Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4xDWwS0UkIXWFaGmrCwUHm_qyl4.roa
File: 4xDWwS0UkIXWFaGmrCwUHm_qyl4.roa (raw, json)
Hash identifier: MsH3w0c0qtri6Kixu5s18Hl+WCZK/MDGTT4vIRLg2to=
Subject key identifier: E3:10:D6:C1:2D:14:90:85:D6:15:A1:A6:AC:2C:14:1E:6F:EA:CA:5E
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC80205CDC7FB6786CAB442A1E8B53B82
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4xDWwS0UkIXWFaGmrCwUHm_qyl4.roa
Signing time: Tue 02 Jan 2024 02:30:24 +0000
ROA not before: Tue 02 Jan 2024 02:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42362
IP address blocks: 83.239.208.0/20 maxlen: 20
85.172.224.0/20 maxlen: 20
85.172.128.0/19 maxlen: 19
85.172.240.0/20 maxlen: 20
85.173.224.0/19 maxlen: 19
85.173.32.0/19 maxlen: 19
85.172.192.0/21 maxlen: 21
83.239.192.0/21 maxlen: 21
85.172.200.0/22 maxlen: 22
85.172.208.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:05:cd:c7:fb:67:86:ca:b4:42:a1:e8:b5:3b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e310d6c12d149085d615a1a6ac2c141e6feaca5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:47:ed:89:52:6a:0b:5b:a3:e5:cb:bf:2e:fb:
f8:a0:2c:5e:fc:98:4d:40:18:f8:c7:42:a3:47:1c:
f7:bd:a5:e3:4c:04:91:46:69:08:47:4f:aa:7b:c1:
a5:7b:96:8e:af:10:73:86:31:39:86:a4:64:6d:5d:
24:60:da:5b:26:4a:0e:9c:95:25:73:95:d9:5d:f7:
70:e1:7b:e1:07:eb:45:25:c9:0d:72:52:0d:87:82:
6d:bc:fd:e4:69:6c:bb:c3:c6:d2:a3:b2:b4:e6:a5:
2b:b3:30:b4:e2:f9:18:37:43:07:35:5a:5f:68:4e:
2c:41:f7:e8:67:fa:68:52:de:52:0f:2c:9c:38:ab:
19:9b:e5:b4:be:1d:b4:7f:45:51:91:f3:19:fb:2b:
de:53:c2:5f:5d:78:22:36:3a:47:96:09:89:30:be:
8d:65:e1:40:37:72:ea:fd:12:84:99:8a:eb:c4:ce:
2d:28:3b:29:64:d6:b3:bf:aa:cf:2f:82:fd:20:0c:
57:6a:b5:44:e8:aa:cc:cc:7f:0c:57:e8:99:2e:53:
79:6e:71:00:34:21:b6:a7:11:a2:77:b3:c0:1a:32:
8f:9e:30:df:4f:e1:f1:91:c8:37:51:95:9d:7e:f8:
b8:97:ff:e7:36:00:7a:98:d3:92:fc:87:54:2f:f8:
41:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:10:D6:C1:2D:14:90:85:D6:15:A1:A6:AC:2C:14:1E:6F:EA:CA:5E
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/4xDWwS0UkIXWFaGmrCwUHm_qyl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.192.0/21
83.239.208.0/20
85.172.128.0/19
85.172.192.0-85.172.203.255
85.172.208.0-85.172.255.255
85.173.32.0/19
85.173.224.0/19
Signature Algorithm: sha256WithRSAEncryption
52:e0:4a:98:8a:29:c9:1d:de:eb:b7:7f:72:d6:7c:97:4e:69:
f7:d6:ea:42:b8:0b:89:a2:b2:e4:6e:a2:e8:85:34:0f:54:d2:
72:fe:2f:b6:de:7e:1c:dd:97:31:14:18:8a:b6:22:01:82:db:
41:6f:14:14:15:ff:77:ed:09:6e:a2:56:25:26:8d:32:a9:f8:
a1:99:ea:c9:de:62:d2:bc:ea:aa:cf:d5:cc:6e:17:e9:18:26:
bb:de:1a:a3:d2:32:a2:74:e4:e3:87:89:46:23:1f:99:74:04:
ef:19:9f:7f:1d:15:a2:c9:d7:94:b9:9f:54:5d:25:6a:10:36:
fc:17:b9:09:b0:ee:1d:03:eb:61:2d:ae:87:1d:8c:6a:29:78:
ec:2d:f6:dc:3c:e3:ef:5c:31:2c:48:04:04:5c:79:ec:ba:ec:
e1:8e:df:b3:64:6a:b7:d2:6d:71:45:90:fb:f2:f2:5b:12:f7:
43:85:65:bb:ba:45:e7:01:8b:1f:62:58:1b:79:85:aa:92:ee:
7d:95:2d:46:30:b8:e9:38:3b:c1:f1:af:ca:f0:76:3c:87:79:
6d:69:18:c1:df:a0:dc:c0:69:18:b7:05:20:17:9a:62:e5:96:
e3:74:b6:18:f1:6a:c4:10:2a:66:34:c3:ff:f5:fa:1c:b9:8c:
5e:ab:f2:87
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzIAgXNx/tnhsq0QqHotTuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzEwZDZjMTJkMTQ5MDg1ZDYxNWExYTZhYzJjMTQxZTZmZWFjYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUftiVJqC1uj5cu/Lvv4oCxe/JhN
QBj4x0KjRxz3vaXjTASRRmkIR0+qe8Gle5aOrxBzhjE5hqRkbV0kYNpbJkoOnJUl
c5XZXfdw4XvhB+tFJckNclINh4JtvP3kaWy7w8bSo7K05qUrszC04vkYN0MHNVpf
aE4sQffoZ/poUt5SDyycOKsZm+W0vh20f0VRkfMZ+yveU8JfXXgiNjpHlgmJML6N
ZeFAN3Lq/RKEmYrrxM4tKDspZNazv6rPL4L9IAxXarVE6KrMzH8MV+iZLlN5bnEA
NCG2pxGid7PAGjKPnjDfT+Hxkcg3UZWdfvi4l//nNgB6mNOS/IdUL/hBRwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOMQ1sEtFJCF1hWhpqwsFB5v6speMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvNHhEV3dTMFVrSVhXRmFHbXJDd1VIbV9xeWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAATA5AwQDU+/AAwQE
U+/QAwQFVayAMAwDBAZVrMADBAJVrMgwCwMEBFWs0AMDAFWsAwQFVa0gAwQFVa3g
MA0GCSqGSIb3DQEBCwUAA4IBAQBS4EqYiinJHd7rt39y1nyXTmn31upCuAuJorLk
bqLohTQPVNJy/i+23n4c3ZcxFBiKtiIBgttBbxQUFf937QluolYlJo0yqfihmerJ
3mLSvOqqz9XMbhfpGCa73hqj0jKidOTjh4lGIx+ZdATvGZ9/HRWiydeUuZ9UXSVq
EDb8F7kJsO4dA+thLa6HHYxqKXjsLfbcPOPvXDEsSAQEXHnsuuzhjt+zZGq30m1x
RZD78vJbEvdDhWW7ukXnAYsfYlgbeYWqku59lS1GMLjpODvB8a/K8HY8h3ltaRjB
36DcwGkYtwUgF5pi5ZbjdLYY8WrEECpmNMP/9focuYxeq/KH
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:56 2024 by rpki-client on console-ams.rpki-client.org