Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/XlIUpUTP2-af2tgPK1lWIHIj3no.roa
File: XlIUpUTP2-af2tgPK1lWIHIj3no.roa (raw, json)
Hash identifier: GFpaPjcsqpou00ufdmM7rQHdb/8jH3jfrKJYo43RZOw=
Subject key identifier: 5E:52:14:A5:44:CF:DB:E6:9F:DA:D8:0F:2B:59:56:20:72:23:DE:7A
Certificate issuer: /CN=c00935185c68036a0faedeeaaa6bfef4e62a0c93
Certificate serial: 018CC2DB3EF67F47139F280109AE95C99A75
Authority key identifier: C0:09:35:18:5C:68:03:6A:0F:AE:DE:EA:AA:6B:FE:F4:E6:2A:0C:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wAk1GFxoA2oPrt7qqmv-9OYqDJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/XlIUpUTP2-af2tgPK1lWIHIj3no.roa
Signing time: Mon 01 Jan 2024 02:29:57 +0000
ROA not before: Mon 01 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42697
IP address blocks: 185.27.0.0/22 maxlen: 22
185.27.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/wAk1GFxoA2oPrt7qqmv-9OYqDJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/wAk1GFxoA2oPrt7qqmv-9OYqDJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/wAk1GFxoA2oPrt7qqmv-9OYqDJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3e:f6:7f:47:13:9f:28:01:09:ae:95:c9:9a:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c00935185c68036a0faedeeaaa6bfef4e62a0c93
Validity
Not Before: Jan 1 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e5214a544cfdbe69fdad80f2b5956207223de7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ed:a8:2a:1a:30:bc:08:46:29:f6:0b:09:96:
f1:8d:68:5f:17:ee:e4:a0:ff:d4:72:01:ce:34:5f:
72:4d:03:69:97:b0:df:c8:be:d5:b6:af:26:93:40:
e0:b2:de:8a:b4:ae:1f:28:8e:90:ca:e7:ed:6b:43:
57:b7:6c:70:ab:8e:ee:cf:4a:9d:9e:7e:00:df:93:
5a:fc:64:f2:50:89:84:61:26:c2:4b:87:7d:7c:02:
3e:e3:3b:d9:0b:85:66:be:e6:e5:b7:ef:20:92:1a:
90:89:ca:11:54:c0:af:9a:66:1c:96:9a:9b:c0:50:
67:79:23:fc:82:b8:d9:99:88:ea:74:bf:d9:c9:08:
b0:e1:f9:c2:17:53:49:79:03:1a:38:ab:be:7a:2b:
1b:62:59:e3:61:d9:c7:1a:2b:c1:b6:51:e6:a5:af:
79:ca:b1:e3:17:1d:ca:f3:fd:a6:b7:3a:3e:30:ea:
4d:2f:b2:c8:6e:85:bc:aa:5d:88:a3:3d:8d:89:f5:
96:87:41:62:53:61:30:ad:95:31:7f:dc:4c:88:35:
b7:21:59:c1:a5:4b:71:7d:03:4f:ea:b0:b0:ca:45:
ba:61:a6:79:58:fc:b6:c3:58:63:af:c4:e7:d7:52:
f8:50:cb:2d:ec:18:6d:33:89:3c:76:ba:b1:47:ce:
94:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:52:14:A5:44:CF:DB:E6:9F:DA:D8:0F:2B:59:56:20:72:23:DE:7A
X509v3 Authority Key Identifier:
keyid:C0:09:35:18:5C:68:03:6A:0F:AE:DE:EA:AA:6B:FE:F4:E6:2A:0C:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wAk1GFxoA2oPrt7qqmv-9OYqDJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/XlIUpUTP2-af2tgPK1lWIHIj3no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/wAk1GFxoA2oPrt7qqmv-9OYqDJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.0.0/22
Signature Algorithm: sha256WithRSAEncryption
25:27:36:a2:1e:08:e4:04:c1:64:4c:ba:68:64:d2:e1:86:61:
b5:f1:8e:66:ea:84:ea:bc:24:f5:40:8a:e8:7f:94:d5:c1:99:
1e:0b:c2:87:57:3c:e8:1c:9d:7d:81:28:9e:2b:d2:19:3c:26:
27:d5:3a:5a:66:66:69:35:ef:f9:8c:13:85:22:7e:e1:31:41:
8d:08:7f:b3:ee:ce:a2:bd:ab:07:b1:b5:f4:01:a1:9c:d0:49:
57:1f:b3:f4:b6:21:ff:b4:ad:6f:27:6d:a7:bc:eb:e1:83:22:
f6:47:20:fd:fb:0f:36:5d:7f:bd:79:a3:3e:57:ce:c2:e9:92:
57:6b:36:5e:ec:a4:50:46:59:b7:d8:e8:a8:cf:9c:c5:dd:2c:
1a:55:a0:a0:02:2f:7f:16:02:8d:e5:21:38:d9:6a:d5:ba:74:
ce:ef:19:b0:34:d4:07:66:7f:aa:e9:b5:25:c5:51:6f:af:58:
a6:8c:9b:00:ca:f9:49:20:52:09:87:5d:83:ca:71:c9:cb:40:
89:c3:07:b6:83:e6:7d:62:25:11:44:78:1a:4e:21:da:50:49:
36:9e:a9:fb:49:48:40:13:e4:ed:6a:f2:7f:32:a3:73:2b:7a:
44:71:29:24:62:5e:2d:0f:fa:e5:d5:24:1c:00:ac:83:39:8e:
74:e8:37:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2z72f0cTnygBCa6VyZp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMDkzNTE4NWM2ODAzNmEwZmFlZGVlYWFhNmJmZWY0ZTYy
YTBjOTMwHhcNMjQwMTAxMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTUyMTRhNTQ0Y2ZkYmU2OWZkYWQ4MGYyYjU5NTYyMDcyMjNkZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO2oKhowvAhGKfYLCZbxjWhfF+7k
oP/UcgHONF9yTQNpl7DfyL7Vtq8mk0Dgst6KtK4fKI6Qyufta0NXt2xwq47uz0qd
nn4A35Na/GTyUImEYSbCS4d9fAI+4zvZC4Vmvublt+8gkhqQicoRVMCvmmYclpqb
wFBneSP8grjZmYjqdL/ZyQiw4fnCF1NJeQMaOKu+eisbYlnjYdnHGivBtlHmpa95
yrHjFx3K8/2mtzo+MOpNL7LIboW8ql2Ioz2NifWWh0FiU2EwrZUxf9xMiDW3IVnB
pUtxfQNP6rCwykW6YaZ5WPy2w1hjr8Tn11L4UMst7BhtM4k8drqxR86UTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5SFKVEz9vmn9rYDytZViByI956MB8GA1UdIwQY
MBaAFMAJNRhcaANqD67e6qpr/vTmKgyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0FrMUdGeG9BMm9QcnQ3cXFtdi05T1lxREpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iZTMwNmYtMGY4Yy00Njc0LTkzZmYt
MmE5NzEyYmY2MDNjLzEvWGxJVXBVVFAyLWFmMnRnUEsxbFdJSElqM25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iZTMwNmYtMGY4Yy00Njc0LTkzZmYtMmE5NzEyYmY2MDNj
LzEvd0FrMUdGeG9BMm9QcnQ3cXFtdi05T1lxREpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRsAMA0G
CSqGSIb3DQEBCwUAA4IBAQAlJzaiHgjkBMFkTLpoZNLhhmG18Y5m6oTqvCT1QIro
f5TVwZkeC8KHVzzoHJ19gSieK9IZPCYn1TpaZmZpNe/5jBOFIn7hMUGNCH+z7s6i
vasHsbX0AaGc0ElXH7P0tiH/tK1vJ22nvOvhgyL2RyD9+w82XX+9eaM+V87C6ZJX
azZe7KRQRlm32Oioz5zF3SwaVaCgAi9/FgKN5SE42WrVunTO7xmwNNQHZn+q6bUl
xVFvr1imjJsAyvlJIFIJh12DynHJy0CJwwe2g+Z9YiURRHgaTiHaUEk2nqn7SUhA
E+TtavJ/MqNzK3pEcSkkYl4tD/rl1SQcAKyDOY506DdY
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:58:56 2024 by rpki-client on console-fra.rpki-client.org