Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/xvJ3ucmSY8c8Huz5Ls98Jrv8H14.roa
File: xvJ3ucmSY8c8Huz5Ls98Jrv8H14.roa (raw, json)
Hash identifier: a4/pRK6tNnivbR2IzO96CtPMMrkYYrhIEgccq8DBD1A=
Subject key identifier: C6:F2:77:B9:C9:92:63:C7:3C:1E:EC:F9:2E:CF:7C:26:BB:FC:1F:5E
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 01927D848F5835F5F16F49CEE4B87445AA6B
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/xvJ3ucmSY8c8Huz5Ls98Jrv8H14.roa
Signing time: Fri 11 Oct 2024 21:38:12 +0000
ROA not before: Fri 11 Oct 2024 21:38:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29512
IP address blocks: 79.110.0.0/20 maxlen: 24
94.231.224.0/20 maxlen: 24
195.140.236.0/22 maxlen: 24
2a00:fbc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:84:8f:58:35:f5:f1:6f:49:ce:e4:b8:74:45:aa:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Oct 11 21:38:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6f277b9c99263c73c1eecf92ecf7c26bbfc1f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:a8:99:ea:e1:5a:eb:07:f5:0f:95:6a:6d:ca:
17:0c:e6:7f:d9:12:a2:2d:40:57:74:93:63:e7:ca:
7f:78:3b:db:4d:67:9a:98:5b:d8:da:09:8b:e0:ae:
71:16:1b:fa:48:e0:e0:f4:fd:e9:f4:f8:5e:06:d6:
5d:ed:c4:df:a3:2a:4e:d3:16:1d:70:fa:75:2f:a8:
4c:10:af:84:20:93:4a:08:f7:79:ea:7e:07:81:0e:
2e:26:22:65:e4:0f:3e:4d:ae:5b:27:7a:4c:db:d7:
ad:e8:ce:45:1e:41:3e:2f:cb:61:89:59:9d:78:d2:
c0:8c:a1:9c:0d:9c:2f:60:fb:3c:1e:23:cc:00:22:
b7:d6:83:3d:a5:9d:69:db:11:ac:8a:0f:4e:48:5b:
fc:dc:73:a0:58:83:4d:45:1c:d5:55:73:1c:b7:4b:
9c:85:f8:76:13:2f:03:55:fd:7b:7d:df:eb:11:84:
94:1d:3d:53:8b:c3:11:00:70:03:7e:20:d6:21:95:
fa:9a:f9:ea:21:6d:69:ed:6f:6c:4c:89:05:61:6e:
cb:c3:ba:a1:f5:07:cc:e0:43:63:a9:19:c9:95:df:
79:79:02:e3:c3:57:01:3d:1d:d3:06:6f:a6:18:14:
77:23:6d:a3:f9:c5:1e:ca:37:c6:3b:f8:1c:5a:67:
45:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F2:77:B9:C9:92:63:C7:3C:1E:EC:F9:2E:CF:7C:26:BB:FC:1F:5E
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/xvJ3ucmSY8c8Huz5Ls98Jrv8H14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.0.0/20
94.231.224.0/20
195.140.236.0/22
IPv6:
2a00:fbc0::/29
Signature Algorithm: sha256WithRSAEncryption
87:7a:0e:19:d1:7c:8f:cd:fa:db:c1:73:d7:b1:e1:f1:88:38:
57:4b:bd:4d:d3:de:c5:46:e3:05:a8:5a:4c:5f:b3:f7:f9:fe:
98:a8:be:f2:bb:01:59:b6:f8:65:22:8b:0f:30:17:fb:32:a8:
85:9f:61:a4:71:a4:32:d6:e2:fb:ab:5e:53:72:8b:1e:37:b7:
ef:75:a3:98:ee:ed:90:cf:2b:cb:37:db:0a:14:05:cb:cd:53:
e9:3a:19:f9:62:f3:75:70:05:42:e0:7c:d7:4d:04:8b:c2:c1:
8a:2f:46:46:f9:4a:a1:4e:f3:fd:79:1f:bd:45:cf:0c:d1:39:
d0:3a:3f:8c:c5:b3:ec:f0:5d:0c:97:a2:04:c9:a0:ab:02:61:
b1:3b:2f:23:d4:db:59:3c:05:51:ab:b5:1f:8f:78:de:cf:f5:
70:24:da:a4:72:69:a0:0a:5a:02:06:d1:10:8f:90:08:fd:d6:
96:a9:15:0b:a3:7c:0b:a3:3a:42:99:15:8d:6e:d7:3c:52:b2:
42:b4:b0:33:ff:3f:19:81:ae:67:81:4c:7c:49:7b:43:65:a6:
d1:ed:22:1f:1b:79:2f:ff:24:21:96:e9:85:20:39:99:53:58:
5e:37:93:aa:f8:0e:d1:6d:6f:75:51:cf:6c:fd:cd:2d:cc:63:
c3:5c:e8:77
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZJ9hI9YNfXxb0nO5Lh0RaprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjQxMDExMjEzODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmYyNzdiOWM5OTI2M2M3M2MxZWVjZjkyZWNmN2MyNmJiZmMxZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+KiZ6uFa6wf1D5VqbcoXDOZ/2RKi
LUBXdJNj58p/eDvbTWeamFvY2gmL4K5xFhv6SODg9P3p9PheBtZd7cTfoypO0xYd
cPp1L6hMEK+EIJNKCPd56n4HgQ4uJiJl5A8+Ta5bJ3pM29et6M5FHkE+L8thiVmd
eNLAjKGcDZwvYPs8HiPMACK31oM9pZ1p2xGsig9OSFv83HOgWINNRRzVVXMct0uc
hfh2Ey8DVf17fd/rEYSUHT1Ti8MRAHADfiDWIZX6mvnqIW1p7W9sTIkFYW7Lw7qh
9QfM4ENjqRnJld95eQLjw1cBPR3TBm+mGBR3I22j+cUeyjfGO/gcWmdFzwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMbyd7nJkmPHPB7s+S7PfCa7/B9eMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEveHZKM3VjbVNZOGM4SHV6NUxzOThKcnY4SDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQET24AAwQE
XufgAwQCw4zsMA0EAgACMAcDBQMqAPvAMA0GCSqGSIb3DQEBCwUAA4IBAQCHeg4Z
0XyPzfrbwXPXseHxiDhXS71N097FRuMFqFpMX7P3+f6YqL7yuwFZtvhlIosPMBf7
MqiFn2GkcaQy1uL7q15TcoseN7fvdaOY7u2QzyvLN9sKFAXLzVPpOhn5YvN1cAVC
4HzXTQSLwsGKL0ZG+UqhTvP9eR+9Rc8M0TnQOj+MxbPs8F0Ml6IEyaCrAmGxOy8j
1NtZPAVRq7Ufj3jez/VwJNqkcmmgCloCBtEQj5AI/daWqRULo3wLozpCmRWNbtc8
UrJCtLAz/z8Zga5ngUx8SXtDZabR7SIfG3kv/yQhlumFIDmZU1heN5Oq+A7RbW91
Uc9s/c0tzGPDXOh3
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:45:30 2024 by rpki-client on console-ams.rpki-client.org