Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/X62TwYdYJ5Sc_XqP3cgAaXhn7dM.roa
File: X62TwYdYJ5Sc_XqP3cgAaXhn7dM.roa (raw, json)
Hash identifier: BNq2gCdToB2M9UgL9mUY7OXpo+TEyVSdHObbUePhREs=
Subject key identifier: 5F:AD:93:C1:87:58:27:94:9C:FD:7A:8F:DD:C8:00:69:78:67:ED:D3
Certificate issuer: /CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Certificate serial: 018CC9BAA585ED3503CA3302D02972C91B56
Authority key identifier: A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/X62TwYdYJ5Sc_XqP3cgAaXhn7dM.roa
Signing time: Tue 02 Jan 2024 10:31:41 +0000
ROA not before: Tue 02 Jan 2024 10:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34971
IP address blocks: 188.164.128.0/21 maxlen: 24
95.157.96.0/24 maxlen: 24
195.88.4.0/23 maxlen: 24
185.34.136.0/24 maxlen: 24
37.247.48.0/21 maxlen: 24
2a00:dcc7:d000::/38 maxlen: 48
2a00:dcc0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:a5:85:ed:35:03:ca:33:02:d0:29:72:c9:1b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Validity
Not Before: Jan 2 10:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fad93c1875827949cfd7a8fddc800697867edd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b6:e8:aa:ec:ba:61:34:e0:bb:40:f5:6b:61:
83:c1:64:c3:4b:25:fa:db:0b:83:13:09:b7:18:98:
c3:29:ea:76:8b:76:be:b6:98:5f:b1:16:4b:44:c0:
0e:69:8a:c2:ff:42:cd:de:1c:5c:8b:72:da:92:5e:
10:ba:2f:21:1d:13:b1:db:47:eb:12:76:64:ac:d7:
8c:5c:3c:26:e6:71:8e:f6:b8:c4:8c:93:bc:45:30:
a4:47:43:e3:ab:55:f4:c5:83:cd:e1:de:e4:3c:89:
04:e2:2e:99:21:19:ff:72:79:56:a8:54:e3:0e:88:
6e:4c:d4:68:ab:9b:c0:41:93:54:4d:d5:35:69:b3:
e7:f2:3b:27:8b:79:a7:a6:9b:9a:0d:5a:e8:74:9e:
0d:88:28:bd:95:75:27:be:6e:ae:0f:66:97:dd:d3:
b8:60:ef:c1:a9:91:10:c6:69:e9:8e:59:5b:5d:93:
ba:dc:44:d7:97:f5:76:9f:59:bb:7f:db:25:1c:f5:
36:ea:bf:1a:26:8c:40:4e:d3:23:81:1a:ca:16:dd:
ab:53:3c:91:c5:88:1f:1b:24:54:3f:27:f8:a4:12:
d8:47:1a:d7:8d:8a:a3:07:e5:f3:c3:6e:11:e0:54:
9f:5b:0e:c9:95:f9:80:e3:ee:ee:cc:1e:52:9c:17:
b0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AD:93:C1:87:58:27:94:9C:FD:7A:8F:DD:C8:00:69:78:67:ED:D3
X509v3 Authority Key Identifier:
keyid:A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/X62TwYdYJ5Sc_XqP3cgAaXhn7dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.247.48.0/21
95.157.96.0/24
185.34.136.0/24
188.164.128.0/21
195.88.4.0/23
IPv6:
2a00:dcc0::/32
2a00:dcc7:d000::/38
Signature Algorithm: sha256WithRSAEncryption
31:f9:28:52:08:1f:b7:02:2f:ed:0a:3f:3e:67:a9:ab:a1:3a:
6a:7a:7c:20:b2:2d:e8:b8:f2:92:07:53:ba:a6:8c:93:d4:55:
56:27:94:45:94:77:92:bd:f2:6b:f7:ab:2e:1f:40:80:fa:89:
f6:7d:2a:00:6d:f5:ab:54:5e:b7:5c:95:fe:31:75:38:ee:36:
d2:fb:47:a2:88:1e:b4:3f:54:1d:8f:32:16:9d:cf:4f:06:32:
a5:95:ce:ab:33:96:3a:0d:34:05:29:35:b1:a6:c7:03:ac:88:
9b:64:14:9a:95:e0:45:51:65:15:9f:c7:6f:76:20:a4:d5:a0:
eb:aa:e2:76:f8:04:b4:ba:ce:49:8e:9e:5c:dd:83:69:d0:19:
00:4c:40:01:13:35:76:38:30:e7:e0:d0:06:4c:de:0c:d4:8c:
ce:7a:36:ce:3a:4a:82:fd:56:9f:2a:d4:08:3a:88:b1:e7:50:
93:48:dc:c8:39:d9:4f:d1:98:62:46:5e:54:bc:72:c0:36:df:
5b:51:97:0c:2d:92:89:c5:63:dc:bd:b9:41:b8:85:97:47:c1:
32:c5:72:41:14:ca:d2:37:fc:16:ff:29:50:80:c6:7b:ca:79:
c1:06:52:3f:ad:9d:18:5b:54:f5:21:53:92:5b:cd:0b:46:5e:
14:45:b4:0a
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzJuqWF7TUDyjMC0ClyyRtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNmIwZDhhYjQ5NDM2NTUwYjZhYmY0NWI3OTAzNWFlYzZh
ZmYyM2MwHhcNMjQwMTAyMTAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmFkOTNjMTg3NTgyNzk0OWNmZDdhOGZkZGM4MDA2OTc4NjdlZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrboquy6YTTgu0D1a2GDwWTDSyX6
2wuDEwm3GJjDKep2i3a+tphfsRZLRMAOaYrC/0LN3hxci3Lakl4Qui8hHROx20fr
EnZkrNeMXDwm5nGO9rjEjJO8RTCkR0Pjq1X0xYPN4d7kPIkE4i6ZIRn/cnlWqFTj
DohuTNRoq5vAQZNUTdU1abPn8jsni3mnppuaDVrodJ4NiCi9lXUnvm6uD2aX3dO4
YO/BqZEQxmnpjllbXZO63ETXl/V2n1m7f9slHPU26r8aJoxATtMjgRrKFt2rUzyR
xYgfGyRUPyf4pBLYRxrXjYqjB+Xzw24R4FSfWw7JlfmA4+7uzB5SnBewHQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFF+tk8GHWCeUnP16j93IAGl4Z+3TMB8GA1UdIwQY
MBaAFKFrDYq0lDZVC2q/RbeQNa7Gr/I8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUt
MTVjYzlkYzdiZDg3LzEvWDYyVHdZZFlKNVNjX1hxUDNjZ0FhWGhuN2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUtMTVjYzlkYzdiZDg3
LzEvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAkBAIAATAeAwQDJfcwAwQA
X51gAwQAuSKIAwQDvKSAAwQBw1gEMBUEAgACMA8DBQAqANzAAwYCKgDcx9AwDQYJ
KoZIhvcNAQELBQADggEBADH5KFIIH7cCL+0KPz5nqauhOmp6fCCyLei48pIHU7qm
jJPUVVYnlEWUd5K98mv3qy4fQID6ifZ9KgBt9atUXrdclf4xdTjuNtL7R6KIHrQ/
VB2PMhadz08GMqWVzqszljoNNAUpNbGmxwOsiJtkFJqV4EVRZRWfx292IKTVoOuq
4nb4BLS6zkmOnlzdg2nQGQBMQAETNXY4MOfg0AZM3gzUjM56Ns46SoL9Vp8q1Ag6
iLHnUJNI3Mg52U/RmGJGXlS8csA231tRlwwtkonFY9y9uUG4hZdHwTLFckEUytI3
/Bb/KVCAxnvKecEGUj+tnRhbVPUhU5JbzQtGXhRFtAo=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:57:46 2024 by rpki-client on console-fra.rpki-client.org