Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/XplbbbOfgxCl7S0rpiOhg3lU4E0.roa
File: XplbbbOfgxCl7S0rpiOhg3lU4E0.roa (raw, json)
Hash identifier: N1s6PUfPNghPnM+aq3DfiJSV5xoHjTLW5zAF40j7X5o=
Subject key identifier: 5E:99:5B:6D:B3:9F:83:10:A5:ED:2D:2B:A6:23:A1:83:79:54:E0:4D
Certificate issuer: /CN=1ef9312cea5aa7438b4d90c0836c82f050a2a00a
Certificate serial: 018CC6B92713F27D0360068B225BCAE4D6B2
Authority key identifier: 1E:F9:31:2C:EA:5A:A7:43:8B:4D:90:C0:83:6C:82:F0:50:A2:A0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/XplbbbOfgxCl7S0rpiOhg3lU4E0.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53550
IP address blocks: 77.111.208.0/22 maxlen: 24
185.37.220.0/22 maxlen: 24
2a00:fa60::/32 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/HvkxLOpap0OLTZDAg2yC8FCioAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/HvkxLOpap0OLTZDAg2yC8FCioAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:27:13:f2:7d:03:60:06:8b:22:5b:ca:e4:d6:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ef9312cea5aa7438b4d90c0836c82f050a2a00a
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e995b6db39f8310a5ed2d2ba623a1837954e04d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e3:03:a6:39:9b:56:05:78:d1:f7:06:b9:d2:
a0:0e:e0:a6:17:8f:03:18:bc:e7:e0:90:0e:60:86:
3e:93:6a:03:c1:65:fa:42:6a:db:cd:5b:4e:10:fd:
81:47:71:b7:c1:cb:52:cb:fa:b2:22:30:da:4f:ba:
30:43:c3:34:3b:6b:c0:91:5b:34:35:88:57:49:05:
f7:2a:4f:f3:e2:b3:2f:eb:71:5f:bc:bd:07:0c:b6:
22:a0:2d:f7:81:7f:5f:86:a8:a7:57:d8:f7:8f:4e:
e1:a0:51:7c:7a:b5:71:73:85:c2:67:2d:6b:31:16:
5e:d5:4f:c2:da:8b:dc:5b:03:cd:33:cc:1e:21:aa:
da:ea:9d:0d:34:f4:a4:8c:78:0b:6b:cc:04:3a:8d:
c1:ee:f4:02:5c:0e:70:c1:9e:5b:d4:b5:27:b1:1e:
fd:ff:a6:d5:03:99:5b:b9:e8:8d:55:e1:e9:39:bb:
15:a0:0a:f7:59:7c:b5:c0:ad:fa:06:ab:74:e6:4d:
25:ff:85:98:a3:bf:0e:60:fc:cd:ae:ba:08:04:59:
b8:1d:f8:d4:38:a6:40:e3:b3:4e:c9:97:90:e8:41:
ea:fc:c0:4f:2b:d8:a2:f1:dd:39:26:17:c7:6e:a8:
7a:c8:a8:cb:97:ff:fd:ed:ec:a5:63:15:77:2b:ec:
f7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:99:5B:6D:B3:9F:83:10:A5:ED:2D:2B:A6:23:A1:83:79:54:E0:4D
X509v3 Authority Key Identifier:
keyid:1E:F9:31:2C:EA:5A:A7:43:8B:4D:90:C0:83:6C:82:F0:50:A2:A0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/XplbbbOfgxCl7S0rpiOhg3lU4E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/HvkxLOpap0OLTZDAg2yC8FCioAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.208.0/22
185.37.220.0/22
IPv6:
2a00:fa60::/32
Signature Algorithm: sha256WithRSAEncryption
09:78:a0:13:f7:e7:f3:86:60:05:c8:5c:30:ea:95:44:7a:d4:
85:e3:db:be:99:c7:19:7b:a8:eb:fe:2e:12:09:ad:37:bb:c6:
61:bc:65:73:38:4b:d8:46:fa:a8:d4:7b:f2:88:c4:10:34:04:
52:7c:9d:0a:14:c9:af:ca:99:0d:9b:c2:ba:c4:95:44:da:02:
c7:64:20:fc:21:3a:5b:4b:00:2b:b0:19:f2:26:54:d5:c5:ba:
77:8e:ae:df:fa:76:88:e9:f6:72:21:21:71:e0:3b:4b:b2:f0:
63:28:03:24:ec:cc:24:55:3a:b4:31:36:c9:f9:88:de:35:16:
42:2e:c7:db:bf:b4:df:ce:d1:92:de:91:dd:11:03:c1:04:61:
db:61:29:b3:85:6f:73:80:9c:7a:66:cd:d7:1e:a3:e2:81:c6:
19:02:25:3e:b6:09:df:9d:ea:f0:d8:9d:6a:e6:62:e7:5f:22:
d9:15:22:1e:18:2d:ae:59:99:05:21:ff:20:50:b4:3e:99:aa:
c5:e8:7c:b0:14:0c:41:45:69:15:f9:79:09:e8:6c:21:0c:cd:
a4:82:22:d3:88:d7:a4:83:c9:a9:08:b8:6f:97:e9:ea:4f:0e:
0b:7d:ce:96:45:eb:7b:13:ec:85:94:47:fd:21:ce:c4:4c:de:
87:5b:5e:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuScT8n0DYAaLIlvK5NayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjkzMTJjZWE1YWE3NDM4YjRkOTBjMDgzNmM4MmYwNTBh
MmEwMGEwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTk5NWI2ZGIzOWY4MzEwYTVlZDJkMmJhNjIzYTE4Mzc5NTRlMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+MDpjmbVgV40fcGudKgDuCmF48D
GLzn4JAOYIY+k2oDwWX6QmrbzVtOEP2BR3G3wctSy/qyIjDaT7owQ8M0O2vAkVs0
NYhXSQX3Kk/z4rMv63FfvL0HDLYioC33gX9fhqinV9j3j07hoFF8erVxc4XCZy1r
MRZe1U/C2ovcWwPNM8weIara6p0NNPSkjHgLa8wEOo3B7vQCXA5wwZ5b1LUnsR79
/6bVA5lbueiNVeHpObsVoAr3WXy1wK36Bqt05k0l/4WYo78OYPzNrroIBFm4HfjU
OKZA47NOyZeQ6EHq/MBPK9ii8d05JhfHbqh6yKjLl//97eylYxV3K+z3jQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF6ZW22zn4MQpe0tK6YjoYN5VOBNMB8GA1UdIwQY
MBaAFB75MSzqWqdDi02QwINsgvBQoqAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZreExPcGFwME9MVFpEQWcyeUM4RkNpb0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9lODQ0ZTgtZDJmMC00NTE0LWI0MDUt
MGI4MDFiZjgwZDUzLzEvWHBsYmJiT2ZneENsN1MwcnBpT2hnM2xVNEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9lODQ0ZTgtZDJmMC00NTE0LWI0MDUtMGI4MDFiZjgwZDUz
LzEvSHZreExPcGFwME9MVFpEQWcyeUM4RkNpb0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTW/QAwQC
uSXcMA0EAgACMAcDBQAqAPpgMA0GCSqGSIb3DQEBCwUAA4IBAQAJeKAT9+fzhmAF
yFww6pVEetSF49u+mccZe6jr/i4SCa03u8ZhvGVzOEvYRvqo1HvyiMQQNARSfJ0K
FMmvypkNm8K6xJVE2gLHZCD8ITpbSwArsBnyJlTVxbp3jq7f+naI6fZyISFx4DtL
svBjKAMk7MwkVTq0MTbJ+YjeNRZCLsfbv7TfztGS3pHdEQPBBGHbYSmzhW9zgJx6
Zs3XHqPigcYZAiU+tgnfnerw2J1q5mLnXyLZFSIeGC2uWZkFIf8gULQ+marF6Hyw
FAxBRWkV+XkJ6GwhDM2kgiLTiNekg8mpCLhvl+nqTw4Lfc6WRet7E+yFlEf9Ic7E
TN6HW14V
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:53:41 2024 by rpki-client on console-ams.rpki-client.org