Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/xznBK4Ufz1GkTQ5VLhlpbsocvnA.roa
File: xznBK4Ufz1GkTQ5VLhlpbsocvnA.roa (raw, json)
Hash identifier: MMiCgfXzRAf7K1FCFJn/e98o/tQg4auDDHhS6ZgjRc4=
Subject key identifier: C7:39:C1:2B:85:1F:CF:51:A4:4D:0E:55:2E:19:69:6E:CA:1C:BE:70
Certificate issuer: /CN=5db58c45bee251fc7575a63e5b490dec6114e6ca
Certificate serial: 018CC6B840516F392ADB4C6A0504AA4B5021
Authority key identifier: 5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/xznBK4Ufz1GkTQ5VLhlpbsocvnA.roa
Signing time: Mon 01 Jan 2024 20:30:12 +0000
ROA not before: Mon 01 Jan 2024 20:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43231
IP address blocks: 185.188.38.0/24 maxlen: 24
185.188.37.0/24 maxlen: 24
185.188.36.0/24 maxlen: 24
185.188.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.mft
rsync://rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:40:51:6f:39:2a:db:4c:6a:05:04:aa:4b:50:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5db58c45bee251fc7575a63e5b490dec6114e6ca
Validity
Not Before: Jan 1 20:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c739c12b851fcf51a44d0e552e19696eca1cbe70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d6:fb:09:e6:93:88:51:30:c0:2b:a4:ec:7c:
1d:57:c9:6c:be:53:80:46:ff:0f:89:0b:43:7c:3c:
3f:1a:e6:98:7a:45:50:9b:d0:e5:c3:86:fc:7e:3d:
35:2e:aa:93:c5:06:1d:b7:5c:ff:a0:3b:45:de:d0:
98:19:60:d5:7b:b4:08:a7:34:af:ca:c1:db:f7:ae:
8c:2f:58:bf:9f:30:bb:1b:6d:82:9e:ac:84:e9:e1:
09:dd:64:a7:1b:ff:78:85:a1:b4:66:8f:26:b7:db:
7e:d7:e9:32:c2:68:c7:bc:b8:9a:96:0b:9a:fe:00:
3f:6d:62:47:3d:b3:36:89:a7:e8:10:3c:2b:4b:b2:
28:96:9d:36:be:11:9a:d3:5b:4d:a1:43:69:db:4c:
da:fe:5e:bb:c4:4c:f2:8b:eb:93:39:de:7f:cf:3b:
1c:ae:7f:ef:12:0d:a0:bc:57:78:ab:86:e4:65:2a:
6d:e2:55:e1:d3:1e:8f:1d:29:8a:98:e0:75:63:c6:
d2:f7:d8:24:13:bd:4e:97:25:f0:92:c7:35:7f:d9:
95:19:0b:fa:f2:d2:ad:3c:e6:8e:13:b8:c8:34:db:
61:11:6f:7b:4c:d6:1d:a4:fe:1d:7f:53:38:73:75:
05:6a:8f:4d:8b:ea:91:20:0e:98:78:b0:e1:c0:e4:
77:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:39:C1:2B:85:1F:CF:51:A4:4D:0E:55:2E:19:69:6E:CA:1C:BE:70
X509v3 Authority Key Identifier:
keyid:5D:B5:8C:45:BE:E2:51:FC:75:75:A6:3E:5B:49:0D:EC:61:14:E6:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XbWMRb7iUfx1daY-W0kN7GEU5so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/xznBK4Ufz1GkTQ5VLhlpbsocvnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/adf93d-98da-41cc-8a6d-9c2ad475a231/1/XbWMRb7iUfx1daY-W0kN7GEU5so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.36.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:aa:e0:c2:f8:3f:1d:74:cb:2c:94:f7:0d:c9:45:93:f4:7a:
59:15:81:d5:96:ba:f5:6c:96:63:c0:b9:a2:b9:38:2c:c7:bb:
f9:50:83:01:19:73:96:b7:86:e5:82:3f:2f:a9:a3:58:ef:98:
91:28:9e:e8:a3:68:1f:aa:6b:7d:03:32:78:35:bf:96:6d:5b:
8f:f2:6b:be:22:ac:5b:35:9e:86:6f:b7:90:1d:0f:b1:a9:97:
3c:c6:52:24:b0:29:6a:d0:21:c2:45:4f:f4:30:76:47:0a:3f:
14:d8:9b:c3:4b:92:c5:0e:6b:2f:3f:97:48:35:0b:c5:4b:6f:
74:30:2b:53:de:ac:e6:c1:40:7b:00:32:65:7d:13:38:0f:f5:
eb:77:4c:02:d9:75:b8:cf:7c:04:db:7d:bb:d4:f9:fa:09:64:
7b:be:5e:96:97:8c:8d:d2:79:71:a5:0c:d3:5d:00:b3:19:f0:
6a:66:84:eb:75:8d:a9:7a:7f:c1:66:5a:e2:61:c1:90:c1:b9:
63:cc:e1:a9:4b:a6:4c:51:05:04:18:70:14:32:27:ee:5e:14:
80:8d:9e:2f:cc:21:92:91:3c:d6:a4:23:4a:32:e1:3e:e6:8a:
bb:2b:b4:7f:5e:11:a5:a7:e4:68:8b:3c:15:c2:81:59:6e:30:
32:59:82:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuEBRbzkq20xqBQSqS1AhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYjU4YzQ1YmVlMjUxZmM3NTc1YTYzZTViNDkwZGVjNjEx
NGU2Y2EwHhcNMjQwMTAxMjAzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzM5YzEyYjg1MWZjZjUxYTQ0ZDBlNTUyZTE5Njk2ZWNhMWNiZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNb7CeaTiFEwwCuk7HwdV8lsvlOA
Rv8PiQtDfDw/GuaYekVQm9Dlw4b8fj01LqqTxQYdt1z/oDtF3tCYGWDVe7QIpzSv
ysHb966ML1i/nzC7G22CnqyE6eEJ3WSnG/94haG0Zo8mt9t+1+kywmjHvLialgua
/gA/bWJHPbM2iafoEDwrS7Iolp02vhGa01tNoUNp20za/l67xEzyi+uTOd5/zzsc
rn/vEg2gvFd4q4bkZSpt4lXh0x6PHSmKmOB1Y8bS99gkE71OlyXwksc1f9mVGQv6
8tKtPOaOE7jINNthEW97TNYdpP4df1M4c3UFao9Ni+qRIA6YeLDhwOR3DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMc5wSuFH89RpE0OVS4ZaW7KHL5wMB8GA1UdIwQY
MBaAFF21jEW+4lH8dXWmPltJDexhFObKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGJXTVJiN2lVZngxZGFZLVcwa043R0VVNXNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hZGY5M2QtOThkYS00MWNjLThhNmQt
OWMyYWQ0NzVhMjMxLzEveHpuQks0VWZ6MUdrVFE1VkxobHBic29jdm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hZGY5M2QtOThkYS00MWNjLThhNmQtOWMyYWQ0NzVhMjMx
LzEvWGJXTVJiN2lVZngxZGFZLVcwa043R0VVNXNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubwkMA0G
CSqGSIb3DQEBCwUAA4IBAQCbquDC+D8ddMsslPcNyUWT9HpZFYHVlrr1bJZjwLmi
uTgsx7v5UIMBGXOWt4blgj8vqaNY75iRKJ7oo2gfqmt9AzJ4Nb+WbVuP8mu+Iqxb
NZ6Gb7eQHQ+xqZc8xlIksClq0CHCRU/0MHZHCj8U2JvDS5LFDmsvP5dINQvFS290
MCtT3qzmwUB7ADJlfRM4D/Xrd0wC2XW4z3wE23271Pn6CWR7vl6Wl4yN0nlxpQzT
XQCzGfBqZoTrdY2pen/BZlriYcGQwbljzOGpS6ZMUQUEGHAUMifuXhSAjZ4vzCGS
kTzWpCNKMuE+5oq7K7R/XhGlp+RoizwVwoFZbjAyWYLg
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:43:08 2024 by rpki-client on console-fra.rpki-client.org