Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/xw4WIuqW5_z8TP4XYEMcDEU0zW8.roa
File: xw4WIuqW5_z8TP4XYEMcDEU0zW8.roa (raw, json)
Hash identifier: J+sxzIL4Q+xHnYghee36gCxx6Mrl2S3igMMVaWAZ9J8=
Subject key identifier: C7:0E:16:22:EA:96:E7:FC:FC:4C:FE:17:60:43:1C:0C:45:34:CD:6F
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018CC794685FA43993C711D9C36AE7BCB876
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/xw4WIuqW5_z8TP4XYEMcDEU0zW8.roa
Signing time: Tue 02 Jan 2024 00:30:41 +0000
ROA not before: Tue 02 Jan 2024 00:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 185.170.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 04:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:68:5f:a4:39:93:c7:11:d9:c3:6a:e7:bc:b8:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 2 00:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c70e1622ea96e7fcfc4cfe1760431c0c4534cd6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:98:e3:92:b8:6e:89:ed:74:46:f3:e3:bb:9d:
e7:e5:e7:3e:56:ec:ea:88:9f:f1:83:bc:35:96:eb:
71:d4:02:6c:41:d0:6c:8d:ba:1a:36:74:90:27:d5:
62:b1:f7:97:27:16:8d:2c:86:3a:19:69:b2:bb:0d:
1b:31:2d:71:bb:35:11:ec:55:46:e7:4a:e3:9a:4e:
c9:79:1c:ed:fa:62:6c:30:a4:64:df:37:31:f5:ef:
2d:85:5d:78:35:ba:76:6b:0d:e7:03:42:46:ed:17:
11:2e:3e:8b:3a:bc:29:5d:ae:14:ee:79:53:32:d5:
e4:3f:f5:f6:22:e3:ca:f0:ea:7e:1b:d9:37:26:f3:
40:23:89:fe:e7:a7:02:bf:76:b3:1c:66:2a:89:67:
42:93:51:ed:cd:0e:9f:70:8f:a7:0f:a5:e2:41:3c:
0b:d4:7a:5f:c3:0e:93:4f:f8:19:ce:fc:84:a7:dd:
1d:4a:ae:21:10:44:4e:bd:78:8d:3a:1f:d4:77:a6:
47:3c:82:02:87:d3:4f:c5:23:f3:9c:49:77:7d:9a:
92:e0:bc:b7:a1:ee:ef:f7:5d:74:39:98:b2:bb:c4:
c9:7a:2b:0d:f4:04:12:c0:ac:36:a9:77:05:a9:8e:
cc:14:ca:80:b7:49:c5:09:49:89:eb:fe:fd:2b:4b:
4d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0E:16:22:EA:96:E7:FC:FC:4C:FE:17:60:43:1C:0C:45:34:CD:6F
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/xw4WIuqW5_z8TP4XYEMcDEU0zW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.68.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:5c:53:3b:b5:53:e9:92:66:e2:38:7d:d1:4c:95:6e:64:92:
f1:58:ec:9d:b6:72:2c:cc:d2:e2:b4:74:ef:2b:38:96:ad:de:
f0:a3:98:10:28:ee:4c:d4:ab:1c:08:02:7b:1f:11:a3:1d:d2:
85:ab:6b:ef:9e:6e:50:d1:4c:2b:5f:cd:a3:e3:49:20:63:28:
03:79:0f:d3:d9:9a:9d:51:27:db:11:07:a1:cc:1c:cb:cd:4b:
be:46:2e:12:c3:c8:a8:8f:1a:33:66:44:b4:be:6b:dc:ed:47:
2f:48:ab:ba:4d:23:7d:54:98:16:55:d0:b5:14:1b:57:ff:98:
fa:c4:44:84:ba:94:82:5a:3a:be:34:c4:45:1d:56:92:2a:f8:
d2:98:4e:24:6e:36:27:9e:68:db:aa:a3:0f:3d:55:65:9a:51:
09:b6:2d:a7:80:50:ce:d3:7a:b9:ae:77:fa:e6:ee:78:11:d0:
53:ea:ed:f1:b8:34:d7:bb:e2:4b:af:f9:fe:27:6b:1e:da:ff:
8a:74:71:ea:21:4c:fe:3d:6f:9c:13:dc:72:d3:2a:16:82:09:
a4:66:74:96:66:b7:52:1d:03:31:94:a1:71:00:ec:d4:1d:93:
44:af:fe:4e:83:17:9d:b3:fd:14:8c:ab:3a:89:8e:22:e0:36:
ca:44:88:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlGhfpDmTxxHZw2rnvLh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwMTAyMDAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzBlMTYyMmVhOTZlN2ZjZmM0Y2ZlMTc2MDQzMWMwYzQ1MzRjZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65jjkrhuie10RvPju53n5ec+Vuzq
iJ/xg7w1lutx1AJsQdBsjboaNnSQJ9VisfeXJxaNLIY6GWmyuw0bMS1xuzUR7FVG
50rjmk7JeRzt+mJsMKRk3zcx9e8thV14Nbp2aw3nA0JG7RcRLj6LOrwpXa4U7nlT
MtXkP/X2IuPK8Op+G9k3JvNAI4n+56cCv3azHGYqiWdCk1HtzQ6fcI+nD6XiQTwL
1Hpfww6TT/gZzvyEp90dSq4hEEROvXiNOh/Ud6ZHPIICh9NPxSPznEl3fZqS4Ly3
oe7v9110OZiyu8TJeisN9AQSwKw2qXcFqY7MFMqAt0nFCUmJ6/79K0tNywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcOFiLqluf8/Ez+F2BDHAxFNM1vMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEveHc0V0l1cVc1X3o4VFA0WFlFTWNERVUwelc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuapEMA0G
CSqGSIb3DQEBCwUAA4IBAQAsXFM7tVPpkmbiOH3RTJVuZJLxWOydtnIszNLitHTv
KziWrd7wo5gQKO5M1KscCAJ7HxGjHdKFq2vvnm5Q0UwrX82j40kgYygDeQ/T2Zqd
USfbEQehzBzLzUu+Ri4Sw8iojxozZkS0vmvc7UcvSKu6TSN9VJgWVdC1FBtX/5j6
xESEupSCWjq+NMRFHVaSKvjSmE4kbjYnnmjbqqMPPVVlmlEJti2ngFDO03q5rnf6
5u54EdBT6u3xuDTXu+JLr/n+J2se2v+KdHHqIUz+PW+cE9xy0yoWggmkZnSWZrdS
HQMxlKFxAOzUHZNEr/5Ogxeds/0UjKs6iY4i4DbKRIi7
-----END CERTIFICATE-----
Generated at Sat May 4 09:12:31 2024 by rpki-client on console-fra.rpki-client.org