Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/9wR0q7uY9qIyQ40AvpjCpNRQNEo.roa
File: 9wR0q7uY9qIyQ40AvpjCpNRQNEo.roa (raw, json)
Hash identifier: TTb9Q6ziFH1KRseiuDN/57wLvGyxFxnvLLRiy1ZAQE8=
Subject key identifier: F7:04:74:AB:BB:98:F6:A2:32:43:8D:00:BE:98:C2:A4:D4:50:34:4A
Certificate issuer: /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Certificate serial: 0193504577682062D671622792AFC8FE7DF3
Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/9wR0q7uY9qIyQ40AvpjCpNRQNEo.roa
Signing time: Thu 21 Nov 2024 19:49:10 +0000
ROA not before: Thu 21 Nov 2024 19:49:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.133.68.0/22 maxlen: 24
193.104.32.0/24 maxlen: 24
2a05:2440::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:45:77:68:20:62:d6:71:62:27:92:af:c8:fe:7d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Validity
Not Before: Nov 21 19:49:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f70474abbb98f6a232438d00be98c2a4d450344a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:62:2a:d8:a5:94:67:4b:c7:05:62:58:c5:3c:
bf:86:f9:db:42:08:62:91:9d:83:3c:3b:f3:8d:9e:
9a:14:9e:b5:86:8e:96:fe:08:cf:c4:e2:a4:5d:88:
f7:ce:f7:11:18:ac:10:d7:84:fa:44:af:39:f9:b3:
bc:ab:01:9c:35:c7:de:1c:f6:f7:a1:46:42:76:36:
6c:40:50:f4:5c:84:f9:51:8c:84:f9:61:30:50:2e:
ed:8c:6f:bf:70:d3:c3:56:4a:e8:dc:fb:6c:c7:d8:
80:0c:12:74:ff:77:ef:bc:ea:7d:a1:22:34:21:17:
cf:bd:a7:3b:ec:7b:f3:68:a5:f5:fa:bf:a8:23:2c:
fd:d3:44:30:07:cf:91:c1:7d:fa:31:4d:c9:70:34:
45:81:d0:f5:7b:95:ea:33:12:33:bb:be:ce:1c:38:
d6:83:06:e2:07:6f:be:b9:9a:8f:5e:8b:e7:be:78:
f4:08:ed:06:68:ee:b7:c8:2b:a7:b8:3d:16:a3:0f:
d4:41:df:62:83:f2:d9:a3:e2:44:22:2c:19:c9:e1:
33:47:13:2f:8b:79:0a:3a:41:df:bb:91:a2:18:27:
55:26:55:c5:f1:4f:fd:8e:2b:fb:a9:59:42:a8:ff:
8b:b2:65:24:ed:fa:d7:56:72:c7:b4:0e:22:80:ec:
ed:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:04:74:AB:BB:98:F6:A2:32:43:8D:00:BE:98:C2:A4:D4:50:34:4A
X509v3 Authority Key Identifier:
keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/9wR0q7uY9qIyQ40AvpjCpNRQNEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.68.0/22
193.104.32.0/24
IPv6:
2a05:2440::/29
Signature Algorithm: sha256WithRSAEncryption
17:62:69:40:15:27:08:9b:98:c0:0b:48:c4:8e:46:13:5b:21:
38:3a:1c:96:f1:67:4c:17:40:66:ec:4c:a1:9a:db:11:e9:65:
36:2d:fe:aa:7b:61:97:95:09:ef:8f:b6:a1:98:ed:d7:11:1e:
49:28:ac:e1:53:73:70:9a:be:7c:40:28:15:d8:85:aa:fb:83:
17:ae:b4:8a:d7:9f:60:7c:45:53:7e:0a:cc:47:63:c6:2f:1e:
d4:11:60:b8:dc:0b:13:3f:4b:f7:14:b2:68:29:5a:08:03:1b:
a2:55:6e:ee:fb:ad:78:ac:fe:e2:15:cd:aa:41:b3:da:04:a5:
f1:65:ec:52:ce:d1:98:1d:8b:5c:e8:52:3d:54:a8:84:ef:49:
dc:35:4a:f9:5b:62:a0:ff:9c:07:d2:c3:1f:33:d3:69:ec:83:
51:8c:38:cb:08:a8:4a:54:15:7f:bf:e5:6f:16:a0:ca:aa:04:
23:f1:a8:04:d6:e5:fb:6e:a3:a3:7c:52:25:0e:9f:32:06:10:
36:9b:a4:c8:32:78:37:dc:69:80:a3:2d:ae:17:3d:ac:f2:40:
56:b1:5c:7c:21:30:d4:a7:c5:a4:0f:b0:b7:8e:aa:21:a6:9a:
e2:33:d7:bb:e0:6c:01:84:56:9b:ad:72:b4:92:d3:fb:9d:4d:
6f:bf:a6:4a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZNQRXdoIGLWcWInkq/I/n3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmUzODgxZjNjNDQ3NzRmNTFjYzc1ZWU3ZTZmOTFjNTU2
NWE2MDYwHhcNMjQxMTIxMTk0OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzA0NzRhYmJiOThmNmEyMzI0MzhkMDBiZTk4YzJhNGQ0NTAzNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGIq2KWUZ0vHBWJYxTy/hvnbQghi
kZ2DPDvzjZ6aFJ61ho6W/gjPxOKkXYj3zvcRGKwQ14T6RK85+bO8qwGcNcfeHPb3
oUZCdjZsQFD0XIT5UYyE+WEwUC7tjG+/cNPDVkro3Ptsx9iADBJ0/3fvvOp9oSI0
IRfPvac77HvzaKX1+r+oIyz900QwB8+RwX36MU3JcDRFgdD1e5XqMxIzu77OHDjW
gwbiB2++uZqPXovnvnj0CO0GaO63yCunuD0Wow/UQd9ig/LZo+JEIiwZyeEzRxMv
i3kKOkHfu5GiGCdVJlXF8U/9jiv7qVlCqP+LsmUk7frXVnLHtA4igOztIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPcEdKu7mPaiMkONAL6YwqTUUDRKMB8GA1UdIwQY
MBaAFFz+OIHzxEd09RzHXufm+RxVZaYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYt
N2M5OTgwNzlhNmE5LzEvOXdSMHE3dVk5cUl5UTQwQXZwakNwTlJRTkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYtN2M5OTgwNzlhNmE5
LzEvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYVEAwQA
wWggMA0EAgACMAcDBQMqBSRAMA0GCSqGSIb3DQEBCwUAA4IBAQAXYmlAFScIm5jA
C0jEjkYTWyE4OhyW8WdMF0Bm7EyhmtsR6WU2Lf6qe2GXlQnvj7ahmO3XER5JKKzh
U3Nwmr58QCgV2IWq+4MXrrSK159gfEVTfgrMR2PGLx7UEWC43AsTP0v3FLJoKVoI
AxuiVW7u+614rP7iFc2qQbPaBKXxZexSztGYHYtc6FI9VKiE70ncNUr5W2Kg/5wH
0sMfM9Np7INRjDjLCKhKVBV/v+VvFqDKqgQj8agE1uX7bqOjfFIlDp8yBhA2m6TI
Mng33GmAoy2uFz2s8kBWsVx8ITDUp8WkD7C3jqohppriM9e74GwBhFabrXK0ktP7
nU1vv6ZK
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:19 2024 by rpki-client on console-ams.rpki-client.org