Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/XJBM185YkEpjI50g8URma8xcD-I.roa
File: XJBM185YkEpjI50g8URma8xcD-I.roa (raw, json)
Hash identifier: Ravtas4upuE/Uu3xoLahZUs2hpQ4Ce8YIpi9BxUrJJ8=
Subject key identifier: 5C:90:4C:D7:CE:58:90:4A:63:23:9D:20:F1:44:66:6B:CC:5C:0F:E2
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 018CC64B0F9662D733C567B022051D0CAC02
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/XJBM185YkEpjI50g8URma8xcD-I.roa
Signing time: Mon 01 Jan 2024 18:30:57 +0000
ROA not before: Mon 01 Jan 2024 18:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57193
IP address blocks: 185.11.244.0/24 maxlen: 24
185.11.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:0f:96:62:d7:33:c5:67:b0:22:05:1d:0c:ac:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Jan 1 18:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c904cd7ce58904a63239d20f144666bcc5c0fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d1:a0:68:58:65:fd:1d:7f:09:b9:32:47:34:
b5:d4:16:05:6c:87:e9:06:fb:58:61:e5:23:64:50:
f7:23:ec:79:fc:73:89:f0:0c:72:c7:fc:24:e9:02:
1c:c1:59:09:65:e2:df:99:59:83:b4:46:19:5d:41:
18:b6:0b:e8:10:03:aa:e1:07:3e:a8:f2:87:95:78:
15:b6:ba:03:93:8c:51:78:ac:55:bb:7e:63:c2:83:
f4:91:24:fc:fd:83:d9:4b:4e:7d:7b:f5:79:d6:0f:
f7:4a:02:fb:38:57:25:7b:c4:07:d7:6f:7a:ff:67:
2f:da:fa:f7:c3:ed:16:27:1b:db:e2:36:58:ef:0d:
e8:06:c2:3c:c8:43:36:ba:8c:70:c7:34:d9:64:7a:
9e:09:87:34:69:8f:99:ab:d3:3b:47:f9:e5:bb:77:
19:5b:43:40:bc:26:5c:32:1b:22:20:f4:ef:72:c0:
8b:94:82:11:db:b7:36:49:a5:ee:f4:03:31:69:13:
fa:73:69:1c:2a:d8:46:08:14:25:1d:39:37:31:de:
ad:df:04:d3:97:30:4b:8c:2a:fe:26:e3:f3:4c:e7:
5c:5c:0b:b2:30:f2:31:88:73:3c:6e:ac:06:86:97:
ab:1c:00:1f:a8:ec:39:91:5a:c6:14:66:63:d3:35:
29:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:90:4C:D7:CE:58:90:4A:63:23:9D:20:F1:44:66:6B:CC:5C:0F:E2
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/XJBM185YkEpjI50g8URma8xcD-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.244.0/23
Signature Algorithm: sha256WithRSAEncryption
30:06:b9:51:6e:9a:6d:e2:27:55:48:84:df:17:94:bf:1d:1e:
ac:31:93:ee:15:30:b3:03:67:ed:eb:06:b0:b5:18:90:8a:ca:
ff:0c:38:32:fc:d1:2e:2b:a6:42:0b:33:31:fb:1a:ad:ad:61:
d8:4e:4a:a0:ed:d7:5c:31:ec:bb:85:9e:ce:23:a5:27:24:b2:
7c:b0:90:37:47:82:a9:3b:78:5c:3f:be:49:2a:eb:a2:98:96:
cf:a9:f5:0a:19:39:32:59:fe:08:43:fc:e0:78:95:c3:71:cb:
41:20:c3:2b:1e:a9:49:39:8a:2c:52:88:94:b3:92:f1:f0:fe:
bd:10:e1:46:a9:48:18:40:86:14:25:8b:7d:44:e8:33:35:a8:
b7:46:8a:d5:69:70:61:cb:ac:ec:48:2f:e6:79:ff:de:97:50:
0a:22:02:8c:86:46:b4:75:74:27:8a:cc:40:69:af:b4:f5:9d:
48:9c:26:38:c1:8a:66:38:40:b1:d5:3a:c8:ab:79:a0:9d:b0:
0a:49:85:59:3e:64:6a:d1:98:e1:49:4c:43:4c:6c:94:cc:62:
60:8f:18:f1:1f:fa:07:bd:48:d7:1b:06:52:0d:43:8b:a9:01:
8a:e7:d9:ad:ec:da:58:a3:37:37:9a:d7:30:b9:6c:4a:41:20:
2d:0b:22:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSw+WYtczxWewIgUdDKwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjQwMTAxMTgzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzkwNGNkN2NlNTg5MDRhNjMyMzlkMjBmMTQ0NjY2YmNjNWMwZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNGgaFhl/R1/CbkyRzS11BYFbIfp
BvtYYeUjZFD3I+x5/HOJ8Axyx/wk6QIcwVkJZeLfmVmDtEYZXUEYtgvoEAOq4Qc+
qPKHlXgVtroDk4xReKxVu35jwoP0kST8/YPZS059e/V51g/3SgL7OFcle8QH1296
/2cv2vr3w+0WJxvb4jZY7w3oBsI8yEM2uoxwxzTZZHqeCYc0aY+Zq9M7R/nlu3cZ
W0NAvCZcMhsiIPTvcsCLlIIR27c2SaXu9AMxaRP6c2kcKthGCBQlHTk3Md6t3wTT
lzBLjCr+JuPzTOdcXAuyMPIxiHM8bqwGhperHAAfqOw5kVrGFGZj0zUpTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyQTNfOWJBKYyOdIPFEZmvMXA/iMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvWEpCTTE4NVlrRXBqSTUwZzhVUm1hOHhjRC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQv0MA0G
CSqGSIb3DQEBCwUAA4IBAQAwBrlRbppt4idVSITfF5S/HR6sMZPuFTCzA2ft6waw
tRiQisr/DDgy/NEuK6ZCCzMx+xqtrWHYTkqg7ddcMey7hZ7OI6UnJLJ8sJA3R4Kp
O3hcP75JKuuimJbPqfUKGTkyWf4IQ/zgeJXDcctBIMMrHqlJOYosUoiUs5Lx8P69
EOFGqUgYQIYUJYt9ROgzNai3RorVaXBhy6zsSC/mef/el1AKIgKMhka0dXQnisxA
aa+09Z1InCY4wYpmOECx1TrIq3mgnbAKSYVZPmRq0ZjhSUxDTGyUzGJgjxjxH/oH
vUjXGwZSDUOLqQGK59mt7NpYozc3mtcwuWxKQSAtCyJ0
-----END CERTIFICATE-----
Generated at Sat Sep 28 23:08:01 2024 by rpki-client on console-fra.rpki-client.org