Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/hX9UJ_xRIb0CefUbHiSNGOlTQYk.roa
File: hX9UJ_xRIb0CefUbHiSNGOlTQYk.roa (raw, json)
Hash identifier: U0SYFEvmkXKF9EyfhKrngISu4NtZ5Sav2d1bovvKD6A=
Subject key identifier: 85:7F:54:27:FC:51:21:BD:02:79:F5:1B:1E:24:8D:18:E9:53:41:89
Certificate issuer: /CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
Certificate serial: 018CC4255511F410B7881ABE9DED0CF52E05
Authority key identifier: FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/hX9UJ_xRIb0CefUbHiSNGOlTQYk.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62429
IP address blocks: 185.18.90.0/24 maxlen: 24
80.87.144.0/20 maxlen: 20
185.35.116.0/22 maxlen: 22
91.195.16.0/23 maxlen: 23
91.197.160.0/22 maxlen: 22
2a00:db20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.mft
rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:55:11:f4:10:b7:88:1a:be:9d:ed:0c:f5:2e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=857f5427fc5121bd0279f51b1e248d18e9534189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:89:10:49:96:c5:7e:58:ff:c6:27:2c:c9:17:
19:f1:64:31:d4:fb:36:6c:85:82:90:6c:bf:53:23:
67:57:dd:d1:08:ca:d5:52:67:c8:ca:82:77:af:e3:
96:19:52:ba:fe:14:f2:5d:0c:bb:ff:ba:d5:63:51:
8f:9d:18:41:70:6f:c0:95:9d:5d:3d:64:d8:82:c8:
8c:d3:77:89:e1:3d:8d:ca:ea:ae:53:37:a4:08:79:
bb:ec:f3:81:46:bf:4d:a4:b4:d7:ce:eb:17:cb:60:
23:f8:6c:34:f8:23:f7:85:30:49:1b:b4:46:cc:6a:
8e:be:aa:52:92:0c:6e:c6:2d:e5:f0:4b:7f:d6:46:
67:d7:9e:8e:87:ad:bc:7b:92:38:be:66:a2:2b:05:
91:bf:6f:51:7f:c4:50:22:e1:82:44:9f:db:e7:a0:
2b:c2:07:07:cd:cf:7f:3c:03:fd:0e:5f:f1:5d:04:
41:46:0d:53:ca:a9:88:f6:12:de:c5:d0:81:b1:d2:
5e:3e:c1:85:e6:5e:08:66:04:9c:49:80:54:84:ff:
63:cc:67:58:46:de:ab:a4:5e:ac:34:05:5e:a7:68:
1d:af:9f:f1:f3:fe:88:c9:b7:d4:d6:f4:62:79:92:
61:99:68:cf:ae:6a:3e:62:d1:e5:23:5e:77:eb:c8:
28:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7F:54:27:FC:51:21:BD:02:79:F5:1B:1E:24:8D:18:E9:53:41:89
X509v3 Authority Key Identifier:
keyid:FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/hX9UJ_xRIb0CefUbHiSNGOlTQYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.87.144.0/20
91.195.16.0/23
91.197.160.0/22
185.18.90.0/24
185.35.116.0/22
IPv6:
2a00:db20::/32
Signature Algorithm: sha256WithRSAEncryption
46:08:f7:fc:d8:09:3f:3b:93:5f:22:22:b1:e8:d7:cd:7c:bb:
f6:90:8a:f6:4b:64:89:eb:3f:8a:93:7a:46:a0:ca:81:77:88:
24:82:98:a8:24:5c:ea:6c:80:e2:8d:31:22:35:c8:a5:c2:68:
3f:73:5b:34:40:9f:35:f9:db:57:e2:de:a7:62:95:23:53:8a:
4a:5a:1c:e6:aa:d8:b1:2e:d7:db:17:96:14:00:ec:ed:7c:e3:
c1:0d:01:51:aa:d8:21:8a:1f:83:c8:82:73:e0:36:fd:a6:a2:
d9:48:45:0d:e5:d8:6b:cf:8d:8e:e1:cb:24:6e:38:a8:b2:b8:
9f:7d:06:87:c2:f3:d8:ae:0e:2c:07:1e:d4:6b:be:ce:ee:af:
e9:b4:63:4f:9b:e2:da:34:c9:de:83:58:d0:60:78:7c:59:95:
e5:91:e7:c9:04:e1:d8:15:10:98:3a:9c:91:12:bc:a9:ad:7f:
45:fa:7f:62:72:eb:0b:4e:2d:0f:87:96:fc:c5:4e:a5:03:a7:
41:23:46:2c:2f:21:31:0d:73:ac:82:7b:38:2c:a9:16:5c:27:
14:51:79:5a:14:66:0b:34:8a:64:6e:2e:59:b1:9e:0b:43:4e:
c8:5b:6d:82:0d:8c:a7:a6:83:f9:c1:7e:7f:ba:8c:f5:08:13:
3c:b3:b6:ed
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEJVUR9BC3iBq+ne0M9S4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzhmMTNmZmE5MmYwNzRlYmU1NTdkMmEyZDI5YWQwZGEz
M2U1ZDgwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTdmNTQyN2ZjNTEyMWJkMDI3OWY1MWIxZTI0OGQxOGU5NTM0MTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YkQSZbFflj/xicsyRcZ8WQx1Ps2
bIWCkGy/UyNnV93RCMrVUmfIyoJ3r+OWGVK6/hTyXQy7/7rVY1GPnRhBcG/AlZ1d
PWTYgsiM03eJ4T2NyuquUzekCHm77POBRr9NpLTXzusXy2Aj+Gw0+CP3hTBJG7RG
zGqOvqpSkgxuxi3l8Et/1kZn156Oh628e5I4vmaiKwWRv29Rf8RQIuGCRJ/b56Ar
wgcHzc9/PAP9Dl/xXQRBRg1TyqmI9hLexdCBsdJePsGF5l4IZgScSYBUhP9jzGdY
Rt6rpF6sNAVep2gdr5/x8/6IybfU1vRieZJhmWjPrmo+YtHlI15368gouwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIV/VCf8USG9Ann1Gx4kjRjpU0GJMB8GA1UdIwQY
MBaAFP148T/6kvB06+VX0qLSmtDaM+XYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2Qt
ZmRmMDExOGNjMDE2LzEvaFg5VUpfeFJJYjBDZWZVYkhpU05HT2xUUVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2QtZmRmMDExOGNjMDE2
LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEUFeQAwQB
W8MQAwQCW8WgAwQAuRJaAwQCuSN0MA0EAgACMAcDBQAqANsgMA0GCSqGSIb3DQEB
CwUAA4IBAQBGCPf82Ak/O5NfIiKx6NfNfLv2kIr2S2SJ6z+Kk3pGoMqBd4gkgpio
JFzqbIDijTEiNcilwmg/c1s0QJ81+dtX4t6nYpUjU4pKWhzmqtixLtfbF5YUAOzt
fOPBDQFRqtghih+DyIJz4Db9pqLZSEUN5dhrz42O4cskbjiosriffQaHwvPYrg4s
Bx7Ua77O7q/ptGNPm+LaNMneg1jQYHh8WZXlkefJBOHYFRCYOpyREryprX9F+n9i
cusLTi0Ph5b8xU6lA6dBI0YsLyExDXOsgns4LKkWXCcUUXlaFGYLNIpkbi5ZsZ4L
Q07IW22CDYynpoP5wX5/uoz1CBM8s7bt
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:04:55 2024 by rpki-client on console-ams.rpki-client.org