Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/dsxBl_1qVWPa_Nm-olnZAZS_h9g.roa
File: dsxBl_1qVWPa_Nm-olnZAZS_h9g.roa (raw, json)
Hash identifier: gUd1Otc441/nhzKDxntNXT99+P/XPbx3w9qzbkuYfSw=
Subject key identifier: 76:CC:41:97:FD:6A:55:63:DA:FC:D9:BE:A2:59:D9:01:94:BF:87:D8
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EA2E47671DF4363BD028D80F8778664DE
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/dsxBl_1qVWPa_Nm-olnZAZS_h9g.roa
Signing time: Wed 03 Apr 2024 07:37:45 +0000
ROA not before: Wed 03 Apr 2024 07:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44467
IP address blocks: 83.239.44.0/22 maxlen: 22
83.239.45.0/24 maxlen: 24
83.239.46.0/23 maxlen: 23
85.173.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:e4:76:71:df:43:63:bd:02:8d:80:f8:77:86:64:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 3 07:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76cc4197fd6a5563dafcd9bea259d90194bf87d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:de:ce:44:3b:71:d9:35:31:d6:6e:9f:ca:d3:
14:ec:bf:af:9b:cb:ac:e5:13:ea:a0:8a:c2:9e:63:
12:30:6b:3e:6f:60:b5:4f:8e:3b:de:49:6c:f2:22:
7e:d8:66:d8:c1:d5:d2:f2:ce:75:6f:c1:ee:77:43:
ab:30:14:e5:a0:50:78:68:71:86:c7:78:12:3a:2e:
88:92:a6:84:88:58:40:02:a0:9a:62:1f:cb:4b:c1:
7d:a6:af:97:75:07:b5:13:34:9c:55:95:8a:ee:90:
cf:d8:12:0b:91:d2:e5:e6:11:1c:f8:50:ae:c8:17:
46:44:36:88:02:0b:63:f4:c4:eb:f7:cd:7e:02:49:
62:29:f1:c8:1b:00:49:9b:aa:86:a4:d3:d7:8a:ce:
03:ec:d9:7b:cd:05:09:69:8b:4d:dc:7d:f2:5a:15:
66:8d:d6:fb:e7:05:2c:0d:8b:2b:e7:fd:52:82:fe:
e5:ea:af:0e:23:98:4a:00:32:ff:bd:d5:ec:5a:0c:
82:10:41:e7:30:da:7b:40:17:76:aa:66:91:34:eb:
cb:9a:ea:e8:1a:5b:e9:5e:dc:ad:f0:3d:57:95:d4:
a6:55:57:ac:51:41:b8:4e:b6:e6:6d:99:eb:43:10:
32:1d:47:06:b6:0e:29:06:b0:18:1e:23:5e:f5:f5:
a1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CC:41:97:FD:6A:55:63:DA:FC:D9:BE:A2:59:D9:01:94:BF:87:D8
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/dsxBl_1qVWPa_Nm-olnZAZS_h9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.44.0/22
85.173.3.0/24
Signature Algorithm: sha256WithRSAEncryption
77:a5:a3:dc:02:7d:60:60:97:e3:10:bc:a3:ca:51:a1:0a:c1:
0b:d8:6f:ec:94:d9:7a:17:36:bb:e1:41:b5:92:2c:5d:15:28:
67:bd:62:1c:de:1e:11:94:de:98:8c:63:dd:79:b6:7a:38:80:
93:dd:bf:71:3e:80:f3:62:8e:ee:17:da:89:bf:95:fe:f0:fc:
9b:4c:e0:a1:92:e5:54:a7:5a:48:eb:04:24:5f:b7:86:9d:be:
51:a4:ac:0a:ed:62:7a:50:ee:a2:2a:4e:11:a2:e8:14:ef:06:
b7:5c:a2:25:c9:bb:e2:a8:a5:aa:ef:ce:39:c3:df:2b:fd:31:
34:b5:5c:79:04:e5:d4:fa:e3:c8:df:95:e0:da:16:44:e8:d6:
93:a4:f9:2a:d0:82:4d:c0:4b:80:89:d4:5a:22:61:cb:10:a2:
2f:b8:42:92:a6:2e:d5:35:2a:4c:90:46:c6:47:83:b9:10:b3:
b4:13:c2:86:3a:d7:52:dd:6c:08:f9:62:ef:dc:11:40:10:a1:
8c:00:0d:50:24:ec:2c:09:4d:14:c2:34:71:f1:a3:f1:13:0f:
65:c4:59:ef:07:5e:8f:c9:c6:5d:07:33:5b:17:6e:10:05:21:
ab:46:02:b1:d8:c7:3d:24:07:66:a8:87:9e:58:4e:cf:b8:63:
16:9b:4d:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6i5HZx30NjvQKNgPh3hmTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDAzMDczNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmNjNDE5N2ZkNmE1NTYzZGFmY2Q5YmVhMjU5ZDkwMTk0YmY4N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh97ORDtx2TUx1m6fytMU7L+vm8us
5RPqoIrCnmMSMGs+b2C1T4473kls8iJ+2GbYwdXS8s51b8Hud0OrMBTloFB4aHGG
x3gSOi6IkqaEiFhAAqCaYh/LS8F9pq+XdQe1EzScVZWK7pDP2BILkdLl5hEc+FCu
yBdGRDaIAgtj9MTr981+AkliKfHIGwBJm6qGpNPXis4D7Nl7zQUJaYtN3H3yWhVm
jdb75wUsDYsr5/1Sgv7l6q8OI5hKADL/vdXsWgyCEEHnMNp7QBd2qmaRNOvLmuro
GlvpXtyt8D1XldSmVVesUUG4TrbmbZnrQxAyHUcGtg4pBrAYHiNe9fWhaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHbMQZf9alVj2vzZvqJZ2QGUv4fYMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZHN4QmxfMXFWV1BhX05tLW9sblpBWlNfaDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCU+8sAwQA
Va0DMA0GCSqGSIb3DQEBCwUAA4IBAQB3paPcAn1gYJfjELyjylGhCsEL2G/slNl6
Fza74UG1kixdFShnvWIc3h4RlN6YjGPdebZ6OICT3b9xPoDzYo7uF9qJv5X+8Pyb
TOChkuVUp1pI6wQkX7eGnb5RpKwK7WJ6UO6iKk4RougU7wa3XKIlybviqKWq7845
w98r/TE0tVx5BOXU+uPI35Xg2hZE6NaTpPkq0IJNwEuAidRaImHLEKIvuEKSpi7V
NSpMkEbGR4O5ELO0E8KGOtdS3WwI+WLv3BFAEKGMAA1QJOwsCU0UwjRx8aPxEw9l
xFnvB16PycZdBzNbF24QBSGrRgKx2Mc9JAdmqIeeWE7PuGMWm016
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:23:17 2024 by rpki-client on console-fra.rpki-client.org