Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/XjRrwDt2twb27pK8tkMJ_ywT5wI.roa
File: XjRrwDt2twb27pK8tkMJ_ywT5wI.roa (raw, json)
Hash identifier: lh91ZwVDMBMT9oGn/PkfsNNGfG409B3F4UcUpUB3kLk=
Subject key identifier: 5E:34:6B:C0:3B:76:B7:06:F6:EE:92:BC:B6:43:09:FF:2C:13:E7:02
Certificate issuer: /CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Certificate serial: 018CC79566E781A3EA671B6B8F5292DF353B
Authority key identifier: 7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/XjRrwDt2twb27pK8tkMJ_ywT5wI.roa
Signing time: Tue 02 Jan 2024 00:31:46 +0000
ROA not before: Tue 02 Jan 2024 00:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41344
IP address blocks: 185.124.176.0/22 maxlen: 22
185.124.177.0/24 maxlen: 24
31.185.13.0/24 maxlen: 24
31.185.12.0/24 maxlen: 24
89.249.233.0/24 maxlen: 24
89.249.232.0/24 maxlen: 24
89.249.231.0/24 maxlen: 24
31.185.15.0/24 maxlen: 24
31.185.14.0/24 maxlen: 24
89.249.235.0/24 maxlen: 24
89.249.239.0/24 maxlen: 24
89.249.238.0/24 maxlen: 24
89.249.237.0/24 maxlen: 24
89.249.236.0/24 maxlen: 24
31.185.11.0/24 maxlen: 24
89.249.226.0/24 maxlen: 24
31.185.10.0/24 maxlen: 24
31.185.9.0/24 maxlen: 24
31.185.8.0/21 maxlen: 21
89.249.224.0/20 maxlen: 20
31.185.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:66:e7:81:a3:ea:67:1b:6b:8f:52:92:df:35:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bd5997ed075c2298b461225e1060f577b1d7d4d
Validity
Not Before: Jan 2 00:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e346bc03b76b706f6ee92bcb64309ff2c13e702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e0:2b:86:51:e9:f7:6c:c3:d9:71:52:ba:bf:
d7:54:b3:91:38:97:32:a2:31:7a:0b:8f:f1:b0:77:
23:05:1c:c9:99:06:6e:a4:c0:db:a2:76:48:3a:df:
50:43:6f:64:53:a3:c4:4b:3d:4b:90:8e:d7:bd:ca:
d1:d5:39:b9:32:82:d9:38:9a:4e:d8:20:1d:40:db:
62:37:0a:ae:bc:1a:53:7d:b7:2c:10:5a:1b:e9:c2:
80:d7:7e:31:ca:36:b2:5c:d8:14:f8:40:97:77:45:
d4:f8:f3:8c:21:0b:80:56:8e:23:0d:9b:bb:56:10:
d7:19:3d:d6:92:84:14:37:ef:3c:be:a8:59:2c:f6:
97:3c:e7:a7:b9:a5:02:11:97:bc:80:48:ed:6e:9e:
10:04:7e:1e:49:39:50:a3:69:9a:77:24:e2:ba:a3:
78:be:7e:0c:bd:7d:17:03:80:a1:8b:8a:ec:b1:3a:
b0:b9:99:63:f2:55:4c:dd:d8:87:93:d7:03:ce:e1:
30:6b:bd:a8:5b:1d:be:c6:6a:bd:50:f1:ab:f7:90:
da:05:bc:b0:6e:e0:70:c6:15:08:18:3f:1c:26:35:
a2:3c:00:d8:52:19:e6:ef:07:d5:c0:9d:59:22:d7:
dc:96:a9:b4:9e:d0:3d:fa:d8:bc:0b:9a:97:82:68:
64:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:34:6B:C0:3B:76:B7:06:F6:EE:92:BC:B6:43:09:FF:2C:13:E7:02
X509v3 Authority Key Identifier:
keyid:7B:D5:99:7E:D0:75:C2:29:8B:46:12:25:E1:06:0F:57:7B:1D:7D:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9WZftB1wimLRhIl4QYPV3sdfU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/XjRrwDt2twb27pK8tkMJ_ywT5wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4d7f40-49ec-4ce2-882e-5ac7f066230b/1/e9WZftB1wimLRhIl4QYPV3sdfU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.8.0/21
89.249.224.0/20
185.124.176.0/22
Signature Algorithm: sha256WithRSAEncryption
71:97:72:46:9b:d4:c1:6e:f1:5b:12:53:0b:a6:00:74:28:6b:
d7:e6:1c:0a:fc:e1:df:38:a8:c7:3c:f7:81:63:0f:9b:31:2d:
a5:d7:b9:b1:68:57:99:f3:a2:6e:ad:1b:40:50:57:c5:65:4a:
cb:9d:83:94:71:5a:de:65:f2:f7:60:53:de:8d:c3:22:11:95:
4a:91:28:97:57:8e:c7:00:a4:36:b8:6e:12:49:c0:03:04:54:
9e:0b:a8:bc:a8:24:b3:97:c6:55:e4:48:2d:21:0b:35:d7:1a:
58:d0:82:b5:d9:8c:33:47:50:45:95:96:8a:fe:be:70:e8:5f:
94:c5:1e:a9:6d:5e:d6:69:81:40:da:6a:58:4c:dc:71:a8:74:
b0:ee:ef:83:52:4a:68:76:5d:24:41:02:23:25:f5:41:84:4a:
ea:05:d2:df:78:1e:d9:ac:32:87:73:3f:ba:23:98:4c:2c:b6:
71:a5:21:75:93:ef:6f:0b:35:cc:42:09:ce:7b:6c:b8:81:3c:
b0:46:35:0c:9e:e6:e3:60:b9:33:62:52:c3:d3:c5:6e:64:9c:
c7:42:f9:ee:ea:47:b0:47:59:52:c6:78:67:76:78:fb:80:61:
88:f3:ad:eb:be:64:db:fd:9b:55:77:ea:51:52:3b:53:a0:6f:
87:56:d4:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlWbngaPqZxtrj1KS3zU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZDU5OTdlZDA3NWMyMjk4YjQ2MTIyNWUxMDYwZjU3N2Ix
ZDdkNGQwHhcNMjQwMTAyMDAzMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTM0NmJjMDNiNzZiNzA2ZjZlZTkyYmNiNjQzMDlmZjJjMTNlNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+ArhlHp92zD2XFSur/XVLOROJcy
ojF6C4/xsHcjBRzJmQZupMDbonZIOt9QQ29kU6PESz1LkI7XvcrR1Tm5MoLZOJpO
2CAdQNtiNwquvBpTfbcsEFob6cKA134xyjayXNgU+ECXd0XU+POMIQuAVo4jDZu7
VhDXGT3WkoQUN+88vqhZLPaXPOenuaUCEZe8gEjtbp4QBH4eSTlQo2madyTiuqN4
vn4MvX0XA4Chi4rssTqwuZlj8lVM3diHk9cDzuEwa72oWx2+xmq9UPGr95DaBbyw
buBwxhUIGD8cJjWiPADYUhnm7wfVwJ1ZItfclqm0ntA9+ti8C5qXgmhkTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF40a8A7drcG9u6SvLZDCf8sE+cCMB8GA1UdIwQY
MBaAFHvVmX7QdcIpi0YSJeEGD1d7HX1NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTlXWmZ0QjF3aW1MUmhJbDRRWVBWM3NkZlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80ZDdmNDAtNDllYy00Y2UyLTg4MmUt
NWFjN2YwNjYyMzBiLzEvWGpScndEdDJ0d2IyN3BLOHRrTUpfeXdUNXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80ZDdmNDAtNDllYy00Y2UyLTg4MmUtNWFjN2YwNjYyMzBi
LzEvZTlXWmZ0QjF3aW1MUmhJbDRRWVBWM3NkZlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH7kIAwQE
WfngAwQCuXywMA0GCSqGSIb3DQEBCwUAA4IBAQBxl3JGm9TBbvFbElMLpgB0KGvX
5hwK/OHfOKjHPPeBYw+bMS2l17mxaFeZ86JurRtAUFfFZUrLnYOUcVreZfL3YFPe
jcMiEZVKkSiXV47HAKQ2uG4SScADBFSeC6i8qCSzl8ZV5EgtIQs11xpY0IK12Ywz
R1BFlZaK/r5w6F+UxR6pbV7WaYFA2mpYTNxxqHSw7u+DUkpodl0kQQIjJfVBhErq
BdLfeB7ZrDKHcz+6I5hMLLZxpSF1k+9vCzXMQgnOe2y4gTywRjUMnubjYLkzYlLD
08VuZJzHQvnu6kewR1lSxnhndnj7gGGI863rvmTb/ZtVd+pRUjtToG+HVtQp
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:29:11 2024 by rpki-client on console-ams.rpki-client.org