Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/XgXmkQKT0vM4x1PX5LyQO7XQRRM.roa
File: XgXmkQKT0vM4x1PX5LyQO7XQRRM.roa (raw, json)
Hash identifier: Ui6rNz0MjZ7atBtpBkFdEfvRYymbo89JORYNU8MW/MU=
Subject key identifier: 5E:05:E6:91:02:93:D2:F3:38:C7:53:D7:E4:BC:90:3B:B5:D0:45:13
Certificate issuer: /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Certificate serial: 018CC5DC016104074B0877F32A4D6258DC13
Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/XgXmkQKT0vM4x1PX5LyQO7XQRRM.roa
Signing time: Mon 01 Jan 2024 16:29:38 +0000
ROA not before: Mon 01 Jan 2024 16:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20701
IP address blocks: 193.17.47.0/24 maxlen: 24
185.43.135.0/24 maxlen: 24
2001:148f:fffe::/48 maxlen: 48
2001:148f:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.mft
rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:01:61:04:07:4b:08:77:f3:2a:4d:62:58:dc:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Validity
Not Before: Jan 1 16:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e05e6910293d2f338c753d7e4bc903bb5d04513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0e:6b:47:2f:f8:6b:01:42:a7:14:d2:37:9a:
ba:33:8a:db:de:21:93:21:6a:02:25:d6:2b:91:7f:
d7:08:91:19:e1:0a:97:aa:b0:67:0f:f4:49:da:9b:
f4:45:15:3f:f6:b7:1a:85:bb:f0:67:32:0e:bc:61:
22:11:4d:13:fd:a5:60:2b:96:97:17:dc:a3:1f:ba:
0e:8d:3c:4c:2f:65:9b:d7:d4:c3:af:10:a7:a8:59:
2d:df:7c:6f:29:05:d2:4e:7d:fd:70:ea:cc:64:ff:
47:94:42:a7:19:0b:e0:17:c2:c6:ad:fd:79:10:7d:
8f:ef:f6:a3:13:3c:3a:ba:e7:ad:b3:d2:d4:a4:b9:
bb:24:f9:82:eb:cf:3e:a1:c5:2b:6f:2c:70:86:96:
fe:50:57:bb:54:4c:00:45:e2:cf:0b:3e:21:40:5d:
f5:d5:a0:29:1c:1b:a9:c3:47:de:aa:01:9a:fa:b8:
a8:d2:22:76:8e:03:89:8b:c3:11:92:94:34:0b:4c:
8a:73:fa:1a:bb:e2:a4:51:98:5b:57:64:c2:47:33:
8c:83:50:04:bd:a6:9a:f4:11:6d:bb:70:ea:c9:2d:
4d:0d:66:8c:f6:e1:d8:ba:58:61:2e:b7:76:83:69:
28:7f:59:fb:65:4b:b1:57:4f:4b:93:c1:bb:33:99:
d2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:05:E6:91:02:93:D2:F3:38:C7:53:D7:E4:BC:90:3B:B5:D0:45:13
X509v3 Authority Key Identifier:
keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/XgXmkQKT0vM4x1PX5LyQO7XQRRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.135.0/24
193.17.47.0/24
IPv6:
2001:148f:fffe::/47
Signature Algorithm: sha256WithRSAEncryption
25:b0:46:ee:18:f9:e9:d5:57:f6:43:4a:db:c8:cc:13:96:3b:
5b:7a:19:42:c1:46:af:c2:a3:81:51:f1:3b:3d:7e:e3:d5:a8:
a8:40:5f:98:19:b8:38:16:08:e5:68:15:15:30:f9:72:11:d5:
b2:d1:86:09:e7:5b:bb:3c:7a:e5:c7:3e:88:e8:a2:99:b3:ef:
06:36:82:a6:62:13:8b:ae:71:8f:7f:15:aa:32:ff:6e:45:08:
b5:f6:10:27:42:ed:2c:1c:91:06:2e:86:43:24:76:2d:c0:0a:
73:9a:de:18:ea:37:02:65:ae:46:0b:6e:db:f0:e0:3d:6c:f8:
55:08:18:5b:69:9b:9e:3e:b7:49:37:b3:1f:18:b6:03:75:eb:
cd:c6:0d:d3:39:cf:44:31:64:4e:08:a5:52:b0:50:f5:a6:a7:
92:43:b0:24:7e:84:be:01:27:1f:fa:3c:93:2c:96:f1:d5:6d:
80:3c:d3:ca:74:55:e4:69:f5:c2:d1:d5:98:ed:f5:25:7b:7e:
b2:e9:e6:75:b3:f7:9b:2e:6a:d8:0e:6e:8f:76:17:62:ba:45:
d2:03:aa:3e:cb:f9:f0:8f:82:5b:2e:be:92:a8:f4:02:32:3e:
f1:4f:cb:c1:10:02:ac:45:f2:0a:f3:cf:c7:d9:46:8e:d0:8e:
d8:04:fb:3d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3AFhBAdLCHfzKk1iWNwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTdmZmU4MjJiM2JhN2JjMTk0ZGI3YTczNGM4NWVmY2Vm
MmYyODMwHhcNMjQwMTAxMTYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA1ZTY5MTAyOTNkMmYzMzhjNzUzZDdlNGJjOTAzYmI1ZDA0NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug5rRy/4awFCpxTSN5q6M4rb3iGT
IWoCJdYrkX/XCJEZ4QqXqrBnD/RJ2pv0RRU/9rcahbvwZzIOvGEiEU0T/aVgK5aX
F9yjH7oOjTxML2Wb19TDrxCnqFkt33xvKQXSTn39cOrMZP9HlEKnGQvgF8LGrf15
EH2P7/ajEzw6uuets9LUpLm7JPmC688+ocUrbyxwhpb+UFe7VEwAReLPCz4hQF31
1aApHBupw0feqgGa+rio0iJ2jgOJi8MRkpQ0C0yKc/oau+KkUZhbV2TCRzOMg1AE
vaaa9BFtu3DqyS1NDWaM9uHYulhhLrd2g2kof1n7ZUuxV09Lk8G7M5nSRQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFF4F5pECk9LzOMdT1+S8kDu10EUTMB8GA1UdIwQY
MBaAFGpX/+gis7p7wZTbenNMhe/O8vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2It
Y2EwYzYyNjIxMDk4LzEvWGdYbWtRS1Qwdk00eDFQWDVMeVFPN1hRUlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2ItY2EwYzYyNjIxMDk4
LzEvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuSuHAwQA
wREvMA8EAgACMAkDBwEgARSP//4wDQYJKoZIhvcNAQELBQADggEBACWwRu4Y+enV
V/ZDStvIzBOWO1t6GULBRq/Co4FR8Ts9fuPVqKhAX5gZuDgWCOVoFRUw+XIR1bLR
hgnnW7s8euXHPojoopmz7wY2gqZiE4uucY9/Faoy/25FCLX2ECdC7SwckQYuhkMk
di3ACnOa3hjqNwJlrkYLbtvw4D1s+FUIGFtpm54+t0k3sx8YtgN1683GDdM5z0Qx
ZE4IpVKwUPWmp5JDsCR+hL4BJx/6PJMslvHVbYA808p0VeRp9cLR1Zjt9SV7frLp
5nWz95suatgObo92F2K6RdIDqj7L+fCPglsuvpKo9AIyPvFPy8EQAqxF8grzz8fZ
Ro7QjtgE+z0=
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:07:13 2024 by rpki-client on console-ams.rpki-client.org