Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/XvfSLjhoVhrDWlKhd4RiYCrFulQ.roa
File: XvfSLjhoVhrDWlKhd4RiYCrFulQ.roa (raw, json)
Hash identifier: 2ezV8CQoOgrFf84zgF805ts2yAkrNGR0+Vkdd61ZSco=
Subject key identifier: 5E:F7:D2:2E:38:68:56:1A:C3:5A:52:A1:77:84:62:60:2A:C5:BA:54
Certificate issuer: /CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Certificate serial: 018EA35C6505D05C4F26289CC8353E90A0E4
Authority key identifier: 87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/XvfSLjhoVhrDWlKhd4RiYCrFulQ.roa
Signing time: Wed 03 Apr 2024 09:48:45 +0000
ROA not before: Wed 03 Apr 2024 09:48:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200233
IP address blocks: 138.124.176.0/24 maxlen: 24
147.87.0.0/16 maxlen: 24
193.5.80.0/21 maxlen: 24
2a07:6b40::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.mft
rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:5c:65:05:d0:5c:4f:26:28:9c:c8:35:3e:90:a0:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Validity
Not Before: Apr 3 09:48:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ef7d22e3868561ac35a52a1778462602ac5ba54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:11:c6:48:43:cd:b4:7b:3d:b9:69:2b:cc:0e:
6a:f1:6a:09:53:3a:33:64:7f:47:f5:8d:7e:9f:b5:
1e:f3:66:42:70:0c:27:27:ec:7e:86:44:b5:af:2f:
07:8e:6d:14:ed:30:17:08:20:05:9b:67:26:31:2f:
7c:3a:e0:48:cb:04:56:91:96:76:70:20:04:c8:2f:
47:44:01:1f:1d:46:1e:73:2d:2e:58:2d:0c:77:35:
64:38:fc:ac:37:c0:65:2a:9d:41:ce:44:72:5e:90:
93:c8:5d:09:69:c3:2d:12:dc:92:dc:b6:46:65:27:
f9:81:b9:27:b2:90:69:15:8a:07:bd:03:43:7c:e2:
fb:65:9c:4b:3c:7d:d9:b1:eb:8e:c6:9e:16:30:7f:
52:b0:cd:c4:17:87:3a:b7:bd:cc:cd:93:03:4c:0e:
7f:20:6b:18:28:4c:c3:9a:26:a6:3d:aa:75:48:74:
a1:bb:b7:de:9b:b9:15:ec:e3:68:68:87:f3:0c:2d:
3f:93:95:bb:71:6a:00:12:f6:1d:d6:69:e8:f9:e2:
62:da:6d:d8:b7:8f:1d:8f:07:b9:37:f0:eb:cf:20:
11:b4:7b:0b:ae:d7:4c:f7:de:ae:73:8b:23:70:8b:
79:fb:93:a1:fe:a1:1d:16:f8:97:f3:d0:99:37:82:
8d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F7:D2:2E:38:68:56:1A:C3:5A:52:A1:77:84:62:60:2A:C5:BA:54
X509v3 Authority Key Identifier:
keyid:87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/XvfSLjhoVhrDWlKhd4RiYCrFulQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.176.0/24
147.87.0.0/16
193.5.80.0/21
IPv6:
2a07:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
1b:77:c2:8e:c0:cb:8c:72:a3:56:f9:3b:5f:92:0b:48:df:57:
61:5b:36:c2:c9:1c:30:61:d5:4d:b2:8c:7e:cd:13:a0:38:50:
c7:7b:8e:8a:93:6c:bb:6b:7b:f3:77:37:7d:ee:b6:2b:d8:72:
67:7e:10:a3:a8:05:c9:4a:6f:5c:2d:0e:66:6e:30:1c:7c:24:
fa:59:bd:a9:d6:79:f4:9b:ef:c9:b9:81:9b:d7:32:f8:bb:59:
1a:2f:56:e4:72:1d:59:4e:28:a9:ef:1f:8c:c0:ec:30:dd:34:
75:82:da:96:cf:6b:60:85:7b:98:af:00:98:e1:6c:d5:62:85:
10:7e:b4:48:5d:ce:5e:1a:22:9a:8c:ce:43:30:c4:fc:29:45:
19:72:fb:72:d3:d8:3e:9f:9f:7a:9b:2f:83:cc:20:03:a6:0d:
14:8c:3b:41:b5:a4:ad:f2:2c:51:7e:fc:1d:4f:72:7e:69:f4:
7f:32:68:5d:f2:8b:85:dc:2f:08:2a:3d:a8:72:83:4c:d1:6e:
c8:33:3d:11:2a:92:21:9c:26:b4:ef:d4:2a:35:a4:14:8a:2b:
fb:89:18:59:21:87:18:c9:04:ad:a3:a1:1c:f9:e0:c9:72:bc:
7e:78:fa:f4:63:2d:68:a6:a5:51:78:80:89:1b:6c:aa:6d:54:
65:96:d3:72
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY6jXGUF0FxPJiicyDU+kKDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NDFlYzE3ZGMwMzA5YjEzZDg4YTY3ZWEyMmRjYmJiMjZh
NGUzYTEwHhcNMjQwNDAzMDk0ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY3ZDIyZTM4Njg1NjFhYzM1YTUyYTE3Nzg0NjI2MDJhYzViYTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBHGSEPNtHs9uWkrzA5q8WoJUzoz
ZH9H9Y1+n7Ue82ZCcAwnJ+x+hkS1ry8Hjm0U7TAXCCAFm2cmMS98OuBIywRWkZZ2
cCAEyC9HRAEfHUYecy0uWC0MdzVkOPysN8BlKp1BzkRyXpCTyF0JacMtEtyS3LZG
ZSf5gbknspBpFYoHvQNDfOL7ZZxLPH3ZseuOxp4WMH9SsM3EF4c6t73MzZMDTA5/
IGsYKEzDmiamPap1SHShu7fem7kV7ONoaIfzDC0/k5W7cWoAEvYd1mno+eJi2m3Y
t48djwe5N/DrzyARtHsLrtdM996uc4sjcIt5+5Oh/qEdFviX89CZN4KNnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF730i44aFYaw1pSoXeEYmAqxbpUMB8GA1UdIwQY
MBaAFIdB7BfcAwmxPYimfqIty7smpOOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYt
MWFjNGE0MDA3ZGI0LzEvWHZmU0xqaG9WaHJEV2xLaGQ0UmlZQ3JGdWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYtMWFjNGE0MDA3ZGI0
LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQAinywAwMA
k1cDBAPBBVAwDQQCAAIwBwMFAyoHa0AwDQYJKoZIhvcNAQELBQADggEBABt3wo7A
y4xyo1b5O1+SC0jfV2FbNsLJHDBh1U2yjH7NE6A4UMd7joqTbLtre/N3N33utivY
cmd+EKOoBclKb1wtDmZuMBx8JPpZvanWefSb78m5gZvXMvi7WRovVuRyHVlOKKnv
H4zA7DDdNHWC2pbPa2CFe5ivAJjhbNVihRB+tEhdzl4aIpqMzkMwxPwpRRly+3LT
2D6fn3qbL4PMIAOmDRSMO0G1pK3yLFF+/B1Pcn5p9H8yaF3yi4XcLwgqPahyg0zR
bsgzPREqkiGcJrTv1Co1pBSKK/uJGFkhhxjJBK2joRz54MlyvH54+vRjLWimpVF4
gIkbbKptVGWW03I=
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:35:29 2024 by rpki-client on console-ams.rpki-client.org