Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xmopx23sPYi-kuNJ4NysCCEW2YY.roa
File: xmopx23sPYi-kuNJ4NysCCEW2YY.roa (raw, json)
Hash identifier: 72I/VOyxGYcJcLijdBXkK8fnIHQXWB2V3Vb55s19E2E=
Subject key identifier: C6:6A:29:C7:6D:EC:3D:88:BE:92:E3:49:E0:DC:AC:08:21:16:D9:86
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018DFA93381816B02AF5084ABF85DFCF50A3
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xmopx23sPYi-kuNJ4NysCCEW2YY.roa
Signing time: Fri 01 Mar 2024 15:12:48 +0000
ROA not before: Fri 01 Mar 2024 15:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39351
IP address blocks: 45.85.106.0/24 maxlen: 24
46.229.255.0/24 maxlen: 24
185.217.116.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
194.242.2.0/24 maxlen: 24
203.159.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:93:38:18:16:b0:2a:f5:08:4a:bf:85:df:cf:50:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 1 15:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c66a29c76dec3d88be92e349e0dcac082116d986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:b5:80:ba:ef:6c:c2:b3:4d:95:cf:43:79:
b9:35:5e:ac:00:e1:b9:14:6e:52:ed:19:fd:81:d7:
f0:e8:86:06:47:8c:35:f3:e5:c5:aa:ed:3f:76:a4:
57:24:cc:c9:f5:f6:ec:b8:e6:53:c8:2e:a3:6c:3f:
df:14:e6:9f:89:32:35:fa:a1:93:16:20:4f:fb:e4:
be:47:65:dd:04:58:e0:b8:61:63:0d:6f:a2:1e:1f:
62:8e:78:17:7e:39:9f:f3:a4:24:c4:5e:94:55:3b:
cf:d0:40:0d:60:91:31:85:2b:de:5b:0f:2e:9e:3d:
fa:21:b6:52:2c:f8:d9:c0:96:7d:64:10:49:3c:73:
dd:be:f4:bd:fc:d4:15:da:f3:24:26:6a:39:77:d7:
34:7a:b2:d8:f4:4e:ba:4c:e2:92:79:3c:b2:57:aa:
0e:d8:83:58:e9:b2:57:74:66:e7:e0:1a:f1:d7:c3:
a6:a2:5e:e2:b4:db:a0:71:5c:ed:33:b9:ff:c2:6a:
4f:1a:3a:1d:4b:0f:1e:1e:84:4a:d8:69:6b:0a:b2:
6b:f3:02:99:c7:b4:84:c2:cc:97:af:25:97:35:70:
7d:d2:1e:2b:bd:0b:1c:cc:36:84:ad:8e:c2:54:b9:
5c:f5:e9:b4:ad:4d:eb:59:2d:a8:60:54:6d:5b:ba:
30:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:6A:29:C7:6D:EC:3D:88:BE:92:E3:49:E0:DC:AC:08:21:16:D9:86
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/xmopx23sPYi-kuNJ4NysCCEW2YY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.106.0/24
46.229.255.0/24
185.217.116.0/24
193.19.108.0/24
194.242.2.0/24
203.159.82.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:e9:3f:c2:19:bb:a6:66:1f:68:21:64:21:a9:a4:a8:99:4f:
db:5c:13:af:de:f3:44:b7:0c:b4:22:d6:db:dc:3f:dd:d3:27:
7d:0a:87:73:f7:6b:0c:19:fa:bb:31:db:3a:62:44:bc:05:0a:
82:59:84:9f:00:9f:ce:1c:88:36:d9:ec:a3:12:b1:d2:17:60:
aa:88:c2:6b:b9:f2:c2:c7:22:8c:99:9d:e6:73:35:8b:31:13:
65:ed:b4:b1:a8:f4:58:6f:2b:f6:af:a5:57:c2:df:ac:12:a0:
6d:e2:db:37:8e:34:57:bf:f3:e7:96:3f:34:92:1f:71:a1:a4:
59:32:9a:76:5b:3d:ce:22:d8:c3:18:8a:f0:ee:9d:55:27:fd:
09:08:e2:07:e9:40:41:98:20:a7:b4:4d:b7:c0:25:f1:c3:9d:
9c:a9:55:f4:d0:4e:94:40:c3:16:e1:a8:e2:c9:a7:20:f7:09:
8f:9f:a4:4c:e2:93:75:39:91:d2:77:76:98:2d:d3:74:6c:6d:
49:c6:21:12:16:9a:12:14:2f:0a:49:ab:32:a3:5f:ce:f1:79:
67:9f:9b:80:83:e0:38:31:5f:60:a9:2e:a5:f9:50:0f:9e:82:
37:26:35:77:3c:99:91:e8:30:2e:b5:6f:a2:a7:3b:a6:a7:27:
59:4b:e5:28
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY36kzgYFrAq9QhKv4Xfz1CjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMzAxMTUxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjZhMjljNzZkZWMzZDg4YmU5MmUzNDllMGRjYWMwODIxMTZkOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYa1gLrvbMKzTZXPQ3m5NV6sAOG5
FG5S7Rn9gdfw6IYGR4w18+XFqu0/dqRXJMzJ9fbsuOZTyC6jbD/fFOafiTI1+qGT
FiBP++S+R2XdBFjguGFjDW+iHh9ijngXfjmf86QkxF6UVTvP0EANYJExhSveWw8u
nj36IbZSLPjZwJZ9ZBBJPHPdvvS9/NQV2vMkJmo5d9c0erLY9E66TOKSeTyyV6oO
2INY6bJXdGbn4Brx18Omol7itNugcVztM7n/wmpPGjodSw8eHoRK2GlrCrJr8wKZ
x7SEwsyXryWXNXB90h4rvQsczDaErY7CVLlc9em0rU3rWS2oYFRtW7ow0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMZqKcdt7D2IvpLjSeDcrAghFtmGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveG1vcHgyM3NQWWkta3VOSjROeXNDQ0VXMllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVVqAwQA
LuX/AwQAudl0AwQAwRNsAwQAwvICAwQAy59SMA0GCSqGSIb3DQEBCwUAA4IBAQBr
6T/CGbumZh9oIWQhqaSomU/bXBOv3vNEtwy0Itbb3D/d0yd9Codz92sMGfq7Mds6
YkS8BQqCWYSfAJ/OHIg22eyjErHSF2CqiMJrufLCxyKMmZ3mczWLMRNl7bSxqPRY
byv2r6VXwt+sEqBt4ts3jjRXv/Pnlj80kh9xoaRZMpp2Wz3OItjDGIrw7p1VJ/0J
COIH6UBBmCCntE23wCXxw52cqVX00E6UQMMW4ajiyacg9wmPn6RM4pN1OZHSd3aY
LdN0bG1JxiESFpoSFC8KSasyo1/O8Xlnn5uAg+A4MV9gqS6l+VAPnoI3JjV3PJmR
6DAutW+ipzumpydZS+Uo
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:08:05 2024 by rpki-client on console-fra.rpki-client.org