Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/XsGpPxNgltw1wL6Ggdqz34cB5A8.roa
File: XsGpPxNgltw1wL6Ggdqz34cB5A8.roa (raw, json)
Hash identifier: LxiDnpnVo1I8t+9HK/QHL/bBrFJnSIidSxSWQ8girtQ=
Subject key identifier: 5E:C1:A9:3F:13:60:96:DC:35:C0:BE:86:81:DA:B3:DF:87:01:E4:0F
Certificate issuer: /CN=ce1c5bea595d890f21307c1b336519fb0edc089c
Certificate serial: 018CC725A3B889CD6598F6FCB778E7A6EBCD
Authority key identifier: CE:1C:5B:EA:59:5D:89:0F:21:30:7C:1B:33:65:19:FB:0E:DC:08:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/XsGpPxNgltw1wL6Ggdqz34cB5A8.roa
Signing time: Mon 01 Jan 2024 22:29:41 +0000
ROA not before: Mon 01 Jan 2024 22:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49605
IP address blocks: 185.87.240.0/22 maxlen: 22
217.112.96.0/20 maxlen: 20
31.13.136.0/21 maxlen: 21
185.8.148.0/22 maxlen: 22
2a05:c6c0::/29 maxlen: 29
2a02:e50::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a3:b8:89:cd:65:98:f6:fc:b7:78:e7:a6:eb:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce1c5bea595d890f21307c1b336519fb0edc089c
Validity
Not Before: Jan 1 22:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ec1a93f136096dc35c0be8681dab3df8701e40f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5c:9e:09:23:68:f3:81:6a:55:99:59:b7:bf:
ae:5b:d9:85:25:5c:4f:00:49:bf:10:5e:45:22:11:
9d:80:94:c2:91:15:17:29:f4:2e:ed:ff:d3:d6:87:
80:a2:6e:2c:7e:5a:99:fe:81:60:ec:22:b4:15:58:
f6:d1:75:e2:f0:02:28:bd:34:3d:4e:3d:e6:43:c8:
b4:7e:b0:ea:4b:40:f2:c2:16:11:fe:78:6b:9b:21:
a2:1c:25:e7:92:a4:c1:04:b8:20:e3:09:db:fb:2a:
f6:21:3d:11:55:73:e1:57:d8:3c:71:0e:da:0a:33:
91:df:bc:98:c0:bf:71:b6:b5:66:c7:7f:27:14:a2:
d0:ef:d3:4f:f8:63:5f:da:c0:77:cd:3b:f9:20:25:
8f:14:98:2e:97:be:09:da:04:c1:34:df:89:9b:6c:
51:24:de:6c:2d:f5:97:f6:df:f8:65:2e:12:87:25:
0d:7d:80:d1:3f:2b:22:e5:20:af:36:c0:43:80:68:
44:76:d2:3e:fc:ae:d8:63:36:33:8d:e1:3c:5d:2c:
b2:ed:ad:b7:1e:6a:91:d9:4d:6a:5d:ca:2c:e4:19:
28:70:74:94:bb:5f:57:88:e8:97:3a:8f:33:d3:4e:
b7:c6:3d:2b:6c:62:52:09:c2:c2:6e:05:e7:03:73:
7b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C1:A9:3F:13:60:96:DC:35:C0:BE:86:81:DA:B3:DF:87:01:E4:0F
X509v3 Authority Key Identifier:
keyid:CE:1C:5B:EA:59:5D:89:0F:21:30:7C:1B:33:65:19:FB:0E:DC:08:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/XsGpPxNgltw1wL6Ggdqz34cB5A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/92256d-b875-4762-b743-05b15f5ee8c3/1/zhxb6lldiQ8hMHwbM2UZ-w7cCJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.136.0/21
185.8.148.0/22
185.87.240.0/22
217.112.96.0/20
IPv6:
2a02:e50::/32
2a05:c6c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:42:89:ab:b0:28:1e:da:b1:aa:fd:0f:3f:cb:5b:ee:48:d9:
13:b3:1c:7f:95:7f:bf:5b:80:12:56:0e:82:b4:38:d0:aa:a0:
33:c3:b1:ef:01:35:7c:17:7e:62:02:48:16:72:aa:83:42:dc:
8b:99:e8:80:d6:55:08:5f:8f:1e:0d:1a:a1:3e:e7:4b:a6:0c:
d1:ae:7e:d8:c7:27:fc:f5:d6:cb:0e:90:88:f7:e4:07:78:a2:
7b:11:e3:ca:cf:90:39:79:7b:23:92:d8:82:00:ad:89:b3:20:
07:82:d2:6b:dd:0e:5d:0d:eb:31:08:4b:d2:cd:e4:ed:65:1e:
84:84:ab:79:1e:45:af:c3:b8:b5:79:ca:0b:be:20:cd:d4:98:
e7:2a:0a:55:33:e2:df:8a:7c:cd:a8:c8:5c:92:99:3c:8d:04:
e1:0b:a6:cb:83:32:6d:82:b2:e0:4e:d8:7c:e5:c1:22:e0:a7:
3a:69:99:36:f8:9d:1c:c1:82:58:ad:13:1e:6e:0a:c9:87:2e:
11:6a:07:f1:d0:00:e5:c7:f1:f2:96:95:71:02:5d:42:2e:2b:
cf:f9:c1:05:07:f0:20:37:35:51:ab:5d:bc:d4:92:f6:ae:3c:
d0:73:8d:ae:54:e7:1d:c7:76:a2:a3:5c:ac:d4:0b:af:d4:ad:
cb:7c:fb:1a
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzHJaO4ic1lmPb8t3jnpuvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMWM1YmVhNTk1ZDg5MGYyMTMwN2MxYjMzNjUxOWZiMGVk
YzA4OWMwHhcNMjQwMTAxMjIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWMxYTkzZjEzNjA5NmRjMzVjMGJlODY4MWRhYjNkZjg3MDFlNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VyeCSNo84FqVZlZt7+uW9mFJVxP
AEm/EF5FIhGdgJTCkRUXKfQu7f/T1oeAom4sflqZ/oFg7CK0FVj20XXi8AIovTQ9
Tj3mQ8i0frDqS0DywhYR/nhrmyGiHCXnkqTBBLgg4wnb+yr2IT0RVXPhV9g8cQ7a
CjOR37yYwL9xtrVmx38nFKLQ79NP+GNf2sB3zTv5ICWPFJgul74J2gTBNN+Jm2xR
JN5sLfWX9t/4ZS4ShyUNfYDRPysi5SCvNsBDgGhEdtI+/K7YYzYzjeE8XSyy7a23
HmqR2U1qXcos5BkocHSUu19XiOiXOo8z0063xj0rbGJSCcLCbgXnA3N7qwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFF7BqT8TYJbcNcC+hoHas9+HAeQPMB8GA1UdIwQY
MBaAFM4cW+pZXYkPITB8GzNlGfsO3AicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemh4YjZsbGRpUThoTUh3Yk0yVVotdzdjQ0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85MjI1NmQtYjg3NS00NzYyLWI3NDMt
MDViMTVmNWVlOGMzLzEvWHNHcFB4TmdsdHcxd0w2R2dkcXozNGNCNUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85MjI1NmQtYjg3NS00NzYyLWI3NDMtMDViMTVmNWVlOGMz
LzEvemh4YjZsbGRpUThoTUh3Yk0yVVotdzdjQ0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDHw2IAwQC
uQiUAwQCuVfwAwQE2XBgMBQEAgACMA4DBQAqAg5QAwUDKgXGwDANBgkqhkiG9w0B
AQsFAAOCAQEAjkKJq7AoHtqxqv0PP8tb7kjZE7Mcf5V/v1uAElYOgrQ40KqgM8Ox
7wE1fBd+YgJIFnKqg0Lci5nogNZVCF+PHg0aoT7nS6YM0a5+2Mcn/PXWyw6QiPfk
B3iiexHjys+QOXl7I5LYggCtibMgB4LSa90OXQ3rMQhL0s3k7WUehISreR5Fr8O4
tXnKC74gzdSY5yoKVTPi34p8zajIXJKZPI0E4Qumy4MybYKy4E7YfOXBIuCnOmmZ
NvidHMGCWK0THm4KyYcuEWoH8dAA5cfx8paVcQJdQi4rz/nBBQfwIDc1UatdvNSS
9q480HONrlTnHcd2oqNcrNQLr9Sty3z7Gg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:32:53 2024 by rpki-client on console-ams.rpki-client.org