Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/x-13MQKMlYh1FKuZXBHrIxx4HmQ.roa
File: x-13MQKMlYh1FKuZXBHrIxx4HmQ.roa (raw, json)
Hash identifier: DI59oZKoUKh4xqTw8NoIpYFMWnhJd2hWiOIVAIFOd9Y=
Subject key identifier: C7:ED:77:31:02:8C:95:88:75:14:AB:99:5C:11:EB:23:1C:78:1E:64
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 018CC7958416972E49D43832B0FCFA3FA053
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/x-13MQKMlYh1FKuZXBHrIxx4HmQ.roa
Signing time: Tue 02 Jan 2024 00:31:53 +0000
ROA not before: Tue 02 Jan 2024 00:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5650
IP address blocks: 193.187.168.0/22 maxlen: 24
185.220.28.0/22 maxlen: 24
194.39.68.0/22 maxlen: 24
80.254.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:84:16:97:2e:49:d4:38:32:b0:fc:fa:3f:a0:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jan 2 00:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7ed7731028c95887514ab995c11eb231c781e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2b:51:f1:dd:63:90:7e:b0:f0:7f:39:b4:19:
90:65:eb:68:e9:25:19:20:fd:a0:16:4e:a5:df:5e:
e8:12:47:73:4d:9c:87:c9:da:7a:8a:a1:70:eb:17:
67:cf:c3:e2:49:22:b9:d4:ff:3c:f4:36:18:bf:9a:
66:a4:8b:db:34:de:25:e2:44:8a:01:54:3a:ec:6f:
26:21:c3:41:c8:be:d1:56:2b:07:9a:08:e6:d5:f8:
46:98:87:c0:92:d6:d2:62:ef:f2:d6:22:88:4a:06:
62:30:8b:78:eb:c0:3d:cc:7d:9e:14:26:28:73:f2:
b5:ae:92:53:06:71:9f:0d:7c:af:60:de:d5:92:66:
64:6d:94:3d:59:11:50:af:f5:09:3e:36:86:26:29:
47:09:9c:a5:a9:bb:38:25:4c:66:57:76:29:f5:e5:
c8:68:c6:64:db:7e:88:9a:6c:3d:f4:e3:12:c3:df:
91:ff:d4:f7:f2:04:ef:9f:be:4c:e6:c9:1d:ac:c8:
0a:4f:ff:d9:dc:65:f0:77:50:30:05:cf:c8:09:dd:
5d:de:66:83:73:a8:55:3e:ce:ea:ff:b5:67:d6:92:
ce:74:db:20:57:84:83:db:0a:d9:f5:ed:79:a1:ff:
6d:eb:5b:cd:00:9b:71:14:81:c5:82:66:65:a3:a2:
50:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:ED:77:31:02:8C:95:88:75:14:AB:99:5C:11:EB:23:1C:78:1E:64
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/x-13MQKMlYh1FKuZXBHrIxx4HmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.236.0/22
185.220.28.0/22
193.187.168.0/22
194.39.68.0/22
Signature Algorithm: sha256WithRSAEncryption
38:89:00:ca:f6:ef:1a:78:c7:0f:dd:a1:5d:77:69:08:e2:a3:
9d:f9:f7:c1:4e:f9:f5:e1:de:23:26:16:49:6d:54:d5:6c:9e:
cf:2a:94:63:14:13:32:04:c4:05:86:4d:df:8b:19:2d:2a:fb:
d9:d6:08:4b:a3:72:5e:6a:65:50:45:70:b2:0c:7f:be:7e:25:
0d:2d:15:d1:46:74:42:40:4b:05:04:06:34:1d:bf:b7:4f:70:
79:60:1f:a5:5a:4a:4e:f2:67:69:81:5b:45:32:c9:de:7b:c2:
17:22:f0:ca:c4:c8:20:63:c4:75:26:e8:8f:bf:c3:66:e8:7f:
76:17:6d:0d:60:71:f2:af:6f:2d:f4:3e:f0:1e:4d:23:4d:ad:
7b:64:2f:38:35:08:a4:45:aa:cc:81:12:e6:18:05:74:6d:a1:
d9:68:7a:61:43:19:63:8c:c4:70:21:7f:7d:54:fb:49:ce:6b:
c3:e9:0c:76:0a:7f:3f:a3:22:60:c4:b0:a9:0f:06:2d:21:0d:
90:11:b1:d9:a0:e0:13:34:88:21:19:ae:0e:4f:ec:57:4b:bb:
3f:5d:b4:b3:17:f0:46:31:b1:22:53:5e:d6:1f:fa:fe:23:4b:
c3:bf:33:4e:70:0f:68:79:3a:31:c4:39:6f:71:16:64:c0:66:
a0:1b:ec:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlYQWly5J1DgysPz6P6BTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjQwMTAyMDAzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2VkNzczMTAyOGM5NTg4NzUxNGFiOTk1YzExZWIyMzFjNzgxZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCtR8d1jkH6w8H85tBmQZeto6SUZ
IP2gFk6l317oEkdzTZyHydp6iqFw6xdnz8PiSSK51P889DYYv5pmpIvbNN4l4kSK
AVQ67G8mIcNByL7RVisHmgjm1fhGmIfAktbSYu/y1iKISgZiMIt468A9zH2eFCYo
c/K1rpJTBnGfDXyvYN7VkmZkbZQ9WRFQr/UJPjaGJilHCZylqbs4JUxmV3Yp9eXI
aMZk236Immw99OMSw9+R/9T38gTvn75M5skdrMgKT//Z3GXwd1AwBc/ICd1d3maD
c6hVPs7q/7Vn1pLOdNsgV4SD2wrZ9e15of9t61vNAJtxFIHFgmZlo6JQgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMftdzECjJWIdRSrmVwR6yMceB5kMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEveC0xM01RS01sWWgxRkt1WlhCSHJJeHg0SG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUP7sAwQC
udwcAwQCwbuoAwQCwidEMA0GCSqGSIb3DQEBCwUAA4IBAQA4iQDK9u8aeMcP3aFd
d2kI4qOd+ffBTvn14d4jJhZJbVTVbJ7PKpRjFBMyBMQFhk3fixktKvvZ1ghLo3Je
amVQRXCyDH++fiUNLRXRRnRCQEsFBAY0Hb+3T3B5YB+lWkpO8mdpgVtFMsnee8IX
IvDKxMggY8R1JuiPv8Nm6H92F20NYHHyr28t9D7wHk0jTa17ZC84NQikRarMgRLm
GAV0baHZaHphQxljjMRwIX99VPtJzmvD6Qx2Cn8/oyJgxLCpDwYtIQ2QEbHZoOAT
NIghGa4OT+xXS7s/XbSzF/BGMbEiU17WH/r+I0vDvzNOcA9oeToxxDlvcRZkwGag
G+zc
-----END CERTIFICATE-----
Generated at Fri May 17 18:44:04 2024 by rpki-client on console-fra.rpki-client.org