Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/XsLMgFhH6aIjmRPUYwcy8SA2mM8.roa
File: XsLMgFhH6aIjmRPUYwcy8SA2mM8.roa (raw, json)
Hash identifier: LlD5nY0I8JDzIffH9n3rG6LInjdphBh7nqXgX4J8iaM=
Subject key identifier: 5E:C2:CC:80:58:47:E9:A2:23:99:13:D4:63:07:32:F1:20:36:98:CF
Certificate issuer: /CN=f9742d777d082416a2d847d4003a331b50e2423e
Certificate serial: 018CC56EF0C3755167EF3D032A5DA2A8AC48
Authority key identifier: F9:74:2D:77:7D:08:24:16:A2:D8:47:D4:00:3A:33:1B:50:E2:42:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XQtd30IJBai2EfUADozG1DiQj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/XsLMgFhH6aIjmRPUYwcy8SA2mM8.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39373
IP address blocks: 195.178.100.0/24 maxlen: 24
195.178.100.0/23 maxlen: 24
195.178.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/1-XQtd30IJBai2EfUADozG1DiQj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/1-XQtd30IJBai2EfUADozG1DiQj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-XQtd30IJBai2EfUADozG1DiQj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f0:c3:75:51:67:ef:3d:03:2a:5d:a2:a8:ac:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9742d777d082416a2d847d4003a331b50e2423e
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ec2cc805847e9a2239913d4630732f1203698cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:23:29:4d:6b:09:c0:61:19:ce:a7:72:43:ca:
b3:12:3c:53:22:22:ba:6d:48:b0:5c:5e:cb:f2:6d:
1c:1d:1f:2a:a6:2d:c4:e8:20:08:1b:7d:b3:f3:56:
90:3c:32:79:03:ed:ad:74:2a:4e:a3:0d:f7:14:08:
44:0c:f1:56:e4:d3:aa:3d:42:17:8e:04:ce:8c:9e:
28:89:a4:44:b0:5a:83:86:9f:98:c0:ac:b8:2b:8d:
49:67:01:c3:74:97:a2:e7:0a:d8:d7:60:39:eb:c0:
4c:26:ff:e9:3d:98:11:6d:b2:87:fc:74:33:37:f6:
ec:96:eb:fa:6e:4b:9f:88:96:66:72:10:4d:07:37:
d0:52:7c:13:88:0e:29:ea:bb:a2:a7:2e:6d:8a:40:
cb:3e:ac:e4:36:01:8a:f6:07:5b:9d:ab:2e:ce:47:
63:e4:82:15:42:30:bc:b6:50:f1:cd:91:43:57:7f:
91:0f:f7:8b:37:2b:3e:53:33:04:00:0c:12:30:19:
fc:5d:05:c4:a5:77:ec:96:15:a2:f5:79:81:e5:4a:
9e:7f:e0:a0:8c:4a:7e:55:1b:80:0f:85:a7:8b:8b:
5b:8e:52:d6:38:74:3e:32:87:71:23:08:23:e5:28:
dc:3f:05:82:ed:31:ee:ad:fc:74:ab:b7:5c:f2:36:
4e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C2:CC:80:58:47:E9:A2:23:99:13:D4:63:07:32:F1:20:36:98:CF
X509v3 Authority Key Identifier:
keyid:F9:74:2D:77:7D:08:24:16:A2:D8:47:D4:00:3A:33:1B:50:E2:42:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XQtd30IJBai2EfUADozG1DiQj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/XsLMgFhH6aIjmRPUYwcy8SA2mM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/482708-c1d4-40fc-9321-6698b93233d6/1/1-XQtd30IJBai2EfUADozG1DiQj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.178.100.0/23
Signature Algorithm: sha256WithRSAEncryption
78:ea:75:90:3a:cd:9e:5e:38:56:06:4c:15:3e:02:79:65:b0:
ef:5b:ea:c8:4f:6c:55:3a:8a:5e:0a:6c:9e:96:97:f6:f1:30:
ea:a8:42:6a:80:ba:99:1e:5b:b2:47:e9:75:ed:b7:22:c4:65:
16:92:ca:22:3c:c7:70:05:c4:21:a2:28:ec:ce:f1:eb:56:2f:
e7:0f:3b:e0:85:8d:6c:e4:95:eb:90:53:c6:b6:02:17:83:36:
e1:83:be:11:78:f9:1e:8e:94:a6:16:30:33:23:2c:66:14:04:
46:b0:8d:8b:ec:1f:8b:ca:ad:7d:e0:44:33:90:79:9a:c7:5c:
87:aa:63:f1:fd:60:5f:0b:ae:4e:bf:27:31:9f:58:2c:d6:e1:
9c:3a:c5:86:67:82:08:7e:60:6b:1d:4b:2e:24:e9:12:af:75:
fa:ba:15:fe:5c:3b:0b:df:a3:40:89:8e:0f:b9:2c:26:9b:db:
03:ae:0a:a3:dc:f5:ec:8f:7c:79:92:f3:3e:7b:97:10:ea:e0:
a6:4b:1c:13:25:2b:8c:78:3d:b8:4e:f2:01:05:b0:01:a7:0e:
aa:ad:9c:9e:27:bb:a7:bf:69:5a:d8:3d:08:52:88:5f:e8:e7:
ce:3d:2e:b9:a7:b8:2a:65:4b:4f:b2:a5:68:0f:b5:95:05:0b:
d1:ad:ea:d3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzFbvDDdVFn7z0DKl2iqKxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzQyZDc3N2QwODI0MTZhMmQ4NDdkNDAwM2EzMzFiNTBl
MjQyM2UwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWMyY2M4MDU4NDdlOWEyMjM5OTEzZDQ2MzA3MzJmMTIwMzY5OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiMpTWsJwGEZzqdyQ8qzEjxTIiK6
bUiwXF7L8m0cHR8qpi3E6CAIG32z81aQPDJ5A+2tdCpOow33FAhEDPFW5NOqPUIX
jgTOjJ4oiaREsFqDhp+YwKy4K41JZwHDdJei5wrY12A568BMJv/pPZgRbbKH/HQz
N/bsluv6bkufiJZmchBNBzfQUnwTiA4p6ruipy5tikDLPqzkNgGK9gdbnasuzkdj
5IIVQjC8tlDxzZFDV3+RD/eLNys+UzMEAAwSMBn8XQXEpXfslhWi9XmB5Uqef+Cg
jEp+VRuAD4Wni4tbjlLWOHQ+ModxIwgj5SjcPwWC7THurfx0q7dc8jZOzQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF7CzIBYR+miI5kT1GMHMvEgNpjPMB8GA1UdIwQY
MBaAFPl0LXd9CCQWothH1AA6MxtQ4kI+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YUXRkMzBJSkJhaTJFZlVBRG96RzFEaVFqNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQvNDgyNzA4LWMxZDQtNDBmYy05MzIx
LTY2OThiOTMyMzNkNi8xL1hzTE1nRmhINmFJam1SUFVZd2N5OFNBMm1NOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDQvNDgyNzA4LWMxZDQtNDBmYy05MzIxLTY2OThiOTMyMzNk
Ni8xLzEtWFF0ZDMwSUpCYWkyRWZVQURvekcxRGlRajQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHDsmQw
DQYJKoZIhvcNAQELBQADggEBAHjqdZA6zZ5eOFYGTBU+AnllsO9b6shPbFU6il4K
bJ6Wl/bxMOqoQmqAupkeW7JH6XXttyLEZRaSyiI8x3AFxCGiKOzO8etWL+cPO+CF
jWzkleuQU8a2AheDNuGDvhF4+R6OlKYWMDMjLGYUBEawjYvsH4vKrX3gRDOQeZrH
XIeqY/H9YF8Lrk6/JzGfWCzW4Zw6xYZnggh+YGsdSy4k6RKvdfq6Ff5cOwvfo0CJ
jg+5LCab2wOuCqPc9eyPfHmS8z57lxDq4KZLHBMlK4x4PbhO8gEFsAGnDqqtnJ4n
u6e/aVrYPQhSiF/o5849LrmnuCplS0+ypWgPtZUFC9Gt6tM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:15:37 2024 by rpki-client on console-fra.rpki-client.org