Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/xE3UCINMnG0RCT_m2jFifz3YI_I.roa
File: xE3UCINMnG0RCT_m2jFifz3YI_I.roa (raw, json)
Hash identifier: 4ag6h9vHiKl6oco6jDKbi/mumQRgQeuzaOi8WereNNQ=
Subject key identifier: C4:4D:D4:08:83:4C:9C:6D:11:09:3F:E6:DA:31:62:7F:3D:D8:23:F2
Certificate issuer: /CN=56cc7f4ac700bb5ad7f4b21c11111493ff6977a4
Certificate serial: 01948DD57DEC6BED57FBA40444273F8C2CED
Authority key identifier: 56:CC:7F:4A:C7:00:BB:5A:D7:F4:B2:1C:11:11:14:93:FF:69:77:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vsx_SscAu1rX9LIcEREUk_9pd6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/xE3UCINMnG0RCT_m2jFifz3YI_I.roa
Signing time: Wed 22 Jan 2025 11:46:06 +0000
ROA not before: Wed 22 Jan 2025 11:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199403
IP address blocks: 185.17.208.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/Vsx_SscAu1rX9LIcEREUk_9pd6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/Vsx_SscAu1rX9LIcEREUk_9pd6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vsx_SscAu1rX9LIcEREUk_9pd6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8d:d5:7d:ec:6b:ed:57:fb:a4:04:44:27:3f:8c:2c:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56cc7f4ac700bb5ad7f4b21c11111493ff6977a4
Validity
Not Before: Jan 22 11:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c44dd408834c9c6d11093fe6da31627f3dd823f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:53:85:f4:d2:8e:d8:c2:1e:11:df:88:b4:ca:
06:d0:80:74:e8:f4:31:ac:e1:62:93:c7:18:21:a3:
88:fa:e9:55:32:7f:55:a1:7c:a6:c6:37:78:4a:a8:
9c:02:e2:12:74:67:41:88:36:73:d5:c8:16:de:c5:
62:4a:12:62:fc:2a:a9:9e:7e:67:d7:d4:11:af:01:
ce:4c:96:fe:6b:37:b6:83:7d:ab:94:27:be:b5:e8:
35:e0:2e:ed:b6:b0:b1:00:69:89:a7:75:c5:19:0a:
b3:52:6b:f7:20:9a:1d:8f:37:7c:83:0a:46:ce:6c:
9a:b3:97:fc:c3:16:12:ed:8f:e3:6c:0e:0a:7a:4a:
a2:7a:bd:93:b6:87:f0:8f:68:55:2b:f2:6f:3b:92:
25:ce:a4:3c:36:cc:85:62:33:42:b9:0a:91:8c:2f:
59:e5:f0:ba:ee:e1:d1:d9:12:f9:40:75:99:4a:56:
17:c1:9d:c2:8c:e5:b4:81:0b:83:c7:6f:b9:08:90:
5b:74:49:4d:f7:56:0a:19:43:a4:04:86:38:ba:54:
c3:95:44:5d:a6:3d:b8:c1:f2:df:25:0f:e6:7f:39:
81:e5:d4:aa:da:91:16:d8:84:a6:9b:d2:6e:a9:b0:
d5:3a:1a:7c:ef:22:98:d7:7b:95:c2:c6:fb:a8:ff:
75:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4D:D4:08:83:4C:9C:6D:11:09:3F:E6:DA:31:62:7F:3D:D8:23:F2
X509v3 Authority Key Identifier:
keyid:56:CC:7F:4A:C7:00:BB:5A:D7:F4:B2:1C:11:11:14:93:FF:69:77:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vsx_SscAu1rX9LIcEREUk_9pd6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/xE3UCINMnG0RCT_m2jFifz3YI_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/09bf98-590d-4ad5-9eb3-9b86bffc833c/1/Vsx_SscAu1rX9LIcEREUk_9pd6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.208.0/22
Signature Algorithm: sha256WithRSAEncryption
36:2b:c8:4e:67:6d:d8:e8:01:51:05:13:93:f7:d6:73:79:16:
01:e0:ed:f5:9a:b9:e3:7c:f8:ab:37:8a:39:68:45:d6:66:f5:
85:19:cd:e7:ee:f6:9e:c3:6a:6d:b1:47:5d:37:14:d1:e9:2f:
f2:22:09:8a:72:0c:59:16:48:14:35:15:f0:a4:92:bd:76:fd:
77:11:eb:a0:e8:1c:49:86:cf:7a:a8:5a:42:e3:54:16:82:04:
c0:8c:a0:54:c7:81:87:6f:a1:d7:ac:fb:1f:ad:1d:b6:e9:7c:
ae:18:cc:2a:3d:13:cf:04:bd:e3:2e:eb:b0:b8:98:ba:37:27:
ee:36:86:14:99:29:c9:ad:bf:7d:6a:f9:f5:da:2d:1b:fc:57:
b4:9f:91:f9:7c:2a:44:03:3d:ab:aa:45:98:d3:13:88:2a:96:
ff:16:da:48:79:d8:6a:4a:bb:69:d0:9f:b8:81:fe:79:e8:02:
8b:fa:da:aa:e0:5c:d1:94:71:ed:76:b9:ef:8d:eb:82:30:9a:
70:6a:a4:7e:2b:be:d0:a6:9b:d5:00:0a:6a:fe:34:ac:db:53:
39:da:8b:5d:c2:16:8b:5e:93:00:15:ad:5d:b9:c2:f7:a1:05:
d4:af:8e:6f:a6:76:68:a4:cb:7d:3e:d8:6b:e5:dd:24:a2:3c:
2a:cf:5d:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSN1X3sa+1X+6QERCc/jCztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Y2M3ZjRhYzcwMGJiNWFkN2Y0YjIxYzExMTExNDkzZmY2
OTc3YTQwHhcNMjUwMTIyMTE0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRkZDQwODgzNGM5YzZkMTEwOTNmZTZkYTMxNjI3ZjNkZDgyM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1OF9NKO2MIeEd+ItMoG0IB06PQx
rOFik8cYIaOI+ulVMn9VoXymxjd4SqicAuISdGdBiDZz1cgW3sViShJi/Cqpnn5n
19QRrwHOTJb+aze2g32rlCe+teg14C7ttrCxAGmJp3XFGQqzUmv3IJodjzd8gwpG
zmyas5f8wxYS7Y/jbA4Kekqier2Ttofwj2hVK/JvO5IlzqQ8NsyFYjNCuQqRjC9Z
5fC67uHR2RL5QHWZSlYXwZ3CjOW0gQuDx2+5CJBbdElN91YKGUOkBIY4ulTDlURd
pj24wfLfJQ/mfzmB5dSq2pEW2ISmm9JuqbDVOhp87yKY13uVwsb7qP91NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRN1AiDTJxtEQk/5toxYn892CPyMB8GA1UdIwQY
MBaAFFbMf0rHALta1/SyHBERFJP/aXekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnN4X1NzY0F1MXJYOUxJY0VSRVVrXzlwZDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wOWJmOTgtNTkwZC00YWQ1LTllYjMt
OWI4NmJmZmM4MzNjLzEveEUzVUNJTk1uRzBSQ1RfbTJqRmlmejNZSV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wOWJmOTgtNTkwZC00YWQ1LTllYjMtOWI4NmJmZmM4MzNj
LzEvVnN4X1NzY0F1MXJYOUxJY0VSRVVrXzlwZDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRHQMA0G
CSqGSIb3DQEBCwUAA4IBAQA2K8hOZ23Y6AFRBROT99ZzeRYB4O31mrnjfPirN4o5
aEXWZvWFGc3n7vaew2ptsUddNxTR6S/yIgmKcgxZFkgUNRXwpJK9dv13Eeug6BxJ
hs96qFpC41QWggTAjKBUx4GHb6HXrPsfrR226XyuGMwqPRPPBL3jLuuwuJi6Nyfu
NoYUmSnJrb99avn12i0b/Fe0n5H5fCpEAz2rqkWY0xOIKpb/FtpIedhqSrtp0J+4
gf556AKL+tqq4FzRlHHtdrnvjeuCMJpwaqR+K77QppvVAApq/jSs21M52otdwhaL
XpMAFa1ducL3oQXUr45vpnZopMt9Pthr5d0kojwqz13X
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:14 2025 by rpki-client