Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/XVIOaY56ACjByfQ-N6xJxbAoMyE.roa
File: XVIOaY56ACjByfQ-N6xJxbAoMyE.roa (raw, json)
Hash identifier: O94YJlb7VXLt8LCyVmZ5wLmCG8PvfHdqdzdESXbLnBA=
Subject key identifier: 5D:52:0E:69:8E:7A:00:28:C1:C9:F4:3E:37:AC:49:C5:B0:28:33:21
Certificate issuer: /CN=4d136295f7f32e64be78fb399eb6d15ae3e92632
Certificate serial: 018CC7946EA3F58D282804ED99FFDD6A2463
Authority key identifier: 4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/XVIOaY56ACjByfQ-N6xJxbAoMyE.roa
Signing time: Tue 02 Jan 2024 00:30:42 +0000
ROA not before: Tue 02 Jan 2024 00:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60631
IP address blocks: 194.5.175.0/24 maxlen: 24
194.5.188.0/24 maxlen: 24
194.5.195.0/24 maxlen: 24
194.5.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:6e:a3:f5:8d:28:28:04:ed:99:ff:dd:6a:24:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d136295f7f32e64be78fb399eb6d15ae3e92632
Validity
Not Before: Jan 2 00:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d520e698e7a0028c1c9f43e37ac49c5b0283321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:38:63:46:32:7a:d3:0c:2f:93:52:81:e8:eb:
7b:0f:49:a9:c7:db:32:b5:5c:49:70:18:32:dd:78:
fa:35:c0:17:7a:7c:10:e7:7f:77:7a:1b:c2:6f:94:
db:91:76:ea:41:36:37:46:01:90:c8:0b:6c:f2:f9:
ce:29:f7:ea:99:b7:b4:ab:b6:69:55:e9:97:80:ff:
a1:be:c3:d6:ad:28:e8:5d:84:bf:39:88:53:c5:cb:
d3:2e:1d:4c:cc:16:40:c5:cd:45:7c:00:1c:51:4e:
d4:c5:3e:eb:82:e2:f4:fd:68:53:ba:3a:ec:2e:49:
96:83:7d:50:2f:9b:91:58:c3:2f:e6:e9:c1:f4:04:
ae:11:db:dc:b7:e7:f0:20:ed:9e:8c:be:85:75:ec:
de:9d:ba:a6:64:4f:68:b5:8c:ac:93:60:fa:53:01:
b3:3f:55:0e:10:17:df:4b:80:7a:7a:88:2f:30:12:
ef:08:a3:3d:6a:a2:51:79:05:7e:7b:42:b5:9c:9d:
3f:80:5f:e9:65:0a:d9:34:3f:b5:a4:0f:b1:a4:e2:
23:f0:9f:b1:3f:6d:54:72:77:d3:7e:83:b7:f5:d4:
74:b4:63:87:f8:de:50:49:bf:34:dd:48:d2:9a:e7:
a6:ec:1d:d9:ce:6e:80:a3:e6:59:bb:d0:d6:1d:72:
7c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:52:0E:69:8E:7A:00:28:C1:C9:F4:3E:37:AC:49:C5:B0:28:33:21
X509v3 Authority Key Identifier:
keyid:4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/XVIOaY56ACjByfQ-N6xJxbAoMyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.175.0/24
194.5.188.0/24
194.5.195.0/24
194.5.205.0/24
Signature Algorithm: sha256WithRSAEncryption
45:26:95:02:cf:1f:2f:95:ab:89:10:cd:5e:c5:ac:9e:02:d5:
bd:bc:b2:ec:91:b8:a1:53:65:b6:23:05:5f:fe:ac:6d:85:95:
d4:a2:f7:16:d9:6b:4b:b2:0c:5d:3f:d1:7d:b6:ee:ce:66:35:
b8:31:09:96:43:1c:26:80:c4:d5:da:a5:bb:f5:23:24:74:c3:
16:9c:93:75:e7:73:71:65:65:84:f9:fa:ae:0f:c6:1f:a8:ae:
ac:b5:6c:cd:d6:51:14:bf:28:63:1a:de:8c:d1:96:1e:e7:bc:
28:05:12:44:ca:11:4e:df:ec:03:1b:86:d7:81:25:e9:b8:9d:
15:8b:91:7c:2a:1b:d9:5c:84:3b:05:a3:2b:4b:33:91:9e:1a:
d2:77:a6:6f:e0:5b:7c:80:64:7a:2c:39:46:76:f0:3b:f6:ed:
52:c0:67:9c:cf:7d:b1:67:22:f8:2e:0f:18:32:aa:e0:ca:cf:
e8:41:aa:5a:a8:0f:92:4b:f4:4f:eb:5e:f5:50:6e:1d:b6:a1:
23:d9:05:83:aa:f2:5d:55:fc:64:78:e5:aa:69:0b:ff:42:18:
a1:0e:5c:38:9c:43:81:5b:dc:1d:21:18:72:e3:c2:10:a5:17:
97:29:6e:5a:06:dc:f0:cc:19:dc:d2:37:e9:cb:e2:b3:ea:8f:
9c:3a:d9:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlG6j9Y0oKATtmf/daiRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTM2Mjk1ZjdmMzJlNjRiZTc4ZmIzOTllYjZkMTVhZTNl
OTI2MzIwHhcNMjQwMTAyMDAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDUyMGU2OThlN2EwMDI4YzFjOWY0M2UzN2FjNDljNWIwMjgzMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DhjRjJ60wwvk1KB6Ot7D0mpx9sy
tVxJcBgy3Xj6NcAXenwQ5393ehvCb5TbkXbqQTY3RgGQyAts8vnOKffqmbe0q7Zp
VemXgP+hvsPWrSjoXYS/OYhTxcvTLh1MzBZAxc1FfAAcUU7UxT7rguL0/WhTujrs
LkmWg31QL5uRWMMv5unB9ASuEdvct+fwIO2ejL6FdezenbqmZE9otYysk2D6UwGz
P1UOEBffS4B6eogvMBLvCKM9aqJReQV+e0K1nJ0/gF/pZQrZND+1pA+xpOIj8J+x
P21UcnfTfoO39dR0tGOH+N5QSb803UjSmuem7B3Zzm6Ao+ZZu9DWHXJ8YQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF1SDmmOegAowcn0PjesScWwKDMhMB8GA1UdIwQY
MBaAFE0TYpX38y5kvnj7OZ620Vrj6SYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJOaWxmZnpMbVMtZVBzNW5yYlJXdVBwSmpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNDQzMzAtNWQzYi00NDc5LThiMTAt
MmJiN2ZkZDVmNzI4LzEvWFZJT2FZNTZBQ2pCeWZRLU42eEp4YkFvTXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iNDQzMzAtNWQzYi00NDc5LThiMTAtMmJiN2ZkZDVmNzI4
LzEvVFJOaWxmZnpMbVMtZVBzNW5yYlJXdVBwSmpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwgWvAwQA
wgW8AwQAwgXDAwQAwgXNMA0GCSqGSIb3DQEBCwUAA4IBAQBFJpUCzx8vlauJEM1e
xayeAtW9vLLskbihU2W2IwVf/qxthZXUovcW2WtLsgxdP9F9tu7OZjW4MQmWQxwm
gMTV2qW79SMkdMMWnJN153NxZWWE+fquD8YfqK6stWzN1lEUvyhjGt6M0ZYe57wo
BRJEyhFO3+wDG4bXgSXpuJ0Vi5F8KhvZXIQ7BaMrSzORnhrSd6Zv4Ft8gGR6LDlG
dvA79u1SwGecz32xZyL4Lg8YMqrgys/oQapaqA+SS/RP6171UG4dtqEj2QWDqvJd
VfxkeOWqaQv/QhihDlw4nEOBW9wdIRhy48IQpReXKW5aBtzwzBnc0jfpy+Kz6o+c
Otmd
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:28:02 2024 by rpki-client on console-ams.rpki-client.org