Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/XWAfMIrbHXEKOC2GaCDngDJTUFk.roa
File: XWAfMIrbHXEKOC2GaCDngDJTUFk.roa (raw, json)
Hash identifier: AvWAYYMnFGxb2SvfYDS3TPO+NBjNQxqKBLMg7PuEtyY=
Subject key identifier: 5D:60:1F:30:8A:DB:1D:71:0A:38:2D:86:68:20:E7:80:32:53:50:59
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AE77DB383DAA04B802E717934DE02
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/XWAfMIrbHXEKOC2GaCDngDJTUFk.roa
Signing time: Mon 01 Jan 2024 18:30:46 +0000
ROA not before: Mon 01 Jan 2024 18:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204063
IP address blocks: 5.1.64.0/21 maxlen: 32
94.247.47.0/24 maxlen: 32
185.90.161.0/24 maxlen: 32
185.90.160.0/24 maxlen: 32
185.90.163.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e7:7d:b3:83:da:a0:4b:80:2e:71:79:34:de:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d601f308adb1d710a382d866820e78032535059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1d:f3:73:66:e3:68:50:ec:96:1d:e5:c7:32:
3c:77:20:b3:aa:da:60:5d:f0:11:7d:fc:36:94:67:
59:10:7c:f3:4d:f4:63:57:95:c5:c0:df:cb:64:21:
82:34:6f:8a:44:5b:94:be:43:24:02:9d:67:88:4d:
76:37:e2:69:05:cf:ef:73:a5:54:b4:82:95:0a:63:
84:02:ec:71:0f:f8:b6:06:a0:d3:e8:f8:35:fb:4b:
4b:fc:01:59:ac:fb:93:19:c9:5b:eb:16:0d:0f:b2:
54:7d:ec:fb:38:83:a5:06:7b:12:4d:75:ec:d3:dc:
a8:c8:29:fc:2a:e8:1f:7d:62:6e:36:b6:42:d1:6f:
b9:f0:43:b0:91:3a:01:b2:49:b5:04:53:a1:da:9e:
ef:8c:31:74:48:a5:eb:1c:88:16:5b:51:27:ec:3c:
7e:ca:96:37:cd:95:3a:b5:f9:ef:a8:04:bf:40:92:
00:5a:14:5e:21:41:2a:ee:9c:b6:c0:61:c2:55:ed:
63:a8:f5:28:05:ae:8a:88:79:03:67:6f:cd:be:12:
f5:06:42:84:cd:0b:9e:46:b8:61:a4:d9:01:27:03:
63:6d:33:aa:db:59:f6:f9:a0:c8:25:ac:c3:48:86:
fc:7f:5d:83:51:03:ac:9b:31:f2:91:34:a1:7c:63:
63:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:60:1F:30:8A:DB:1D:71:0A:38:2D:86:68:20:E7:80:32:53:50:59
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/XWAfMIrbHXEKOC2GaCDngDJTUFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.64.0/21
94.247.47.0/24
185.90.160.0/23
185.90.163.0/24
Signature Algorithm: sha256WithRSAEncryption
40:7d:5a:e6:6a:c0:9e:9e:d6:11:01:84:2e:50:ca:d6:fc:e6:
72:4b:52:de:7b:b5:1d:78:e2:c4:31:33:a9:dc:42:e9:0a:e2:
04:5c:52:1c:20:3e:c4:c3:05:79:20:63:ce:92:27:45:85:fe:
0a:61:7d:d2:21:13:48:d2:fc:cb:e7:ef:3f:df:9f:cb:2a:fa:
0b:84:69:81:01:4a:db:4b:53:3f:9e:5d:21:cd:86:f8:63:ea:
ce:11:89:28:06:64:de:5b:98:ac:4f:72:c1:88:39:b2:76:04:
df:ad:84:64:06:0a:08:ce:e8:33:3a:f6:8b:f5:22:68:93:8a:
7b:66:d1:64:cb:fb:ea:c8:ce:4c:9c:37:f0:d2:98:89:be:db:
e9:00:b4:8b:7f:60:c2:b2:4b:d6:bb:0b:14:12:d1:c5:d2:7a:
67:f0:60:b7:86:33:8d:d5:8a:73:43:a4:13:bb:f7:7e:8b:fe:
aa:e6:bb:5b:7f:9f:87:b3:93:3c:4d:33:7d:9e:81:73:b9:65:
27:75:08:d6:91:c9:1d:64:c1:e8:18:7e:07:fb:bc:6f:f7:85:
78:6f:7c:22:e3:b1:0f:65:be:b8:a0:c3:bc:18:27:6a:d0:11:
a8:e0:a7:3f:a7:09:e9:fa:1c:d2:2b:a1:22:15:1c:d2:ab:6c:
a7:d5:a2:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSud9s4PaoEuALnF5NN4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDYwMWYzMDhhZGIxZDcxMGEzODJkODY2ODIwZTc4MDMyNTM1MDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB3zc2bjaFDslh3lxzI8dyCzqtpg
XfARffw2lGdZEHzzTfRjV5XFwN/LZCGCNG+KRFuUvkMkAp1niE12N+JpBc/vc6VU
tIKVCmOEAuxxD/i2BqDT6Pg1+0tL/AFZrPuTGclb6xYND7JUfez7OIOlBnsSTXXs
09yoyCn8KugffWJuNrZC0W+58EOwkToBskm1BFOh2p7vjDF0SKXrHIgWW1En7Dx+
ypY3zZU6tfnvqAS/QJIAWhReIUEq7py2wGHCVe1jqPUoBa6KiHkDZ2/NvhL1BkKE
zQueRrhhpNkBJwNjbTOq21n2+aDIJazDSIb8f12DUQOsmzHykTShfGNjjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF1gHzCK2x1xCjgthmgg54AyU1BZMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvWFdBZk1JcmJIWEVLT0MyR2FDRG5nREpUVUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBQFAAwQA
XvcvAwQBuVqgAwQAuVqjMA0GCSqGSIb3DQEBCwUAA4IBAQBAfVrmasCentYRAYQu
UMrW/OZyS1Lee7UdeOLEMTOp3ELpCuIEXFIcID7EwwV5IGPOkidFhf4KYX3SIRNI
0vzL5+8/35/LKvoLhGmBAUrbS1M/nl0hzYb4Y+rOEYkoBmTeW5isT3LBiDmydgTf
rYRkBgoIzugzOvaL9SJok4p7ZtFky/vqyM5MnDfw0piJvtvpALSLf2DCskvWuwsU
EtHF0npn8GC3hjON1YpzQ6QTu/d+i/6q5rtbf5+Hs5M8TTN9noFzuWUndQjWkckd
ZMHoGH4H+7xv94V4b3wi47EPZb64oMO8GCdq0BGo4Kc/pwnp+hzSK6EiFRzSq2yn
1aL+
-----END CERTIFICATE-----
Generated at Tue May 7 01:10:11 2024 by rpki-client on console-ams.rpki-client.org