Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/XnC6vVSdPsQhIjNQUoTgPh_TThM.roa
File: XnC6vVSdPsQhIjNQUoTgPh_TThM.roa (raw, json)
Hash identifier: NUltdx3miBC9ez1knTvOMR6anX4FPpfRatECtOiZ8ak=
Subject key identifier: 5E:70:BA:BD:54:9D:3E:C4:21:22:33:50:52:84:E0:3E:1F:D3:4E:13
Certificate issuer: /CN=fdcbf7a2a43b180d722b37631e879afa1b9a5edb
Certificate serial: 018CC3B69FE4A27A233A5F95F6F712C34C27
Authority key identifier: FD:CB:F7:A2:A4:3B:18:0D:72:2B:37:63:1E:87:9A:FA:1B:9A:5E:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/XnC6vVSdPsQhIjNQUoTgPh_TThM.roa
Signing time: Mon 01 Jan 2024 06:29:34 +0000
ROA not before: Mon 01 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29081
IP address blocks: 5.253.216.0/22 maxlen: 22
62.212.160.0/19 maxlen: 19
185.225.88.0/22 maxlen: 22
185.108.200.0/22 maxlen: 22
45.90.68.0/22 maxlen: 22
2a00:1f30::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/_cv3oqQ7GA1yKzdjHoea-huaXts.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/_cv3oqQ7GA1yKzdjHoea-huaXts.mft
rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:9f:e4:a2:7a:23:3a:5f:95:f6:f7:12:c3:4c:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdcbf7a2a43b180d722b37631e879afa1b9a5edb
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e70babd549d3ec4212233505284e03e1fd34e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6a:0b:7d:19:77:19:c9:c3:67:df:5e:49:9d:
38:62:83:34:80:dd:8e:49:02:38:c9:a2:fb:82:e4:
74:d4:0b:14:a6:77:98:9d:63:65:3d:24:c6:45:24:
c7:7a:35:47:44:9a:24:e7:2e:cb:94:d3:bc:c8:f2:
da:f9:d2:1b:ec:96:64:d1:de:85:39:d4:03:7d:ff:
d8:b3:37:77:c5:8d:c4:67:56:a8:76:83:dd:a6:0c:
c1:96:8f:64:8c:83:d7:c3:27:6a:bf:46:f8:6a:d8:
f3:03:c5:d4:a4:02:36:c4:66:86:11:fe:c4:08:75:
cf:0f:07:d4:7b:f4:55:84:b0:8d:e0:57:e2:ab:21:
d0:ae:ba:73:37:e9:42:83:0f:00:62:d8:df:89:3a:
b9:94:bd:75:4e:ac:da:fe:0b:c5:dd:0c:80:02:ab:
e7:24:34:7b:97:89:6d:db:3e:b2:51:ef:e3:23:b9:
38:5f:b7:91:9a:db:de:c2:69:39:6a:f4:94:ac:69:
c3:05:c5:2c:0f:1f:f8:f5:fb:85:33:dd:b5:ae:78:
71:2e:7b:e6:7f:87:41:d6:9e:64:ce:60:8d:c3:75:
94:e9:3c:d3:4f:a4:ea:19:93:f5:e1:9f:c5:69:8d:
60:85:0e:ce:7b:58:55:11:75:6e:0e:97:f1:84:c3:
14:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:70:BA:BD:54:9D:3E:C4:21:22:33:50:52:84:E0:3E:1F:D3:4E:13
X509v3 Authority Key Identifier:
keyid:FD:CB:F7:A2:A4:3B:18:0D:72:2B:37:63:1E:87:9A:FA:1B:9A:5E:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cv3oqQ7GA1yKzdjHoea-huaXts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/XnC6vVSdPsQhIjNQUoTgPh_TThM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f9a93c-0d69-44ec-8445-f58a5b88c73e/1/_cv3oqQ7GA1yKzdjHoea-huaXts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.216.0/22
45.90.68.0/22
62.212.160.0/19
185.108.200.0/22
185.225.88.0/22
IPv6:
2a00:1f30::/29
Signature Algorithm: sha256WithRSAEncryption
1a:51:f2:0b:14:65:b0:09:97:32:bb:0e:06:74:c5:77:ec:04:
f4:74:e7:f2:8e:f3:68:ee:4f:b2:63:ec:ac:81:86:8a:c8:e4:
d5:0c:ce:17:a2:f3:9d:da:31:59:88:60:7c:5e:f3:0e:51:54:
5a:c3:76:14:6b:e6:b6:ab:df:95:22:fa:8e:49:ad:1d:70:be:
93:7a:fc:ac:3e:ba:0a:c1:75:7d:6a:5e:d2:78:d0:30:87:4e:
b1:12:7b:3b:5e:8c:3f:85:09:a5:87:3f:de:71:c2:89:3a:52:
90:6a:e4:ed:60:a4:30:40:16:49:98:a7:33:9e:0d:2d:58:2f:
37:72:44:a5:df:fe:37:87:3e:4a:82:33:cb:77:db:89:7d:3a:
52:af:61:d3:da:cf:25:cc:b1:85:c6:d8:62:47:43:a0:91:24:
b0:a3:b0:36:4b:fb:b6:79:c2:c6:ba:b0:58:98:55:31:65:f8:
5b:9f:a3:75:9c:34:0e:5c:5f:17:43:54:14:ac:81:52:d8:2b:
12:b7:eb:a6:53:46:14:9d:d9:bf:4c:e2:69:f7:66:4b:7f:9c:
6a:fd:d7:27:2d:d8:6e:8c:c9:61:c9:75:9d:23:fe:77:ad:6e:
cb:2b:86:dd:a3:86:92:97:17:d1:c6:e5:7b:ea:16:c6:aa:08:
6e:c3:37:89
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtp/konojOl+V9vcSw0wnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkY2JmN2EyYTQzYjE4MGQ3MjJiMzc2MzFlODc5YWZhMWI5
YTVlZGIwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTcwYmFiZDU0OWQzZWM0MjEyMjMzNTA1Mjg0ZTAzZTFmZDM0ZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmoLfRl3GcnDZ99eSZ04YoM0gN2O
SQI4yaL7guR01AsUpneYnWNlPSTGRSTHejVHRJok5y7LlNO8yPLa+dIb7JZk0d6F
OdQDff/Yszd3xY3EZ1aodoPdpgzBlo9kjIPXwydqv0b4atjzA8XUpAI2xGaGEf7E
CHXPDwfUe/RVhLCN4FfiqyHQrrpzN+lCgw8AYtjfiTq5lL11Tqza/gvF3QyAAqvn
JDR7l4lt2z6yUe/jI7k4X7eRmtvewmk5avSUrGnDBcUsDx/49fuFM921rnhxLnvm
f4dB1p5kzmCNw3WU6TzTT6TqGZP14Z/FaY1ghQ7Oe1hVEXVuDpfxhMMU0QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFF5wur1UnT7EISIzUFKE4D4f004TMB8GA1UdIwQY
MBaAFP3L96KkOxgNcis3Yx6Hmvobml7bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2N2M29xUTdHQTF5S3pkakhvZWEtaHVhWHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mOWE5M2MtMGQ2OS00NGVjLTg0NDUt
ZjU4YTViODhjNzNlLzEvWG5DNnZWU2RQc1FoSWpOUVVvVGdQaF9UVGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mOWE5M2MtMGQ2OS00NGVjLTg0NDUtZjU4YTViODhjNzNl
LzEvX2N2M29xUTdHQTF5S3pkakhvZWEtaHVhWHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBf3YAwQC
LVpEAwQFPtSgAwQCuWzIAwQCueFYMA0EAgACMAcDBQMqAB8wMA0GCSqGSIb3DQEB
CwUAA4IBAQAaUfILFGWwCZcyuw4GdMV37AT0dOfyjvNo7k+yY+ysgYaKyOTVDM4X
ovOd2jFZiGB8XvMOUVRaw3YUa+a2q9+VIvqOSa0dcL6TevysProKwXV9al7SeNAw
h06xEns7Xow/hQmlhz/eccKJOlKQauTtYKQwQBZJmKczng0tWC83ckSl3/43hz5K
gjPLd9uJfTpSr2HT2s8lzLGFxthiR0OgkSSwo7A2S/u2ecLGurBYmFUxZfhbn6N1
nDQOXF8XQ1QUrIFS2CsSt+umU0YUndm/TOJp92ZLf5xq/dcnLdhujMlhyXWdI/53
rW7LK4bdo4aSlxfRxuV76hbGqghuwzeJ
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:51:43 2024 by rpki-client on console-fra.rpki-client.org