Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/RXG6QFtN84IZcbJnW_pa01m4h1I.roa
File: RXG6QFtN84IZcbJnW_pa01m4h1I.roa (raw, json)
Hash identifier: /RuHlBMjOSW575UrbjgheGbLu5dEybwCQMac6AFwoPU=
Subject key identifier: 45:71:BA:40:5B:4D:F3:82:19:71:B2:67:5B:FA:5A:D3:59:B8:87:52
Certificate issuer: /CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Certificate serial: 018CC5DBF7BBAB33B7826657786D310F3813
Authority key identifier: DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/RXG6QFtN84IZcbJnW_pa01m4h1I.roa
Signing time: Mon 01 Jan 2024 16:29:36 +0000
ROA not before: Mon 01 Jan 2024 16:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50973
IP address blocks: 79.171.50.0/24 maxlen: 24
79.171.49.0/24 maxlen: 24
79.171.48.0/21 maxlen: 21
79.171.48.0/24 maxlen: 24
79.171.52.0/24 maxlen: 24
79.171.55.0/24 maxlen: 24
188.172.111.0/24 maxlen: 24
188.172.110.0/24 maxlen: 24
188.172.109.0/24 maxlen: 24
188.172.108.0/24 maxlen: 24
188.172.97.0/24 maxlen: 24
188.172.96.0/24 maxlen: 24
188.172.98.0/24 maxlen: 24
188.172.103.0/24 maxlen: 24
188.172.104.0/22 maxlen: 22
188.172.102.0/24 maxlen: 24
188.172.101.0/24 maxlen: 24
188.172.100.0/24 maxlen: 24
188.172.99.0/24 maxlen: 24
2a0a:a0c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.mft
rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 19:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f7:bb:ab:33:b7:82:66:57:78:6d:31:0f:38:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Validity
Not Before: Jan 1 16:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4571ba405b4df3821971b2675bfa5ad359b88752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b8:bb:c0:0a:c5:f3:b4:11:1d:c8:07:de:30:
c8:fd:cc:b3:72:04:e9:cc:c8:aa:74:4d:b4:49:be:
8e:75:91:7f:29:ba:d1:24:8c:8c:38:85:2c:4f:73:
ea:d3:8c:13:8d:f7:35:2c:4b:3f:30:f0:50:a2:53:
62:23:8a:5b:ea:e3:1a:17:92:77:69:68:65:76:cc:
77:bc:1c:23:c3:55:5e:c9:19:ac:71:d5:3a:d3:00:
96:54:0a:ad:e5:9c:ca:cd:79:ec:fd:b1:1b:f9:d5:
0b:a0:d0:98:28:05:53:05:5b:25:b8:78:b3:3d:d4:
c0:40:8d:ba:a9:35:3f:8d:8a:6c:11:8a:56:01:9e:
13:db:5c:0e:7c:40:47:f6:d8:6d:e9:84:a5:4a:98:
29:86:64:2d:1e:ea:09:78:5d:38:6f:41:1f:6d:51:
90:07:a2:c5:90:c7:4e:fb:13:76:37:fa:e7:be:3a:
47:1c:58:9b:4e:a8:b2:10:1e:fc:94:f1:af:f7:9e:
48:00:5f:44:c9:e6:83:2a:03:08:1e:df:62:44:92:
68:64:c7:fd:0f:c5:3c:e4:72:c4:13:dd:73:5e:a1:
50:45:21:2c:53:7c:80:0a:5f:95:47:46:ca:32:47:
f9:81:ee:1f:77:ea:45:51:db:06:c9:59:f1:ae:ed:
32:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:71:BA:40:5B:4D:F3:82:19:71:B2:67:5B:FA:5A:D3:59:B8:87:52
X509v3 Authority Key Identifier:
keyid:DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/RXG6QFtN84IZcbJnW_pa01m4h1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.48.0/21
188.172.96.0/20
IPv6:
2a0a:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
91:c4:df:78:fe:e0:0f:ad:1e:f8:19:41:03:ec:55:54:65:b4:
d4:6f:11:3d:b1:4c:78:1b:0e:03:3c:d5:f4:d5:9c:bc:dd:ec:
99:bf:05:56:92:c9:a1:9e:c1:e0:41:79:5e:19:91:34:5d:71:
af:58:db:78:cd:52:6e:cc:5e:62:ec:69:64:98:25:93:a2:f0:
00:00:c9:fe:d2:32:81:3e:9d:8b:f0:13:6f:f8:4c:24:60:0b:
9c:8e:4f:33:37:8f:5b:a6:12:ee:97:d4:a4:95:da:84:da:cd:
73:62:3f:a8:e6:cf:75:b5:02:bd:af:a3:77:98:18:32:5c:8c:
4f:e1:ca:ba:11:9a:b7:33:62:66:37:f1:b3:26:06:96:99:7e:
78:80:34:65:c2:d2:99:c8:27:83:2f:8c:e5:88:73:4e:4f:07:
b3:39:a4:5e:2c:4b:4c:5b:61:8e:23:d0:03:75:63:f4:e2:c0:
df:a0:15:87:02:2e:18:20:e0:6a:45:c6:87:93:66:9f:66:33:
15:8c:6f:04:9d:01:95:1e:a8:29:95:f0:32:49:9c:fa:c6:c2:
74:0f:54:cc:4e:fb:9d:24:10:01:d4:28:88:d2:48:bb:d1:d6:
d1:4f:5a:49:46:5d:6b:5f:d3:96:d9:a2:e4:08:a0:10:9e:dd:
7b:3b:a7:b2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF2/e7qzO3gmZXeG0xDzgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODg3N2YzYzU1YjUyOGUxYTI5ZGIzZDc5OTIwNjU2ZjBj
NjZhZWIwHhcNMjQwMTAxMTYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTcxYmE0MDViNGRmMzgyMTk3MWIyNjc1YmZhNWFkMzU5Yjg4NzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbi7wArF87QRHcgH3jDI/cyzcgTp
zMiqdE20Sb6OdZF/KbrRJIyMOIUsT3Pq04wTjfc1LEs/MPBQolNiI4pb6uMaF5J3
aWhldsx3vBwjw1VeyRmscdU60wCWVAqt5ZzKzXns/bEb+dULoNCYKAVTBVsluHiz
PdTAQI26qTU/jYpsEYpWAZ4T21wOfEBH9tht6YSlSpgphmQtHuoJeF04b0EfbVGQ
B6LFkMdO+xN2N/rnvjpHHFibTqiyEB78lPGv955IAF9EyeaDKgMIHt9iRJJoZMf9
D8U85HLEE91zXqFQRSEsU3yACl+VR0bKMkf5ge4fd+pFUdsGyVnxru0y+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEVxukBbTfOCGXGyZ1v6WtNZuIdSMB8GA1UdIwQY
MBaAFN+Id/PFW1KOGinbPXmSBlbwxmrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODkt
MjU0NTVhOGRkZDQ1LzEvUlhHNlFGdE44NElaY2JKbldfcGEwMW00aDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODktMjU0NTVhOGRkZDQ1
LzEvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT6swAwQE
vKxgMA0EAgACMAcDBQMqCqDAMA0GCSqGSIb3DQEBCwUAA4IBAQCRxN94/uAPrR74
GUED7FVUZbTUbxE9sUx4Gw4DPNX01Zy83eyZvwVWksmhnsHgQXleGZE0XXGvWNt4
zVJuzF5i7GlkmCWTovAAAMn+0jKBPp2L8BNv+EwkYAucjk8zN49bphLul9SkldqE
2s1zYj+o5s91tQK9r6N3mBgyXIxP4cq6EZq3M2JmN/GzJgaWmX54gDRlwtKZyCeD
L4zliHNOTwezOaReLEtMW2GOI9ADdWP04sDfoBWHAi4YIOBqRcaHk2afZjMVjG8E
nQGVHqgplfAySZz6xsJ0D1TMTvudJBAB1CiI0ki70dbRT1pJRl1rX9OW2aLkCKAQ
nt17O6ey
-----END CERTIFICATE-----
Generated at Sun May 26 04:39:17 2024 by rpki-client on console-fra.rpki-client.org