Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/XgayTGRPii7vGNQ4I83xZae7HvU.roa
File: XgayTGRPii7vGNQ4I83xZae7HvU.roa (raw, json)
Hash identifier: eFqSXsa1zOkdBCdEtkCsBS8Oc8lY7vm1RYDgmzW/5Zs=
Subject key identifier: 5E:06:B2:4C:64:4F:8A:2E:EF:18:D4:38:23:CD:F1:65:A7:BB:1E:F5
Certificate issuer: /CN=c115b327e84761685022f47328d6f4cbd6d3041e
Certificate serial: 018CC26CFFDC69918871A494D04F48C553E9
Authority key identifier: C1:15:B3:27:E8:47:61:68:50:22:F4:73:28:D6:F4:CB:D6:D3:04:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wRWzJ-hHYWhQIvRzKNb0y9bTBB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/XgayTGRPii7vGNQ4I83xZae7HvU.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212714
IP address blocks: 185.152.172.0/22 maxlen: 24
2a11:180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/wRWzJ-hHYWhQIvRzKNb0y9bTBB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/wRWzJ-hHYWhQIvRzKNb0y9bTBB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wRWzJ-hHYWhQIvRzKNb0y9bTBB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:ff:dc:69:91:88:71:a4:94:d0:4f:48:c5:53:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c115b327e84761685022f47328d6f4cbd6d3041e
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e06b24c644f8a2eef18d43823cdf165a7bb1ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fa:15:e9:c1:6d:c8:0b:ac:c7:99:a7:a7:53:
15:07:2d:e9:fa:68:3d:11:79:e0:1d:b3:98:4a:c7:
39:f3:4c:79:bf:86:a7:d0:78:24:68:43:8f:47:3b:
4b:a6:9a:62:7f:95:a8:a8:f2:26:ae:46:a6:6e:e1:
aa:31:eb:9c:ed:9f:a1:90:29:01:e9:10:4b:d1:26:
55:43:8a:f2:1b:d1:14:6f:47:24:35:be:e4:61:17:
b5:88:fe:fe:8d:b8:d6:49:94:ba:40:84:81:1d:75:
b9:f2:f6:7d:5e:3a:95:77:2d:e2:6e:9f:1f:5b:78:
e8:c5:e0:66:a4:ff:36:16:91:76:50:3d:26:81:d6:
17:c8:56:50:95:e0:f0:d6:17:7b:33:19:9c:29:aa:
9c:e3:62:98:98:ea:14:b4:60:17:e8:61:ea:b8:ff:
99:c2:f2:69:d7:4f:85:a9:00:43:6f:9e:62:ac:2e:
62:e9:82:86:f6:82:f1:64:2d:e9:4d:4a:3f:2d:c3:
e9:aa:d0:cd:ca:73:cd:42:d1:41:a7:1f:03:a6:af:
c4:65:2d:42:ed:c9:f9:9c:1d:69:a8:38:41:3f:27:
eb:fd:83:0f:d8:43:86:c0:ed:81:87:f3:31:f3:38:
2b:60:48:34:c6:b0:58:7b:7f:73:df:bb:4b:89:e3:
33:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:06:B2:4C:64:4F:8A:2E:EF:18:D4:38:23:CD:F1:65:A7:BB:1E:F5
X509v3 Authority Key Identifier:
keyid:C1:15:B3:27:E8:47:61:68:50:22:F4:73:28:D6:F4:CB:D6:D3:04:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wRWzJ-hHYWhQIvRzKNb0y9bTBB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/XgayTGRPii7vGNQ4I83xZae7HvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a4bdf7-2579-4bd0-8a93-224fd78ef827/1/wRWzJ-hHYWhQIvRzKNb0y9bTBB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.172.0/22
IPv6:
2a11:180::/29
Signature Algorithm: sha256WithRSAEncryption
41:f5:84:fe:b8:fd:fe:11:d7:00:cf:03:f8:8d:ca:75:15:8c:
68:48:2a:f5:58:4e:7a:39:32:2b:96:ba:c3:2e:e6:c6:c8:f6:
a1:b3:57:f3:cd:f7:d9:1b:96:c8:4c:69:81:07:c8:83:ec:67:
b7:d8:3c:e3:7e:c9:e0:47:04:07:e8:66:58:74:8f:13:e3:e0:
1a:5e:73:b0:36:fb:cd:6e:e4:d4:34:e8:01:28:4a:af:d8:8a:
48:2a:26:06:7d:6e:33:01:f8:58:2c:09:cb:b3:1e:3f:50:d1:
20:95:ac:71:c2:f0:ae:72:34:09:55:1b:a7:52:77:42:e4:c0:
85:4f:aa:84:8e:aa:f3:83:7f:2c:72:87:3b:c3:ba:5c:49:f5:
04:ce:a7:78:b0:0c:f8:9d:3d:44:df:7b:17:38:41:c3:b4:01:
8c:2f:a5:d2:05:e2:4f:ce:82:55:d8:80:a5:7d:50:14:0a:d2:
43:85:21:6d:c1:51:b4:d3:eb:c0:cd:d2:11:39:a5:13:46:0a:
a2:65:51:35:82:eb:37:d0:51:f6:a4:26:f9:6c:1c:56:38:85:
f9:08:be:83:15:d7:57:c5:80:e4:ea:44:24:41:65:95:45:50:
b3:83:e0:bc:d4:c6:3b:58:57:e3:13:60:fb:7c:84:ca:5d:ad:
64:16:ff:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbP/caZGIcaSU0E9IxVPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMTViMzI3ZTg0NzYxNjg1MDIyZjQ3MzI4ZDZmNGNiZDZk
MzA0MWUwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA2YjI0YzY0NGY4YTJlZWYxOGQ0MzgyM2NkZjE2NWE3YmIxZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfoV6cFtyAusx5mnp1MVBy3p+mg9
EXngHbOYSsc580x5v4an0HgkaEOPRztLpppif5WoqPImrkambuGqMeuc7Z+hkCkB
6RBL0SZVQ4ryG9EUb0ckNb7kYRe1iP7+jbjWSZS6QISBHXW58vZ9XjqVdy3ibp8f
W3joxeBmpP82FpF2UD0mgdYXyFZQleDw1hd7MxmcKaqc42KYmOoUtGAX6GHquP+Z
wvJp10+FqQBDb55irC5i6YKG9oLxZC3pTUo/LcPpqtDNynPNQtFBpx8Dpq/EZS1C
7cn5nB1pqDhBPyfr/YMP2EOGwO2Bh/Mx8zgrYEg0xrBYe39z37tLieMzYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF4GskxkT4ou7xjUOCPN8WWnux71MB8GA1UdIwQY
MBaAFMEVsyfoR2FoUCL0cyjW9MvW0wQeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1JXekotaEhZV2hRSXZSektOYjB5OWJUQkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNGJkZjctMjU3OS00YmQwLThhOTMt
MjI0ZmQ3OGVmODI3LzEvWGdheVRHUlBpaTd2R05RNEk4M3haYWU3SHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNGJkZjctMjU3OS00YmQwLThhOTMtMjI0ZmQ3OGVmODI3
LzEvd1JXekotaEhZV2hRSXZSektOYjB5OWJUQkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZisMA0E
AgACMAcDBQMqEQGAMA0GCSqGSIb3DQEBCwUAA4IBAQBB9YT+uP3+EdcAzwP4jcp1
FYxoSCr1WE56OTIrlrrDLubGyPahs1fzzffZG5bITGmBB8iD7Ge32DzjfsngRwQH
6GZYdI8T4+AaXnOwNvvNbuTUNOgBKEqv2IpIKiYGfW4zAfhYLAnLsx4/UNEglaxx
wvCucjQJVRunUndC5MCFT6qEjqrzg38scoc7w7pcSfUEzqd4sAz4nT1E33sXOEHD
tAGML6XSBeJPzoJV2IClfVAUCtJDhSFtwVG00+vAzdIROaUTRgqiZVE1gus30FH2
pCb5bBxWOIX5CL6DFddXxYDk6kQkQWWVRVCzg+C81MY7WFfjE2D7fITKXa1kFv8O
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:43:25 2024 by rpki-client on console-fra.rpki-client.org