Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/xbB6ucyKhW1_i_JcmupxaHGhuak.roa
File: xbB6ucyKhW1_i_JcmupxaHGhuak.roa (raw, json)
Hash identifier: 9nOdxX9jju16uBCzR9UKDRIUXKh6RreqwnTB8OB6Ieo=
Subject key identifier: C5:B0:7A:B9:CC:8A:85:6D:7F:8B:F2:5C:9A:EA:71:68:71:A1:B9:A9
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: 018CC6B7941C295F44A829D23A359EC9A68C
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/xbB6ucyKhW1_i_JcmupxaHGhuak.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9051
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:94:1c:29:5f:44:a8:29:d2:3a:35:9e:c9:a6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5b07ab9cc8a856d7f8bf25c9aea716871a1b9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:37:d5:ce:9f:79:5e:d5:75:4b:9d:94:50:fe:
99:20:fc:fb:f1:b9:8c:8f:06:74:98:c4:7a:7f:27:
b9:32:e6:1a:4f:e0:3c:fe:44:b1:43:86:6f:0e:bf:
30:31:8d:ae:39:eb:27:0c:6c:99:49:c7:be:44:31:
2b:77:70:6e:47:20:4e:43:99:65:ef:b7:ad:bf:6e:
45:bf:21:22:90:ff:a5:b7:35:d0:e0:19:ad:99:58:
e8:1d:74:ca:42:c3:78:72:29:8f:c7:4b:80:71:1d:
b6:ff:a9:8e:21:49:86:62:b6:70:7b:83:c0:dd:41:
14:f6:58:27:11:42:7e:5e:aa:ff:f3:74:de:26:c5:
2f:28:2e:9c:83:c4:19:55:1e:12:1e:14:da:05:ac:
8d:8a:57:fd:f5:6b:b3:b2:49:e0:85:37:2e:7f:3f:
90:e4:54:39:0d:5f:33:25:89:74:81:c4:65:54:65:
74:a7:9e:3b:ed:f3:87:b6:b3:a3:a6:db:6a:f5:72:
b8:c5:a3:ce:21:ab:18:2c:af:61:2b:64:50:ef:ef:
c4:0b:85:26:c9:4a:0d:09:8b:9c:84:b5:32:1b:09:
68:be:a9:b2:22:08:89:d6:66:e1:b9:90:12:9b:85:
10:d9:76:56:6a:11:85:72:db:b1:59:3b:1c:95:dd:
8e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B0:7A:B9:CC:8A:85:6D:7F:8B:F2:5C:9A:EA:71:68:71:A1:B9:A9
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/xbB6ucyKhW1_i_JcmupxaHGhuak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:a3:a6:53:fa:de:1f:c5:2f:b8:a0:b4:c0:dc:cb:8a:59:b6:
53:81:0f:3d:a4:c3:0a:cf:c9:bd:a8:5d:c7:81:37:e2:e8:02:
73:b7:11:3a:72:ce:89:87:a7:eb:a6:af:96:69:1a:74:9e:14:
8f:b0:d0:98:26:dc:0e:53:3d:29:1b:a8:d5:fc:74:ad:dd:91:
58:43:58:94:05:a7:90:b7:1f:f1:48:19:63:6a:70:51:30:be:
0c:d2:e9:5c:f4:0c:cc:ff:d3:49:b4:a8:bb:5c:01:79:bc:67:
b1:44:25:85:15:0b:ff:14:80:44:f1:71:b1:fc:57:7f:2b:e1:
d0:a0:0a:98:0f:b8:2f:f4:c1:f2:56:b7:b6:45:d5:f1:3a:8e:
e5:6b:fc:57:35:2e:21:8a:26:05:4f:a0:1c:91:9d:83:11:32:
ad:ea:b7:0b:bc:d6:e4:ee:0c:1c:97:77:d1:4d:50:45:de:28:
bc:ec:17:f8:eb:86:24:91:d5:c3:0c:db:70:55:ed:4b:da:51:
55:db:8b:57:86:98:9f:ab:a9:fc:57:2e:01:01:39:2b:66:3c:
b8:90:60:28:9b:e8:78:20:dd:9a:87:ce:ca:c6:5a:ba:c0:e0:
a2:5b:8b:c2:05:81:de:c1:4e:88:ad:58:13:07:a5:2b:c8:22:
b0:76:71:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt5QcKV9EqCnSOjWeyaaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODQ3ZjgyMjE4OTdkNmU5NTJlODZlYTJjMzM5YWJhYWNj
MTMxZjUwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWIwN2FiOWNjOGE4NTZkN2Y4YmYyNWM5YWVhNzE2ODcxYTFiOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDfVzp95XtV1S52UUP6ZIPz78bmM
jwZ0mMR6fye5MuYaT+A8/kSxQ4ZvDr8wMY2uOesnDGyZSce+RDErd3BuRyBOQ5ll
77etv25FvyEikP+ltzXQ4BmtmVjoHXTKQsN4cimPx0uAcR22/6mOIUmGYrZwe4PA
3UEU9lgnEUJ+Xqr/83TeJsUvKC6cg8QZVR4SHhTaBayNilf99WuzsknghTcufz+Q
5FQ5DV8zJYl0gcRlVGV0p5477fOHtrOjpttq9XK4xaPOIasYLK9hK2RQ7+/EC4Um
yUoNCYuchLUyGwlovqmyIgiJ1mbhuZASm4UQ2XZWahGFctuxWTscld2OuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMWwernMioVtf4vyXJrqcWhxobmpMB8GA1UdIwQY
MBaAFHCEf4IhiX1ulS6G6iwzmrqswTH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgt
NmU4Nzg0YTdhZDA5LzEveGJCNnVjeUtoVzFfaV9KY211cHhhSEdodWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgtNmU4Nzg0YTdhZDA5
LzEvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSYcAwQC
uV/8MA0GCSqGSIb3DQEBCwUAA4IBAQCro6ZT+t4fxS+4oLTA3MuKWbZTgQ89pMMK
z8m9qF3HgTfi6AJztxE6cs6Jh6frpq+WaRp0nhSPsNCYJtwOUz0pG6jV/HSt3ZFY
Q1iUBaeQtx/xSBljanBRML4M0ulc9AzM/9NJtKi7XAF5vGexRCWFFQv/FIBE8XGx
/Fd/K+HQoAqYD7gv9MHyVre2RdXxOo7la/xXNS4hiiYFT6AckZ2DETKt6rcLvNbk
7gwcl3fRTVBF3ii87Bf464YkkdXDDNtwVe1L2lFV24tXhpifq6n8Vy4BATkrZjy4
kGAom+h4IN2ah87Kxlq6wOCiW4vCBYHewU6IrVgTB6UryCKwdnFn
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:56 2024 by rpki-client on console-ams.rpki-client.org