Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/X9y-Un66Bjpq4D1CPUXai9zIJFE.roa
File: X9y-Un66Bjpq4D1CPUXai9zIJFE.roa (raw, json)
Hash identifier: lJXVLbbSM9oPlfblnlydn+oMvh/AQivxOQR5C7WA9No=
Subject key identifier: 5F:DC:BE:52:7E:BA:06:3A:6A:E0:3D:42:3D:45:DA:8B:DC:C8:24:51
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018CC86F29D6AD3373D9F57D0534E7B32E12
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/X9y-Un66Bjpq4D1CPUXai9zIJFE.roa
Signing time: Tue 02 Jan 2024 04:29:37 +0000
ROA not before: Tue 02 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208737
IP address blocks: 78.159.130.0/24 maxlen: 24
91.92.54.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:29:d6:ad:33:73:d9:f5:7d:05:34:e7:b3:2e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fdcbe527eba063a6ae03d423d45da8bdcc82451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:58:0d:c5:ae:a5:0b:8f:65:4d:d3:4f:a1:fd:
6e:03:8d:47:82:44:97:02:87:75:4b:78:7a:84:9c:
28:20:76:d2:2a:cb:a5:d0:95:c7:a9:8d:94:e1:8a:
6b:f3:05:9d:f4:c0:ad:4a:e2:f0:dc:43:bc:1f:da:
60:37:25:69:fd:47:3a:5f:86:80:bd:33:fa:7a:ef:
91:5f:42:e4:b1:40:13:17:cf:b1:ba:d3:eb:0f:71:
aa:a6:0a:8e:c3:14:75:d2:eb:84:84:a4:6a:e3:4f:
d3:79:a9:58:d9:f8:ca:1a:9a:ec:d5:03:fb:67:6e:
f2:23:a9:09:e0:75:1d:73:a7:c7:3b:fb:de:5b:7b:
97:08:92:7d:61:b3:a6:4f:e7:84:ec:0b:0f:ae:d7:
67:6d:ee:e8:9f:86:ce:a2:da:b6:33:4b:78:cc:d0:
52:cc:29:ac:94:d6:5c:b7:38:98:9c:52:e6:50:7e:
83:b8:25:ff:f0:28:a5:af:84:78:53:50:ea:87:ca:
5c:17:18:74:96:9e:74:33:d4:8a:e4:5f:54:fb:27:
e7:e0:ac:64:c1:e2:1a:06:00:63:51:a0:c2:39:da:
2d:dc:6e:5d:f4:c0:83:bd:fb:3f:48:d0:5b:2d:57:
6a:e0:98:5b:90:52:79:2a:e7:dd:75:4b:48:76:3c:
3f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DC:BE:52:7E:BA:06:3A:6A:E0:3D:42:3D:45:DA:8B:DC:C8:24:51
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/X9y-Un66Bjpq4D1CPUXai9zIJFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.130.0/24
78.159.156.0/24
91.92.54.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:26:0b:70:39:ff:9e:11:08:5e:30:46:2d:c1:6c:ef:ea:cf:
5f:ac:ac:be:ff:0f:dd:90:4c:29:24:bd:46:13:a7:2e:a0:4c:
28:c6:7a:a9:47:e5:4c:44:3d:19:08:68:36:17:3d:c3:f5:66:
0a:51:4f:ec:6e:4c:f7:9f:fc:b8:a1:68:5d:3b:6e:eb:9e:a4:
a0:94:0e:87:37:59:b0:b4:86:40:f4:a0:a5:54:3e:8f:b3:a9:
ef:e7:a3:e4:1e:fb:49:a4:94:94:49:9d:bb:e9:a4:2b:12:96:
49:d9:72:5b:1f:a2:3a:4c:aa:60:82:bb:8e:e3:15:2b:b4:4e:
ae:e9:ae:81:e1:1c:4f:6a:da:77:65:a1:95:35:4c:09:ac:86:
14:3c:87:34:38:d1:16:df:af:c7:95:38:b0:55:60:3d:7e:e4:
52:cb:fb:72:a1:48:2f:5b:96:c9:6e:f6:d8:02:79:9f:57:63:
f1:33:86:ed:5c:77:8c:b8:d6:16:6f:2c:80:72:95:cf:00:6c:
15:38:23:3f:e0:6d:c5:0f:24:92:20:02:62:cd:3e:c7:03:14:
19:54:84:8b:73:86:43:1e:7c:49:79:7d:5d:66:db:33:b1:bf:
d5:63:8f:ad:00:c1:64:fd:f3:f7:ee:c6:c4:82:ac:b5:e2:3b:
91:58:a2:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIbynWrTNz2fV9BTTnsy4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMTAyMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmRjYmU1MjdlYmEwNjNhNmFlMDNkNDIzZDQ1ZGE4YmRjYzgyNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1gNxa6lC49lTdNPof1uA41HgkSX
Aod1S3h6hJwoIHbSKsul0JXHqY2U4Ypr8wWd9MCtSuLw3EO8H9pgNyVp/Uc6X4aA
vTP6eu+RX0LksUATF8+xutPrD3GqpgqOwxR10uuEhKRq40/TealY2fjKGprs1QP7
Z27yI6kJ4HUdc6fHO/veW3uXCJJ9YbOmT+eE7AsPrtdnbe7on4bOotq2M0t4zNBS
zCmslNZctziYnFLmUH6DuCX/8Cilr4R4U1Dqh8pcFxh0lp50M9SK5F9U+yfn4Kxk
weIaBgBjUaDCOdot3G5d9MCDvfs/SNBbLVdq4JhbkFJ5KufddUtIdjw/hwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF/cvlJ+ugY6auA9Qj1F2ovcyCRRMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvWDl5LVVuNjZCanBxNEQxQ1BVWGFpOXpJSkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATp+CAwQA
Tp+cAwQAW1w2MA0GCSqGSIb3DQEBCwUAA4IBAQAeJgtwOf+eEQheMEYtwWzv6s9f
rKy+/w/dkEwpJL1GE6cuoEwoxnqpR+VMRD0ZCGg2Fz3D9WYKUU/sbkz3n/y4oWhd
O27rnqSglA6HN1mwtIZA9KClVD6Ps6nv56PkHvtJpJSUSZ276aQrEpZJ2XJbH6I6
TKpggruO4xUrtE6u6a6B4RxPatp3ZaGVNUwJrIYUPIc0ONEW36/HlTiwVWA9fuRS
y/tyoUgvW5bJbvbYAnmfV2PxM4btXHeMuNYWbyyAcpXPAGwVOCM/4G3FDySSIAJi
zT7HAxQZVISLc4ZDHnxJeX1dZtszsb/VY4+tAMFk/fP37sbEgqy14juRWKJa
-----END CERTIFICATE-----
Generated at Mon May 13 10:52:24 2024 by rpki-client on console-ams.rpki-client.org