Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/xSHWvSW2PqIc2HQn6aV0gvur1RU.roa
File: xSHWvSW2PqIc2HQn6aV0gvur1RU.roa (raw, json)
Hash identifier: X50cskk1Bi3mh7TT58+H1lSyiFnpyOw1GlXHHeUtTAA=
Subject key identifier: C5:21:D6:BD:25:B6:3E:A2:1C:D8:74:27:E9:A5:74:82:FB:AB:D5:15
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01929E5BEBC4C576BA59A11462A237605527
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/xSHWvSW2PqIc2HQn6aV0gvur1RU.roa
Signing time: Fri 18 Oct 2024 06:41:17 +0000
ROA not before: Fri 18 Oct 2024 06:41:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20750
IP address blocks: 85.187.236.0/22 maxlen: 22
85.187.240.0/23 maxlen: 23
151.237.72.0/21 maxlen: 24
151.237.72.0/22 maxlen: 22
151.237.76.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:5b:eb:c4:c5:76:ba:59:a1:14:62:a2:37:60:55:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Oct 18 06:41:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c521d6bd25b63ea21cd87427e9a57482fbabd515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:44:4d:46:28:ed:b7:88:f7:59:8e:9d:0c:a5:
f2:e5:79:19:5a:5c:ac:02:a4:30:d4:e5:23:15:55:
30:88:bd:24:f7:ec:6d:b3:4a:e1:67:36:ee:98:29:
a6:75:75:85:0d:d5:e6:ab:ed:b2:54:2b:01:6f:01:
7f:3d:94:8e:98:4d:f6:00:03:9c:cf:f1:54:89:d9:
e5:70:28:f9:8f:ea:93:55:d1:ee:1a:f4:d4:0c:c5:
b3:d9:09:0d:1a:fd:83:25:4e:4a:3e:24:99:15:3d:
19:85:1f:bc:c2:74:db:c1:d3:8b:bf:2e:eb:d5:28:
e0:bb:b4:12:ec:f0:94:e3:08:69:5f:0b:c6:e7:b5:
db:2a:0c:80:44:b1:5f:0f:8c:06:33:3e:8a:8e:0a:
e8:12:2c:7b:90:40:e5:42:be:58:b2:b1:64:77:22:
9b:8f:52:df:67:c4:28:1f:4e:02:e6:97:6c:22:ae:
bd:df:dd:6d:eb:45:42:71:1e:62:3a:90:19:08:d6:
67:a5:b5:f8:0f:37:00:cf:4b:9d:94:12:3c:c8:48:
d5:d3:f5:c7:2a:49:6d:04:3e:bb:cc:81:a5:37:20:
5c:b0:26:ba:a0:cd:e2:84:6a:02:17:95:ea:06:d5:
6f:86:b5:ca:8d:8c:be:53:e0:02:2e:ba:a2:7b:d9:
d1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:21:D6:BD:25:B6:3E:A2:1C:D8:74:27:E9:A5:74:82:FB:AB:D5:15
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/xSHWvSW2PqIc2HQn6aV0gvur1RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.236.0-85.187.241.255
151.237.72.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:f4:fc:1f:14:88:ba:1d:c6:9a:4c:2b:ab:20:a1:f0:e4:e9:
47:c7:30:f1:78:68:a1:fc:0b:6b:1e:47:b9:07:e6:b8:d9:22:
69:df:04:f3:78:1f:39:78:d9:93:d1:37:12:51:52:b8:9b:2d:
00:9c:2e:73:12:0e:77:dc:8c:50:9e:a5:0b:6e:89:bf:5e:c8:
0a:31:35:cb:5a:0b:95:db:41:a2:1e:d7:a3:ff:7c:65:26:65:
66:00:4b:e7:44:2b:bb:0a:fc:25:9c:e4:6e:a4:6b:6a:25:19:
20:3e:f7:3f:2a:46:6f:0d:f7:8f:40:d2:cd:c2:de:cc:5a:b2:
e3:6c:2c:0c:ee:d4:0e:56:21:66:71:e8:a8:37:34:e7:38:19:
3c:1d:d4:0b:80:49:96:db:0b:65:83:f2:76:25:50:84:ea:8d:
9d:07:85:95:d8:b8:8e:d0:a9:58:11:dd:f9:6a:54:08:5b:2a:
2a:9f:7e:71:1c:a6:15:f1:e6:d4:ae:a4:36:1c:5c:df:7e:de:
fa:0f:cf:c8:e4:c8:bd:ae:8a:a7:0f:b6:24:c9:99:23:ef:70:
3a:f6:04:24:b4:ba:b8:38:ad:09:9d:d5:e4:1f:5a:00:db:37:
fc:61:00:78:33:52:79:c7:94:f0:ae:17:7a:4d:85:58:1d:8f:
86:83:d8:2c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZKeW+vExXa6WaEUYqI3YFUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQxMDE4MDY0MTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTIxZDZiZDI1YjYzZWEyMWNkODc0MjdlOWE1NzQ4MmZiYWJkNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0RNRijtt4j3WY6dDKXy5XkZWlys
AqQw1OUjFVUwiL0k9+xts0rhZzbumCmmdXWFDdXmq+2yVCsBbwF/PZSOmE32AAOc
z/FUidnlcCj5j+qTVdHuGvTUDMWz2QkNGv2DJU5KPiSZFT0ZhR+8wnTbwdOLvy7r
1Sjgu7QS7PCU4whpXwvG57XbKgyARLFfD4wGMz6KjgroEix7kEDlQr5YsrFkdyKb
j1LfZ8QoH04C5pdsIq69391t60VCcR5iOpAZCNZnpbX4DzcAz0udlBI8yEjV0/XH
KkltBD67zIGlNyBcsCa6oM3ihGoCF5XqBtVvhrXKjYy+U+ACLrqie9nRdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMUh1r0ltj6iHNh0J+mldIL7q9UVMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEveFNIV3ZTVzJQcUljMkhRbjZhVjBndnVyMVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJVu+wD
BAFVu/ADBAOX7UgwDQYJKoZIhvcNAQELBQADggEBABz0/B8UiLodxppMK6sgofDk
6UfHMPF4aKH8C2seR7kH5rjZImnfBPN4Hzl42ZPRNxJRUribLQCcLnMSDnfcjFCe
pQtuib9eyAoxNctaC5XbQaIe16P/fGUmZWYAS+dEK7sK/CWc5G6ka2olGSA+9z8q
Rm8N949A0s3C3sxasuNsLAzu1A5WIWZx6Kg3NOc4GTwd1AuASZbbC2WD8nYlUITq
jZ0HhZXYuI7QqVgR3flqVAhbKiqffnEcphXx5tSupDYcXN9+3voPz8jkyL2uiqcP
tiTJmSPvcDr2BCS0urg4rQmd1eQfWgDbN/xhAHgzUnnHlPCuF3pNhVgdj4aD2Cw=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:54:50 2024 by rpki-client on console-ams.rpki-client.org