Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/XqUoUcdDJL6Fp9Bf_J44r6DgHAA.roa
File: XqUoUcdDJL6Fp9Bf_J44r6DgHAA.roa (raw, json)
Hash identifier: Muk9HxVBwka+PnDTC6aANBMqTfN5OeI9H5hr1ijqqRQ=
Subject key identifier: 5E:A5:28:51:C7:43:24:BE:85:A7:D0:5F:FC:9E:38:AF:A0:E0:1C:00
Certificate issuer: /CN=f9e00abe184a625b76f8d1fbceef817aaf71415b
Certificate serial: 0192D82A804A9425A770FAE75D83E6DD21D2
Authority key identifier: F9:E0:0A:BE:18:4A:62:5B:76:F8:D1:FB:CE:EF:81:7A:AF:71:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-eAKvhhKYlt2-NH7zu-Beq9xQVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/XqUoUcdDJL6Fp9Bf_J44r6DgHAA.roa
Signing time: Tue 29 Oct 2024 12:05:16 +0000
ROA not before: Tue 29 Oct 2024 12:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57494
IP address blocks: 195.178.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/1-eAKvhhKYlt2-NH7zu-Beq9xQVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/1-eAKvhhKYlt2-NH7zu-Beq9xQVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-eAKvhhKYlt2-NH7zu-Beq9xQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:2a:80:4a:94:25:a7:70:fa:e7:5d:83:e6:dd:21:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9e00abe184a625b76f8d1fbceef817aaf71415b
Validity
Not Before: Oct 29 12:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ea52851c74324be85a7d05ffc9e38afa0e01c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:36:7d:00:d3:05:93:83:80:6a:81:c0:db:2a:
80:19:6c:30:6a:0c:e2:4f:74:75:7e:e5:59:e3:90:
3b:5e:be:10:13:da:aa:8e:54:b2:80:41:7d:be:d1:
2f:30:32:f9:84:bb:f8:3d:6e:6f:06:fe:28:99:e0:
0b:0c:b8:37:9d:f1:4f:b4:22:dd:db:de:24:b7:9b:
26:3f:ff:13:8f:20:4a:b3:f9:d7:56:4f:ca:f6:af:
78:76:de:40:75:59:02:78:40:ec:ef:7b:76:52:81:
d3:c1:ba:0a:51:78:c9:4f:3a:09:88:6c:2d:be:54:
11:df:7a:05:40:b8:65:9b:1f:7b:16:4c:7f:24:07:
5d:1e:7b:5c:b0:d0:91:8c:b7:db:04:08:52:73:a2:
20:43:0e:98:80:35:ba:ec:35:ed:a3:21:53:43:c6:
c5:b2:4b:7b:a3:40:18:85:b1:40:e2:c3:a4:4c:c0:
7e:89:d7:79:f7:1e:96:e9:7a:4f:15:f1:8b:ed:0a:
ae:b6:21:cc:c0:fe:8d:79:7f:49:f0:2d:44:f1:c7:
91:b5:32:cc:10:cc:9d:48:5a:e1:13:e1:b5:f7:7a:
1b:4d:a3:a6:c1:7c:1e:1e:c0:6d:23:89:df:11:84:
ae:e7:56:99:1b:4e:75:d9:27:49:7a:b0:e7:59:d1:
f8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A5:28:51:C7:43:24:BE:85:A7:D0:5F:FC:9E:38:AF:A0:E0:1C:00
X509v3 Authority Key Identifier:
keyid:F9:E0:0A:BE:18:4A:62:5B:76:F8:D1:FB:CE:EF:81:7A:AF:71:41:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-eAKvhhKYlt2-NH7zu-Beq9xQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/XqUoUcdDJL6Fp9Bf_J44r6DgHAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8a322f-dc28-422f-b570-58b64d557c0c/1/1-eAKvhhKYlt2-NH7zu-Beq9xQVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.178.17.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:68:03:23:b5:26:52:b1:c7:de:6e:53:32:46:e7:10:65:a3:
11:f4:5b:b8:40:8f:80:0a:21:32:f6:6a:00:0b:30:f0:39:02:
7e:43:99:ca:9e:8c:01:74:66:0f:da:62:0d:8c:8e:5e:ca:d1:
b5:b0:9b:3f:04:27:06:3a:10:45:19:1f:57:5f:fd:f7:b3:5b:
4e:81:f7:33:4c:66:67:c5:50:b8:14:7a:d6:04:fd:92:b0:6e:
18:39:cb:2d:16:c0:f2:23:8c:1e:d6:8d:6b:a0:7e:5c:50:07:
15:48:f0:5d:68:94:28:4c:ba:94:b2:df:9b:a2:4d:1a:3a:23:
f8:e3:5a:cf:3c:78:e2:b6:8f:ff:fd:5d:72:2f:df:96:07:57:
6e:0d:45:f7:7e:c6:1c:67:6f:59:f2:14:78:bc:d2:0a:2c:53:
a1:ac:af:28:65:6c:79:21:9b:7f:5f:a6:75:07:17:2b:2b:2b:
b4:8b:04:c7:44:f3:4f:54:6e:04:5c:f0:3d:29:36:90:03:26:
09:98:b4:f6:0d:5e:1c:58:70:4e:22:48:87:28:aa:56:bd:40:
3f:70:54:47:73:d4:e6:5b:a0:30:bf:3b:f7:96:13:e4:69:da:
cc:63:67:fc:22:4e:92:df:4d:76:f7:1e:fe:bb:6d:cc:f0:58:
98:31:b7:9b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZLYKoBKlCWncPrnXYPm3SHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ZTAwYWJlMTg0YTYyNWI3NmY4ZDFmYmNlZWY4MTdhYWY3
MTQxNWIwHhcNMjQxMDI5MTIwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE1Mjg1MWM3NDMyNGJlODVhN2QwNWZmYzllMzhhZmEwZTAxYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDZ9ANMFk4OAaoHA2yqAGWwwagzi
T3R1fuVZ45A7Xr4QE9qqjlSygEF9vtEvMDL5hLv4PW5vBv4omeALDLg3nfFPtCLd
294kt5smP/8TjyBKs/nXVk/K9q94dt5AdVkCeEDs73t2UoHTwboKUXjJTzoJiGwt
vlQR33oFQLhlmx97Fkx/JAddHntcsNCRjLfbBAhSc6IgQw6YgDW67DXtoyFTQ8bF
skt7o0AYhbFA4sOkTMB+idd59x6W6XpPFfGL7QqutiHMwP6NeX9J8C1E8ceRtTLM
EMydSFrhE+G193obTaOmwXweHsBtI4nfEYSu51aZG0512SdJerDnWdH4tQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF6lKFHHQyS+hafQX/yeOK+g4BwAMB8GA1UdIwQY
MBaAFPngCr4YSmJbdvjR+87vgXqvcUFbMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1lQUt2aGhLWWx0Mi1OSDd6dS1CZXE5eFFWcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYvOGEzMjJmLWRjMjgtNDIyZi1iNTcw
LTU4YjY0ZDU1N2MwYy8xL1hxVW9VY2RESkw2RnA5QmZfSjQ0cjZEZ0hBQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWYvOGEzMjJmLWRjMjgtNDIyZi1iNTcwLTU4YjY0ZDU1N2Mw
Yy8xLzEtZUFLdmhoS1lsdDItTkg3enUtQmVxOXhRVnMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDshEw
DQYJKoZIhvcNAQELBQADggEBAD5oAyO1JlKxx95uUzJG5xBloxH0W7hAj4AKITL2
agALMPA5An5DmcqejAF0Zg/aYg2Mjl7K0bWwmz8EJwY6EEUZH1df/fezW06B9zNM
ZmfFULgUetYE/ZKwbhg5yy0WwPIjjB7WjWugflxQBxVI8F1olChMupSy35uiTRo6
I/jjWs88eOK2j//9XXIv35YHV24NRfd+xhxnb1nyFHi80gosU6GsryhlbHkhm39f
pnUHFysrK7SLBMdE809UbgRc8D0pNpADJgmYtPYNXhxYcE4iSIcoqla9QD9wVEdz
1OZboDC/O/eWE+Rp2sxjZ/wiTpLfTXb3Hv67bczwWJgxt5s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:33:17 2024 by rpki-client on console-ams.rpki-client.org