Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/xrWd4UcUqKCcZfsZGiMYufiHMv0.roa
File: xrWd4UcUqKCcZfsZGiMYufiHMv0.roa (raw, json)
Hash identifier: FGRMZZjgQXUG/S4rONi7D6lI0byzfThX9scZOwJzx9M=
Subject key identifier: C6:B5:9D:E1:47:14:A8:A0:9C:65:FB:19:1A:23:18:B9:F8:87:32:FD
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 018CCA2A5AAE43E836539E19946EE111FFA1
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/xrWd4UcUqKCcZfsZGiMYufiHMv0.roa
Signing time: Tue 02 Jan 2024 12:33:42 +0000
ROA not before: Tue 02 Jan 2024 12:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8778
IP address blocks: 195.80.160.0/19 maxlen: 19
195.28.64.0/19 maxlen: 19
2a00:9060::/32 maxlen: 32
2a02:dd8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.mft
rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5a:ae:43:e8:36:53:9e:19:94:6e:e1:11:ff:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6b59de14714a8a09c65fb191a2318b9f88732fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:88:34:99:4c:73:1b:66:a4:f4:da:29:88:8c:
88:d1:98:f0:b3:34:10:87:fb:d2:30:43:48:01:7c:
a0:0a:b6:d9:3a:82:d6:37:b4:97:4d:87:b8:11:f2:
49:01:6f:73:ad:19:4f:ac:93:43:02:c5:f6:35:e1:
89:c2:49:0b:a7:fe:a4:e6:bd:e6:72:f6:9a:6f:5d:
84:ed:de:e1:fb:ad:49:94:ac:b9:9d:c2:79:2f:62:
15:9a:b8:89:45:d8:3d:14:fd:dd:55:6d:95:7e:2a:
ac:1d:fa:d6:00:f5:11:a6:08:fe:8b:f2:e7:e1:a7:
95:bc:2b:c1:6a:6f:0a:94:24:30:3e:75:f8:7f:52:
64:e7:88:01:fa:03:d6:88:1c:c8:07:e8:c9:3e:9a:
9e:f8:64:44:ef:d3:0f:ec:eb:03:0c:b5:df:e5:c0:
a6:72:57:42:a9:c2:ac:19:45:7b:b5:e2:e8:9d:16:
f7:9c:69:09:ae:6c:85:30:f6:a0:19:04:3d:a9:73:
47:ca:7c:6f:b4:af:46:34:7a:63:67:55:40:7d:ff:
b5:d8:df:93:bc:c6:61:cd:18:b7:90:a3:e8:d9:29:
ae:8e:7d:dc:5c:66:16:a1:13:3a:39:66:c1:95:d4:
5f:30:72:1d:6d:ad:60:35:43:bc:ce:c7:aa:5b:85:
04:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B5:9D:E1:47:14:A8:A0:9C:65:FB:19:1A:23:18:B9:F8:87:32:FD
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/xrWd4UcUqKCcZfsZGiMYufiHMv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.64.0/19
195.80.160.0/19
IPv6:
2a00:9060::/32
2a02:dd8::/29
Signature Algorithm: sha256WithRSAEncryption
aa:03:98:36:a2:d3:00:89:c6:38:f9:6e:2e:00:61:84:75:50:
d9:67:ef:5e:70:ca:27:35:b7:1b:99:2a:3f:61:b2:37:a2:23:
2a:47:cd:b9:19:5c:44:90:27:ab:19:bd:0a:d2:80:06:78:d3:
43:4b:6e:fc:e2:84:ec:ab:06:d9:5a:35:7c:a1:bb:9a:6a:a1:
e4:7f:3e:97:98:21:d7:c5:e0:72:9d:d5:5c:66:32:a6:b5:02:
eb:6a:5a:2c:95:75:6b:54:51:c6:95:d0:5d:78:af:fa:08:69:
f0:0e:7f:6d:db:8a:90:f6:d0:4f:c3:6e:34:b0:0d:bf:ce:a0:
05:2d:23:0d:f8:a3:c6:af:d8:09:5e:91:ac:b2:6e:62:c8:85:
ac:9f:b8:35:55:61:61:96:7f:3f:39:fa:6f:c1:21:30:88:3b:
a9:2a:ed:9b:9e:95:be:4d:6e:9a:d9:2e:6d:11:48:83:dd:5e:
37:34:0a:f6:3e:b3:1f:d9:79:12:3b:18:c8:be:e5:8f:f8:aa:
c4:be:1a:f6:91:8a:fa:66:ae:12:46:c2:a1:f0:4d:96:3d:94:
12:ed:d8:9a:b0:3b:83:a2:11:d5:b2:50:9d:e7:9b:7a:6d:3b:
58:5d:5c:9e:0f:49:19:77:b2:f7:ac:3a:35:0c:1f:03:d8:e8:
8d:27:27:a7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzKKlquQ+g2U54ZlG7hEf+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmI1OWRlMTQ3MTRhOGEwOWM2NWZiMTkxYTIzMThiOWY4ODczMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYg0mUxzG2ak9NopiIyI0ZjwszQQ
h/vSMENIAXygCrbZOoLWN7SXTYe4EfJJAW9zrRlPrJNDAsX2NeGJwkkLp/6k5r3m
cvaab12E7d7h+61JlKy5ncJ5L2IVmriJRdg9FP3dVW2VfiqsHfrWAPURpgj+i/Ln
4aeVvCvBam8KlCQwPnX4f1Jk54gB+gPWiBzIB+jJPpqe+GRE79MP7OsDDLXf5cCm
cldCqcKsGUV7teLonRb3nGkJrmyFMPagGQQ9qXNHynxvtK9GNHpjZ1VAff+12N+T
vMZhzRi3kKPo2Smujn3cXGYWoRM6OWbBldRfMHIdba1gNUO8zseqW4UEBQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMa1neFHFKignGX7GRojGLn4hzL9MB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEveHJXZDRVY1VxS0NjWmZzWkdpTVl1ZmlITXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQFwxxAAwQF
w1CgMBQEAgACMA4DBQAqAJBgAwUDKgIN2DANBgkqhkiG9w0BAQsFAAOCAQEAqgOY
NqLTAInGOPluLgBhhHVQ2WfvXnDKJzW3G5kqP2GyN6IjKkfNuRlcRJAnqxm9CtKA
BnjTQ0tu/OKE7KsG2Vo1fKG7mmqh5H8+l5gh18Xgcp3VXGYyprUC62paLJV1a1RR
xpXQXXiv+ghp8A5/bduKkPbQT8NuNLANv86gBS0jDfijxq/YCV6RrLJuYsiFrJ+4
NVVhYZZ/Pzn6b8EhMIg7qSrtm56Vvk1umtkubRFIg91eNzQK9j6zH9l5EjsYyL7l
j/iqxL4a9pGK+mauEkbCofBNlj2UEu3YmrA7g6IR1bJQneebem07WF1cng9JGXey
96w6NQwfA9jojScnpw==
-----END CERTIFICATE-----
Generated at Mon May 20 18:22:21 2024 by rpki-client on console-ams.rpki-client.org