Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/xTZa57VZgLEqu3rGM8QLgFc3Xl8.roa
File: xTZa57VZgLEqu3rGM8QLgFc3Xl8.roa (raw, json)
Hash identifier: iurG/6YfPSPu2qkVLzNWYqfFL9tJP2GaKPdV1HUc8Oo=
Subject key identifier: C5:36:5A:E7:B5:59:80:B1:2A:BB:7A:C6:33:C4:0B:80:57:37:5E:5F
Certificate issuer: /CN=1ba5167888397ff9caa844f554ff837cfdbf9722
Certificate serial: 018CC5DC5BC339B92418791EFDAC38DB4EB9
Authority key identifier: 1B:A5:16:78:88:39:7F:F9:CA:A8:44:F5:54:FF:83:7C:FD:BF:97:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UWeIg5f_nKqET1VP-DfP2_lyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/xTZa57VZgLEqu3rGM8QLgFc3Xl8.roa
Signing time: Mon 01 Jan 2024 16:30:02 +0000
ROA not before: Mon 01 Jan 2024 16:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9063
IP address blocks: 185.44.200.0/22 maxlen: 22
2a01:7820::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/G6UWeIg5f_nKqET1VP-DfP2_lyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/G6UWeIg5f_nKqET1VP-DfP2_lyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/G6UWeIg5f_nKqET1VP-DfP2_lyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5b:c3:39:b9:24:18:79:1e:fd:ac:38:db:4e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba5167888397ff9caa844f554ff837cfdbf9722
Validity
Not Before: Jan 1 16:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5365ae7b55980b12abb7ac633c40b8057375e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:59:d2:51:6c:5d:9d:20:6d:7d:fa:b9:9c:c6:
d4:02:63:b8:0a:5d:0d:04:b6:16:dd:c5:06:aa:be:
9e:e8:59:3d:20:f6:a5:8d:5b:94:79:5e:c1:17:84:
9c:0f:83:4f:06:1d:06:f2:5c:60:74:18:f4:73:5f:
01:bb:42:26:7d:5f:f4:7a:10:c3:33:4d:c7:a3:64:
fa:04:f0:b5:aa:85:32:06:2f:de:63:97:f4:1b:74:
2b:a3:2e:76:2e:91:d8:4b:6d:f8:6e:3a:60:2c:c9:
bd:9d:8a:53:b8:16:43:a6:60:71:99:5e:e4:47:5c:
13:62:b9:9e:37:74:5b:1c:ad:e8:1a:91:cc:8f:34:
55:e0:5a:77:ec:e2:71:6b:ad:2e:36:52:64:5b:f2:
67:72:fa:55:b6:d1:ec:74:3c:e5:02:b0:5c:66:82:
ed:ad:8d:48:e9:15:65:90:8b:c8:23:66:50:3a:95:
21:0b:8f:8e:e4:1a:e5:0b:25:18:0f:90:ac:0f:bd:
22:77:6d:61:d2:b4:3c:66:84:1c:64:28:ee:7a:4c:
fe:36:64:c2:44:21:c7:d8:5d:53:aa:3a:b9:4f:4d:
de:a8:2c:cc:48:0b:b2:c7:f4:30:e5:72:59:37:a3:
3d:dc:e3:6d:da:3e:0f:33:90:e9:d2:f6:16:af:f6:
b2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:36:5A:E7:B5:59:80:B1:2A:BB:7A:C6:33:C4:0B:80:57:37:5E:5F
X509v3 Authority Key Identifier:
keyid:1B:A5:16:78:88:39:7F:F9:CA:A8:44:F5:54:FF:83:7C:FD:BF:97:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UWeIg5f_nKqET1VP-DfP2_lyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/xTZa57VZgLEqu3rGM8QLgFc3Xl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/066478-b066-4736-ad9f-53f41dfe407f/1/G6UWeIg5f_nKqET1VP-DfP2_lyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.200.0/22
IPv6:
2a01:7820::/32
Signature Algorithm: sha256WithRSAEncryption
a3:ab:77:7c:35:5e:fc:7c:55:b9:8c:b1:92:66:c5:94:51:b6:
e2:ef:63:24:79:15:fa:85:c1:8c:18:e6:2a:d6:47:93:82:73:
52:2f:82:e9:12:e2:9c:40:0d:56:c1:10:9e:b8:39:e1:95:8a:
8a:0d:7a:72:73:33:8e:f6:74:6d:4a:a2:09:d1:a2:40:40:60:
07:83:97:ff:90:b3:e7:02:90:e2:92:d8:da:74:bc:86:97:e8:
6c:f9:4b:cf:fa:ff:1d:9f:b5:aa:9f:e9:3f:6f:46:f7:99:88:
e7:5a:02:23:2c:3d:76:18:6b:06:3c:61:fb:c8:39:13:83:7f:
2e:ab:7e:e8:6e:2c:6f:ee:25:2d:e4:21:14:67:09:d4:dd:cc:
71:23:84:3d:b3:10:82:74:57:ea:14:b4:b1:bf:78:67:b1:57:
2d:ef:45:00:16:c2:9d:14:4e:23:00:3d:2e:82:f2:8c:ad:4e:
dc:7d:bb:9c:15:3f:ff:c9:61:bc:58:c9:96:23:6a:da:0a:0c:
cf:34:8f:da:83:72:72:4d:5a:f2:0e:10:db:63:dc:00:06:1f:
a6:d0:b9:c3:51:5b:3a:3a:1f:c4:0e:1a:98:4a:95:0f:33:8c:
86:1d:b1:04:d8:d5:a2:57:eb:84:c4:d4:03:8b:41:d2:88:67:
2f:44:07:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3FvDObkkGHke/aw42065MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxNjc4ODgzOTdmZjljYWE4NDRmNTU0ZmY4MzdjZmRi
Zjk3MjIwHhcNMjQwMTAxMTYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTM2NWFlN2I1NTk4MGIxMmFiYjdhYzYzM2M0MGI4MDU3Mzc1ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VnSUWxdnSBtffq5nMbUAmO4Cl0N
BLYW3cUGqr6e6Fk9IPaljVuUeV7BF4ScD4NPBh0G8lxgdBj0c18Bu0ImfV/0ehDD
M03Ho2T6BPC1qoUyBi/eY5f0G3Qroy52LpHYS234bjpgLMm9nYpTuBZDpmBxmV7k
R1wTYrmeN3RbHK3oGpHMjzRV4Fp37OJxa60uNlJkW/JncvpVttHsdDzlArBcZoLt
rY1I6RVlkIvII2ZQOpUhC4+O5BrlCyUYD5CsD70id21h0rQ8ZoQcZCjuekz+NmTC
RCHH2F1Tqjq5T03eqCzMSAuyx/Qw5XJZN6M93ONt2j4PM5Dp0vYWr/ayMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMU2Wue1WYCxKrt6xjPEC4BXN15fMB8GA1UdIwQY
MBaAFBulFniIOX/5yqhE9VT/g3z9v5ciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVV2VJZzVmX25LcUVUMVZQLURmUDJfbHlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wNjY0NzgtYjA2Ni00NzM2LWFkOWYt
NTNmNDFkZmU0MDdmLzEveFRaYTU3VlpnTEVxdTNyR004UUxnRmMzWGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wNjY0NzgtYjA2Ni00NzM2LWFkOWYtNTNmNDFkZmU0MDdm
LzEvRzZVV2VJZzVmX25LcUVUMVZQLURmUDJfbHlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSzIMA0E
AgACMAcDBQAqAXggMA0GCSqGSIb3DQEBCwUAA4IBAQCjq3d8NV78fFW5jLGSZsWU
Ubbi72MkeRX6hcGMGOYq1keTgnNSL4LpEuKcQA1WwRCeuDnhlYqKDXpyczOO9nRt
SqIJ0aJAQGAHg5f/kLPnApDiktjadLyGl+hs+UvP+v8dn7Wqn+k/b0b3mYjnWgIj
LD12GGsGPGH7yDkTg38uq37obixv7iUt5CEUZwnU3cxxI4Q9sxCCdFfqFLSxv3hn
sVct70UAFsKdFE4jAD0ugvKMrU7cfbucFT//yWG8WMmWI2raCgzPNI/ag3JyTVry
DhDbY9wABh+m0LnDUVs6Oh/EDhqYSpUPM4yGHbEE2NWiV+uExNQDi0HSiGcvRAd5
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:27 2024 by rpki-client on console-ams.rpki-client.org