Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/XDfwZrOPR320bKm4EprjeeGFCBg.roa
File: XDfwZrOPR320bKm4EprjeeGFCBg.roa (raw, json)
Hash identifier: zJBCtEmIf7tTN5EB46LJPBqtTKg1ZfAIo61HfsF14tM=
Subject key identifier: 5C:37:F0:66:B3:8F:47:7D:B4:6C:A9:B8:12:9A:E3:79:E1:85:08:18
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 01918E72A1347F8883F3080E6D2D4FB4885A
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/XDfwZrOPR320bKm4EprjeeGFCBg.roa
Signing time: Mon 26 Aug 2024 11:29:22 +0000
ROA not before: Mon 26 Aug 2024 11:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12312
IP address blocks: 62.26.0.0/15 maxlen: 23
62.144.0.0/16 maxlen: 16
62.246.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
80.83.96.0/20 maxlen: 20
185.210.52.0/23 maxlen: 23
194.112.16.0/20 maxlen: 20
194.162.0.0/16 maxlen: 16
195.52.0.0/16 maxlen: 23
195.63.0.0/16 maxlen: 16
195.78.160.0/19 maxlen: 19
195.185.0.0/16 maxlen: 16
212.172.0.0/16 maxlen: 16
2001:4090::/32 maxlen: 32
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:72:a1:34:7f:88:83:f3:08:0e:6d:2d:4f:b4:88:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Aug 26 11:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c37f066b38f477db46ca9b8129ae379e1850818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6f:55:88:3e:85:56:54:89:d5:f3:7d:9d:54:
c7:32:0c:32:ef:53:8b:d9:8c:28:56:62:00:0c:94:
fb:9e:47:c0:99:47:f0:a9:2e:d8:64:12:25:5b:55:
72:43:b3:0e:47:58:9a:ae:69:72:5a:f0:ff:82:76:
5c:3f:1b:ad:71:52:44:78:44:76:1c:2a:6a:ed:73:
27:af:b3:d3:d8:76:49:cd:f7:6c:71:a7:ab:9e:bd:
45:73:84:9c:a7:14:d4:ee:28:51:99:a9:42:b8:bb:
af:22:37:d6:03:12:59:fc:6f:4a:5c:e6:e5:e7:ad:
14:fb:3c:f3:97:ee:a4:ed:95:13:13:bc:aa:dc:54:
6e:b3:01:08:fc:e0:73:b3:d3:51:16:36:73:32:57:
03:71:fe:8f:e0:bf:63:bc:7d:9b:a2:cf:5b:c4:6f:
62:37:5c:98:81:4a:81:62:74:e3:62:8b:4b:35:b0:
bf:08:fa:38:d8:48:9d:88:40:1c:69:74:3b:f5:c2:
af:d1:7d:57:75:fe:cb:7f:ee:9f:3e:7c:92:82:9a:
ac:0e:73:f7:e4:cc:f1:43:cb:3d:ad:d3:fd:1a:1f:
a7:b5:17:18:50:18:c1:9f:b2:b5:f3:aa:51:41:7b:
9a:67:63:bc:f3:a0:81:9d:7e:a0:01:49:a0:54:d5:
7a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:37:F0:66:B3:8F:47:7D:B4:6C:A9:B8:12:9A:E3:79:E1:85:08:18
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/XDfwZrOPR320bKm4EprjeeGFCBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
185.210.52.0/23
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
7f:fa:10:dc:72:b8:8f:d5:0c:41:c3:4a:ac:03:07:e6:5c:80:
b0:38:2c:45:d5:dc:4b:18:91:fd:c5:19:08:13:b8:58:07:97:
b6:e5:6c:96:43:c0:e8:f7:98:1a:5a:e1:c2:0e:24:70:6a:71:
43:fb:50:e7:d1:ce:92:d6:3c:b9:05:ed:2f:4a:2a:15:20:3c:
79:ff:ee:27:fc:1b:11:84:79:cf:0f:4e:ca:2c:55:8a:ea:d3:
ca:e7:d6:b9:d0:53:1e:7f:83:0e:d8:79:8b:4c:15:5b:24:cc:
5e:05:b2:69:e7:22:74:7e:17:0a:b9:0a:7b:9d:74:67:23:8a:
9b:30:e3:f3:72:65:93:40:27:ef:65:85:18:bf:c4:ee:1b:e8:
eb:04:59:c4:2b:9f:b1:d3:10:8e:e0:b8:cf:35:44:b8:8b:fa:
4b:8e:ea:5b:e2:b8:06:98:9d:4d:98:f9:bb:37:c1:5c:47:4d:
ff:51:72:85:a8:3e:ce:f4:ee:42:57:45:2f:d9:54:b7:76:3b:
cf:21:a0:45:40:56:33:28:5e:46:b0:0d:ea:2e:b0:85:5d:af:
65:55:c0:a3:6f:57:b0:2f:c4:bc:16:47:96:cd:93:15:19:22:
3a:5e:3e:fe:47:3c:04:aa:0a:a6:c7:77:de:ab:34:12:4e:00:
44:cb:5b:d8
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZGOcqE0f4iD8wgObS1PtIhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjQwODI2MTEyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzM3ZjA2NmIzOGY0NzdkYjQ2Y2E5YjgxMjlhZTM3OWUxODUwODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp29ViD6FVlSJ1fN9nVTHMgwy71OL
2YwoVmIADJT7nkfAmUfwqS7YZBIlW1VyQ7MOR1iarmlyWvD/gnZcPxutcVJEeER2
HCpq7XMnr7PT2HZJzfdscaernr1Fc4ScpxTU7ihRmalCuLuvIjfWAxJZ/G9KXObl
560U+zzzl+6k7ZUTE7yq3FRuswEI/OBzs9NRFjZzMlcDcf6P4L9jvH2bos9bxG9i
N1yYgUqBYnTjYotLNbC/CPo42EidiEAcaXQ79cKv0X1Xdf7Lf+6fPnySgpqsDnP3
5MzxQ8s9rdP9Gh+ntRcYUBjBn7K186pRQXuaZ2O886CBnX6gAUmgVNV6TwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFFw38Gazj0d9tGypuBKa43nhhQgYMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvWERmd1pyT1BSMzIwYkttNEVwcmplZUdGQ0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBMBAIAATBGAwMBPhoDAwA+
kAMDAD72AwQET4ywAwQEUFNgAwQBudI0AwQEwnAQAwMAwqIDAwDDNAMDAMM/AwQF
w06gAwMAw7kDAwDUrDAUBAIAAjAOAwUBIAFAkAMFACoBBcgwDQYJKoZIhvcNAQEL
BQADggEBAH/6ENxyuI/VDEHDSqwDB+ZcgLA4LEXV3EsYkf3FGQgTuFgHl7blbJZD
wOj3mBpa4cIOJHBqcUP7UOfRzpLWPLkF7S9KKhUgPHn/7if8GxGEec8PTsosVYrq
08rn1rnQUx5/gw7YeYtMFVskzF4FsmnnInR+Fwq5CnuddGcjipsw4/NyZZNAJ+9l
hRi/xO4b6OsEWcQrn7HTEI7guM81RLiL+kuO6lviuAaYnU2Y+bs3wVxHTf9RcoWo
Ps707kJXRS/ZVLd2O88hoEVAVjMoXkawDeousIVdr2VVwKNvV7AvxLwWR5bNkxUZ
IjpePv5HPASqCqbHd96rNBJOAETLW9g=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:20:21 2024 by rpki-client on console-ams.rpki-client.org