Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/XA1IpQTW7B4oCjT9Rnz00nAu8xA.roa
File: XA1IpQTW7B4oCjT9Rnz00nAu8xA.roa (raw, json)
Hash identifier: ssSxH9RTs8g04lrQwgr05cCubj479qAgPs6AMkobYPE=
Subject key identifier: 5C:0D:48:A5:04:D6:EC:1E:28:0A:34:FD:46:7C:F4:D2:70:2E:F3:10
Certificate issuer: /CN=5aaf774ec9c273026eb117e48e73fef4288ddec8
Certificate serial: 018CC500ABEF268914FCEEB34C4D1DF0FD45
Authority key identifier: 5A:AF:77:4E:C9:C2:73:02:6E:B1:17:E4:8E:73:FE:F4:28:8D:DE:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wq93TsnCcwJusRfkjnP-9CiN3sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/XA1IpQTW7B4oCjT9Rnz00nAu8xA.roa
Signing time: Mon 01 Jan 2024 12:30:04 +0000
ROA not before: Mon 01 Jan 2024 12:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198682
IP address blocks: 78.40.112.0/22 maxlen: 24
2a05:a9c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/Wq93TsnCcwJusRfkjnP-9CiN3sg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/Wq93TsnCcwJusRfkjnP-9CiN3sg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wq93TsnCcwJusRfkjnP-9CiN3sg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:ab:ef:26:89:14:fc:ee:b3:4c:4d:1d:f0:fd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aaf774ec9c273026eb117e48e73fef4288ddec8
Validity
Not Before: Jan 1 12:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c0d48a504d6ec1e280a34fd467cf4d2702ef310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:07:a3:c8:7c:1d:9a:29:c5:bd:77:b1:fb:0c:
69:57:84:81:d6:e2:d0:4c:01:15:dd:8d:18:88:94:
4f:a5:ba:8b:24:7a:b4:02:25:de:f5:2c:e8:a7:33:
ec:dd:89:6b:fa:2a:ff:60:0d:02:a1:92:99:f0:49:
60:54:d6:06:6c:0c:5a:d5:fc:ad:22:c0:6d:da:d5:
a0:10:a8:16:61:c5:ed:f5:5e:50:26:00:42:dc:0a:
88:e0:0c:bd:4c:90:87:01:2d:00:df:92:5d:06:73:
84:7b:e1:28:29:10:f4:22:40:be:9e:0c:ed:e1:8e:
73:dd:36:4d:ac:38:54:37:1b:85:ef:9f:9d:1d:b1:
04:40:ab:4d:47:9d:12:a8:fd:5a:10:d3:2b:fc:41:
33:0d:6a:21:51:46:9f:d6:7e:2b:2f:ef:42:eb:81:
70:68:92:d6:e8:f5:a6:13:f5:25:e7:74:00:4c:02:
37:25:54:f7:76:3f:f6:e1:55:58:46:58:2f:9f:b0:
f7:9b:95:aa:eb:41:a0:f0:89:b3:08:15:57:5f:ca:
2c:d7:97:0d:46:eb:c1:f7:f0:a1:c5:40:83:dd:bf:
cd:2d:80:5d:02:7d:34:a7:82:4d:24:7e:f2:3b:3d:
cc:ac:d0:26:f7:8d:cb:82:64:e5:78:e6:65:20:0f:
0e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0D:48:A5:04:D6:EC:1E:28:0A:34:FD:46:7C:F4:D2:70:2E:F3:10
X509v3 Authority Key Identifier:
keyid:5A:AF:77:4E:C9:C2:73:02:6E:B1:17:E4:8E:73:FE:F4:28:8D:DE:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wq93TsnCcwJusRfkjnP-9CiN3sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/XA1IpQTW7B4oCjT9Rnz00nAu8xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/dc430d-3779-4989-b872-33644059e866/1/Wq93TsnCcwJusRfkjnP-9CiN3sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.112.0/22
IPv6:
2a05:a9c0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:93:17:45:73:1a:26:67:f6:2b:75:96:d4:74:8f:b4:32:97:
06:90:5e:c8:ca:9f:8c:dd:02:c7:5a:af:2d:db:30:57:a0:71:
37:62:17:2c:45:4f:8f:45:52:94:fd:b1:e8:f0:ed:85:e2:c1:
ee:7e:9f:d7:e4:40:d7:c9:c2:06:de:fd:0a:a7:e2:4d:41:6b:
bf:1a:11:50:af:d4:89:16:13:82:c9:96:0b:3a:49:00:13:f8:
ba:27:96:59:fe:75:e5:68:b4:62:08:37:ce:81:f2:c1:fc:6b:
fc:01:02:e9:10:8d:df:12:bf:c5:81:5a:4d:47:53:70:9c:ae:
eb:a2:df:3e:23:05:c9:38:62:a7:df:cd:ee:52:d5:28:8b:44:
82:e7:cb:d7:b7:06:1c:bd:4c:93:e5:cd:0e:2e:7a:63:c1:0b:
d9:8a:01:5b:97:96:d8:4a:67:af:af:9b:d5:de:87:a8:09:4e:
94:de:74:91:55:f6:bc:a2:48:92:c9:1d:dd:cb:79:4b:dd:7f:
43:49:39:b4:9e:a0:bd:5e:5e:85:7a:5d:4c:0a:0b:18:ee:e0:
92:d4:30:41:ef:75:a6:78:b2:f9:a0:b1:ab:01:74:96:24:31:
b5:13:83:8d:4a:c1:42:22:c4:a6:39:0f:cc:08:b3:34:aa:41:
ae:31:4c:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAKvvJokU/O6zTE0d8P1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYWY3NzRlYzljMjczMDI2ZWIxMTdlNDhlNzNmZWY0Mjg4
ZGRlYzgwHhcNMjQwMTAxMTIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBkNDhhNTA0ZDZlYzFlMjgwYTM0ZmQ0NjdjZjRkMjcwMmVmMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QejyHwdminFvXex+wxpV4SB1uLQ
TAEV3Y0YiJRPpbqLJHq0AiXe9SzopzPs3Ylr+ir/YA0CoZKZ8ElgVNYGbAxa1fyt
IsBt2tWgEKgWYcXt9V5QJgBC3AqI4Ay9TJCHAS0A35JdBnOEe+EoKRD0IkC+ngzt
4Y5z3TZNrDhUNxuF75+dHbEEQKtNR50SqP1aENMr/EEzDWohUUaf1n4rL+9C64Fw
aJLW6PWmE/Ul53QATAI3JVT3dj/24VVYRlgvn7D3m5Wq60Gg8ImzCBVXX8os15cN
RuvB9/ChxUCD3b/NLYBdAn00p4JNJH7yOz3MrNAm943LgmTleOZlIA8O5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFwNSKUE1uweKAo0/UZ89NJwLvMQMB8GA1UdIwQY
MBaAFFqvd07JwnMCbrEX5I5z/vQojd7IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3E5M1RzbkNjd0p1c1Jma2puUC05Q2lOM3NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kYzQzMGQtMzc3OS00OTg5LWI4NzIt
MzM2NDQwNTllODY2LzEvWEExSXBRVFc3QjRvQ2pUOVJuejAwbkF1OHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kYzQzMGQtMzc3OS00OTg5LWI4NzItMzM2NDQwNTllODY2
LzEvV3E5M1RzbkNjd0p1c1Jma2puUC05Q2lOM3NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCTihwMA0E
AgACMAcDBQAqBanAMA0GCSqGSIb3DQEBCwUAA4IBAQALkxdFcxomZ/YrdZbUdI+0
MpcGkF7Iyp+M3QLHWq8t2zBXoHE3YhcsRU+PRVKU/bHo8O2F4sHufp/X5EDXycIG
3v0Kp+JNQWu/GhFQr9SJFhOCyZYLOkkAE/i6J5ZZ/nXlaLRiCDfOgfLB/Gv8AQLp
EI3fEr/FgVpNR1NwnK7rot8+IwXJOGKn383uUtUoi0SC58vXtwYcvUyT5c0OLnpj
wQvZigFbl5bYSmevr5vV3oeoCU6U3nSRVfa8okiSyR3dy3lL3X9DSTm0nqC9Xl6F
el1MCgsY7uCS1DBB73WmeLL5oLGrAXSWJDG1E4ONSsFCIsSmOQ/MCLM0qkGuMUyX
-----END CERTIFICATE-----
Generated at Tue Jun 25 20:43:21 2024 by rpki-client on console-fra.rpki-client.org