Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/Xp4Rlh1HK64E3riA57Sfl4oK5WA.roa
File: Xp4Rlh1HK64E3riA57Sfl4oK5WA.roa (raw, json)
Hash identifier: 3RNCuUjThHsme/K3+F9HKAMibD5dRsze5BdlSuY4jlM=
Subject key identifier: 5E:9E:11:96:1D:47:2B:AE:04:DE:B8:80:E7:B4:9F:97:8A:0A:E5:60
Certificate issuer: /CN=ea53f33ccdfc5fe84b84c15f04322906991af9e7
Certificate serial: 018CC94E1B89A9B7959470EBEFCE7B432E05
Authority key identifier: EA:53:F3:3C:CD:FC:5F:E8:4B:84:C1:5F:04:32:29:06:99:1A:F9:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6lPzPM38X-hLhMFfBDIpBpka-ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/Xp4Rlh1HK64E3riA57Sfl4oK5WA.roa
Signing time: Tue 02 Jan 2024 08:33:08 +0000
ROA not before: Tue 02 Jan 2024 08:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205581
IP address blocks: 185.213.37.0/24 maxlen: 24
185.213.36.0/24 maxlen: 24
185.213.38.0/24 maxlen: 24
185.213.39.0/24 maxlen: 24
2a0b:8240::/32 maxlen: 32
2a0b:8246::/32 maxlen: 32
2a0b:8245::/32 maxlen: 32
2a0b:8242::/32 maxlen: 32
2a0b:8241::/32 maxlen: 32
2a0b:8243::/32 maxlen: 32
2a0b:8244::/32 maxlen: 32
2a0b:8247::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/6lPzPM38X-hLhMFfBDIpBpka-ec.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/6lPzPM38X-hLhMFfBDIpBpka-ec.mft
rsync://rpki.ripe.net/repository/DEFAULT/6lPzPM38X-hLhMFfBDIpBpka-ec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:1b:89:a9:b7:95:94:70:eb:ef:ce:7b:43:2e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea53f33ccdfc5fe84b84c15f04322906991af9e7
Validity
Not Before: Jan 2 08:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e9e11961d472bae04deb880e7b49f978a0ae560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:15:cd:40:fc:92:25:1c:c8:3c:4a:b6:9a:81:
32:b8:2b:71:ad:8a:cd:3b:ea:46:24:9d:12:d8:e3:
d2:b4:93:7b:34:9f:cc:fe:7e:db:95:0e:05:05:73:
be:66:48:bc:20:47:5f:ae:83:6d:58:c6:26:c8:48:
d1:61:59:a6:88:3a:09:09:1f:ea:95:f4:06:48:d0:
0b:32:6c:5a:b9:94:97:f1:39:6a:ca:bb:99:ca:55:
8d:35:c6:e1:94:b6:b7:37:41:7a:50:ba:fb:fd:19:
b8:da:db:3c:cf:44:20:34:ed:fa:d9:07:18:9b:12:
dc:29:c9:7a:71:ed:f8:58:86:24:f6:61:8e:47:cd:
4a:dc:f4:f0:f0:4c:ba:70:62:17:66:5e:9c:f2:6e:
7f:02:04:a2:29:33:ee:5c:79:94:c9:87:86:64:a6:
09:ec:9a:5d:0f:91:7b:54:33:a3:6e:90:16:a0:77:
22:b1:3b:93:ba:88:c1:68:96:f8:9e:58:d9:53:31:
af:81:2d:72:fc:4f:a7:23:c6:82:4f:47:8b:5d:5e:
e6:9b:e3:ed:3e:bf:5c:7a:24:56:87:9f:62:08:fc:
dd:7f:5c:b2:a9:35:54:a7:8a:eb:02:07:ad:77:1e:
a1:2c:d4:1e:fe:44:50:5f:17:4c:ed:18:2a:65:ee:
f2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:9E:11:96:1D:47:2B:AE:04:DE:B8:80:E7:B4:9F:97:8A:0A:E5:60
X509v3 Authority Key Identifier:
keyid:EA:53:F3:3C:CD:FC:5F:E8:4B:84:C1:5F:04:32:29:06:99:1A:F9:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6lPzPM38X-hLhMFfBDIpBpka-ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/Xp4Rlh1HK64E3riA57Sfl4oK5WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f95298-f909-45c9-9104-8a4f63ea9bf1/1/6lPzPM38X-hLhMFfBDIpBpka-ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.36.0/22
IPv6:
2a0b:8240::/29
Signature Algorithm: sha256WithRSAEncryption
2d:cb:8d:91:b6:6d:23:09:4d:9e:07:de:a8:8e:a1:d4:cc:f5:
e5:dc:c4:77:1c:9a:c0:da:4e:a2:2b:ea:d1:9f:df:86:19:cf:
b5:de:bc:b2:95:45:0a:d8:78:32:15:f8:de:d7:9f:08:0e:f0:
bf:7b:f3:6a:d2:df:c1:f5:54:42:c8:ac:7f:63:60:49:10:44:
bd:db:7e:8a:3f:f8:a3:d1:a2:c3:59:9e:11:94:b5:f9:c4:01:
af:73:ca:ad:f4:a0:96:6c:36:21:62:bd:fb:58:70:f6:7d:54:
03:aa:55:9e:6c:55:50:48:e1:9f:52:88:09:9f:17:45:04:c9:
dc:80:20:33:7a:2d:87:cd:06:7b:fe:6f:c4:f8:d8:47:0e:ab:
30:5c:70:f5:83:2d:2d:b3:26:9c:35:a0:b1:7d:15:15:85:a5:
21:56:5e:10:43:5b:5e:ad:1d:e1:db:83:6c:49:c7:64:08:1a:
a4:09:44:5e:63:89:91:52:ba:17:77:8c:31:71:1d:1c:6f:00:
1e:17:4b:a1:6b:25:f8:72:6d:48:c5:46:33:7d:36:4f:28:08:
ae:a6:27:ae:49:93:26:d7:f7:f2:03:a8:91:d1:77:ce:a9:45:
87:4f:0c:9b:d8:3c:9a:f8:e9:4b:bb:b4:69:cd:5d:25:6a:2d:
9f:5b:f6:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJThuJqbeVlHDr7857Qy4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNTNmMzNjY2RmYzVmZTg0Yjg0YzE1ZjA0MzIyOTA2OTkx
YWY5ZTcwHhcNMjQwMTAyMDgzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTllMTE5NjFkNDcyYmFlMDRkZWI4ODBlN2I0OWY5NzhhMGFlNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRXNQPySJRzIPEq2moEyuCtxrYrN
O+pGJJ0S2OPStJN7NJ/M/n7blQ4FBXO+Zki8IEdfroNtWMYmyEjRYVmmiDoJCR/q
lfQGSNALMmxauZSX8TlqyruZylWNNcbhlLa3N0F6ULr7/Rm42ts8z0QgNO362QcY
mxLcKcl6ce34WIYk9mGOR81K3PTw8Ey6cGIXZl6c8m5/AgSiKTPuXHmUyYeGZKYJ
7JpdD5F7VDOjbpAWoHcisTuTuojBaJb4nljZUzGvgS1y/E+nI8aCT0eLXV7mm+Pt
Pr9ceiRWh59iCPzdf1yyqTVUp4rrAgetdx6hLNQe/kRQXxdM7RgqZe7y6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF6eEZYdRyuuBN64gOe0n5eKCuVgMB8GA1UdIwQY
MBaAFOpT8zzN/F/oS4TBXwQyKQaZGvnnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmxQelBNMzhYLWhMaE1GZkJESXBCcGthLWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mOTUyOTgtZjkwOS00NWM5LTkxMDQt
OGE0ZjYzZWE5YmYxLzEvWHA0UmxoMUhLNjRFM3JpQTU3U2ZsNG9LNVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mOTUyOTgtZjkwOS00NWM5LTkxMDQtOGE0ZjYzZWE5YmYx
LzEvNmxQelBNMzhYLWhMaE1GZkJESXBCcGthLWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudUkMA0E
AgACMAcDBQMqC4JAMA0GCSqGSIb3DQEBCwUAA4IBAQAty42Rtm0jCU2eB96ojqHU
zPXl3MR3HJrA2k6iK+rRn9+GGc+13ryylUUK2HgyFfje158IDvC/e/Nq0t/B9VRC
yKx/Y2BJEES9236KP/ij0aLDWZ4RlLX5xAGvc8qt9KCWbDYhYr37WHD2fVQDqlWe
bFVQSOGfUogJnxdFBMncgCAzei2HzQZ7/m/E+NhHDqswXHD1gy0tsyacNaCxfRUV
haUhVl4QQ1terR3h24NsScdkCBqkCUReY4mRUroXd4wxcR0cbwAeF0uhayX4cm1I
xUYzfTZPKAiupieuSZMm1/fyA6iR0XfOqUWHTwyb2Dya+OlLu7RpzV0lai2fW/Zm
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:59 2024 by rpki-client on console-fra.rpki-client.org