Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/xhXT7GCOhCcBBiQR1BE9XQIW74w.roa
File: xhXT7GCOhCcBBiQR1BE9XQIW74w.roa (raw, json)
Hash identifier: wirfkF5mWAOV8h5tNguOUW9PONNbtWi6IoPZUOfgSts=
Subject key identifier: C6:15:D3:EC:60:8E:84:27:01:06:24:11:D4:11:3D:5D:02:16:EF:8C
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CC7277F96186A14CF8519743142B80A80
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/xhXT7GCOhCcBBiQR1BE9XQIW74w.roa
Signing time: Mon 01 Jan 2024 22:31:43 +0000
ROA not before: Mon 01 Jan 2024 22:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210276
IP address blocks: 85.143.238.0/24 maxlen: 24
86.110.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:7f:96:18:6a:14:cf:85:19:74:31:42:b8:0a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 22:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c615d3ec608e842701062411d4113d5d0216ef8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6e:f1:13:32:bf:d0:c1:34:c8:ad:78:fe:30:
e5:cf:59:4f:89:02:e2:c0:29:ee:79:97:3d:e7:62:
e1:da:08:18:15:98:de:3a:16:07:79:d0:d2:c7:b0:
58:d4:e8:9d:4d:42:47:72:7a:bf:13:db:f7:66:06:
0d:7c:69:2b:04:c7:c1:38:df:9a:30:f3:c5:54:63:
de:59:69:01:9e:1e:60:02:e5:a6:3c:83:0b:6f:40:
f5:55:d9:24:32:9d:c9:49:82:92:68:47:98:04:88:
e2:73:fd:a2:0a:a5:66:2f:10:cd:bf:98:75:4d:2a:
1b:aa:1c:68:dc:c1:65:16:76:0d:f7:f9:3b:57:26:
4b:d9:0f:14:bb:70:e5:55:58:85:bc:38:6d:43:18:
b4:23:58:85:f9:a9:32:6f:c6:44:d6:e9:92:d5:d3:
6c:af:42:68:88:be:5f:90:0f:41:7d:1b:f4:92:d4:
09:6d:36:af:44:bf:15:5f:5c:2c:d1:78:81:a0:dc:
a3:7f:f3:44:b9:ed:46:0a:8c:a8:84:43:12:6d:c0:
89:6b:5d:aa:d3:78:34:83:91:49:ec:66:77:c8:63:
2b:d5:0c:57:1a:a6:4d:15:77:a8:58:2f:3b:8f:ff:
e3:3a:e5:6a:6e:ec:83:84:48:0b:b3:77:73:2f:8e:
8f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:15:D3:EC:60:8E:84:27:01:06:24:11:D4:11:3D:5D:02:16:EF:8C
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/xhXT7GCOhCcBBiQR1BE9XQIW74w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.238.0/24
86.110.100.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:3b:59:6c:da:82:e1:b7:46:d4:05:1e:66:b4:74:ac:35:2c:
48:5b:3e:46:49:ae:aa:06:44:35:16:55:df:8c:65:ef:69:ab:
6e:5b:07:c5:8a:38:55:1b:cf:45:c7:9b:d4:35:1b:75:ec:ad:
0e:dd:d9:29:b1:49:a5:49:8d:de:70:fd:d5:d5:7a:6c:8d:76:
18:4c:83:38:ce:0d:c3:29:b1:98:b7:b5:29:c4:ef:03:4c:c1:
3d:de:26:06:b9:80:df:0a:8f:d7:98:7d:37:c5:6d:ec:51:08:
c0:79:84:70:dd:31:3f:2b:64:7f:03:14:84:b2:88:7e:34:b6:
dd:db:40:ee:18:ce:51:4e:67:88:14:ff:5f:08:14:d3:25:bc:
b3:c4:af:70:26:4b:a0:44:80:97:25:4a:36:f7:78:bb:70:26:
7c:23:f7:78:40:df:7a:ae:15:f8:20:af:62:9c:66:92:c4:0c:
a9:43:9d:22:c9:3d:ac:87:35:61:a0:70:df:cf:e3:14:50:e9:
7d:11:47:ca:ba:e6:89:e4:5f:aa:a4:15:e9:ad:fa:fd:79:11:
7b:26:82:58:50:68:a0:4e:a6:be:84:a1:03:53:47:83:bc:d2:
7e:87:7f:d1:13:33:e7:2f:79:ee:fe:7b:97:1f:73:e9:20:e4:
e7:19:cd:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ3+WGGoUz4UZdDFCuAqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMTAxMjIzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE1ZDNlYzYwOGU4NDI3MDEwNjI0MTFkNDExM2Q1ZDAyMTZlZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW7xEzK/0ME0yK14/jDlz1lPiQLi
wCnueZc952Lh2ggYFZjeOhYHedDSx7BY1OidTUJHcnq/E9v3ZgYNfGkrBMfBON+a
MPPFVGPeWWkBnh5gAuWmPIMLb0D1VdkkMp3JSYKSaEeYBIjic/2iCqVmLxDNv5h1
TSobqhxo3MFlFnYN9/k7VyZL2Q8Uu3DlVViFvDhtQxi0I1iF+akyb8ZE1umS1dNs
r0JoiL5fkA9BfRv0ktQJbTavRL8VX1ws0XiBoNyjf/NEue1GCoyohEMSbcCJa12q
03g0g5FJ7GZ3yGMr1QxXGqZNFXeoWC87j//jOuVqbuyDhEgLs3dzL46PLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMYV0+xgjoQnAQYkEdQRPV0CFu+MMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEveGhYVDdHQ09oQ2NCQmlRUjFCRTlYUUlXNzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVY/uAwQA
Vm5kMA0GCSqGSIb3DQEBCwUAA4IBAQCMO1ls2oLht0bUBR5mtHSsNSxIWz5GSa6q
BkQ1FlXfjGXvaatuWwfFijhVG89Fx5vUNRt17K0O3dkpsUmlSY3ecP3V1XpsjXYY
TIM4zg3DKbGYt7UpxO8DTME93iYGuYDfCo/XmH03xW3sUQjAeYRw3TE/K2R/AxSE
soh+NLbd20DuGM5RTmeIFP9fCBTTJbyzxK9wJkugRICXJUo293i7cCZ8I/d4QN96
rhX4IK9inGaSxAypQ50iyT2shzVhoHDfz+MUUOl9EUfKuuaJ5F+qpBXprfr9eRF7
JoJYUGigTqa+hKEDU0eDvNJ+h3/REzPnL3nu/nuXH3PpIOTnGc3C
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:59:57 2024 by rpki-client on console-fra.rpki-client.org