Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/xDsz_EXiCuxqXinIhJm8wZBpNRo.roa
File: xDsz_EXiCuxqXinIhJm8wZBpNRo.roa (raw, json)
Hash identifier: 5ALLZjxS8p6i9HKiTMp9NvHlxTqJHFYm1JKbeypM0BE=
Subject key identifier: C4:3B:33:FC:45:E2:0A:EC:6A:5E:29:C8:84:99:BC:C1:90:69:35:1A
Certificate issuer: /CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Certificate serial: 018CC26D87EB234FAE5B66F31519B70E0A4F
Authority key identifier: 9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/xDsz_EXiCuxqXinIhJm8wZBpNRo.roa
Signing time: Mon 01 Jan 2024 00:30:07 +0000
ROA not before: Mon 01 Jan 2024 00:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57837
IP address blocks: 84.201.98.0/24 maxlen: 24
2a00:1348:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:87:eb:23:4f:ae:5b:66:f3:15:19:b7:0e:0a:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Validity
Not Before: Jan 1 00:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c43b33fc45e20aec6a5e29c88499bcc19069351a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f7:82:0f:0a:f8:8a:4f:19:7f:a6:52:64:04:
cc:7a:71:3e:29:3e:d8:fa:57:7d:40:e4:6b:a2:38:
57:34:ca:28:64:31:ec:de:b8:c2:0b:9e:b8:92:8a:
44:e4:dd:1b:dd:9a:e8:2a:e7:75:ff:c2:d1:ab:e6:
36:77:db:26:19:8a:11:fd:c8:0e:c9:3b:03:25:da:
d3:bd:b4:ae:4a:8b:a5:ac:19:5f:1b:ec:24:17:2e:
82:45:f2:3e:3b:b4:87:7f:d3:d0:8a:d5:0e:43:95:
f2:b8:d3:3d:58:84:e3:26:35:2c:60:de:22:a5:41:
0b:fa:f2:b5:66:7e:a8:31:41:d6:3f:9b:a6:b5:76:
da:d2:1f:00:03:c5:94:d3:a2:44:1c:a8:5a:c9:fe:
c2:9c:d1:86:fc:98:26:a8:72:15:a1:d5:9b:17:45:
a3:9a:e6:e8:72:7b:ff:fd:13:28:66:68:c2:c1:98:
a3:db:1d:05:43:48:a6:0a:09:0f:16:3a:93:0c:99:
19:a5:b4:63:ea:10:24:54:71:65:7a:d6:ff:86:6b:
3f:38:a8:4e:58:58:ac:82:c4:13:b7:be:c2:0d:29:
7f:e7:e5:55:c7:11:ac:95:6e:b1:ca:a2:71:8b:a7:
82:b1:df:92:10:58:5b:f4:5f:04:7b:de:56:b5:af:
88:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3B:33:FC:45:E2:0A:EC:6A:5E:29:C8:84:99:BC:C1:90:69:35:1A
X509v3 Authority Key Identifier:
keyid:9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/xDsz_EXiCuxqXinIhJm8wZBpNRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.201.98.0/24
IPv6:
2a00:1348:10::/48
Signature Algorithm: sha256WithRSAEncryption
39:9e:93:aa:6e:f9:de:89:71:76:ce:b8:1c:58:33:7c:41:3b:
53:b6:95:ef:3e:8a:df:9c:55:2f:a4:f8:03:7a:9d:4d:c0:b6:
14:f3:50:fc:db:d5:b3:26:3f:9e:e6:67:92:2d:ee:38:79:5e:
78:52:51:6b:30:04:33:e4:d5:bf:f5:3a:bc:85:d8:81:1f:42:
1a:71:fc:a4:8a:54:e8:1f:5a:76:32:ca:77:0b:88:38:4f:c3:
50:8a:0f:37:43:ac:1f:81:a0:17:24:ab:04:d8:1f:4a:1c:7e:
78:93:00:6a:e4:2f:82:82:70:71:6e:e2:74:74:80:83:40:3a:
e5:a7:f6:91:08:18:9c:74:b6:0b:ba:ba:51:df:46:6b:42:3c:
70:04:a4:d8:16:60:da:00:fd:c1:27:04:a0:8b:50:22:a1:b9:
bb:2e:54:0b:ed:78:6d:b5:36:f7:47:63:49:ca:08:5c:f5:71:
8a:6e:ab:5c:ed:88:91:5d:1f:37:b7:64:82:f3:11:02:84:45:
30:a4:9e:2d:a5:de:27:fa:9f:a6:d8:3c:76:fd:ab:b0:85:6b:
f5:42:a9:ec:41:7a:7e:69:a1:e8:23:1c:a1:a0:5f:2b:f3:4f:
11:d1:81:6b:66:2e:94:bc:12:f2:34:bd:dd:88:9d:bf:b1:e5:
83:d9:88:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbYfrI0+uW2bzFRm3DgpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNjMyZWRiNjM1YWE4ZjljNDBhMDQ5NWE3YTYzYmI2NTM5
NTgwYmIwHhcNMjQwMTAxMDAzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDNiMzNmYzQ1ZTIwYWVjNmE1ZTI5Yzg4NDk5YmNjMTkwNjkzNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/eCDwr4ik8Zf6ZSZATMenE+KT7Y
+ld9QORrojhXNMooZDHs3rjCC564kopE5N0b3ZroKud1/8LRq+Y2d9smGYoR/cgO
yTsDJdrTvbSuSoulrBlfG+wkFy6CRfI+O7SHf9PQitUOQ5XyuNM9WITjJjUsYN4i
pUEL+vK1Zn6oMUHWP5umtXba0h8AA8WU06JEHKhayf7CnNGG/JgmqHIVodWbF0Wj
mubocnv//RMoZmjCwZij2x0FQ0imCgkPFjqTDJkZpbRj6hAkVHFletb/hms/OKhO
WFisgsQTt77CDSl/5+VVxxGslW6xyqJxi6eCsd+SEFhb9F8Ee95Wta+IDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMQ7M/xF4grsal4pyISZvMGQaTUaMB8GA1UdIwQY
MBaAFJtjLttjWqj5xAoElaemO7ZTlYC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJNdTIyTmFxUG5FQ2dTVnA2WTd0bE9WZ0xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kMDI5ODMtYjExYy00YmY3LWI0YjUt
ZThjOWFkNWYwNTFhLzEveERzel9FWGlDdXhxWGluSWhKbTh3WkJwTlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kMDI5ODMtYjExYy00YmY3LWI0YjUtZThjOWFkNWYwNTFh
LzEvbTJNdTIyTmFxUG5FQ2dTVnA2WTd0bE9WZ0xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVMliMA8E
AgACMAkDBwAqABNIABAwDQYJKoZIhvcNAQELBQADggEBADmek6pu+d6JcXbOuBxY
M3xBO1O2le8+it+cVS+k+AN6nU3AthTzUPzb1bMmP57mZ5It7jh5XnhSUWswBDPk
1b/1OryF2IEfQhpx/KSKVOgfWnYyyncLiDhPw1CKDzdDrB+BoBckqwTYH0ocfniT
AGrkL4KCcHFu4nR0gINAOuWn9pEIGJx0tgu6ulHfRmtCPHAEpNgWYNoA/cEnBKCL
UCKhubsuVAvteG21NvdHY0nKCFz1cYpuq1ztiJFdHze3ZILzEQKERTCkni2l3if6
n6bYPHb9q7CFa/VCqexBen5poegjHKGgXyvzTxHRgWtmLpS8EvI0vd2Inb+x5YPZ
iII=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:45:52 2024 by rpki-client on console-fra.rpki-client.org