Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/XA7XxooWNBjCZqzQdJUgxFO5vzI.roa
File: XA7XxooWNBjCZqzQdJUgxFO5vzI.roa (raw, json)
Hash identifier: +ATyvtU+ljjd+flNDf0oy6Mr/8471D0ppQVDHvReTuc=
Subject key identifier: 5C:0E:D7:C6:8A:16:34:18:C2:66:AC:D0:74:95:20:C4:53:B9:BF:32
Certificate issuer: /CN=0d2087b0f6716d23c8d23eb3d0392b6bf642ad4b
Certificate serial: 018CC42540B8EBF0B4FA943BC95D4516CFB6
Authority key identifier: 0D:20:87:B0:F6:71:6D:23:C8:D2:3E:B3:D0:39:2B:6B:F6:42:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/XA7XxooWNBjCZqzQdJUgxFO5vzI.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51582
IP address blocks: 185.89.124.0/22 maxlen: 24
46.55.216.0/21 maxlen: 24
46.55.224.0/20 maxlen: 24
46.55.128.0/18 maxlen: 24
46.55.242.0/23 maxlen: 24
46.55.241.0/24 maxlen: 24
46.55.244.0/22 maxlen: 24
46.55.248.0/22 maxlen: 24
185.240.144.0/22 maxlen: 24
46.55.192.0/20 maxlen: 24
2a03:8340::/32 maxlen: 48
2a03:8340:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 13:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:40:b8:eb:f0:b4:fa:94:3b:c9:5d:45:16:cf:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2087b0f6716d23c8d23eb3d0392b6bf642ad4b
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c0ed7c68a163418c266acd0749520c453b9bf32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6a:8d:dc:7d:c3:b9:60:a7:4c:18:e3:e8:db:
84:a0:b7:b2:b1:09:37:c1:5c:a0:b5:dd:e6:29:31:
cd:71:f9:7f:d6:66:50:f2:da:7b:66:08:9b:b0:ea:
f5:44:bc:8f:1a:1f:f4:4c:d0:55:37:c8:66:1c:bf:
af:6d:1c:93:b2:d6:18:04:6f:41:0c:fb:ae:0c:aa:
0c:33:fd:64:bc:78:20:95:6e:95:10:0e:57:dd:86:
c7:de:79:21:c7:53:c5:71:75:1e:79:ba:07:7f:3c:
79:cf:26:88:97:1a:3b:5d:ad:e4:66:4d:f3:52:fb:
fa:d2:0d:87:90:c7:dc:39:7e:4e:b3:cb:cb:82:c0:
43:80:92:61:21:e4:6c:1d:94:44:25:62:32:11:88:
27:d4:b8:30:d3:62:ab:da:14:a1:fc:83:62:de:ea:
ba:30:c7:b7:a1:c7:b0:dc:4f:40:4b:f8:45:a1:22:
d7:cb:ee:a1:6f:00:35:c2:df:1d:a1:20:71:fa:c2:
b8:93:5c:4a:23:1e:ab:7b:6f:39:56:38:af:65:cb:
c5:3e:1b:6d:fa:9b:02:7b:a2:7b:51:41:a9:3e:23:
78:7e:98:16:e2:ab:fd:0f:0b:ca:c1:49:cc:04:b2:
49:8c:2f:64:5e:db:00:64:c5:4a:2b:b5:8a:61:99:
4e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0E:D7:C6:8A:16:34:18:C2:66:AC:D0:74:95:20:C4:53:B9:BF:32
X509v3 Authority Key Identifier:
keyid:0D:20:87:B0:F6:71:6D:23:C8:D2:3E:B3:D0:39:2B:6B:F6:42:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/XA7XxooWNBjCZqzQdJUgxFO5vzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/fcb729-c288-4e15-9384-a20d2d751eb5/1/DSCHsPZxbSPI0j6z0Dkra_ZCrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.55.128.0-46.55.207.255
46.55.216.0-46.55.239.255
46.55.241.0-46.55.251.255
185.89.124.0/22
185.240.144.0/22
IPv6:
2a03:8340::/32
Signature Algorithm: sha256WithRSAEncryption
53:cf:5a:7b:80:7d:60:1e:dc:38:75:ae:6b:d0:a7:36:6c:16:
db:39:82:a5:2f:1d:e7:46:19:8b:f8:5c:6b:97:38:74:4f:05:
ab:3c:05:dd:70:76:fc:58:5b:43:9a:40:ff:96:05:12:50:17:
73:69:cd:ea:4a:f3:11:35:89:6c:6d:ee:e8:f2:75:87:7c:e8:
e2:52:03:92:45:66:e0:7d:5d:83:7c:4a:0c:4a:66:d4:99:94:
c1:f6:19:09:01:c0:c3:e1:83:da:ab:fe:e2:24:95:4b:eb:13:
82:95:ba:e0:9f:1f:7d:b6:5b:42:67:4d:2b:73:a4:d8:d0:81:
d0:89:c1:fc:3f:d4:84:3d:78:95:a3:0c:c5:b8:d7:97:7e:fe:
74:14:df:d5:c8:b1:2c:06:1e:a5:8d:2c:c7:cf:89:40:de:19:
c3:fa:16:b3:db:ee:17:16:64:39:17:f8:a0:0f:3c:0c:34:bc:
7d:2f:b4:4f:81:6a:45:39:e5:82:06:1b:48:80:5c:fd:8f:3a:
92:1f:61:2c:5e:dc:b3:75:65:bb:67:41:db:a9:28:59:67:f4:
a6:c6:09:9d:39:a0:cb:f6:1d:a3:cf:f7:84:91:42:58:a5:65:
43:74:1f:1b:d7:07:9e:fb:68:6b:23:92:85:5f:3b:5f:19:15:
86:85:de:d8
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzEJUC46/C0+pQ7yV1FFs+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjA4N2IwZjY3MTZkMjNjOGQyM2ViM2QwMzkyYjZiZjY0
MmFkNGIwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBlZDdjNjhhMTYzNDE4YzI2NmFjZDA3NDk1MjBjNDUzYjliZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2qN3H3DuWCnTBjj6NuEoLeysQk3
wVygtd3mKTHNcfl/1mZQ8tp7ZgibsOr1RLyPGh/0TNBVN8hmHL+vbRyTstYYBG9B
DPuuDKoMM/1kvHgglW6VEA5X3YbH3nkhx1PFcXUeeboHfzx5zyaIlxo7Xa3kZk3z
Uvv60g2HkMfcOX5Os8vLgsBDgJJhIeRsHZREJWIyEYgn1Lgw02Kr2hSh/INi3uq6
MMe3ocew3E9AS/hFoSLXy+6hbwA1wt8doSBx+sK4k1xKIx6re285VjivZcvFPhtt
+psCe6J7UUGpPiN4fpgW4qv9DwvKwUnMBLJJjC9kXtsAZMVKK7WKYZlOBwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFwO18aKFjQYwmas0HSVIMRTub8yMB8GA1UdIwQY
MBaAFA0gh7D2cW0jyNI+s9A5K2v2Qq1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNDSHNQWnhiU1BJMGo2ejBEa3JhX1pDclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mY2I3MjktYzI4OC00ZTE1LTkzODQt
YTIwZDJkNzUxZWI1LzEvWEE3WHhvb1dOQmpDWnF6UWRKVWd4Rk81dnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mY2I3MjktYzI4OC00ZTE1LTkzODQtYTIwZDJkNzUxZWI1
LzEvRFNDSHNQWnhiU1BJMGo2ejBEa3JhX1pDclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2MAwDBAcuN4AD
BAQuN8AwDAMEAy432AMEBC434DAMAwQALjfxAwQCLjf4AwQCuVl8AwQCufCQMA0E
AgACMAcDBQAqA4NAMA0GCSqGSIb3DQEBCwUAA4IBAQBTz1p7gH1gHtw4da5r0Kc2
bBbbOYKlLx3nRhmL+Fxrlzh0TwWrPAXdcHb8WFtDmkD/lgUSUBdzac3qSvMRNYls
be7o8nWHfOjiUgOSRWbgfV2DfEoMSmbUmZTB9hkJAcDD4YPaq/7iJJVL6xOClbrg
nx99tltCZ00rc6TY0IHQicH8P9SEPXiVowzFuNeXfv50FN/VyLEsBh6ljSzHz4lA
3hnD+haz2+4XFmQ5F/igDzwMNLx9L7RPgWpFOeWCBhtIgFz9jzqSH2EsXtyzdWW7
Z0HbqShZZ/SmxgmdOaDL9h2jz/eEkUJYpWVDdB8b1wee+2hrI5KFXztfGRWGhd7Y
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:41:07 2024 by rpki-client on console-ams.rpki-client.org