2b:ef:50:4c:0b:71:8e:70:83:fa:ee:8b:
38:da:8b:de:5b:a4:0b:b2:44:28:38:99:13:c4:9f:
c1:91:c7:cf:d1:c9:ff:af:fd:19:2f:52:20:cf:00:
0b:4f:50:ca:e4:eb:b3:d4:82:8c:f8:78:97:e3:08:
32:ee:c0:87:e9:19:77:3d:e4:1f:2e:36:a5:7d:5d:
52:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AA:12:04:CB:E8:4A:65:32:47:52:4F:1A:43:9B:BA:59:59:DC:31
X509v3 Authority Key Identifier:
keyid:6F:3D:89:A8:1F:C2:99:F3:9C:09:2E:4F:6D:01:73:A9:A9:CF:BC:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bz2JqB_CmfOcCS5PbQFzqanPvGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/XaoSBMvoSmUyR1JPGkObullZ3DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/05e0ee-ae03-4124-b670-309b7b960d14/1/bz2JqB_CmfOcCS5PbQFzqanPvGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.32.0/21
149.232.184.0/22
149.232.190.0/23
149.232.244.0-149.232.251.255
156.67.56.0/23
185.47.232.0/22
185.159.32.0/22
217.70.160.0/20
IPv6:
2a02:1670::/29
Signature Algorithm: sha256WithRSAEncryption
18:11:2b:dc:89:23:8e:66:ad:16:7b:4e:b4:a0:47:79:ee:c5:
76:81:79:61:0d:09:9f:94:d3:46:26:e2:c0:1d:f3:b4:8e:77:
ff:75:2e:c2:ac:fa:94:ed:38:fd:b4:8e:aa:e3:fd:76:52:35:
5e:f9:b3:82:9d:10:56:15:1b:15:6f:37:a9:45:e7:ee:3a:70:
3a:9f:5e:cb:3b:c0:71:a5:02:ee:71:4c:1c:e7:5a:99:b4:51:
0c:97:c3:32:06:b8:0e:f2:bf:b4:66:7b:24:c9:40:43:41:ea:
0a:4a:3a:37:8d:da:3b:55:43:ec:03:f6:a3:e4:91:94:b2:21:
3d:bc:ca:60:8c:5f:16:00:ba:87:a5:67:98:70:a0:cd:98:5c:
9e:76:d5:08:9b:25:3e:06:a7:70:ba:6c:8e:e9:9b:66:24:71:
a9:c1:09:68:85:65:20:c4:eb:31:6c:fd:bb:8c:57:f3:77:0b:
f1:12:c0:7c:66:67:44:b8:5b:25:32:47:2f:02:05:59:0a:36:
1c:d5:06:77:a2:80:df:67:7a:2e:fa:34:ce:da:48:ef:0d:18:
b2:48:26:1a:3f:20:66:5e:8e:43:53:db:dd:63:55:cf:8e:e7:
d9:b0:ed:cf:a2:42:37:ff:ce:e9:da:b2:cc:2d:c8:51:12:61:
ce:00:72:78
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzIARbJJzQQ6gIESKYl6G7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmM2Q4OWE4MWZjMjk5ZjM5YzA5MmU0ZjZkMDE3M2E5YTlj
ZmJjNjUwHhcNMjQwMTAyMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGFhMTIwNGNiZTg0YTY1MzI0NzUyNGYxYTQzOWJiYTU5NTlkYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJRTLt+0qdd1KYRdh5xZFJ6wHY3N
zoGqrYE06WpaKXu8hVtMeTVO2XDE0Y1r+pgjWgVXOls/B238ucKa9UbT73nlU2BW
MlhWdbOLFoRVJpYVykMw1LAUlq5RIcLeuHDgvGMzkgnoFSuo1SZ6mn0y8fGpGQxy
BALXjC6E8JPDr94FPgcIpL4dVXMrDqVrJ0rUQ3AYnJqpsK9bAi6jGY9EpYKmRq3Y
MgDySQlO/3EDyEVbOhupOekr71BMC3GOcIP67os42oveW6QLskQoOJkTxJ/BkcfP
0cn/r/0ZL1IgzwALT1DK5Ouz1IKM+HiX4wgy7sCH6Rl3PeQfLjalfV1SCQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFF2qEgTL6EplMkdSTxpDm7pZWdwxMB8GA1UdIwQY
MBaAFG89iagfwpnznAkuT20Bc6mpz7xlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnoySnFCX0NtZk9jQ1M1UGJRRnpxYW5QdkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8wNWUwZWUtYWUwMy00MTI0LWI2NzAt
MzA5YjdiOTYwZDE0LzEvWGFvU0JNdm9TbVV5UjFKUEdrT2J1bGxaM0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8wNWUwZWUtYWUwMy00MTI0LWI2NzAtMzA5YjdiOTYwZDE0
LzEvYnoySnFCX0NtZk9jQ1M1UGJRRnpxYW5QdkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQDLhwgAwQC
lei4AwQBlei+MAwDBAKV6PQDBAKV6PgDBAGcQzgDBAK5L+gDBAK5nyADBATZRqAw
DQQCAAIwBwMFAyoCFnAwDQYJKoZIhvcNAQELBQADggEBABgRK9yJI45mrRZ7TrSg
R3nuxXaBeWENCZ+U00Ym4sAd87SOd/91LsKs+pTtOP20jqrj/XZSNV75s4KdEFYV
GxVvN6lF5+46cDqfXss7wHGlAu5xTBznWpm0UQyXwzIGuA7yv7RmeyTJQENB6gpK
OjeN2jtVQ+wD9qPkkZSyIT28ymCMXxYAuoelZ5hwoM2YXJ521QibJT4Gp3C6bI7p
m2YkcanBCWiFZSDE6zFs/buMV/N3C/ESwHxmZ0S4WyUyRy8CBVkKNhzVBneigN9n
ei76NM7aSO8NGLJIJho/IGZejkNT291jVc+O59mw7c+iQjf/zunasswtyFESYc4A
cng=
-----END CERTIFICATE-----
Generated at Fri Jun 28 14:29:21 2024 by rpki-client on console-ams.rpki-client.org