Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/22ad4c-0b05-474d-919f-3b540a6bc3dc/1/XjhX2RWMLw-HTRDK9-d8pbtlRec.roa
File: XjhX2RWMLw-HTRDK9-d8pbtlRec.roa (raw, json)
Hash identifier: nbVSKB0FHX6MmK2krZupIghrP/PWByhQcaWUjeHBueI=
Subject key identifier: 5E:38:57:D9:15:8C:2F:0F:87:4D:10:CA:F7:E7:7C:A5:BB:65:45:E7
Certificate issuer: /CN=30c45fc3147102824f9d2d547766a809aeaf245a
Certificate serial: 018CC4255A57628250E1B789C4F9818AE97F
Authority key identifier: 30:C4:5F:C3:14:71:02:82:4F:9D:2D:54:77:66:A8:09:AE:AF:24:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMRfwxRxAoJPnS1Ud2aoCa6vJFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/22ad4c-0b05-474d-919f-3b540a6bc3dc/1/XjhX2RWMLw-HTRDK9-d8pbtlRec.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58350
IP address blocks: 176.115.0.0/19 maxlen: 19
2001:678:258::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/22ad4c-0b05-474d-919f-3b540a6bc3dc/1/MMRfwxRxAoJPnS1Ud2aoCa6vJFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/22ad4c-0b05-474d-919f-3b540a6bc3dc/1/MMRfwxRxAoJPnS1Ud2aoCa6vJFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/MMRfwxRxAoJPnS1Ud2aoCa6vJFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5a:57:62:82:50:e1:b7:89:c4:f9:81:8a:e9:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c45fc3147102824f9d2d547766a809aeaf245a
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e3857d9158c2f0f874d10caf7e77ca5bb6545e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b5:08:80:cc:4c:f0:92:c5:0a:a7:2f:8e:e2:
54:98:19:4e:44:fa:57:af:17:a6:c4:91:41:4f:dd:
f8:fe:ad:ce:79:a9:36:80:8e:59:4d:35:7f:97:97:
90:69:9b:26:a2:6a:67:25:c3:1b:c9:df:10:01:20:
21:aa:8c:cf:95:29:0d:2f:9c:b6:9f:b8:d8:a6:45:
d9:83:35:4f:01:3a:6e:49:b2:2c:9e:8a:9d:3e:db:
4f:91:70:61:99:18:e4:44:33:a4:c7:1d:3c:c2:b3:
03:0c:e5:0b:4b:9c:22:42:fd:a7:e4:ba:ba:71:0c:
13:58:56:75:93:12:cb:6f:86:20:a8:e9:7e:30:11:
95:c1:15:43:c0:2b:4b:ef:27:5c:d0:ea:32:de:13:
f0:61:0c:ca:4a:85:4e:9b:d8:1f:8f:cf:b2:36:75:
0a:2c:c8:e0:b0:6b:b3:b0:a8:59:c8:82:ce:6c:d8:
2e:43:ea:8a:d2:bb:c3:61:39:95:bc:f0:7d:62:a4:
37:82:69:90:91:ce:d2:18:b7:bd:bb:4d:0e:32:93:
c8:11:62:88:dc:af:4a:11:79:35:e4:a0:25:6e:d9:
9c:56:32:e6:2d:12:8b:4a:af:74:c6:f7:9b:0b:d3:
12:2f:f6:49:6c:dd:c9:fe:27:bf:2d:48:d8:86:50:
02:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:38:57:D9:15:8C:2F:0F:87:4D:10:CA:F7:E7:7C:A5:BB:65:45:E7
X509v3 Authority Key Identifier:
keyid:30:C4:5F:C3:14:71:02:82:4F:9D:2D:54:77:66:A8:09:AE:AF:24:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMRfwxRxAoJPnS1Ud2aoCa6vJFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/22ad4c-0b05-474d-919f-3b540a6bc3dc/1/XjhX2RWMLw-HTRDK9-d8pbtlRec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/22ad4c-0b05-474d-919f-3b540a6bc3dc/1/MMRfwxRxAoJPnS1Ud2aoCa6vJFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.115.0.0/19
IPv6:
2001:678:258::/48
Signature Algorithm: sha256WithRSAEncryption
7b:e5:31:d5:ee:f7:3b:1a:b5:52:4c:fe:7f:f8:b5:d4:84:bc:
31:3a:48:af:a8:20:ac:e6:6b:8d:65:1d:ef:5b:a8:2f:c1:1e:
90:80:39:e8:a7:99:48:f9:f7:f3:a5:69:e4:7a:e9:2e:86:8d:
4e:18:69:61:4c:3e:cf:ca:f5:4c:d0:15:f4:17:e6:c8:c6:ad:
09:33:12:5a:5c:ca:9a:dc:dd:ca:f3:30:cb:9b:44:9f:d3:18:
35:fb:d4:07:b8:41:f0:bf:09:92:cf:62:aa:41:80:5d:6b:5f:
6f:9c:c4:80:d4:f3:72:f0:90:18:89:25:a6:26:2e:21:e5:b6:
c4:d7:70:e7:5a:47:3b:14:46:c3:5c:ad:07:59:1e:c5:18:f1:
03:93:31:35:f3:ac:b6:02:99:f0:5a:55:29:66:db:af:41:2a:
2e:da:c8:0a:65:f6:39:56:d1:62:cd:b0:aa:7a:73:b6:34:8f:
49:a7:36:18:b4:1c:1b:2f:e8:2c:02:f8:0f:37:91:ec:1a:8c:
28:0d:2c:a4:f8:4a:bf:1f:83:7a:66:cb:6c:26:6a:0b:c1:4f:
32:83:5f:7a:b2:21:06:5a:f6:ac:44:99:d1:df:83:a9:5a:4c:
7e:55:67:e8:d6:d1:84:15:a1:c2:ab:c5:8c:1d:f4:3c:74:82:
4e:67:f3:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJVpXYoJQ4beJxPmBiul/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQ1ZmMzMTQ3MTAyODI0ZjlkMmQ1NDc3NjZhODA5YWVh
ZjI0NWEwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTM4NTdkOTE1OGMyZjBmODc0ZDEwY2FmN2U3N2NhNWJiNjU0NWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibUIgMxM8JLFCqcvjuJUmBlORPpX
rxemxJFBT934/q3Oeak2gI5ZTTV/l5eQaZsmompnJcMbyd8QASAhqozPlSkNL5y2
n7jYpkXZgzVPATpuSbIsnoqdPttPkXBhmRjkRDOkxx08wrMDDOULS5wiQv2n5Lq6
cQwTWFZ1kxLLb4YgqOl+MBGVwRVDwCtL7ydc0Ooy3hPwYQzKSoVOm9gfj8+yNnUK
LMjgsGuzsKhZyILObNguQ+qK0rvDYTmVvPB9YqQ3gmmQkc7SGLe9u00OMpPIEWKI
3K9KEXk15KAlbtmcVjLmLRKLSq90xvebC9MSL/ZJbN3J/ie/LUjYhlAC8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF44V9kVjC8Ph00QyvfnfKW7ZUXnMB8GA1UdIwQY
MBaAFDDEX8MUcQKCT50tVHdmqAmuryRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1SZnd4UnhBb0pQblMxVWQyYW9DYTZ2SkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yMmFkNGMtMGIwNS00NzRkLTkxOWYt
M2I1NDBhNmJjM2RjLzEvWGpoWDJSV01Mdy1IVFJESzktZDhwYnRsUmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yMmFkNGMtMGIwNS00NzRkLTkxOWYtM2I1NDBhNmJjM2Rj
LzEvTU1SZnd4UnhBb0pQblMxVWQyYW9DYTZ2SkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQFsHMAMA8E
AgACMAkDBwAgAQZ4AlgwDQYJKoZIhvcNAQELBQADggEBAHvlMdXu9zsatVJM/n/4
tdSEvDE6SK+oIKzma41lHe9bqC/BHpCAOeinmUj59/OlaeR66S6GjU4YaWFMPs/K
9UzQFfQX5sjGrQkzElpcyprc3crzMMubRJ/TGDX71Ae4QfC/CZLPYqpBgF1rX2+c
xIDU83LwkBiJJaYmLiHltsTXcOdaRzsURsNcrQdZHsUY8QOTMTXzrLYCmfBaVSlm
269BKi7ayApl9jlW0WLNsKp6c7Y0j0mnNhi0HBsv6CwC+A83kewajCgNLKT4Sr8f
g3pmy2wmagvBTzKDX3qyIQZa9qxEmdHfg6laTH5VZ+jW0YQVocKrxYwd9Dx0gk5n
8xs=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:56:01 2024 by rpki-client on console-fra.rpki-client.org