Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/X2y-iWIEqp34epOx3eLXUkDWLFI.roa
File: X2y-iWIEqp34epOx3eLXUkDWLFI.roa (raw, json)
Hash identifier: tNxMlw5Xovr8S/oTyQs4o4VMyRKEBmaxn0BsnuT44wA=
Subject key identifier: 5F:6C:BE:89:62:04:AA:9D:F8:7A:93:B1:DD:E2:D7:52:40:D6:2C:52
Certificate issuer: /CN=5b9b05a93d5f3fcc5a0b0104c1b0f6d24c2cd1f6
Certificate serial: 018CC5DC3560967D7F83DA525B5CE0D16F1B
Authority key identifier: 5B:9B:05:A9:3D:5F:3F:CC:5A:0B:01:04:C1:B0:F6:D2:4C:2C:D1:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W5sFqT1fP8xaCwEEwbD20kws0fY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/X2y-iWIEqp34epOx3eLXUkDWLFI.roa
Signing time: Mon 01 Jan 2024 16:29:52 +0000
ROA not before: Mon 01 Jan 2024 16:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9036
IP address blocks: 185.140.128.0/22 maxlen: 24
212.85.128.0/20 maxlen: 24
2001:4b30::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/W5sFqT1fP8xaCwEEwbD20kws0fY.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/W5sFqT1fP8xaCwEEwbD20kws0fY.mft
rsync://rpki.ripe.net/repository/DEFAULT/W5sFqT1fP8xaCwEEwbD20kws0fY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:35:60:96:7d:7f:83:da:52:5b:5c:e0:d1:6f:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b9b05a93d5f3fcc5a0b0104c1b0f6d24c2cd1f6
Validity
Not Before: Jan 1 16:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f6cbe896204aa9df87a93b1dde2d75240d62c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:08:96:9c:24:66:19:29:cb:17:04:59:d3:e4:
08:02:83:b5:a6:d3:ee:24:78:3c:8a:6a:f0:86:c2:
cc:33:21:41:60:d9:f0:f7:0c:4a:fa:4a:2c:1b:10:
fb:75:a5:23:eb:3e:dd:30:b6:a6:75:ad:90:23:b1:
b2:7a:4e:87:3c:12:15:2f:2d:98:7d:43:05:0e:f8:
94:d9:13:6a:47:2e:91:49:16:bc:9c:b1:20:63:78:
68:41:35:60:5a:9b:c1:8e:68:cd:dd:b2:bd:75:a0:
e0:e4:b3:95:08:50:cd:32:30:dc:0d:4b:8f:72:6a:
f2:3b:f3:a1:ef:a7:42:cc:3b:82:61:d4:f0:65:46:
b1:6e:07:ac:07:5b:dc:0c:ee:3b:2c:75:ac:95:a5:
1f:1c:c4:a5:dd:98:d5:1f:8d:be:69:f0:4f:28:42:
a0:b2:b2:ea:4c:24:34:1d:78:35:1a:d7:2a:27:10:
97:ba:1a:32:a0:01:66:a3:1c:52:da:bd:28:bd:dc:
7b:28:fe:e4:67:2d:1e:4d:89:5a:38:4e:bf:a0:76:
42:6a:aa:03:66:02:d4:84:bd:22:56:ec:75:14:a1:
b6:3b:67:9f:ed:84:80:7e:46:93:43:dc:bc:85:b0:
fb:b3:a4:ad:55:af:e0:bd:e4:04:82:96:17:76:07:
be:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6C:BE:89:62:04:AA:9D:F8:7A:93:B1:DD:E2:D7:52:40:D6:2C:52
X509v3 Authority Key Identifier:
keyid:5B:9B:05:A9:3D:5F:3F:CC:5A:0B:01:04:C1:B0:F6:D2:4C:2C:D1:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W5sFqT1fP8xaCwEEwbD20kws0fY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/X2y-iWIEqp34epOx3eLXUkDWLFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/61e16a-db79-4e07-a19b-ae762ca2abd0/1/W5sFqT1fP8xaCwEEwbD20kws0fY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.128.0/22
212.85.128.0/20
IPv6:
2001:4b30::/29
Signature Algorithm: sha256WithRSAEncryption
4f:09:10:37:d6:35:e5:12:6d:76:e1:74:63:6b:73:35:55:2e:
e1:13:e7:b7:a9:98:05:c8:7e:05:22:40:c5:41:df:b3:b0:48:
1f:bf:c9:98:08:61:47:78:ed:a2:c2:4b:a2:96:09:23:99:cb:
65:03:3e:9d:3b:61:db:48:a8:cc:d5:71:5f:5e:f3:d4:0a:c4:
f7:8b:c8:59:61:bd:b9:aa:e8:d4:90:7f:bd:b9:cc:9e:4c:b7:
55:75:28:b8:a0:04:e1:9f:1e:c1:52:74:b4:ab:63:99:2c:5b:
e2:b7:e4:fb:75:70:84:7c:66:60:fe:bc:db:dc:58:b3:4a:9b:
70:e2:b1:7b:6d:d9:65:00:21:68:58:c4:a7:bc:42:cc:47:69:
ac:8f:5a:58:ff:57:19:68:59:fb:8e:0f:45:19:e4:e8:9f:61:
7d:1c:7a:a9:27:f2:26:43:e9:ca:2f:09:82:05:05:c6:4e:d7:
45:7e:5e:cf:28:a8:43:a3:c1:94:f2:d5:68:e8:02:60:9e:d8:
84:b4:d6:90:ac:d1:94:0f:36:fc:ee:50:d1:7f:c1:ae:2c:fd:
e2:18:32:ff:11:f8:5f:fa:c1:8b:25:8f:64:fc:b1:e3:fc:96:
8c:bc:23:b3:a6:03:13:de:14:5b:e3:52:6a:ae:89:85:12:14:
ce:a1:ea:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3DVgln1/g9pSW1zg0W8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViOWIwNWE5M2Q1ZjNmY2M1YTBiMDEwNGMxYjBmNmQyNGMy
Y2QxZjYwHhcNMjQwMTAxMTYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjZjYmU4OTYyMDRhYTlkZjg3YTkzYjFkZGUyZDc1MjQwZDYyYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQiWnCRmGSnLFwRZ0+QIAoO1ptPu
JHg8imrwhsLMMyFBYNnw9wxK+kosGxD7daUj6z7dMLamda2QI7Gyek6HPBIVLy2Y
fUMFDviU2RNqRy6RSRa8nLEgY3hoQTVgWpvBjmjN3bK9daDg5LOVCFDNMjDcDUuP
cmryO/Oh76dCzDuCYdTwZUaxbgesB1vcDO47LHWslaUfHMSl3ZjVH42+afBPKEKg
srLqTCQ0HXg1GtcqJxCXuhoyoAFmoxxS2r0ovdx7KP7kZy0eTYlaOE6/oHZCaqoD
ZgLUhL0iVux1FKG2O2ef7YSAfkaTQ9y8hbD7s6StVa/gveQEgpYXdge+swIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF9svoliBKqd+HqTsd3i11JA1ixSMB8GA1UdIwQY
MBaAFFubBak9Xz/MWgsBBMGw9tJMLNH2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzVzRnFUMWZQOHhhQ3dFRXdiRDIwa3dzMGZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi82MWUxNmEtZGI3OS00ZTA3LWExOWIt
YWU3NjJjYTJhYmQwLzEvWDJ5LWlXSUVxcDM0ZXBPeDNlTFhVa0RXTEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi82MWUxNmEtZGI3OS00ZTA3LWExOWItYWU3NjJjYTJhYmQw
LzEvVzVzRnFUMWZQOHhhQ3dFRXdiRDIwa3dzMGZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYyAAwQE
1FWAMA0EAgACMAcDBQMgAUswMA0GCSqGSIb3DQEBCwUAA4IBAQBPCRA31jXlEm12
4XRja3M1VS7hE+e3qZgFyH4FIkDFQd+zsEgfv8mYCGFHeO2iwkuilgkjmctlAz6d
O2HbSKjM1XFfXvPUCsT3i8hZYb25qujUkH+9ucyeTLdVdSi4oAThnx7BUnS0q2OZ
LFvit+T7dXCEfGZg/rzb3FizSptw4rF7bdllACFoWMSnvELMR2msj1pY/1cZaFn7
jg9FGeTon2F9HHqpJ/ImQ+nKLwmCBQXGTtdFfl7PKKhDo8GU8tVo6AJgntiEtNaQ
rNGUDzb87lDRf8GuLP3iGDL/Efhf+sGLJY9k/LHj/JaMvCOzpgMT3hRb41JqromF
EhTOoeoX
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:45:22 2024 by rpki-client on console-ams.rpki-client.org