Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/X1SNEO7Ij2hzblHWnQovo2zyNbc.roa
File: X1SNEO7Ij2hzblHWnQovo2zyNbc.roa (raw, json)
Hash identifier: Q4xUiQ4TvFJS/bsXEEzY9wJS4C+BNTZ5mQhVqXL5L2A=
Subject key identifier: 5F:54:8D:10:EE:C8:8F:68:73:6E:51:D6:9D:0A:2F:A3:6C:F2:35:B7
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 018CC6B92DEC33A3CDE6AA1407B1E7274FB9
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/X1SNEO7Ij2hzblHWnQovo2zyNbc.roa
Signing time: Mon 01 Jan 2024 20:31:13 +0000
ROA not before: Mon 01 Jan 2024 20:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199251
IP address blocks: 176.58.44.0/24 maxlen: 24
176.58.45.0/24 maxlen: 24
176.58.48.0/23 maxlen: 23
176.58.51.0/24 maxlen: 24
176.58.52.0/24 maxlen: 24
176.58.55.0/24 maxlen: 24
176.58.57.0/24 maxlen: 24
176.58.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 04:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:2d:ec:33:a3:cd:e6:aa:14:07:b1:e7:27:4f:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jan 1 20:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f548d10eec88f68736e51d69d0a2fa36cf235b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ff:f7:b1:7c:fb:f7:07:ce:d2:4e:80:f0:94:
57:80:92:69:eb:9c:95:19:21:70:1c:13:53:f6:1e:
a0:a2:cb:af:d6:47:40:96:3b:ef:c6:aa:5b:53:2c:
16:bc:2e:ad:86:87:fe:2c:e5:d6:0b:75:d2:03:49:
8d:bb:90:92:0b:31:40:92:71:8b:e5:ef:36:a1:9d:
ae:5d:b8:8c:80:4f:de:2a:8d:95:8a:af:72:34:08:
1a:a8:bc:80:f3:f7:52:17:31:38:04:61:26:4a:2b:
53:d9:38:a3:29:fe:29:3a:58:76:77:c2:a2:63:bd:
08:20:e5:a8:1b:82:7a:b5:76:d8:4b:d5:b3:42:5c:
ac:5a:ed:85:d0:c5:ae:60:d9:eb:ad:37:3a:67:22:
8c:30:65:3b:a6:49:ad:45:65:1c:d8:ce:e2:b1:85:
53:78:34:9a:e0:48:86:4a:0e:3a:2a:72:4b:44:4d:
9c:4a:90:51:f4:90:29:bb:0d:eb:de:61:95:78:89:
0e:ad:28:e8:a2:b6:8c:88:5e:8e:8d:f3:29:f0:5f:
ac:59:ac:cd:71:36:2b:ef:3f:da:b6:22:a6:bc:f5:
58:c1:33:b2:7a:0a:0b:f7:99:87:b7:6d:15:97:64:
7c:98:c7:fd:9a:46:0a:4c:1f:7a:44:9b:85:b0:c7:
42:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:54:8D:10:EE:C8:8F:68:73:6E:51:D6:9D:0A:2F:A3:6C:F2:35:B7
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/X1SNEO7Ij2hzblHWnQovo2zyNbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.44.0/23
176.58.48.0/23
176.58.51.0-176.58.52.255
176.58.55.0/24
176.58.57.0/24
176.58.59.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:56:85:32:6e:8d:1d:d1:f7:99:35:74:78:02:48:ac:3d:bb:
8c:bc:c1:79:ec:08:6a:0a:6e:75:d3:a0:a2:9a:54:ef:93:a1:
dc:6c:a4:c4:f1:9a:e7:55:ff:62:34:4e:9e:76:06:fe:51:86:
0f:b6:53:4d:0c:ec:a6:64:5f:50:8c:82:11:47:7f:b2:6b:16:
90:da:2b:34:e5:bf:fe:8d:dc:3c:f4:01:06:21:e9:2b:22:f4:
29:4e:87:36:91:05:42:18:b4:00:ec:d2:34:04:a0:b2:fe:0c:
2e:f6:60:00:17:8a:1b:10:86:46:86:c1:cd:15:93:c9:e5:52:
58:47:97:87:73:70:a5:7c:4c:5c:fd:82:bd:98:ca:e3:5e:b1:
ad:4e:d8:cc:0b:34:0f:83:3c:3c:37:9d:ff:7c:60:52:e1:ba:
c1:0e:cd:56:58:c4:ea:5b:f4:ae:da:4b:82:bf:9a:f5:43:08:
95:86:6b:46:a3:d8:16:e5:b5:cd:8b:44:f4:77:1b:86:74:97:
7c:96:41:4f:84:77:4b:bb:1e:59:bc:28:a1:8f:76:ab:b5:29:
6f:5d:0c:0d:36:c7:32:fc:6d:c7:6b:0e:1b:64:7f:e3:e0:14:
bb:60:36:16:b4:72:4e:ff:df:a6:33:58:98:10:c0:17:11:c5:
a8:03:5e:40
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzGuS3sM6PN5qoUB7HnJ0+5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjQwMTAxMjAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjU0OGQxMGVlYzg4ZjY4NzM2ZTUxZDY5ZDBhMmZhMzZjZjIzNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiv/3sXz79wfO0k6A8JRXgJJp65yV
GSFwHBNT9h6gosuv1kdAljvvxqpbUywWvC6thof+LOXWC3XSA0mNu5CSCzFAknGL
5e82oZ2uXbiMgE/eKo2Viq9yNAgaqLyA8/dSFzE4BGEmSitT2TijKf4pOlh2d8Ki
Y70IIOWoG4J6tXbYS9WzQlysWu2F0MWuYNnrrTc6ZyKMMGU7pkmtRWUc2M7isYVT
eDSa4EiGSg46KnJLRE2cSpBR9JApuw3r3mGVeIkOrSjooraMiF6OjfMp8F+sWazN
cTYr7z/atiKmvPVYwTOyegoL95mHt20Vl2R8mMf9mkYKTB96RJuFsMdCmwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFF9UjRDuyI9oc25R1p0KL6Ns8jW3MB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvWDFTTkVPN0lqMmh6YmxIV25Rb3ZvMnp5TmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBsDosAwQB
sDowMAwDBACwOjMDBACwOjQDBACwOjcDBACwOjkDBACwOjswDQYJKoZIhvcNAQEL
BQADggEBAE5WhTJujR3R95k1dHgCSKw9u4y8wXnsCGoKbnXToKKaVO+TodxspMTx
mudV/2I0Tp52Bv5Rhg+2U00M7KZkX1CMghFHf7JrFpDaKzTlv/6N3Dz0AQYh6Ssi
9ClOhzaRBUIYtADs0jQEoLL+DC72YAAXihsQhkaGwc0Vk8nlUlhHl4dzcKV8TFz9
gr2YyuNesa1O2MwLNA+DPDw3nf98YFLhusEOzVZYxOpb9K7aS4K/mvVDCJWGa0aj
2Bbltc2LRPR3G4Z0l3yWQU+Ed0u7Hlm8KKGPdqu1KW9dDA02xzL8bcdrDhtkf+Pg
FLtgNha0ck7/36YzWJgQwBcRxagDXkA=
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:57:49 2024 by rpki-client on console-fra.rpki-client.org