Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/9cff3d-1168-411c-a065-fd725b825291/1/XtwzjMfLTh3zgP5MOrPRIBWbl6s.roa
File: XtwzjMfLTh3zgP5MOrPRIBWbl6s.roa (raw, json)
Hash identifier: NXyOWqhPODiuZ+amGMr7eEnBUX2UxLlOxT5uPNw24Sw=
Subject key identifier: 5E:DC:33:8C:C7:CB:4E:1D:F3:80:FE:4C:3A:B3:D1:20:15:9B:97:AB
Certificate issuer: /CN=327557cf22629d058a5114965b2f9df8ef4db690
Certificate serial: 018CC50018FD6AFB10481B079D4442D6CAE4
Authority key identifier: 32:75:57:CF:22:62:9D:05:8A:51:14:96:5B:2F:9D:F8:EF:4D:B6:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MnVXzyJinQWKURSWWy-d-O9NtpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/9cff3d-1168-411c-a065-fd725b825291/1/XtwzjMfLTh3zgP5MOrPRIBWbl6s.roa
Signing time: Mon 01 Jan 2024 12:29:27 +0000
ROA not before: Mon 01 Jan 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15623
IP address blocks: 193.42.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/9cff3d-1168-411c-a065-fd725b825291/1/MnVXzyJinQWKURSWWy-d-O9NtpA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/9cff3d-1168-411c-a065-fd725b825291/1/MnVXzyJinQWKURSWWy-d-O9NtpA.mft
rsync://rpki.ripe.net/repository/DEFAULT/MnVXzyJinQWKURSWWy-d-O9NtpA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:18:fd:6a:fb:10:48:1b:07:9d:44:42:d6:ca:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=327557cf22629d058a5114965b2f9df8ef4db690
Validity
Not Before: Jan 1 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5edc338cc7cb4e1df380fe4c3ab3d120159b97ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:87:fe:92:68:e4:4f:86:24:7a:e4:ae:28:03:
c5:0f:d1:33:3e:d4:ed:22:37:af:ae:75:b2:d8:43:
28:a2:9c:3c:89:22:6e:df:41:73:ee:49:e8:d2:71:
89:20:4b:93:6e:04:0b:8d:1f:60:27:d9:fa:7a:04:
73:ba:51:8e:0d:7e:5a:a1:ce:ce:20:f7:61:95:d2:
7b:38:ce:24:63:f4:32:5e:2a:61:a0:bb:82:33:55:
eb:18:17:45:66:ae:f8:80:13:e1:c1:8c:e8:1d:6d:
80:ba:1c:d6:39:a3:73:20:97:60:53:55:e0:c7:18:
5c:33:2f:a5:1a:c3:5b:c1:70:d4:c3:00:31:d1:d5:
8f:9a:ec:ef:dc:fc:b4:5d:4a:8d:11:15:7a:9c:a1:
41:94:92:a7:64:66:17:ef:d4:8d:1a:b3:34:13:8d:
93:ef:a6:9d:56:d5:a1:ca:1e:ac:81:77:85:25:08:
1a:13:51:d8:e7:61:66:4c:20:5c:9c:8f:19:47:8f:
c6:5d:b3:dd:79:9f:6b:67:6a:50:1e:d9:7d:8e:ed:
ef:28:e0:ae:bc:9b:cf:4c:ef:06:0f:43:49:ee:49:
f5:e8:d8:37:23:b4:d7:3e:35:19:3e:ae:21:89:22:
62:29:4a:88:eb:72:30:c9:d9:5d:38:c8:fb:ac:33:
bb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:DC:33:8C:C7:CB:4E:1D:F3:80:FE:4C:3A:B3:D1:20:15:9B:97:AB
X509v3 Authority Key Identifier:
keyid:32:75:57:CF:22:62:9D:05:8A:51:14:96:5B:2F:9D:F8:EF:4D:B6:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MnVXzyJinQWKURSWWy-d-O9NtpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/9cff3d-1168-411c-a065-fd725b825291/1/XtwzjMfLTh3zgP5MOrPRIBWbl6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/9cff3d-1168-411c-a065-fd725b825291/1/MnVXzyJinQWKURSWWy-d-O9NtpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.146.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:a4:b7:df:32:83:35:7a:a2:b9:14:94:0d:7f:82:ca:34:86:
88:28:d6:5f:e5:c7:e3:f2:fb:dd:4d:86:6b:41:48:d2:e6:39:
a3:0c:15:67:e1:71:9e:6d:9a:ad:23:a6:f3:62:29:31:73:9c:
5f:04:9e:71:09:fb:ef:b2:11:ce:92:f0:b4:d9:cf:dc:05:73:
2c:84:a1:4d:5b:55:92:7e:09:29:6f:0c:0e:a0:f1:0b:6b:dc:
5d:08:1b:6c:17:4f:6b:7f:4a:cf:f4:a5:62:eb:d8:e6:3e:3e:
a4:d9:69:ae:03:74:f2:a0:6f:64:50:82:9e:c8:6b:ab:bd:ca:
86:c2:92:db:2f:bb:92:3a:0a:a4:f9:d4:ae:45:7a:a5:ca:a0:
c4:c6:55:2a:f1:d2:0d:56:c8:b1:bc:7a:95:f6:b8:07:3a:89:
ec:5c:5c:d3:85:f7:7b:be:c1:46:c0:8f:50:04:60:3a:b1:c0:
7a:33:81:27:95:c0:39:01:cf:42:ca:bb:4f:cc:27:04:2c:39:
83:f1:06:2e:95:1c:b4:cb:12:ec:b0:51:a3:9a:e9:b8:54:17:
ef:23:6b:2c:98:59:84:b1:41:82:99:0a:93:7b:25:73:84:4d:
eb:d5:83:74:ad:fd:c8:f4:c5:4d:73:7a:71:9c:05:17:8f:ff:
1f:5c:05:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABj9avsQSBsHnURC1srkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzU1N2NmMjI2MjlkMDU4YTUxMTQ5NjViMmY5ZGY4ZWY0
ZGI2OTAwHhcNMjQwMTAxMTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWRjMzM4Y2M3Y2I0ZTFkZjM4MGZlNGMzYWIzZDEyMDE1OWI5N2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIf+kmjkT4YkeuSuKAPFD9EzPtTt
IjevrnWy2EMoopw8iSJu30Fz7kno0nGJIEuTbgQLjR9gJ9n6egRzulGODX5aoc7O
IPdhldJ7OM4kY/QyXiphoLuCM1XrGBdFZq74gBPhwYzoHW2AuhzWOaNzIJdgU1Xg
xxhcMy+lGsNbwXDUwwAx0dWPmuzv3Py0XUqNERV6nKFBlJKnZGYX79SNGrM0E42T
76adVtWhyh6sgXeFJQgaE1HY52FmTCBcnI8ZR4/GXbPdeZ9rZ2pQHtl9ju3vKOCu
vJvPTO8GD0NJ7kn16Ng3I7TXPjUZPq4hiSJiKUqI63IwydldOMj7rDO7yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7cM4zHy04d84D+TDqz0SAVm5erMB8GA1UdIwQY
MBaAFDJ1V88iYp0FilEUllsvnfjvTbaQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5WWHp5SmluUVdLVVJTV1d5LWQtTzlOdHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC85Y2ZmM2QtMTE2OC00MTFjLWEwNjUt
ZmQ3MjViODI1MjkxLzEvWHR3empNZkxUaDN6Z1A1TU9yUFJJQldibDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC85Y2ZmM2QtMTE2OC00MTFjLWEwNjUtZmQ3MjViODI1Mjkx
LzEvTW5WWHp5SmluUVdLVVJTV1d5LWQtTzlOdHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSqSMA0G
CSqGSIb3DQEBCwUAA4IBAQDQpLffMoM1eqK5FJQNf4LKNIaIKNZf5cfj8vvdTYZr
QUjS5jmjDBVn4XGebZqtI6bzYikxc5xfBJ5xCfvvshHOkvC02c/cBXMshKFNW1WS
fgkpbwwOoPELa9xdCBtsF09rf0rP9KVi69jmPj6k2WmuA3TyoG9kUIKeyGurvcqG
wpLbL7uSOgqk+dSuRXqlyqDExlUq8dINVsixvHqV9rgHOonsXFzThfd7vsFGwI9Q
BGA6scB6M4EnlcA5Ac9CyrtPzCcELDmD8QYulRy0yxLssFGjmum4VBfvI2ssmFmE
sUGCmQqTeyVzhE3r1YN0rf3I9MVNc3pxnAUXj/8fXAUU
-----END CERTIFICATE-----
Generated at Tue Nov 26 15:49:41 2024 by rpki-client on console-fra.rpki-client.org