Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/Xa5ydu3u3Qyctd1Y2WHFk183DRY.roa
File: Xa5ydu3u3Qyctd1Y2WHFk183DRY.roa (raw, json)
Hash identifier: FJYVV1QSFRHUEcK52SnZMsTJSL02MEaCOJBQas3uLyE=
Subject key identifier: 5D:AE:72:76:ED:EE:DD:0C:9C:B5:DD:58:D9:61:C5:93:5F:37:0D:16
Certificate issuer: /CN=d518bf60d1ef4c76cd07a53f7ec683771aab5cfd
Certificate serial: 018CC5DC89EAAA69AE97356E74915E20022B
Authority key identifier: D5:18:BF:60:D1:EF:4C:76:CD:07:A5:3F:7E:C6:83:77:1A:AB:5C:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ri_YNHvTHbNB6U_fsaDdxqrXP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/Xa5ydu3u3Qyctd1Y2WHFk183DRY.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199419
IP address blocks: 185.16.237.0/24 maxlen: 24
185.16.238.0/24 maxlen: 24
185.16.239.0/24 maxlen: 24
185.16.236.0/24 maxlen: 24
2a03:df40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/1Ri_YNHvTHbNB6U_fsaDdxqrXP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/1Ri_YNHvTHbNB6U_fsaDdxqrXP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ri_YNHvTHbNB6U_fsaDdxqrXP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:89:ea:aa:69:ae:97:35:6e:74:91:5e:20:02:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d518bf60d1ef4c76cd07a53f7ec683771aab5cfd
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dae7276edeedd0c9cb5dd58d961c5935f370d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c7:a5:86:fa:6c:2f:e7:dd:23:38:bd:ec:36:
9b:fd:b0:3e:77:81:b1:aa:e6:90:1f:60:aa:af:bd:
ee:10:f1:74:da:a7:01:b7:b0:c8:9c:18:e6:42:26:
ff:c7:37:57:d3:24:9a:b2:69:6d:dd:5b:5d:c0:86:
40:43:1e:6d:ce:b3:25:47:d7:dc:5c:4e:4d:87:29:
54:7f:5e:f9:c7:3f:05:58:80:ac:79:cb:5a:76:00:
11:67:ca:ab:68:34:92:29:d5:02:37:59:a3:61:00:
c3:fd:55:08:d8:36:c2:1f:97:82:45:ae:cf:60:b3:
50:f9:a4:97:51:e7:9d:49:57:18:af:bf:87:d7:1d:
d4:98:94:88:9f:17:7c:db:6a:c1:3c:42:98:7f:95:
86:af:51:d9:a1:e3:fd:ad:25:55:7b:72:ca:81:37:
77:2c:69:be:a6:36:fe:c6:f8:c2:f0:bc:97:2c:54:
e7:8a:f5:eb:89:9a:64:5f:92:d4:7d:ae:ca:d0:ee:
7b:b1:ce:75:54:cf:de:ea:09:7e:74:cd:5c:1b:c6:
76:b4:65:3b:ec:b5:eb:22:0a:d2:0c:4a:e4:c9:14:
04:a5:98:e2:ea:26:b1:00:df:22:87:e1:65:67:53:
1a:3b:0d:16:46:2a:07:e7:fa:cf:9d:4f:8a:ce:bf:
88:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AE:72:76:ED:EE:DD:0C:9C:B5:DD:58:D9:61:C5:93:5F:37:0D:16
X509v3 Authority Key Identifier:
keyid:D5:18:BF:60:D1:EF:4C:76:CD:07:A5:3F:7E:C6:83:77:1A:AB:5C:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ri_YNHvTHbNB6U_fsaDdxqrXP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/Xa5ydu3u3Qyctd1Y2WHFk183DRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/1Ri_YNHvTHbNB6U_fsaDdxqrXP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.236.0/22
IPv6:
2a03:df40::/32
Signature Algorithm: sha256WithRSAEncryption
af:de:bc:04:26:5c:6d:a2:e3:1b:d0:f9:b5:aa:1e:1b:7d:c3:
e7:d2:1e:ed:7f:c0:b7:6e:12:f9:9c:63:4a:f8:31:80:56:a0:
79:bd:44:dd:32:4f:0b:4d:81:46:e9:5b:f3:0a:4c:75:5a:38:
11:ae:c7:56:1f:8b:bf:fb:7e:c8:7e:ae:2f:07:35:21:02:80:
3c:0f:33:74:e4:d2:4e:ff:01:bf:74:85:16:2b:83:e8:5d:f6:
39:6b:04:ac:3d:5c:1a:b3:cc:3a:d2:fa:d3:6e:94:f0:48:1c:
7e:e3:80:b8:bf:21:dc:ab:71:41:52:de:a8:0e:88:7d:f5:f2:
2e:63:74:03:2c:64:5b:5a:24:69:4f:90:8a:89:27:a7:68:bf:
1a:e6:c0:45:e6:0c:4e:39:84:c0:68:5a:44:19:5e:9f:e8:1d:
c0:91:c6:79:62:62:13:e9:3e:4f:5a:c5:5c:90:24:47:1d:48:
4c:a3:e1:c5:83:86:e8:5c:98:6b:2a:73:7d:dc:ef:25:49:6f:
12:24:7e:4c:cf:93:9a:fd:8d:32:93:b1:68:b6:ca:6c:ca:e9:
48:cb:30:64:15:a2:f5:24:2f:11:77:19:3a:6e:22:c6:82:1d:
61:58:e9:ff:32:e8:96:64:4d:a6:01:e9:af:d5:12:da:b3:bd:
62:c3:bd:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3InqqmmulzVudJFeIAIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MThiZjYwZDFlZjRjNzZjZDA3YTUzZjdlYzY4Mzc3MWFh
YjVjZmQwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGFlNzI3NmVkZWVkZDBjOWNiNWRkNThkOTYxYzU5MzVmMzcwZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMelhvpsL+fdIzi97Dab/bA+d4Gx
quaQH2Cqr73uEPF02qcBt7DInBjmQib/xzdX0ySasmlt3VtdwIZAQx5tzrMlR9fc
XE5NhylUf175xz8FWICsectadgARZ8qraDSSKdUCN1mjYQDD/VUI2DbCH5eCRa7P
YLNQ+aSXUeedSVcYr7+H1x3UmJSInxd822rBPEKYf5WGr1HZoeP9rSVVe3LKgTd3
LGm+pjb+xvjC8LyXLFTnivXriZpkX5LUfa7K0O57sc51VM/e6gl+dM1cG8Z2tGU7
7LXrIgrSDErkyRQEpZji6iaxAN8ih+FlZ1MaOw0WRioH5/rPnU+Kzr+IRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF2ucnbt7t0MnLXdWNlhxZNfNw0WMB8GA1UdIwQY
MBaAFNUYv2DR70x2zQelP37Gg3caq1z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJpX1lOSHZUSGJOQjZVX2ZzYURkeHFyWFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS81YmZkYjUtNDgyNC00MDJjLWIzOWIt
MjQ0ODhiMjdjYTQxLzEvWGE1eWR1M3UzUXljdGQxWTJXSEZrMTgzRFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS81YmZkYjUtNDgyNC00MDJjLWIzOWItMjQ0ODhiMjdjYTQx
LzEvMVJpX1lOSHZUSGJOQjZVX2ZzYURkeHFyWFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRDsMA0E
AgACMAcDBQAqA99AMA0GCSqGSIb3DQEBCwUAA4IBAQCv3rwEJlxtouMb0Pm1qh4b
fcPn0h7tf8C3bhL5nGNK+DGAVqB5vUTdMk8LTYFG6VvzCkx1WjgRrsdWH4u/+37I
fq4vBzUhAoA8DzN05NJO/wG/dIUWK4PoXfY5awSsPVwas8w60vrTbpTwSBx+44C4
vyHcq3FBUt6oDoh99fIuY3QDLGRbWiRpT5CKiSenaL8a5sBF5gxOOYTAaFpEGV6f
6B3AkcZ5YmIT6T5PWsVckCRHHUhMo+HFg4boXJhrKnN93O8lSW8SJH5Mz5Oa/Y0y
k7FotspsyulIyzBkFaL1JC8Rdxk6biLGgh1hWOn/MuiWZE2mAemv1RLas71iw72H
-----END CERTIFICATE-----
Generated at Sat May 25 21:48:19 2024 by rpki-client on console-ams.rpki-client.org