Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/XWZ9dMbpcNB7b5vDcemxipItwSw.roa
File: XWZ9dMbpcNB7b5vDcemxipItwSw.roa (raw, json)
Hash identifier: 6LCFb4sESaw+PwOi1Re3vRaETGh9GtTxjJvYuPF/rRM=
Subject key identifier: 5D:66:7D:74:C6:E9:70:D0:7B:6F:9B:C3:71:E9:B1:8A:92:2D:C1:2C
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018CCE1518B1D2586BA6033CCEBA49397962
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/XWZ9dMbpcNB7b5vDcemxipItwSw.roa
Signing time: Wed 03 Jan 2024 06:48:58 +0000
ROA not before: Wed 03 Jan 2024 06:48:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 92.61.98.0/24 maxlen: 24
92.61.96.0/24 maxlen: 24
92.61.99.0/24 maxlen: 24
92.61.100.0/23 maxlen: 23
91.190.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:15:18:b1:d2:58:6b:a6:03:3c:ce:ba:49:39:79:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jan 3 06:48:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d667d74c6e970d07b6f9bc371e9b18a922dc12c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3f:01:6f:f9:e1:2d:c9:47:26:c4:58:4a:ee:
00:4e:68:9b:22:dd:3b:fd:d8:68:a4:23:a5:59:45:
76:74:f7:ba:62:3f:da:76:a0:70:90:49:26:cf:34:
1d:b2:b6:ac:e7:48:13:91:41:af:e2:2b:d3:0c:f3:
5c:e0:36:25:4a:7d:6d:9b:05:76:f6:f5:1e:97:c8:
a5:88:a6:b4:8e:97:4f:94:49:00:42:17:cd:e5:b6:
08:36:ef:10:a1:ba:18:e9:2f:31:b4:22:7f:72:de:
30:a7:3e:29:c4:4c:24:5a:06:f2:c7:53:43:b9:92:
43:81:11:a2:76:60:5a:6e:13:98:76:e2:8f:ed:21:
ca:88:69:00:df:a0:ad:99:ea:d7:57:2e:81:f8:11:
20:bc:0d:07:aa:65:53:ab:a3:d6:47:a1:06:dc:eb:
65:4b:39:6c:7a:08:19:3e:4e:d8:6e:2d:3f:0d:8b:
9c:62:2e:14:6e:6e:86:d5:80:41:e4:ec:75:2c:c1:
56:54:b2:fd:8c:4e:6d:d8:91:da:34:ef:c2:d1:ad:
b7:03:f7:3a:bd:ef:35:7c:34:7c:af:23:83:98:73:
5e:f8:56:29:f6:2c:88:55:30:f4:4b:66:ff:5d:72:
4c:8a:64:ff:a2:18:c8:99:a5:94:9b:f1:7f:30:f2:
94:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:66:7D:74:C6:E9:70:D0:7B:6F:9B:C3:71:E9:B1:8A:92:2D:C1:2C
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/XWZ9dMbpcNB7b5vDcemxipItwSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.190.0/24
92.61.96.0/24
92.61.98.0-92.61.101.255
Signature Algorithm: sha256WithRSAEncryption
57:a4:91:af:5d:0f:3a:60:92:d5:78:8b:cc:83:1d:41:72:a3:
09:4c:9f:13:68:b0:c8:de:69:54:9b:82:2b:55:67:2e:f7:ad:
c8:74:40:8c:8f:a0:ef:c1:16:36:4d:fd:e2:e1:70:b1:72:c8:
5b:95:c5:55:34:13:3b:c8:e7:ed:a3:4b:96:34:86:e0:de:e9:
96:24:0d:bc:e3:ab:81:34:34:ae:6f:62:86:0c:f2:91:20:ad:
bc:03:f3:1e:8f:56:ee:13:aa:c9:43:90:eb:da:1b:fe:49:d7:
4d:84:bc:8e:87:a9:c5:83:f9:2f:bc:52:47:a1:7a:da:13:a7:
02:82:b8:0e:7d:81:b6:62:c5:f5:8f:21:3e:24:45:06:f5:61:
97:dd:30:7b:bd:6d:59:d9:db:fb:5d:3d:2b:3a:d1:98:74:f5:
9e:a4:4c:a2:2e:ae:e4:d8:b3:f6:f8:3b:91:08:d8:11:83:c7:
9b:8d:bf:42:e2:e8:af:ae:6d:db:18:6c:36:c4:dc:50:7d:a0:
ca:d0:7c:c2:9f:7f:e3:bb:06:1c:d5:83:30:42:51:47:f8:11:
53:b5:9d:b6:c3:2a:12:c4:3a:b8:b1:98:9a:4d:93:31:eb:ec:
5f:5c:7b:0d:5e:3a:04:a6:34:f8:58:46:fa:1e:55:ed:8e:27:
06:ed:28:94
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzOFRix0lhrpgM8zrpJOXliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwMTAzMDY0ODU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY2N2Q3NGM2ZTk3MGQwN2I2ZjliYzM3MWU5YjE4YTkyMmRjMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz8Bb/nhLclHJsRYSu4ATmibIt07
/dhopCOlWUV2dPe6Yj/adqBwkEkmzzQdsras50gTkUGv4ivTDPNc4DYlSn1tmwV2
9vUel8iliKa0jpdPlEkAQhfN5bYINu8QoboY6S8xtCJ/ct4wpz4pxEwkWgbyx1ND
uZJDgRGidmBabhOYduKP7SHKiGkA36CtmerXVy6B+BEgvA0HqmVTq6PWR6EG3Otl
SzlseggZPk7Ybi0/DYucYi4Ubm6G1YBB5Ox1LMFWVLL9jE5t2JHaNO/C0a23A/c6
ve81fDR8ryODmHNe+FYp9iyIVTD0S2b/XXJMimT/ohjImaWUm/F/MPKUxwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF1mfXTG6XDQe2+bw3HpsYqSLcEsMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvWFdaOWRNYnBjTkI3YjV2RGNlbXhpcEl0d1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW76+AwQA
XD1gMAwDBAFcPWIDBAFcPWQwDQYJKoZIhvcNAQELBQADggEBAFekka9dDzpgktV4
i8yDHUFyowlMnxNosMjeaVSbgitVZy73rch0QIyPoO/BFjZN/eLhcLFyyFuVxVU0
EzvI5+2jS5Y0huDe6ZYkDbzjq4E0NK5vYoYM8pEgrbwD8x6PVu4TqslDkOvaG/5J
102EvI6HqcWD+S+8UkehetoTpwKCuA59gbZixfWPIT4kRQb1YZfdMHu9bVnZ2/td
PSs60Zh09Z6kTKIuruTYs/b4O5EI2BGDx5uNv0Li6K+ubdsYbDbE3FB9oMrQfMKf
f+O7BhzVgzBCUUf4EVO1nbbDKhLEOrixmJpNkzHr7F9cew1eOgSmNPhYRvoeVe2O
JwbtKJQ=
-----END CERTIFICATE-----
Generated at Sun Jun 2 21:01:28 2024 by rpki-client on console-fra.rpki-client.org