Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/XKSgi9FQLSULeCFTRphJavLwQE8.roa
File: XKSgi9FQLSULeCFTRphJavLwQE8.roa (raw, json)
Hash identifier: QiyIM4QVwTB9Bm/kzE1vc0ptoZ3xYzYxhrlTp3V17Q4=
Subject key identifier: 5C:A4:A0:8B:D1:50:2D:25:0B:78:21:53:46:98:49:6A:F2:F0:40:4F
Certificate issuer: /CN=b732762a5e861e976de53d14786f39e3a669681b
Certificate serial: 018CC49337EDDD77780ABC8BC79E80F70E4D
Authority key identifier: B7:32:76:2A:5E:86:1E:97:6D:E5:3D:14:78:6F:39:E3:A6:69:68:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/XKSgi9FQLSULeCFTRphJavLwQE8.roa
Signing time: Mon 01 Jan 2024 10:30:31 +0000
ROA not before: Mon 01 Jan 2024 10:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41327
IP address blocks: 185.157.228.0/22 maxlen: 24
93.94.88.0/21 maxlen: 24
31.185.96.0/21 maxlen: 21
185.61.168.0/22 maxlen: 24
2a03:b020::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:37:ed:dd:77:78:0a:bc:8b:c7:9e:80:f7:0e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b732762a5e861e976de53d14786f39e3a669681b
Validity
Not Before: Jan 1 10:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ca4a08bd1502d250b7821534698496af2f0404f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b3:1d:53:df:46:78:7c:c6:86:ac:ba:87:ad:
bd:6f:89:90:49:06:b7:17:4a:b7:e7:61:f2:9f:46:
b2:66:98:27:44:d6:62:82:2a:1f:2a:22:d8:fa:27:
48:8e:eb:d8:0b:08:86:a7:7a:d4:3b:2e:6d:85:8b:
07:f5:ed:8b:2d:b3:c3:c1:9e:0f:71:51:a0:91:3c:
ac:3e:be:76:8b:ae:ab:66:44:a3:97:8b:0d:6c:08:
98:9f:a6:7d:61:af:7e:73:c5:e8:90:f0:fe:bb:da:
fe:21:22:ef:e1:71:82:f5:fb:17:18:3a:e0:88:db:
7e:fb:9e:b8:22:79:7e:2a:1d:6e:d4:0c:b8:a2:7d:
1e:43:b6:42:5b:a9:aa:1d:f0:e2:fc:3f:d8:2d:98:
2f:e2:5b:f3:05:79:27:f5:2d:81:53:d7:44:8a:31:
67:3f:31:5a:98:37:07:0f:b6:50:85:77:8c:9d:f4:
bb:87:38:57:f2:12:e3:0f:b2:94:02:bd:b8:2f:14:
4c:1e:49:46:04:67:ca:ff:46:53:fe:d9:fb:01:e8:
44:84:8b:dc:4f:a0:32:f6:85:7b:9e:38:47:ac:fb:
7f:c1:8c:de:64:18:4f:34:12:34:bb:49:b2:24:96:
46:96:71:5c:1f:df:a4:f2:cb:3b:89:f2:12:9e:af:
86:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A4:A0:8B:D1:50:2D:25:0B:78:21:53:46:98:49:6A:F2:F0:40:4F
X509v3 Authority Key Identifier:
keyid:B7:32:76:2A:5E:86:1E:97:6D:E5:3D:14:78:6F:39:E3:A6:69:68:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/XKSgi9FQLSULeCFTRphJavLwQE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.96.0/21
93.94.88.0/21
185.61.168.0/22
185.157.228.0/22
IPv6:
2a03:b020::/29
Signature Algorithm: sha256WithRSAEncryption
2f:c8:3c:23:42:bd:ba:ff:af:99:b2:a0:16:cb:f0:81:2a:92:
b4:30:ea:12:e8:86:8e:03:21:7d:5b:e3:a7:6e:8b:13:35:6a:
98:1a:12:ce:52:68:68:2e:a5:8e:16:93:8c:b4:a9:5a:ab:a9:
4b:eb:38:dd:d8:93:40:48:4e:18:ef:b1:d8:cc:99:45:24:44:
c3:25:19:df:f4:9a:e7:64:5f:7b:0f:fc:53:57:92:4c:ee:43:
0c:1a:ad:66:ff:31:b8:ce:90:70:64:71:c4:68:cf:63:07:fa:
3c:3d:8a:af:83:1c:b9:13:f1:1f:20:d5:c3:74:28:c6:a3:d5:
62:7a:88:4c:75:0b:4e:83:bb:ba:e5:86:b8:4f:cb:18:ad:4d:
da:74:67:86:b4:6f:29:f6:ec:5b:91:6b:3e:42:77:07:31:2e:
c0:c0:8e:33:9d:bf:d7:83:c2:98:30:07:e7:3d:33:3f:6f:5b:
2e:ca:a8:24:ec:7d:28:13:fd:93:23:13:08:42:02:82:a0:8f:
fd:03:03:a0:97:12:0d:57:c3:62:b2:ef:17:e3:55:3e:f8:7d:
8c:45:e7:4c:ee:5b:1b:4b:89:d6:7c:db:59:60:7d:0b:0e:26:
05:88:09:0b:9d:d3:2f:89:b3:18:18:1b:8b:de:5c:8c:1d:9e:
93:d1:d1:14
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEkzft3Xd4CryLx56A9w5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MzI3NjJhNWU4NjFlOTc2ZGU1M2QxNDc4NmYzOWUzYTY2
OTY4MWIwHhcNMjQwMTAxMTAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2E0YTA4YmQxNTAyZDI1MGI3ODIxNTM0Njk4NDk2YWYyZjA0MDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7MdU99GeHzGhqy6h629b4mQSQa3
F0q352Hyn0ayZpgnRNZigiofKiLY+idIjuvYCwiGp3rUOy5thYsH9e2LLbPDwZ4P
cVGgkTysPr52i66rZkSjl4sNbAiYn6Z9Ya9+c8XokPD+u9r+ISLv4XGC9fsXGDrg
iNt++564Inl+Kh1u1Ay4on0eQ7ZCW6mqHfDi/D/YLZgv4lvzBXkn9S2BU9dEijFn
PzFamDcHD7ZQhXeMnfS7hzhX8hLjD7KUAr24LxRMHklGBGfK/0ZT/tn7AehEhIvc
T6Ay9oV7njhHrPt/wYzeZBhPNBI0u0myJJZGlnFcH9+k8ss7ifISnq+GYwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFykoIvRUC0lC3ghU0aYSWry8EBPMB8GA1UdIwQY
MBaAFLcydipehh6XbeU9FHhvOeOmaWgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHpKMktsNkdIcGR0NVQwVWVHODU0NlpwYUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWMyMWQtNzYxNi00ZWVmLTg1ZDct
NjNiNTJhYTdmOGRhLzEvWEtTZ2k5RlFMU1VMZUNGVFJwaEphdkx3UUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWMyMWQtNzYxNi00ZWVmLTg1ZDctNjNiNTJhYTdmOGRh
LzEvdHpKMktsNkdIcGR0NVQwVWVHODU0NlpwYUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH7lgAwQD
XV5YAwQCuT2oAwQCuZ3kMA0EAgACMAcDBQMqA7AgMA0GCSqGSIb3DQEBCwUAA4IB
AQAvyDwjQr26/6+ZsqAWy/CBKpK0MOoS6IaOAyF9W+OnbosTNWqYGhLOUmhoLqWO
FpOMtKlaq6lL6zjd2JNASE4Y77HYzJlFJETDJRnf9JrnZF97D/xTV5JM7kMMGq1m
/zG4zpBwZHHEaM9jB/o8PYqvgxy5E/EfINXDdCjGo9VieohMdQtOg7u65Ya4T8sY
rU3adGeGtG8p9uxbkWs+QncHMS7AwI4znb/Xg8KYMAfnPTM/b1suyqgk7H0oE/2T
IxMIQgKCoI/9AwOglxINV8Nisu8X41U++H2MRedM7lsbS4nWfNtZYH0LDiYFiAkL
ndMvibMYGBuL3lyMHZ6T0dEU
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:09:44 2024 by rpki-client on console-ams.rpki-client.org