Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/pXcvgW3KR18dQYa76pAwbIUplRA.roa
File: pXcvgW3KR18dQYa76pAwbIUplRA.roa (raw, json)
Hash identifier: JczkL4LmP5kHAzCUIfCKOoqxdIjN11op+zsaoCesCIc=
Subject key identifier: A5:77:2F:81:6D:CA:47:5F:1D:41:86:BB:EA:90:30:6C:85:29:95:10
Certificate issuer: /CN=926b9336fcaf3657cedeba53c47e948010877e20
Certificate serial: 018CC94ACDDB4E31F59328053ED843871750
Authority key identifier: 92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/pXcvgW3KR18dQYa76pAwbIUplRA.roa
Signing time: Tue 02 Jan 2024 08:29:31 +0000
ROA not before: Tue 02 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200428
IP address blocks: 185.229.208.0/22 maxlen: 22
185.163.4.0/22 maxlen: 22
185.151.60.0/22 maxlen: 22
2a0a:2640::/29 maxlen: 29
2a0a:5800::/29 maxlen: 29
2a0d:ce00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 08:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:cd:db:4e:31:f5:93:28:05:3e:d8:43:87:17:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926b9336fcaf3657cedeba53c47e948010877e20
Validity
Not Before: Jan 2 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5772f816dca475f1d4186bbea90306c85299510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:d5:ed:18:b1:57:9a:4c:f8:e5:9a:47:c0:
68:61:e7:74:1f:3a:73:55:0d:ac:fd:f2:30:c3:05:
29:53:d3:22:8b:ed:ef:9f:63:2c:f2:14:e6:a8:60:
d7:63:87:a6:4f:3b:8d:d8:b7:ff:4a:6a:b7:08:03:
3b:e7:f8:d6:b2:85:36:81:07:ab:48:1d:4c:32:24:
38:d5:d9:a6:a8:ec:b8:d8:94:02:fb:bb:d2:ae:78:
f2:7f:65:0b:19:70:3a:9c:d3:c2:61:3e:24:67:4f:
89:19:3c:9f:b6:cb:61:ea:a2:90:88:98:5a:6e:cf:
0b:52:9c:c6:46:f5:7d:ca:b2:80:04:aa:d8:32:2a:
51:93:ce:6c:59:78:81:c7:e3:9f:e6:dc:0b:c3:db:
43:54:58:cf:25:7a:72:bd:09:60:73:9a:eb:54:51:
cb:31:40:3e:47:c3:05:79:f0:82:83:4d:84:c8:d3:
e5:5b:67:a9:35:ad:41:8b:75:01:89:91:79:6a:32:
c1:c9:f6:9c:af:24:9c:34:77:3e:69:6c:89:02:9c:
3c:ae:f4:84:ab:11:e8:c4:31:49:d1:fb:8b:f7:c6:
30:a3:92:41:bd:30:6e:eb:21:3b:8e:6a:3a:d4:33:
10:3b:15:7e:03:88:28:f1:a9:84:22:7c:e8:a1:c2:
7a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:77:2F:81:6D:CA:47:5F:1D:41:86:BB:EA:90:30:6C:85:29:95:10
X509v3 Authority Key Identifier:
keyid:92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/pXcvgW3KR18dQYa76pAwbIUplRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.60.0/22
185.163.4.0/22
185.229.208.0/22
IPv6:
2a0a:2640::/29
2a0a:5800::/29
2a0d:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
58:18:33:5f:9e:da:10:44:18:c8:01:83:4b:7d:bd:95:e1:25:
0f:ec:39:f1:61:57:76:b6:bd:cb:da:5e:96:e3:71:1c:77:7c:
9d:c7:ff:2c:35:48:b2:9d:66:7d:aa:05:ad:77:9e:c5:8a:14:
1f:d5:37:0a:a8:04:1b:c7:45:2c:4b:96:85:b2:92:44:9f:32:
8f:da:ec:84:29:d7:06:fc:19:09:04:b8:69:97:81:33:aa:9e:
6d:58:c4:31:1e:a1:75:d5:ed:ad:d7:19:69:18:7a:bf:65:35:
5c:a8:75:aa:92:ff:f2:e7:d0:c1:6b:44:59:cd:33:27:97:85:
2f:9d:5c:d3:bc:0f:40:bd:7c:ce:f8:a4:f8:e7:38:db:b6:fc:
a7:bd:cd:c4:a1:c7:65:23:27:3c:28:35:44:9f:8a:53:55:67:
2f:e9:c6:b7:65:c1:17:ea:f1:f0:05:57:cb:75:82:38:d1:a1:
a9:b3:b6:67:b8:e3:65:2a:5a:2d:f8:de:a4:21:c2:2f:7f:08:
02:76:fc:9c:28:e6:64:20:74:99:77:3d:47:f8:c6:ae:c4:bd:
b4:6a:75:ea:62:e3:18:c2:b7:ea:1a:20:96:81:a6:81:3b:fd:
d8:71:40:5a:6c:93:5c:4e:4e:b2:ba:f7:4c:73:46:af:f4:11:
31:b6:e8:f4
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzJSs3bTjH1kygFPthDhxdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNmI5MzM2ZmNhZjM2NTdjZWRlYmE1M2M0N2U5NDgwMTA4
NzdlMjAwHhcNMjQwMTAyMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTc3MmY4MTZkY2E0NzVmMWQ0MTg2YmJlYTkwMzA2Yzg1Mjk5NTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusHV7RixV5pM+OWaR8BoYed0Hzpz
VQ2s/fIwwwUpU9Mii+3vn2Ms8hTmqGDXY4emTzuN2Lf/Smq3CAM75/jWsoU2gQer
SB1MMiQ41dmmqOy42JQC+7vSrnjyf2ULGXA6nNPCYT4kZ0+JGTyftsth6qKQiJha
bs8LUpzGRvV9yrKABKrYMipRk85sWXiBx+Of5twLw9tDVFjPJXpyvQlgc5rrVFHL
MUA+R8MFefCCg02EyNPlW2epNa1Bi3UBiZF5ajLByfacryScNHc+aWyJApw8rvSE
qxHoxDFJ0fuL98Ywo5JBvTBu6yE7jmo61DMQOxV+A4go8amEInzoocJ6fwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFKV3L4FtykdfHUGGu+qQMGyFKZUQMB8GA1UdIwQY
MBaAFJJrkzb8rzZXzt66U8R+lIAQh34gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTct
MDZhMjRmYTc0NjY3LzEvcFhjdmdXM0tSMThkUVlhNzZwQXdiSVVwbFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTctMDZhMjRmYTc0NjY3
LzEva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCuZc8AwQC
uaMEAwQCueXQMBsEAgACMBUDBQMqCiZAAwUDKgpYAAMFAyoNzgAwDQYJKoZIhvcN
AQELBQADggEBAFgYM1+e2hBEGMgBg0t9vZXhJQ/sOfFhV3a2vcvaXpbjcRx3fJ3H
/yw1SLKdZn2qBa13nsWKFB/VNwqoBBvHRSxLloWykkSfMo/a7IQp1wb8GQkEuGmX
gTOqnm1YxDEeoXXV7a3XGWkYer9lNVyodaqS//Ln0MFrRFnNMyeXhS+dXNO8D0C9
fM74pPjnONu2/Ke9zcShx2UjJzwoNUSfilNVZy/pxrdlwRfq8fAFV8t1gjjRoamz
tme442UqWi343qQhwi9/CAJ2/Jwo5mQgdJl3PUf4xq7EvbRqdepi4xjCt+oaIJaB
poE7/dhxQFpsk1xOTrK690xzRq/0ETG26PQ=
-----END CERTIFICATE-----
Generated at Tue Dec 3 18:16:43 2024 by rpki-client on console-fra.rpki-client.org