Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/XMhg-fAlLzirlTWhHtWICty1Des.roa
File: XMhg-fAlLzirlTWhHtWICty1Des.roa (raw, json)
Hash identifier: PsbaxXdvl8Xht2J0mpPu8xHyYzS4ayR+96QDK39p1Pc=
Subject key identifier: 5C:C8:60:F9:F0:25:2F:38:AB:95:35:A1:1E:D5:88:0A:DC:B5:0D:EB
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0192423E40AFC36B7A91065DAED562114A0A
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/XMhg-fAlLzirlTWhHtWICty1Des.roa
Signing time: Mon 30 Sep 2024 09:23:48 +0000
ROA not before: Mon 30 Sep 2024 09:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.74.192.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.164.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.167.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.80.0/24 maxlen: 24
185.178.81.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.83.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.17.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.194.24.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.225.148.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.mft
rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:3e:40:af:c3:6b:7a:91:06:5d:ae:d5:62:11:4a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Sep 30 09:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cc860f9f0252f38ab9535a11ed5880adcb50deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:40:27:35:a9:82:95:00:53:35:e4:37:bc:bb:
51:af:c0:e3:1d:a8:6b:37:78:7d:26:28:e3:a7:75:
6b:a0:39:96:1a:b5:80:bc:e0:2a:42:3d:e8:95:b1:
42:6b:4a:54:11:76:66:d6:36:e9:9a:06:a7:23:c5:
bc:6a:fb:82:33:fe:66:16:52:f3:70:8d:90:08:b7:
98:4c:e8:01:04:79:53:fe:e0:99:9d:06:86:ab:4d:
87:11:a0:41:0e:b1:32:e1:83:ea:fb:36:93:d3:16:
bf:36:53:1e:55:84:9f:d0:db:3b:3f:06:87:68:4e:
08:48:55:1b:68:df:99:3f:95:b5:bd:c8:dc:28:7b:
4d:3c:16:e6:bd:b1:2e:6a:77:4d:f7:e1:93:f0:0d:
b2:fd:e2:06:83:0c:41:eb:45:8c:a7:77:f9:1b:12:
7f:3d:9c:ec:0a:1f:e9:ff:29:ab:16:6f:17:26:d6:
29:f6:9d:73:4d:bc:1c:fb:91:fb:a1:c6:ae:a0:e5:
6b:57:e1:81:64:d0:64:e2:94:75:9c:38:bb:27:57:
f0:3d:ac:90:cc:d4:05:a7:f5:b0:ac:b0:34:5c:84:
04:e2:a5:bf:5e:b9:04:73:d3:33:fb:9a:a7:bb:08:
52:ac:6c:70:73:d8:dd:99:9c:60:ed:e8:60:eb:b4:
81:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C8:60:F9:F0:25:2F:38:AB:95:35:A1:1E:D5:88:0A:DC:B5:0D:EB
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/XMhg-fAlLzirlTWhHtWICty1Des.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/24
185.163.164.0/22
185.178.80.0/22
185.183.16.0-185.183.18.255
185.194.24.0/24
185.194.26.0/23
185.219.216.0/22
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:1a:4c:5f:dd:19:13:42:14:e9:a4:3f:27:83:e7:64:ef:7c:
1f:21:8c:ae:5e:fb:16:dd:6b:50:e2:83:8a:b0:c7:04:16:2a:
2d:2f:4c:33:bf:53:9b:b8:8d:05:fc:8a:fc:a3:72:ee:e1:ea:
65:47:91:f4:28:66:ab:a3:56:93:5d:60:69:3c:91:88:49:70:
3a:18:e1:49:7e:1d:89:42:61:ed:da:f4:ed:55:44:ce:63:f0:
10:3b:cb:19:0b:79:9a:6f:87:9c:65:25:18:79:58:a2:7f:d4:
63:05:d6:de:7b:98:de:29:c6:47:b0:18:b6:c8:35:e5:d1:fa:
26:86:f0:e8:d0:29:47:5f:84:5b:4c:8e:be:e1:63:1c:b5:82:
e3:c3:f4:f1:ba:42:bd:2c:01:8c:68:67:57:5d:a5:f7:4d:60:
1a:1c:51:e8:26:f9:19:a2:08:6e:64:9c:d7:d1:fa:d1:2f:81:
40:6c:6a:09:64:ff:de:de:f4:a0:67:b5:1c:9e:e8:39:5a:ee:
7d:97:f0:b2:3d:ce:ac:72:a5:09:3a:21:de:5d:ea:f2:a0:0e:
e6:ed:0a:ec:68:8d:43:bd:47:c4:41:c2:c7:06:e0:ee:e6:10:
52:22:98:11:ee:db:86:c5:37:5b:e1:1a:1b:03:47:fa:61:08:
57:7e:38:c2
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZJCPkCvw2t6kQZdrtViEUoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjQwOTMwMDkyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M4NjBmOWYwMjUyZjM4YWI5NTM1YTExZWQ1ODgwYWRjYjUwZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0AnNamClQBTNeQ3vLtRr8DjHahr
N3h9Jijjp3VroDmWGrWAvOAqQj3olbFCa0pUEXZm1jbpmganI8W8avuCM/5mFlLz
cI2QCLeYTOgBBHlT/uCZnQaGq02HEaBBDrEy4YPq+zaT0xa/NlMeVYSf0Ns7PwaH
aE4ISFUbaN+ZP5W1vcjcKHtNPBbmvbEuandN9+GT8A2y/eIGgwxB60WMp3f5GxJ/
PZzsCh/p/ymrFm8XJtYp9p1zTbwc+5H7ocauoOVrV+GBZNBk4pR1nDi7J1fwPayQ
zNQFp/WwrLA0XIQE4qW/XrkEc9Mz+5qnuwhSrGxwc9jdmZxg7ehg67SBIQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFzIYPnwJS84q5U1oR7ViArctQ3rMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvWE1oZy1mQWxMemlybFRXaEh0V0lDdHkxRGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQAuUrAAwQC
uaOkAwQCubJQMAwDBAS5txADBAC5txIDBAC5whgDBAG5whoDBAK529gDBAC54ZQw
DQQCAAIwBwMFACoFSsAwDQYJKoZIhvcNAQELBQADggEBAH8aTF/dGRNCFOmkPyeD
52TvfB8hjK5e+xbda1Dig4qwxwQWKi0vTDO/U5u4jQX8ivyjcu7h6mVHkfQoZquj
VpNdYGk8kYhJcDoY4Ul+HYlCYe3a9O1VRM5j8BA7yxkLeZpvh5xlJRh5WKJ/1GMF
1t57mN4pxkewGLbINeXR+iaG8OjQKUdfhFtMjr7hYxy1guPD9PG6Qr0sAYxoZ1dd
pfdNYBocUegm+RmiCG5knNfR+tEvgUBsaglk/97e9KBntRye6Dla7n2X8LI9zqxy
pQk6Id5d6vKgDubtCuxojUO9R8RBwscG4O7mEFIimBHu24bFN1vhGhsDR/phCFd+
OMI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:15:52 2024 by rpki-client on console-fra.rpki-client.org