Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/X1TydY06kivx4kl5XFhYmICmxMc.roa
File: X1TydY06kivx4kl5XFhYmICmxMc.roa (raw, json)
Hash identifier: yBIoInBNlMcfcJvd9Er23Vtfoz5A27CnTDnIp4A5ufc=
Subject key identifier: 5F:54:F2:75:8D:3A:92:2B:F1:E2:49:79:5C:58:58:98:80:A6:C4:C7
Certificate issuer: /CN=3c1b83888696fc44478c693d6e7803e9516250e6
Certificate serial: 018CC8DF803B06BA05CC05CE71BA38F375B0
Authority key identifier: 3C:1B:83:88:86:96:FC:44:47:8C:69:3D:6E:78:03:E9:51:62:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBuDiIaW_ERHjGk9bngD6VFiUOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/X1TydY06kivx4kl5XFhYmICmxMc.roa
Signing time: Tue 02 Jan 2024 06:32:19 +0000
ROA not before: Tue 02 Jan 2024 06:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39326
IP address blocks: 185.51.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/PBuDiIaW_ERHjGk9bngD6VFiUOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/PBuDiIaW_ERHjGk9bngD6VFiUOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PBuDiIaW_ERHjGk9bngD6VFiUOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:80:3b:06:ba:05:cc:05:ce:71:ba:38:f3:75:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c1b83888696fc44478c693d6e7803e9516250e6
Validity
Not Before: Jan 2 06:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f54f2758d3a922bf1e249795c58589880a6c4c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:31:e8:4c:a8:0a:71:e4:55:cc:e8:b4:9d:be:
54:dd:e2:60:12:f5:52:05:cb:ec:ab:e4:7f:38:4d:
e9:c7:73:bb:30:6b:2b:4a:97:53:b5:23:57:2f:57:
35:b5:53:f7:68:f0:84:26:03:31:03:e4:cb:9a:29:
a1:a8:98:fa:72:f7:ba:2d:9e:a1:96:d0:16:89:61:
d8:ea:da:cb:8f:63:48:2c:89:88:8b:c0:90:f4:f5:
8d:26:bc:e5:7e:c7:ef:d3:cc:fc:0f:04:d8:d9:59:
62:04:d4:9b:ca:0c:c0:d7:da:51:43:89:7f:fb:52:
19:1b:95:f8:f3:4f:a4:62:92:0a:7c:13:28:47:5d:
7c:ad:a9:ed:7f:33:ba:24:6d:2e:77:78:55:03:2f:
e8:a3:b1:b3:3a:53:ff:02:4d:16:94:06:cf:2e:1e:
ed:30:87:2a:bf:4f:73:eb:db:bc:9d:29:26:74:06:
9d:8f:12:a8:7e:d6:16:87:3a:b9:95:3b:a2:76:76:
f2:68:7d:79:af:5f:eb:2c:f7:f4:69:5a:e3:15:d6:
6c:ef:08:31:90:21:fd:08:8b:16:1c:ab:11:e6:c7:
d4:48:68:16:9f:e9:45:0b:13:4d:96:29:a7:58:04:
d6:4c:d3:0e:b1:7b:a4:39:0c:16:53:6a:87:ec:b1:
36:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:54:F2:75:8D:3A:92:2B:F1:E2:49:79:5C:58:58:98:80:A6:C4:C7
X509v3 Authority Key Identifier:
keyid:3C:1B:83:88:86:96:FC:44:47:8C:69:3D:6E:78:03:E9:51:62:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBuDiIaW_ERHjGk9bngD6VFiUOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/X1TydY06kivx4kl5XFhYmICmxMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d55683-fec2-47fd-ac6e-9e82da7315cf/1/PBuDiIaW_ERHjGk9bngD6VFiUOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.172.0/22
Signature Algorithm: sha256WithRSAEncryption
25:ae:2f:a6:a6:e4:8f:26:ff:98:de:70:ee:08:9a:46:77:63:
3f:1e:2a:af:6a:11:1a:1e:03:4c:be:f5:93:83:6b:59:52:46:
a4:5a:ea:10:04:ed:45:05:7e:76:c0:31:90:bf:ad:19:75:e3:
db:e2:a8:30:53:2c:20:7c:90:24:f2:0d:67:75:ce:c8:9d:65:
82:40:51:92:e7:f2:b0:84:4e:89:e3:8d:0a:43:04:9b:3c:df:
42:9c:1e:90:a2:48:07:81:db:03:41:63:9d:a6:42:7f:3b:fa:
8e:91:46:bd:fa:68:4b:bd:4c:17:e5:0c:01:c3:c1:b3:7a:34:
2f:d7:4a:c4:68:35:4a:a7:24:e6:d7:78:e0:bb:5d:d0:5b:c9:
0e:3d:06:30:a5:32:78:e0:72:f1:f3:b7:58:49:21:63:3f:f4:
bb:b5:2e:0b:fe:ba:5d:4d:a4:1f:4e:49:86:34:ac:0e:53:da:
82:35:75:00:1c:c1:de:8c:8a:9d:2b:c4:7a:d8:b4:bb:aa:d7:
0f:e7:77:b7:69:9a:32:57:8a:52:b0:72:72:d9:7f:53:c0:d3:
82:e0:86:13:c8:80:0a:69:4f:63:e5:e1:c0:e7:e2:7a:17:e4:
5f:56:ed:b5:c5:14:e1:97:cb:cb:42:32:7b:0b:85:f2:dc:f3:
50:7a:bd:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI34A7BroFzAXOcbo483WwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMWI4Mzg4ODY5NmZjNDQ0NzhjNjkzZDZlNzgwM2U5NTE2
MjUwZTYwHhcNMjQwMTAyMDYzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjU0ZjI3NThkM2E5MjJiZjFlMjQ5Nzk1YzU4NTg5ODgwYTZjNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDHoTKgKceRVzOi0nb5U3eJgEvVS
Bcvsq+R/OE3px3O7MGsrSpdTtSNXL1c1tVP3aPCEJgMxA+TLmimhqJj6cve6LZ6h
ltAWiWHY6trLj2NILImIi8CQ9PWNJrzlfsfv08z8DwTY2VliBNSbygzA19pRQ4l/
+1IZG5X480+kYpIKfBMoR118rantfzO6JG0ud3hVAy/oo7GzOlP/Ak0WlAbPLh7t
MIcqv09z69u8nSkmdAadjxKoftYWhzq5lTuidnbyaH15r1/rLPf0aVrjFdZs7wgx
kCH9CIsWHKsR5sfUSGgWn+lFCxNNlimnWATWTNMOsXukOQwWU2qH7LE2yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9U8nWNOpIr8eJJeVxYWJiApsTHMB8GA1UdIwQY
MBaAFDwbg4iGlvxER4xpPW54A+lRYlDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJ1RGlJYVdfRVJIakdrOWJuZ0Q2VkZpVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9kNTU2ODMtZmVjMi00N2ZkLWFjNmUt
OWU4MmRhNzMxNWNmLzEvWDFUeWRZMDZraXZ4NGtsNVhGaFltSUNteE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9kNTU2ODMtZmVjMi00N2ZkLWFjNmUtOWU4MmRhNzMxNWNm
LzEvUEJ1RGlJYVdfRVJIakdrOWJuZ0Q2VkZpVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTOsMA0G
CSqGSIb3DQEBCwUAA4IBAQAlri+mpuSPJv+Y3nDuCJpGd2M/HiqvahEaHgNMvvWT
g2tZUkakWuoQBO1FBX52wDGQv60ZdePb4qgwUywgfJAk8g1ndc7InWWCQFGS5/Kw
hE6J440KQwSbPN9CnB6QokgHgdsDQWOdpkJ/O/qOkUa9+mhLvUwX5QwBw8GzejQv
10rEaDVKpyTm13jgu13QW8kOPQYwpTJ44HLx87dYSSFjP/S7tS4L/rpdTaQfTkmG
NKwOU9qCNXUAHMHejIqdK8R62LS7qtcP53e3aZoyV4pSsHJy2X9TwNOC4IYTyIAK
aU9j5eHA5+J6F+RfVu21xRThl8vLQjJ7C4Xy3PNQer0g
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:21 2024 by rpki-client on console-fra.rpki-client.org