Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/Xe_W_HHcfVENPkIQvL_W0bOp3r8.roa
File: Xe_W_HHcfVENPkIQvL_W0bOp3r8.roa (raw, json)
Hash identifier: D0PgT5ZbSFFso9sGbxBCIgNamuDKOcOC7vqmPcLG22g=
Subject key identifier: 5D:EF:D6:FC:71:DC:7D:51:0D:3E:42:10:BC:BF:D6:D1:B3:A9:DE:BF
Certificate issuer: /CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Certificate serial: 018EE0D6A389A37506705F1F6D74BD0D6648
Authority key identifier: 48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/Xe_W_HHcfVENPkIQvL_W0bOp3r8.roa
Signing time: Mon 15 Apr 2024 08:19:06 +0000
ROA not before: Mon 15 Apr 2024 08:19:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208808
IP address blocks: 31.13.210.0/24 maxlen: 24
45.140.196.0/22 maxlen: 22
78.138.18.0/23 maxlen: 23
78.138.26.0/23 maxlen: 23
78.138.28.0/23 maxlen: 23
78.138.42.0/23 maxlen: 23
87.120.80.0/23 maxlen: 23
87.120.203.0/24 maxlen: 24
89.36.232.0/22 maxlen: 22
89.46.132.0/22 maxlen: 22
92.243.68.0/24 maxlen: 24
92.243.71.0/24 maxlen: 24
92.243.86.0/23 maxlen: 23
92.243.90.0/23 maxlen: 23
92.243.94.0/23 maxlen: 23
93.114.92.0/22 maxlen: 22
93.115.48.0/22 maxlen: 22
94.156.26.0/23 maxlen: 23
103.43.40.0/22 maxlen: 22
103.104.108.0/22 maxlen: 22
103.208.72.0/22 maxlen: 22
160.202.156.0/22 maxlen: 22
185.201.76.0/22 maxlen: 22
212.73.152.0/24 maxlen: 24
212.73.153.0/24 maxlen: 24
213.255.210.0/23 maxlen: 23
213.255.216.0/23 maxlen: 23
213.255.224.0/23 maxlen: 23
213.255.244.0/23 maxlen: 23
2a0a:bd40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e0:d6:a3:89:a3:75:06:70:5f:1f:6d:74:bd:0d:66:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Validity
Not Before: Apr 15 08:19:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5defd6fc71dc7d510d3e4210bcbfd6d1b3a9debf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:74:58:2d:2b:c6:0b:fe:96:da:95:c2:59:d3:
95:ba:80:f7:15:0d:7b:42:cb:40:18:8a:e3:99:47:
9a:1d:72:54:e6:ca:90:2b:cc:9c:e1:12:1e:f8:66:
b0:ae:ad:93:e6:dd:69:70:c4:39:da:ee:38:a4:7e:
1e:4d:89:39:54:99:30:9a:b8:5f:fc:26:8f:21:0a:
69:7e:15:df:88:e0:0a:78:ec:58:03:56:da:2b:04:
c9:77:d8:3f:1a:e9:50:c7:76:f7:c6:af:15:7f:7a:
56:1e:20:23:65:ae:34:70:42:17:b7:ae:4c:13:a2:
d0:42:52:93:76:c4:b1:c0:f7:c7:d5:41:2c:7b:47:
19:53:b1:4b:3d:f7:1a:a2:bb:fe:0e:c8:ad:0f:4e:
4e:e7:cf:9d:31:0c:98:74:85:76:fc:4b:74:f2:04:
7f:c9:f1:d2:ac:cd:5e:3d:bb:39:ed:e9:25:99:6e:
94:e1:ee:eb:5e:53:85:45:f6:fd:e6:d7:98:a5:bb:
ef:81:ab:f3:8d:0e:a3:08:49:a9:39:f8:03:fe:f2:
d5:84:60:df:e5:8a:ff:c2:40:e8:40:c3:6d:02:30:
9e:92:2b:3f:75:f0:8e:d1:fc:bd:9c:29:3a:fc:ba:
15:99:43:6b:91:bd:9d:5d:3b:17:3d:58:6a:2a:8a:
a5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:EF:D6:FC:71:DC:7D:51:0D:3E:42:10:BC:BF:D6:D1:B3:A9:DE:BF
X509v3 Authority Key Identifier:
keyid:48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/Xe_W_HHcfVENPkIQvL_W0bOp3r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.210.0/24
45.140.196.0/22
78.138.18.0/23
78.138.26.0-78.138.29.255
78.138.42.0/23
87.120.80.0/23
87.120.203.0/24
89.36.232.0/22
89.46.132.0/22
92.243.68.0/24
92.243.71.0/24
92.243.86.0/23
92.243.90.0/23
92.243.94.0/23
93.114.92.0/22
93.115.48.0/22
94.156.26.0/23
103.43.40.0/22
103.104.108.0/22
103.208.72.0/22
160.202.156.0/22
185.201.76.0/22
212.73.152.0/23
213.255.210.0/23
213.255.216.0/23
213.255.224.0/23
213.255.244.0/23
IPv6:
2a0a:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
3c:be:29:5c:96:9b:bf:9b:b9:ed:9d:36:2a:ca:3d:6b:49:64:
70:cf:e0:09:7a:f4:73:31:9f:4b:2f:7f:d9:33:0b:3e:2e:a6:
a5:44:9c:9d:38:5c:da:a2:d0:aa:34:61:09:18:fb:ee:d5:17:
78:96:9b:64:b0:80:d5:99:ff:fb:7a:4b:c4:72:c9:c1:db:7d:
67:cb:19:4d:c3:4d:ed:78:bb:d6:f0:46:40:62:61:5f:d3:40:
c1:d1:a2:36:f2:6d:ae:8c:69:ba:78:4c:76:a3:f1:41:5a:5b:
f6:f0:b7:63:97:f2:2a:5f:57:88:07:bd:92:c7:45:e8:a5:2f:
20:0c:ad:d1:bb:cc:a2:5e:91:07:45:47:31:9b:63:44:ab:6b:
74:18:d7:74:fc:f5:21:2c:ad:35:5f:3c:fb:99:2c:2f:71:29:
69:5e:94:7c:6c:3c:ce:75:5c:79:14:20:ea:43:88:41:fa:d6:
a9:dc:45:22:f9:04:de:cb:72:e9:b8:5c:fe:c4:c8:e3:c4:d2:
34:a8:99:f2:1e:10:9e:95:a2:54:46:47:c4:4a:b0:a6:ba:ca:
fa:3e:da:57:48:45:a4:f9:64:be:58:d9:92:63:b5:22:55:9f:
49:73:35:79:f5:21:04:f4:ef:17:78:7c:aa:01:fb:ab:44:d5:
1f:52:65:9e
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAY7g1qOJo3UGcF8fbXS9DWZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NjZkNDAyN2RlM2MyN2U4OTdkNzJhZGIyYzg2ZDg3YWI3
ZTVhYzIwHhcNMjQwNDE1MDgxOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGVmZDZmYzcxZGM3ZDUxMGQzZTQyMTBiY2JmZDZkMWIzYTlkZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3RYLSvGC/6W2pXCWdOVuoD3FQ17
QstAGIrjmUeaHXJU5sqQK8yc4RIe+Gawrq2T5t1pcMQ52u44pH4eTYk5VJkwmrhf
/CaPIQppfhXfiOAKeOxYA1baKwTJd9g/GulQx3b3xq8Vf3pWHiAjZa40cEIXt65M
E6LQQlKTdsSxwPfH1UEse0cZU7FLPfcaorv+DsitD05O58+dMQyYdIV2/Et08gR/
yfHSrM1ePbs57eklmW6U4e7rXlOFRfb95teYpbvvgavzjQ6jCEmpOfgD/vLVhGDf
5Yr/wkDoQMNtAjCekis/dfCO0fy9nCk6/LoVmUNrkb2dXTsXPVhqKoqlPwIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFF3v1vxx3H1RDT5CELy/1tGzqd6/MB8GA1UdIwQY
MBaAFEhm1AJ948J+iX1yrbLIbYerflrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMt
NjFjOWMyOWMyNzVkLzEvWGVfV19ISGNmVkVOUGtJUXZMX1cwYk9wM3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMtNjFjOWMyOWMyNzVk
LzEvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBsQQCAAEwgaoDBAAf
DdIDBAItjMQDBAFOihIwDAMEAU6KGgMEAU6KHAMEAU6KKgMEAVd4UAMEAFd4ywME
Alkk6AMEAlkuhAMEAFzzRAMEAFzzRwMEAVzzVgMEAVzzWgMEAVzzXgMEAl1yXAME
Al1zMAMEAV6cGgMEAmcrKAMEAmdobAMEAmfQSAMEAqDKnAMEArnJTAMEAdRJmAME
AdX/0gMEAdX/2AMEAdX/4AMEAdX/9DANBAIAAjAHAwUDKgq9QDANBgkqhkiG9w0B
AQsFAAOCAQEAPL4pXJabv5u57Z02Kso9a0lkcM/gCXr0czGfSy9/2TMLPi6mpUSc
nThc2qLQqjRhCRj77tUXeJabZLCA1Zn/+3pLxHLJwdt9Z8sZTcNN7Xi71vBGQGJh
X9NAwdGiNvJtroxpunhMdqPxQVpb9vC3Y5fyKl9XiAe9ksdF6KUvIAyt0bvMol6R
B0VHMZtjRKtrdBjXdPz1ISytNV88+5ksL3EpaV6UfGw8znVceRQg6kOIQfrWqdxF
IvkE3sty6bhc/sTI48TSNKiZ8h4QnpWiVEZHxEqwprrK+j7aV0hFpPlkvljZkmO1
IlWfSXM1efUhBPTvF3h8qgH7q0TVH1Jlng==
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:04:43 2024 by rpki-client on console-ams.rpki-client.org