Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/XuE6YZYmqLIiYLMvLDqkAxBdl3Y.roa
File: XuE6YZYmqLIiYLMvLDqkAxBdl3Y.roa (raw, json)
Hash identifier: XUpd1IG5yn8i2pdDNWs6OmFV0qnbE6flR+aTwRHSYlk=
Subject key identifier: 5E:E1:3A:61:96:26:A8:B2:22:60:B3:2F:2C:3A:A4:03:10:5D:97:76
Certificate issuer: /CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Certificate serial: 018CC34939EA545F281E11065B9501E663C8
Authority key identifier: CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/XuE6YZYmqLIiYLMvLDqkAxBdl3Y.roa
Signing time: Mon 01 Jan 2024 04:30:05 +0000
ROA not before: Mon 01 Jan 2024 04:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203177
IP address blocks: 185.135.210.0/24 maxlen: 24
185.135.208.0/22 maxlen: 22
185.135.211.0/24 maxlen: 24
91.244.117.0/24 maxlen: 24
185.135.208.0/24 maxlen: 24
185.135.209.0/24 maxlen: 24
2a0a:6600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:39:ea:54:5f:28:1e:11:06:5b:95:01:e6:63:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca900f1e11e2d25d0b2316ad6e012684839ac81e
Validity
Not Before: Jan 1 04:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ee13a619626a8b22260b32f2c3aa403105d9776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6c:22:22:6d:e7:67:28:32:9c:50:91:b6:8e:
3a:1f:20:83:ec:d7:be:64:06:64:9a:6a:cb:66:7b:
64:88:69:f9:72:17:6a:fa:7c:39:b2:90:76:74:0d:
f1:af:f4:ac:43:aa:af:47:11:3d:1f:69:e7:15:5c:
55:cf:86:fa:9b:0d:e6:1e:6b:b0:b0:a0:e6:7c:94:
12:6b:e6:98:4e:26:1a:bf:bd:94:ea:cf:80:cb:ab:
30:b1:a8:3b:c6:b1:d6:e4:6d:2b:dd:05:61:ba:3f:
a9:c8:cf:c5:0b:55:03:d2:64:87:19:b9:e8:f2:9c:
94:d3:41:77:e4:3f:23:e7:ab:47:12:42:59:1d:76:
3a:01:1b:a5:d5:0e:b3:44:a1:68:a1:b0:57:c8:dd:
91:34:1d:98:16:2a:28:5b:90:d0:33:a4:ba:fb:6e:
82:be:31:19:fb:62:87:7e:db:45:41:a6:d3:fe:c6:
18:c1:98:a7:db:48:a5:02:71:c0:2a:6a:72:bc:2c:
25:bc:e2:ee:35:a9:03:0c:08:f3:11:ee:9e:3b:c2:
b1:e7:73:18:3d:67:74:6a:d9:83:d2:b7:e2:0a:25:
2d:ab:77:73:6f:70:cc:90:43:43:d3:dd:96:ba:c0:
ed:c8:15:60:ab:a3:f5:ca:4b:9f:08:11:11:c6:0b:
9d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E1:3A:61:96:26:A8:B2:22:60:B3:2F:2C:3A:A4:03:10:5D:97:76
X509v3 Authority Key Identifier:
keyid:CA:90:0F:1E:11:E2:D2:5D:0B:23:16:AD:6E:01:26:84:83:9A:C8:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypAPHhHi0l0LIxatbgEmhIOayB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/XuE6YZYmqLIiYLMvLDqkAxBdl3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/f6969c-3a6e-4bec-9742-ece87c6a0318/1/ypAPHhHi0l0LIxatbgEmhIOayB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.117.0/24
185.135.208.0/22
IPv6:
2a0a:6600::/29
Signature Algorithm: sha256WithRSAEncryption
3c:3f:bf:6f:22:9b:5b:cd:07:c4:4e:8b:50:52:bd:16:17:79:
f1:8a:88:c8:97:17:91:78:c3:b9:c3:b5:44:8c:e5:1e:90:88:
82:35:5a:9d:9c:08:e4:e7:c1:93:7e:f6:2e:8b:59:77:de:90:
cf:3d:65:e1:7d:5c:e6:86:82:0e:47:69:28:66:98:b2:12:82:
20:e9:8a:f6:b6:cc:d6:7a:78:dd:a8:70:2b:9a:f4:cd:6f:71:
23:be:87:ca:e3:58:05:f9:db:78:f0:4f:b1:2d:12:43:63:97:
9f:1e:79:2f:ed:32:01:f8:36:80:81:b8:a8:90:a2:ac:b3:91:
11:b9:3a:45:eb:72:4b:d0:c2:3e:8b:ba:3c:61:44:36:08:3f:
1e:81:4f:10:43:7b:a8:dc:c4:a2:e2:ed:bf:8e:6a:7f:d6:82:
81:66:57:c4:b2:73:cb:e8:da:94:68:02:76:ed:a3:3c:ed:cd:
e6:9d:24:93:88:f3:5f:9d:81:14:87:94:bd:40:ee:b4:e7:b8:
b9:cc:07:38:2a:4c:9e:46:c7:ed:45:c8:30:56:f3:12:ea:06:
56:8a:0b:60:d4:2e:26:1e:8e:0f:5b:fc:06:29:11:eb:27:c1:
79:48:b9:f9:24:82:cc:4a:34:43:aa:f9:1f:99:58:51:f8:f6:
8a:26:91:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSTnqVF8oHhEGW5UB5mPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTAwZjFlMTFlMmQyNWQwYjIzMTZhZDZlMDEyNjg0ODM5
YWM4MWUwHhcNMjQwMTAxMDQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWUxM2E2MTk2MjZhOGIyMjI2MGIzMmYyYzNhYTQwMzEwNWQ5Nzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGwiIm3nZygynFCRto46HyCD7Ne+
ZAZkmmrLZntkiGn5chdq+nw5spB2dA3xr/SsQ6qvRxE9H2nnFVxVz4b6mw3mHmuw
sKDmfJQSa+aYTiYav72U6s+Ay6swsag7xrHW5G0r3QVhuj+pyM/FC1UD0mSHGbno
8pyU00F35D8j56tHEkJZHXY6ARul1Q6zRKFoobBXyN2RNB2YFiooW5DQM6S6+26C
vjEZ+2KHfttFQabT/sYYwZin20ilAnHAKmpyvCwlvOLuNakDDAjzEe6eO8Kx53MY
PWd0atmD0rfiCiUtq3dzb3DMkEND092WusDtyBVgq6P1ykufCBERxgudOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF7hOmGWJqiyImCzLyw6pAMQXZd2MB8GA1UdIwQY
MBaAFMqQDx4R4tJdCyMWrW4BJoSDmsgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDIt
ZWNlODdjNmEwMzE4LzEvWHVFNllaWW1xTElpWUxNdkxEcWtBeEJkbDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9mNjk2OWMtM2E2ZS00YmVjLTk3NDItZWNlODdjNmEwMzE4
LzEveXBBUEhoSGkwbDBMSXhhdGJnRW1oSU9heUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW/R1AwQC
uYfQMA0EAgACMAcDBQMqCmYAMA0GCSqGSIb3DQEBCwUAA4IBAQA8P79vIptbzQfE
TotQUr0WF3nxiojIlxeReMO5w7VEjOUekIiCNVqdnAjk58GTfvYui1l33pDPPWXh
fVzmhoIOR2koZpiyEoIg6Yr2tszWenjdqHArmvTNb3EjvofK41gF+dt48E+xLRJD
Y5efHnkv7TIB+DaAgbiokKKss5ERuTpF63JL0MI+i7o8YUQ2CD8egU8QQ3uo3MSi
4u2/jmp/1oKBZlfEsnPL6NqUaAJ27aM87c3mnSSTiPNfnYEUh5S9QO6057i5zAc4
KkyeRsftRcgwVvMS6gZWigtg1C4mHo4PW/wGKRHrJ8F5SLn5JILMSjRDqvkfmVhR
+PaKJpFx
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:35:20 2024 by rpki-client on console-fra.rpki-client.org