Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/xUHsZNTWzjq7DW6hbZbuiyYcvbw.roa
File: xUHsZNTWzjq7DW6hbZbuiyYcvbw.roa (raw, json)
Hash identifier: 8uyskJQ/8rrjaSaT6jQj8gNtu3UpBxMcV6Ys+WVxwhw=
Subject key identifier: C5:41:EC:64:D4:D6:CE:3A:BB:0D:6E:A1:6D:96:EE:8B:26:1C:BD:BC
Certificate issuer: /CN=a8b3eb443c06a3dcc088e2caa05ce09cf8d4e7a6
Certificate serial: 018CC870EC360A59AB45B9BD3CC89ACC8872
Authority key identifier: A8:B3:EB:44:3C:06:A3:DC:C0:88:E2:CA:A0:5C:E0:9C:F8:D4:E7:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLPrRDwGo9zAiOLKoFzgnPjU56Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/xUHsZNTWzjq7DW6hbZbuiyYcvbw.roa
Signing time: Tue 02 Jan 2024 04:31:32 +0000
ROA not before: Tue 02 Jan 2024 04:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211494
IP address blocks: 185.93.7.0/24 maxlen: 24
185.235.143.0/24 maxlen: 24
2a0d:a180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/qLPrRDwGo9zAiOLKoFzgnPjU56Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/qLPrRDwGo9zAiOLKoFzgnPjU56Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/qLPrRDwGo9zAiOLKoFzgnPjU56Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:ec:36:0a:59:ab:45:b9:bd:3c:c8:9a:cc:88:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b3eb443c06a3dcc088e2caa05ce09cf8d4e7a6
Validity
Not Before: Jan 2 04:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c541ec64d4d6ce3abb0d6ea16d96ee8b261cbdbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4c:b6:71:a0:8c:e3:ef:45:28:ab:20:80:57:
80:91:00:ca:8f:55:35:88:27:00:b3:c2:25:1b:28:
e8:59:43:a9:5b:b7:f9:ba:fb:0c:1e:26:72:49:2a:
24:ca:af:28:d4:db:d6:f4:6c:d8:53:22:70:fc:1f:
b2:5a:16:fc:a3:47:8f:6f:91:7d:38:97:ba:b2:0e:
bb:c9:8d:db:7b:44:49:11:20:b4:d6:f9:04:b9:b3:
01:e0:11:c3:40:19:ba:4a:99:ba:c4:51:58:22:24:
b2:77:41:96:bc:44:83:64:93:87:49:9d:02:26:21:
e7:85:9a:42:93:35:9d:5f:20:1b:48:12:18:57:5e:
5a:36:e7:1d:9f:87:a6:bb:4e:10:00:12:71:ab:34:
21:3b:67:50:31:aa:88:cb:39:a0:38:c3:4b:d3:ff:
db:ac:8d:95:93:53:f4:f3:6c:3f:a7:41:1e:b6:95:
5a:27:c6:d4:f8:a2:b8:f4:6b:32:2c:bc:c0:0b:88:
f5:8b:e6:60:e7:16:9d:f6:7e:bb:e2:d3:3d:8d:09:
1f:0b:92:38:d5:53:73:24:43:34:79:cf:21:ea:0f:
5a:02:7a:73:c1:a6:cf:5f:b1:4a:92:88:1e:e0:2e:
ea:dd:16:9c:0f:2a:43:67:98:d4:ff:45:22:df:62:
78:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:41:EC:64:D4:D6:CE:3A:BB:0D:6E:A1:6D:96:EE:8B:26:1C:BD:BC
X509v3 Authority Key Identifier:
keyid:A8:B3:EB:44:3C:06:A3:DC:C0:88:E2:CA:A0:5C:E0:9C:F8:D4:E7:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLPrRDwGo9zAiOLKoFzgnPjU56Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/xUHsZNTWzjq7DW6hbZbuiyYcvbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6bda82-a2e1-45c9-a181-313de4892b8d/1/qLPrRDwGo9zAiOLKoFzgnPjU56Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.7.0/24
185.235.143.0/24
IPv6:
2a0d:a180::/32
Signature Algorithm: sha256WithRSAEncryption
06:83:ba:ab:43:5d:18:76:7e:f4:bc:32:53:6f:78:b6:70:98:
1e:4d:3f:6c:22:25:58:b1:a7:5e:79:18:b6:9e:90:f4:72:c0:
e4:18:5a:33:82:2b:59:3f:f0:76:e5:36:c5:51:f9:34:80:aa:
66:72:e5:dc:fb:df:25:a6:84:58:5b:b7:8c:e5:4c:37:3e:e9:
52:8e:41:26:f1:38:f5:23:0d:cb:6b:01:6c:3d:01:fa:e5:3c:
41:41:79:3e:3b:f6:fb:33:15:e0:38:d6:7a:da:00:71:cb:00:
ac:8b:ab:79:ae:02:ee:e1:c7:e1:a1:c6:f8:10:8c:49:16:27:
42:9c:7e:6f:4b:56:67:87:bf:aa:be:dc:18:4c:a1:d8:96:10:
65:57:ec:a3:33:08:c8:32:01:18:97:02:08:a5:94:b7:5b:2a:
54:59:29:f4:ca:7b:04:50:63:3e:d1:61:e9:e2:2c:c8:f3:11:
64:f8:b2:1a:81:83:84:62:83:80:a6:65:f8:8e:bc:fb:65:72:
e2:de:c7:da:6b:93:68:7e:cd:10:36:fc:53:26:43:47:6d:c0:
5a:db:34:62:09:93:32:0c:7c:f8:94:98:6f:2e:b1:42:12:ba:
bf:db:d6:bf:aa:3f:a1:33:ec:49:ad:9c:27:12:0e:56:e4:16:
0b:0f:d1:12
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIcOw2ClmrRbm9PMiazIhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjNlYjQ0M2MwNmEzZGNjMDg4ZTJjYWEwNWNlMDljZjhk
NGU3YTYwHhcNMjQwMTAyMDQzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQxZWM2NGQ0ZDZjZTNhYmIwZDZlYTE2ZDk2ZWU4YjI2MWNiZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnky2caCM4+9FKKsggFeAkQDKj1U1
iCcAs8IlGyjoWUOpW7f5uvsMHiZySSokyq8o1NvW9GzYUyJw/B+yWhb8o0ePb5F9
OJe6sg67yY3be0RJESC01vkEubMB4BHDQBm6Spm6xFFYIiSyd0GWvESDZJOHSZ0C
JiHnhZpCkzWdXyAbSBIYV15aNucdn4emu04QABJxqzQhO2dQMaqIyzmgOMNL0//b
rI2Vk1P082w/p0EetpVaJ8bU+KK49GsyLLzAC4j1i+Zg5xad9n674tM9jQkfC5I4
1VNzJEM0ec8h6g9aAnpzwabPX7FKkoge4C7q3RacDypDZ5jU/0Ui32J4SwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMVB7GTU1s46uw1uoW2W7osmHL28MB8GA1UdIwQY
MBaAFKiz60Q8BqPcwIjiyqBc4Jz41OemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxQclJEd0dvOXpBaU9MS29GemduUGpVNTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82YmRhODItYTJlMS00NWM5LWExODEt
MzEzZGU0ODkyYjhkLzEveFVIc1pOVFd6anE3RFc2aGJaYnVpeVljdmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82YmRhODItYTJlMS00NWM5LWExODEtMzEzZGU0ODkyYjhk
LzEvcUxQclJEd0dvOXpBaU9MS29GemduUGpVNTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuV0HAwQA
ueuPMA0EAgACMAcDBQAqDaGAMA0GCSqGSIb3DQEBCwUAA4IBAQAGg7qrQ10Ydn70
vDJTb3i2cJgeTT9sIiVYsadeeRi2npD0csDkGFozgitZP/B25TbFUfk0gKpmcuXc
+98lpoRYW7eM5Uw3PulSjkEm8Tj1Iw3LawFsPQH65TxBQXk+O/b7MxXgONZ62gBx
ywCsi6t5rgLu4cfhocb4EIxJFidCnH5vS1Znh7+qvtwYTKHYlhBlV+yjMwjIMgEY
lwIIpZS3WypUWSn0ynsEUGM+0WHp4izI8xFk+LIagYOEYoOApmX4jrz7ZXLi3sfa
a5Nofs0QNvxTJkNHbcBa2zRiCZMyDHz4lJhvLrFCErq/29a/qj+hM+xJrZwnEg5W
5BYLD9ES
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:09 2024 by rpki-client on console-fra.rpki-client.org