Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/XMxj-_vGRo1cP1FdykQmMlQsZNo.roa
File: XMxj-_vGRo1cP1FdykQmMlQsZNo.roa (raw, json)
Hash identifier: U77Klp6QozRj4GmXaEu2v+gCGo3OJpYWJliQammC7WE=
Subject key identifier: 5C:CC:63:FB:FB:C6:46:8D:5C:3F:51:5D:CA:44:26:32:54:2C:64:DA
Certificate issuer: /CN=6c91d7d5f5ce57926c903973ecbf112bfae1530d
Certificate serial: 018CC6B79EC99C6810F5AE52C16D4A3E784D
Authority key identifier: 6C:91:D7:D5:F5:CE:57:92:6C:90:39:73:EC:BF:11:2B:FA:E1:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bJHX1fXOV5JskDlz7L8RK_rhUw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/XMxj-_vGRo1cP1FdykQmMlQsZNo.roa
Signing time: Mon 01 Jan 2024 20:29:31 +0000
ROA not before: Mon 01 Jan 2024 20:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196881
IP address blocks: 185.135.36.0/24 maxlen: 24
185.135.36.0/22 maxlen: 22
185.135.37.0/24 maxlen: 24
185.135.38.0/24 maxlen: 24
93.190.112.0/24 maxlen: 24
93.190.113.0/24 maxlen: 24
93.190.114.0/24 maxlen: 24
93.190.115.0/24 maxlen: 24
93.190.116.0/24 maxlen: 24
93.190.117.0/24 maxlen: 24
93.190.118.0/24 maxlen: 24
93.190.112.0/21 maxlen: 21
93.190.119.0/24 maxlen: 24
185.135.39.0/24 maxlen: 24
2a05:5b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/bJHX1fXOV5JskDlz7L8RK_rhUw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/bJHX1fXOV5JskDlz7L8RK_rhUw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bJHX1fXOV5JskDlz7L8RK_rhUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:9e:c9:9c:68:10:f5:ae:52:c1:6d:4a:3e:78:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c91d7d5f5ce57926c903973ecbf112bfae1530d
Validity
Not Before: Jan 1 20:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ccc63fbfbc6468d5c3f515dca442632542c64da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0b:4d:23:b2:89:1f:8e:bb:73:98:5b:c0:de:
40:1e:2d:9a:7d:2f:94:f9:c2:9c:2c:a8:07:eb:5e:
3f:3b:b0:4f:50:66:6f:2f:1a:23:14:7f:0e:3c:ac:
dd:5f:de:eb:8a:1e:fb:6b:a2:46:97:8c:c5:fd:7e:
f7:5d:9c:5b:3c:cb:42:44:62:05:da:3f:9d:17:63:
5b:49:28:f1:8d:5a:39:35:cb:e4:b4:de:f7:dc:8a:
40:df:9d:f9:d0:4e:89:a7:95:10:13:75:00:40:32:
5b:a7:23:1e:e1:ed:e0:a0:8a:b7:14:fc:e4:22:d9:
65:42:8b:79:27:ff:22:40:3f:a0:2c:2a:55:a4:a7:
3d:c9:29:bf:e5:0f:ee:36:33:f8:a9:c2:7e:b7:02:
d9:a8:51:20:0a:02:48:08:9e:09:1d:c7:12:3d:e2:
e1:e4:80:a0:a1:4a:68:8b:09:e4:a8:99:bd:87:09:
6e:65:e8:42:d8:48:ae:cd:a9:54:44:f7:0a:4d:d8:
2d:ac:51:7b:2f:5d:70:59:37:6d:de:d5:b9:6a:85:
45:6a:06:30:9e:1a:e5:60:fa:75:b4:99:29:f9:ad:
67:24:d8:8e:82:d1:16:59:14:74:28:de:36:24:b0:
4c:f4:bc:28:c4:19:97:ed:ee:e4:7a:9d:dc:1e:6a:
36:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:CC:63:FB:FB:C6:46:8D:5C:3F:51:5D:CA:44:26:32:54:2C:64:DA
X509v3 Authority Key Identifier:
keyid:6C:91:D7:D5:F5:CE:57:92:6C:90:39:73:EC:BF:11:2B:FA:E1:53:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bJHX1fXOV5JskDlz7L8RK_rhUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/XMxj-_vGRo1cP1FdykQmMlQsZNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/dd3fc8-47dc-4a36-8734-45d84da39874/1/bJHX1fXOV5JskDlz7L8RK_rhUw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.112.0/21
185.135.36.0/22
IPv6:
2a05:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
02:18:af:ce:81:72:d9:a5:c2:10:11:b9:30:cf:18:48:0d:40:
14:47:2d:b1:1f:38:b7:c2:0c:c3:ff:c7:6f:f0:be:1e:84:0c:
e0:47:3e:60:68:b1:1f:74:ca:32:03:ca:f9:de:96:34:94:0c:
ff:fe:d3:99:98:e7:28:83:4b:ac:99:16:00:ed:6c:16:e6:43:
51:d6:d6:b2:a3:52:00:a1:21:07:34:b1:46:34:c0:5b:10:84:
be:22:7b:64:19:f6:26:82:33:3b:4e:7c:c8:23:13:1d:1e:2b:
4a:21:88:32:fe:48:88:79:9b:32:72:54:69:28:78:82:fd:c4:
63:48:84:a7:cd:09:2e:af:3c:c8:5a:47:ec:ca:b2:46:7a:4c:
e7:72:14:d7:01:89:92:69:22:97:0a:1d:ed:fb:00:5d:e6:71:
5b:fe:1d:ad:7a:a0:92:e3:b0:67:2f:f0:82:ed:08:0f:5f:46:
72:93:35:18:0e:06:f6:59:3c:24:8c:7c:25:08:a5:de:39:fd:
8f:d0:96:bd:8a:12:bf:c8:6e:26:9d:29:f9:ef:20:73:8c:1f:
8a:7f:a9:8e:ef:74:de:45:bf:59:2e:73:1e:3e:a5:89:0e:db:
00:ba:d2:7c:4a:b3:fd:6b:1a:60:ee:34:a5:5e:6d:11:90:41:
33:dd:d2:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGt57JnGgQ9a5SwW1KPnhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOTFkN2Q1ZjVjZTU3OTI2YzkwMzk3M2VjYmYxMTJiZmFl
MTUzMGQwHhcNMjQwMTAxMjAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NjNjNmYmZiYzY0NjhkNWMzZjUxNWRjYTQ0MjYzMjU0MmM2NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwtNI7KJH467c5hbwN5AHi2afS+U
+cKcLKgH614/O7BPUGZvLxojFH8OPKzdX97rih77a6JGl4zF/X73XZxbPMtCRGIF
2j+dF2NbSSjxjVo5NcvktN733IpA35350E6Jp5UQE3UAQDJbpyMe4e3goIq3FPzk
ItllQot5J/8iQD+gLCpVpKc9ySm/5Q/uNjP4qcJ+twLZqFEgCgJICJ4JHccSPeLh
5ICgoUpoiwnkqJm9hwluZehC2EiuzalURPcKTdgtrFF7L11wWTdt3tW5aoVFagYw
nhrlYPp1tJkp+a1nJNiOgtEWWRR0KN42JLBM9LwoxBmX7e7kep3cHmo29QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFzMY/v7xkaNXD9RXcpEJjJULGTaMB8GA1UdIwQY
MBaAFGyR19X1zleSbJA5c+y/ESv64VMNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkpIWDFmWE9WNUpza0RsejdMOFJLX3JoVXcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9kZDNmYzgtNDdkYy00YTM2LTg3MzQt
NDVkODRkYTM5ODc0LzEvWE14ai1fdkdSbzFjUDFGZHlrUW1NbFFzWk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9kZDNmYzgtNDdkYy00YTM2LTg3MzQtNDVkODRkYTM5ODc0
LzEvYkpIWDFmWE9WNUpza0RsejdMOFJLX3JoVXcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXb5wAwQC
uYckMA0EAgACMAcDBQMqBVsAMA0GCSqGSIb3DQEBCwUAA4IBAQACGK/OgXLZpcIQ
EbkwzxhIDUAURy2xHzi3wgzD/8dv8L4ehAzgRz5gaLEfdMoyA8r53pY0lAz//tOZ
mOcog0usmRYA7WwW5kNR1tayo1IAoSEHNLFGNMBbEIS+IntkGfYmgjM7TnzIIxMd
HitKIYgy/kiIeZsyclRpKHiC/cRjSISnzQkurzzIWkfsyrJGekznchTXAYmSaSKX
Ch3t+wBd5nFb/h2teqCS47BnL/CC7QgPX0ZykzUYDgb2WTwkjHwlCKXeOf2P0Ja9
ihK/yG4mnSn57yBzjB+Kf6mO73TeRb9ZLnMePqWJDtsAutJ8SrP9axpg7jSlXm0R
kEEz3dJ1
-----END CERTIFICATE-----
Generated at Sat Jun 22 09:47:50 2024 by rpki-client on console-ams.rpki-client.org