Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/x4XyscLak4rg-yXicfTaZj4HIqA.roa
File: x4XyscLak4rg-yXicfTaZj4HIqA.roa (raw, json)
Hash identifier: +HpxWGnASJviEJDiL1LdLaCfUHzgTJ9nn+vzCY0s9R0=
Subject key identifier: C7:85:F2:B1:C2:DA:93:8A:E0:FB:25:E2:71:F4:DA:66:3E:07:22:A0
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018CC726A506C065D94038039A2011009BF8
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/x4XyscLak4rg-yXicfTaZj4HIqA.roa
Signing time: Mon 01 Jan 2024 22:30:47 +0000
ROA not before: Mon 01 Jan 2024 22:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207645
IP address blocks: 87.254.0.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:a5:06:c0:65:d9:40:38:03:9a:20:11:00:9b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 1 22:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c785f2b1c2da938ae0fb25e271f4da663e0722a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f5:44:60:ca:50:42:cf:d7:5f:df:26:a6:5b:
63:a1:f2:03:f8:25:91:8c:17:d5:3e:a2:8f:a3:12:
b0:fc:e4:6a:7c:2e:79:ab:75:f9:c8:d8:db:ff:75:
4c:9f:32:b9:3a:9c:3b:72:5b:6e:10:31:ab:55:e7:
49:51:62:f8:c0:b0:7a:73:98:10:2b:37:2c:56:8b:
4c:04:d2:20:ca:5a:06:bf:14:cc:59:b9:33:f2:29:
dd:fb:c4:cf:84:93:53:d3:3c:61:21:38:4b:b6:18:
df:5b:34:53:07:36:69:83:a4:de:7a:43:0b:7c:56:
d2:1c:2a:89:04:9a:ce:06:a6:3f:8a:a9:fd:75:b1:
ea:fb:d2:57:69:f5:83:82:fb:fe:ad:de:64:f3:70:
30:ee:2d:29:8b:a4:84:33:db:42:f7:24:99:c7:b6:
8c:86:a7:d2:28:3f:c0:11:71:5e:43:89:47:72:7c:
34:56:5c:e2:14:4f:6e:83:9f:f3:5d:b5:e4:0a:15:
b1:33:8a:17:2a:5f:e7:03:78:dd:4f:20:31:df:b8:
43:e3:e0:3e:a7:6d:ea:b2:7f:9e:2a:31:24:a6:85:
e4:8f:c6:2b:ae:7d:c3:77:61:69:3c:45:c3:0c:7a:
88:90:6d:98:c5:cf:67:cb:8d:75:91:0a:cc:62:8f:
23:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:85:F2:B1:C2:DA:93:8A:E0:FB:25:E2:71:F4:DA:66:3E:07:22:A0
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/x4XyscLak4rg-yXicfTaZj4HIqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.0.0/23
Signature Algorithm: sha256WithRSAEncryption
42:5c:45:9b:f0:c7:b1:f0:f4:26:16:58:7d:ac:ec:a3:dc:74:
51:61:9f:a0:f4:03:2c:2d:8a:89:6d:4f:ec:6f:e5:76:df:77:
54:dc:98:7a:f2:4c:2f:8b:f2:58:91:3e:bc:69:d2:b3:66:3d:
b4:85:85:86:6a:ce:89:07:c3:8a:1a:06:2b:6c:ca:69:4d:30:
33:f2:11:d3:d7:e4:d5:f6:39:b2:5e:a7:61:2e:ba:8c:80:7a:
52:48:14:b3:22:76:76:0e:99:58:23:c8:1a:c2:56:d7:e8:76:
96:37:98:34:93:fc:bd:9c:b9:ad:4c:c5:c5:ed:40:cd:c0:cb:
9d:79:de:43:89:a9:12:92:1c:55:dc:e6:bf:9b:2c:5e:d8:bc:
ae:28:63:04:3f:a6:9a:fa:76:bf:50:1b:29:72:82:57:3a:d8:
6f:e2:a8:9f:db:4b:69:d6:0a:33:12:8d:dd:c4:da:a5:93:43:
6e:9b:ec:79:2a:c9:05:74:db:39:61:3e:a2:c9:05:69:81:75:
cd:84:29:db:b7:b7:b0:da:61:d4:8c:9c:b4:9e:0c:55:46:d8:
d5:3f:5e:24:9a:2b:20:fc:fd:10:ae:06:f1:6f:79:a0:8b:b4:
15:1a:dc:0b:36:2c:a3:02:2a:87:ab:4c:0b:ca:2a:bb:99:29:
85:9f:9e:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJqUGwGXZQDgDmiARAJv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjQwMTAxMjIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzg1ZjJiMWMyZGE5MzhhZTBmYjI1ZTI3MWY0ZGE2NjNlMDcyMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPVEYMpQQs/XX98mpltjofID+CWR
jBfVPqKPoxKw/ORqfC55q3X5yNjb/3VMnzK5Opw7cltuEDGrVedJUWL4wLB6c5gQ
KzcsVotMBNIgyloGvxTMWbkz8ind+8TPhJNT0zxhIThLthjfWzRTBzZpg6TeekML
fFbSHCqJBJrOBqY/iqn9dbHq+9JXafWDgvv+rd5k83Aw7i0pi6SEM9tC9ySZx7aM
hqfSKD/AEXFeQ4lHcnw0VlziFE9ug5/zXbXkChWxM4oXKl/nA3jdTyAx37hD4+A+
p23qsn+eKjEkpoXkj8Yrrn3Dd2FpPEXDDHqIkG2Yxc9ny411kQrMYo8jMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMeF8rHC2pOK4Psl4nH02mY+ByKgMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEveDRYeXNjTGFrNHJnLXlYaWNmVGFaajRISXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBV/4AMA0G
CSqGSIb3DQEBCwUAA4IBAQBCXEWb8Mex8PQmFlh9rOyj3HRRYZ+g9AMsLYqJbU/s
b+V233dU3Jh68kwvi/JYkT68adKzZj20hYWGas6JB8OKGgYrbMppTTAz8hHT1+TV
9jmyXqdhLrqMgHpSSBSzInZ2DplYI8gawlbX6HaWN5g0k/y9nLmtTMXF7UDNwMud
ed5DiakSkhxV3Oa/myxe2LyuKGMEP6aa+na/UBspcoJXOthv4qif20tp1gozEo3d
xNqlk0Num+x5KskFdNs5YT6iyQVpgXXNhCnbt7ew2mHUjJy0ngxVRtjVP14kmisg
/P0Qrgbxb3mgi7QVGtwLNiyjAiqHq0wLyiq7mSmFn55S
-----END CERTIFICATE-----
Generated at Fri May 10 02:17:29 2024 by rpki-client on console-fra.rpki-client.org