Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/XonliaPqS2TdzpdK8pa2yiXlHdo.roa
File: XonliaPqS2TdzpdK8pa2yiXlHdo.roa (raw, json)
Hash identifier: EAmU4Cxo5tA71r4NNxfSpzzPUsool+5SXEqx9HZr5p8=
Subject key identifier: 5E:89:E5:89:A3:EA:4B:64:DD:CE:97:4A:F2:96:B6:CA:25:E5:1D:DA
Certificate issuer: /CN=3d9fbe15c3cdb5e03435e24cf62f16fb6c62396c
Certificate serial: 018CCA298D017251C470EEE86724D40662CD
Authority key identifier: 3D:9F:BE:15:C3:CD:B5:E0:34:35:E2:4C:F6:2F:16:FB:6C:62:39:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZ--FcPNteA0NeJM9i8W-2xiOWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/XonliaPqS2TdzpdK8pa2yiXlHdo.roa
Signing time: Tue 02 Jan 2024 12:32:49 +0000
ROA not before: Tue 02 Jan 2024 12:32:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39153
IP address blocks: 80.248.80.0/20 maxlen: 20
80.253.16.0/20 maxlen: 20
109.71.192.0/21 maxlen: 21
2a00:5d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/PZ--FcPNteA0NeJM9i8W-2xiOWw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/PZ--FcPNteA0NeJM9i8W-2xiOWw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PZ--FcPNteA0NeJM9i8W-2xiOWw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:8d:01:72:51:c4:70:ee:e8:67:24:d4:06:62:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d9fbe15c3cdb5e03435e24cf62f16fb6c62396c
Validity
Not Before: Jan 2 12:32:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e89e589a3ea4b64ddce974af296b6ca25e51dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:39:74:b4:18:b4:16:0b:fe:0d:83:5d:89:3b:
84:e2:d4:ca:d8:b3:c4:ee:df:50:e9:48:96:e8:40:
41:11:91:bf:80:20:bc:7e:1c:4d:e9:22:bb:a6:f6:
37:60:14:c2:98:9b:70:c4:7f:e5:af:09:bd:aa:cb:
3b:49:93:34:f5:86:f2:e0:49:24:4e:60:36:91:10:
27:51:c9:52:20:58:55:3b:5e:16:ef:a2:95:bf:9c:
aa:59:f8:44:be:22:a9:33:bb:73:8d:b7:8f:f0:ae:
f4:15:c8:d3:ad:ec:78:78:64:6d:68:76:74:d6:d3:
3f:ec:b7:9d:ad:ea:86:20:b6:7c:48:b4:c8:72:52:
2b:22:2b:44:d4:1e:18:65:da:9b:48:c0:57:cf:19:
64:0a:69:1c:22:44:78:db:95:71:89:2c:de:c5:61:
27:e3:db:3d:e8:9a:53:66:ef:48:da:44:a7:c6:23:
d4:9d:58:1a:d6:b5:4c:1b:8f:b9:5b:ec:99:d1:7f:
d6:a8:97:f8:57:6d:75:5e:de:17:71:fc:cf:54:d0:
44:ca:93:f1:41:af:1e:ea:3c:88:bb:ed:aa:43:01:
3c:89:f8:60:8c:92:8d:98:1d:94:fa:9d:d7:14:ff:
50:ac:65:ae:0d:6a:5e:00:b0:47:4d:2e:37:53:c8:
27:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:89:E5:89:A3:EA:4B:64:DD:CE:97:4A:F2:96:B6:CA:25:E5:1D:DA
X509v3 Authority Key Identifier:
keyid:3D:9F:BE:15:C3:CD:B5:E0:34:35:E2:4C:F6:2F:16:FB:6C:62:39:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZ--FcPNteA0NeJM9i8W-2xiOWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/XonliaPqS2TdzpdK8pa2yiXlHdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e83bb9-a5c2-4774-9ebb-ae327dbe45c9/1/PZ--FcPNteA0NeJM9i8W-2xiOWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.248.80.0/20
80.253.16.0/20
109.71.192.0/21
IPv6:
2a00:5d00::/32
Signature Algorithm: sha256WithRSAEncryption
d5:52:42:bc:15:24:df:ee:81:84:fb:c4:02:8b:e7:ac:db:2e:
73:b1:37:fc:a6:16:10:16:51:e1:96:53:98:74:38:e6:be:af:
7a:48:3b:f5:68:06:c4:87:eb:6d:74:9f:4a:3b:ce:99:82:28:
af:2d:7f:39:89:00:1c:41:f6:a9:b1:8c:3e:22:f5:a2:64:fe:
b8:61:e7:21:96:73:0c:f4:c7:ff:2b:39:c4:7a:04:28:9b:19:
d2:65:60:f0:99:df:a7:9c:c4:fe:b7:be:d5:43:b0:39:6c:79:
ab:df:ab:e5:bb:ba:28:ca:ea:c8:a2:d3:fc:6b:6a:b9:bf:c1:
8d:4b:3f:53:7d:68:2a:fe:9c:1e:13:79:15:d3:af:ee:d8:95:
86:c9:3e:59:e7:12:d9:5a:bc:c3:f7:b0:7d:53:76:96:3c:45:
00:e9:29:1c:4c:79:18:b5:96:e3:e5:e5:53:46:7e:a9:eb:4d:
42:d6:0a:8d:a2:27:89:97:a8:a6:bf:6a:95:ed:cd:73:8d:8c:
ee:0b:1f:1b:6a:5b:58:b8:6b:ed:02:69:a9:4a:ca:ea:d5:03:
5a:67:7b:c0:a1:84:c2:41:b7:30:02:47:0d:52:db:6c:73:0b:
d6:4e:83:52:7e:a2:9a:46:57:f8:a7:dd:44:16:b2:c2:22:b4:
ff:24:df:b7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKKY0BclHEcO7oZyTUBmLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOWZiZTE1YzNjZGI1ZTAzNDM1ZTI0Y2Y2MmYxNmZiNmM2
MjM5NmMwHhcNMjQwMTAyMTIzMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTg5ZTU4OWEzZWE0YjY0ZGRjZTk3NGFmMjk2YjZjYTI1ZTUxZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zl0tBi0Fgv+DYNdiTuE4tTK2LPE
7t9Q6UiW6EBBEZG/gCC8fhxN6SK7pvY3YBTCmJtwxH/lrwm9qss7SZM09Yby4Ekk
TmA2kRAnUclSIFhVO14W76KVv5yqWfhEviKpM7tzjbeP8K70FcjTrex4eGRtaHZ0
1tM/7LedreqGILZ8SLTIclIrIitE1B4YZdqbSMBXzxlkCmkcIkR425VxiSzexWEn
49s96JpTZu9I2kSnxiPUnVga1rVMG4+5W+yZ0X/WqJf4V211Xt4XcfzPVNBEypPx
Qa8e6jyIu+2qQwE8ifhgjJKNmB2U+p3XFP9QrGWuDWpeALBHTS43U8gnkwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF6J5Ymj6ktk3c6XSvKWtsol5R3aMB8GA1UdIwQY
MBaAFD2fvhXDzbXgNDXiTPYvFvtsYjlsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFotLUZjUE50ZUEwTmVKTTlpOFctMnhpT1d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lODNiYjktYTVjMi00Nzc0LTllYmIt
YWUzMjdkYmU0NWM5LzEvWG9ubGlhUHFTMlRkenBkSzhwYTJ5aVhsSGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lODNiYjktYTVjMi00Nzc0LTllYmItYWUzMjdkYmU0NWM5
LzEvUFotLUZjUE50ZUEwTmVKTTlpOFctMnhpT1d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPhQAwQE
UP0QAwQDbUfAMA0EAgACMAcDBQAqAF0AMA0GCSqGSIb3DQEBCwUAA4IBAQDVUkK8
FSTf7oGE+8QCi+es2y5zsTf8phYQFlHhllOYdDjmvq96SDv1aAbEh+ttdJ9KO86Z
giivLX85iQAcQfapsYw+IvWiZP64YechlnMM9Mf/KznEegQomxnSZWDwmd+nnMT+
t77VQ7A5bHmr36vlu7ooyurIotP8a2q5v8GNSz9TfWgq/pweE3kV06/u2JWGyT5Z
5xLZWrzD97B9U3aWPEUA6SkcTHkYtZbj5eVTRn6p601C1gqNoieJl6imv2qV7c1z
jYzuCx8baltYuGvtAmmpSsrq1QNaZ3vAoYTCQbcwAkcNUttscwvWToNSfqKaRlf4
p91EFrLCIrT/JN+3
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:12 2024 by rpki-client on console-fra.rpki-client.org