Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/XQ6LqdBKZO6izOm1W-YpTeJpeps.roa
File: XQ6LqdBKZO6izOm1W-YpTeJpeps.roa (raw, json)
Hash identifier: NFDDx9pebt/GfssmAMa8eDiIYsTIR8zA3ZUSZp4rojA=
Subject key identifier: 5D:0E:8B:A9:D0:4A:64:EE:A2:CC:E9:B5:5B:E6:29:4D:E2:69:7A:9B
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018CC348F93B910DD9304CE31BDED1363227
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/XQ6LqdBKZO6izOm1W-YpTeJpeps.roa
Signing time: Mon 01 Jan 2024 04:29:48 +0000
ROA not before: Mon 01 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15948
IP address blocks: 195.251.205.0/24 maxlen: 24
195.251.206.0/23 maxlen: 23
194.177.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f9:3b:91:0d:d9:30:4c:e3:1b:de:d1:36:32:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d0e8ba9d04a64eea2cce9b55be6294de2697a9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:64:22:59:51:db:d1:78:78:fb:a7:4a:d8:82:
df:ea:01:99:ec:38:59:43:6b:ef:d6:bc:c8:f5:4c:
f0:5b:db:bc:0d:02:4e:a6:74:2b:8c:98:b1:5b:c4:
0f:bf:ee:51:55:bc:d9:02:81:78:85:b1:1a:a6:64:
7a:2c:9c:1a:05:6f:bf:ed:1a:a4:bf:b5:67:3d:1e:
5a:6e:c7:83:61:df:4e:1f:79:7b:48:b5:3a:e6:3c:
80:35:aa:75:df:84:fb:14:3f:78:a3:c8:fe:1a:54:
bd:6c:8a:d1:c8:ed:fb:62:13:e3:70:47:50:68:3f:
90:1d:02:76:75:0b:4d:00:3f:bf:15:f0:f8:5f:d9:
ad:85:cf:46:63:0d:4c:26:b6:2c:ec:95:d7:2b:3c:
9d:48:83:27:0b:fe:8f:b4:d0:a3:f0:14:75:ad:24:
10:2a:b4:7a:bf:cf:b4:a1:9f:94:eb:1a:3f:a3:df:
f2:e2:47:44:45:b9:d5:a9:93:8c:34:0c:68:18:3c:
64:f6:ff:4f:e3:f3:b7:18:c6:1c:ca:40:a7:53:ac:
84:d9:6a:b4:76:5f:af:e7:aa:14:6d:4f:1c:f5:b0:
74:b2:77:02:a8:ad:68:15:a6:d4:ef:44:8c:18:f6:
8f:b6:41:8e:4e:19:af:43:d4:f0:32:28:b4:c9:e1:
a1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0E:8B:A9:D0:4A:64:EE:A2:CC:E9:B5:5B:E6:29:4D:E2:69:7A:9B
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/XQ6LqdBKZO6izOm1W-YpTeJpeps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.177.193.0/24
195.251.205.0-195.251.207.255
Signature Algorithm: sha256WithRSAEncryption
80:57:2e:74:9e:09:ca:f3:1e:1c:17:8b:a8:2d:cd:fc:2c:d0:
5c:96:06:80:00:80:86:5d:f2:4c:b1:e2:48:99:70:76:40:8e:
40:ae:1d:65:c9:8a:c6:49:36:87:69:89:d6:13:27:51:75:8b:
0f:92:d9:4b:ac:d7:84:ce:59:e1:73:cb:2a:d5:9a:f7:33:5f:
9d:08:29:a9:80:fa:ff:e8:13:07:a1:18:cd:91:b8:d8:cc:2a:
9d:2c:72:c6:1b:3e:42:c5:e0:95:59:14:ac:1d:1e:b9:9f:a3:
4e:1e:14:08:04:ce:35:29:2e:a0:e7:4c:c9:3d:aa:06:3e:0f:
9f:1d:f1:67:17:06:2b:41:11:b1:9b:e9:5a:05:10:e6:ca:a5:
f2:bd:83:8b:ee:66:e4:9e:36:9c:b9:57:7c:40:d4:9a:06:18:
11:91:11:ea:22:f2:94:7b:1c:f2:e9:16:14:0b:d9:14:79:d9:
6c:aa:1d:79:88:27:32:de:44:b4:45:2e:5d:97:2f:f8:71:a9:
8e:48:a1:a5:23:aa:73:a2:d8:65:7a:0e:3a:f7:b7:17:ef:54:
b4:82:7e:c1:9c:ea:09:65:c5:26:e8:8f:02:f7:c2:0e:21:19:
b7:d4:29:90:80:19:9b:60:41:1c:3b:ef:a9:49:5b:4f:da:bf:
e8:c6:42:7b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDSPk7kQ3ZMEzjG97RNjInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBlOGJhOWQwNGE2NGVlYTJjY2U5YjU1YmU2Mjk0ZGUyNjk3YTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomQiWVHb0Xh4+6dK2ILf6gGZ7DhZ
Q2vv1rzI9UzwW9u8DQJOpnQrjJixW8QPv+5RVbzZAoF4hbEapmR6LJwaBW+/7Rqk
v7VnPR5abseDYd9OH3l7SLU65jyANap134T7FD94o8j+GlS9bIrRyO37YhPjcEdQ
aD+QHQJ2dQtNAD+/FfD4X9mthc9GYw1MJrYs7JXXKzydSIMnC/6PtNCj8BR1rSQQ
KrR6v8+0oZ+U6xo/o9/y4kdERbnVqZOMNAxoGDxk9v9P4/O3GMYcykCnU6yE2Wq0
dl+v56oUbU8c9bB0sncCqK1oFabU70SMGPaPtkGOThmvQ9TwMii0yeGhMQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF0Oi6nQSmTuoszptVvmKU3iaXqbMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvWFE2THFkQktaTzZpek9tMVctWXBUZUpwZXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAwrHBMAwD
BADD+80DBATD+8AwDQYJKoZIhvcNAQELBQADggEBAIBXLnSeCcrzHhwXi6gtzfws
0FyWBoAAgIZd8kyx4kiZcHZAjkCuHWXJisZJNodpidYTJ1F1iw+S2Uus14TOWeFz
yyrVmvczX50IKamA+v/oEwehGM2RuNjMKp0scsYbPkLF4JVZFKwdHrmfo04eFAgE
zjUpLqDnTMk9qgY+D58d8WcXBitBEbGb6VoFEObKpfK9g4vuZuSeNpy5V3xA1JoG
GBGREeoi8pR7HPLpFhQL2RR52WyqHXmIJzLeRLRFLl2XL/hxqY5IoaUjqnOi2GV6
Djr3txfvVLSCfsGc6gllxSbojwL3wg4hGbfUKZCAGZtgQRw776lJW0/av+jGQns=
-----END CERTIFICATE-----
Generated at Mon Jul 1 12:33:31 2024 by rpki-client on console-ams.rpki-client.org