Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/XoY5WACOh5t-_RZnXgH-FoEyPfo.roa
File: XoY5WACOh5t-_RZnXgH-FoEyPfo.roa (raw, json)
Hash identifier: H+MzkYOeBqnA9+5xM2wKwdwFshkmU5pheRzhCy+Mlio=
Subject key identifier: 5E:86:39:58:00:8E:87:9B:7E:FD:16:67:5E:01:FE:16:81:32:3D:FA
Certificate issuer: /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial: 019246D5C8F9131BDAAC16D36AF2DC09434C
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/XoY5WACOh5t-_RZnXgH-FoEyPfo.roa
Signing time: Tue 01 Oct 2024 06:47:48 +0000
ROA not before: Tue 01 Oct 2024 06:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43447
IP address blocks: 5.184.0.0/16 maxlen: 24
31.60.0.0/14 maxlen: 25
37.47.0.0/16 maxlen: 24
37.108.0.0/16 maxlen: 25
37.225.0.0/16 maxlen: 25
46.134.0.0/16 maxlen: 25
87.96.0.0/17 maxlen: 24
91.94.0.0/16 maxlen: 24
178.56.0.0/16 maxlen: 24
2a00:f40::/29 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:46:d5:c8:f9:13:1b:da:ac:16:d3:6a:f2:dc:09:43:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Validity
Not Before: Oct 1 06:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e863958008e879b7efd16675e01fe1681323dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:33:b3:a4:e5:81:12:c0:38:73:e0:51:80:4a:
42:12:5c:73:8a:37:3b:c9:65:b7:ec:ce:7e:29:de:
fa:6a:ee:77:10:4c:c7:32:89:b9:c0:6c:f6:e6:12:
ea:bd:d4:d6:fc:53:d6:24:04:b1:34:74:75:23:8f:
3c:16:3d:f5:57:df:3c:01:b0:30:3f:95:e2:88:c7:
6a:1d:db:b3:8b:c9:03:ed:b1:2d:82:6d:78:4a:b5:
cf:ba:af:56:ea:b3:c1:99:0d:93:2d:e8:84:39:87:
cf:62:58:db:48:08:cc:03:29:b0:b8:d5:8b:98:07:
de:58:33:f0:e8:9d:16:2b:1a:91:c0:8b:a4:71:2a:
45:4f:93:53:18:1d:ce:a5:21:39:7a:76:91:e0:0e:
94:b3:b0:b7:ad:a8:2e:04:07:61:6f:1d:9f:24:0c:
59:86:bb:c0:ca:7f:47:64:80:49:fa:e8:b1:25:b0:
99:48:94:cd:6c:9e:5f:94:0b:88:d1:2d:e6:13:ee:
d3:93:3a:4b:97:34:e3:24:a9:d5:8d:5a:1c:d0:d0:
b2:8a:30:79:df:42:e7:a1:2d:44:59:32:46:3d:85:
44:d0:98:98:10:9c:a6:87:84:7a:b1:a7:dd:9d:2d:
ae:d2:80:d2:33:9b:ff:7d:01:5c:4f:21:8c:f8:e1:
e2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:86:39:58:00:8E:87:9B:7E:FD:16:67:5E:01:FE:16:81:32:3D:FA
X509v3 Authority Key Identifier:
keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/XoY5WACOh5t-_RZnXgH-FoEyPfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.184.0.0/16
31.60.0.0/14
37.47.0.0/16
37.108.0.0/16
37.225.0.0/16
46.134.0.0/16
87.96.0.0/17
91.94.0.0/16
178.56.0.0/16
IPv6:
2a00:f40::/29
Signature Algorithm: sha256WithRSAEncryption
12:b6:49:38:bf:7d:ab:ea:b9:d8:a8:46:84:c0:f4:79:ba:f7:
b7:a3:03:9f:23:18:b0:d7:91:8c:2e:26:60:7d:b8:8f:1b:6f:
a0:89:ed:75:6d:ff:0f:05:c7:86:49:13:13:6b:d0:b0:78:06:
37:5b:6c:a0:d1:20:7f:0e:03:24:85:d1:06:67:1d:ab:63:78:
f0:26:96:49:5f:b9:27:f5:54:d1:5f:c4:f6:9a:ad:8a:c2:ea:
de:61:15:24:df:21:3d:60:d4:64:76:d2:d3:24:0d:45:46:05:
07:3c:cf:8e:6a:96:c0:cb:c1:16:c5:59:83:01:57:30:6a:9d:
9a:f9:d2:19:a0:79:43:13:33:f0:70:30:3b:de:2f:53:4d:b3:
e5:3b:2e:9e:df:d6:dd:b3:1d:44:49:4c:4e:ec:93:57:25:1f:
13:0c:a6:68:6d:60:67:28:85:87:3b:fa:10:41:af:e0:1a:61:
c7:7d:56:9b:6c:12:33:82:3d:41:ac:6f:fb:6f:c3:aa:1e:ee:
48:69:7a:98:a8:f1:05:2c:57:d5:70:3a:af:3e:df:b3:84:df:
93:24:29:6c:f6:54:f4:09:99:3d:5d:43:42:b3:74:59:2a:13:
fb:5d:b1:48:10:8a:01:4f:bb:a7:37:dd:35:40:80:6b:36:75:
67:0d:92:51
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZJG1cj5ExvarBbTavLcCUNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjQxMDAxMDY0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTg2Mzk1ODAwOGU4NzliN2VmZDE2Njc1ZTAxZmUxNjgxMzIzZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDOzpOWBEsA4c+BRgEpCElxzijc7
yWW37M5+Kd76au53EEzHMom5wGz25hLqvdTW/FPWJASxNHR1I488Fj31V988AbAw
P5XiiMdqHduzi8kD7bEtgm14SrXPuq9W6rPBmQ2TLeiEOYfPYljbSAjMAymwuNWL
mAfeWDPw6J0WKxqRwIukcSpFT5NTGB3OpSE5enaR4A6Us7C3raguBAdhbx2fJAxZ
hrvAyn9HZIBJ+uixJbCZSJTNbJ5flAuI0S3mE+7TkzpLlzTjJKnVjVoc0NCyijB5
30LnoS1EWTJGPYVE0JiYEJymh4R6safdnS2u0oDSM5v/fQFcTyGM+OHilQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFF6GOVgAjoebfv0WZ14B/haBMj36MB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvWG9ZNVdBQ09oNXQtX1JablhnSC1Gb0V5UGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTA0BAIAATAuAwMABbgDAwIf
PAMDACUvAwMAJWwDAwAl4QMDAC6GAwQHV2AAAwMAW14DAwCyODANBAIAAjAHAwUD
KgAPQDANBgkqhkiG9w0BAQsFAAOCAQEAErZJOL99q+q52KhGhMD0ebr3t6MDnyMY
sNeRjC4mYH24jxtvoIntdW3/DwXHhkkTE2vQsHgGN1tsoNEgfw4DJIXRBmcdq2N4
8CaWSV+5J/VU0V/E9pqtisLq3mEVJN8hPWDUZHbS0yQNRUYFBzzPjmqWwMvBFsVZ
gwFXMGqdmvnSGaB5QxMz8HAwO94vU02z5Tsunt/W3bMdRElMTuyTVyUfEwymaG1g
ZyiFhzv6EEGv4Bphx31Wm2wSM4I9Qaxv+2/Dqh7uSGl6mKjxBSxX1XA6rz7fs4Tf
kyQpbPZU9AmZPV1DQrN0WSoT+12xSBCKAU+7pzfdNUCAazZ1Zw2SUQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:12:43 2024 by rpki-client on console-fra.rpki-client.org