Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/k9wDSQwDhbTNX2cybdKmGH3iCTQ.roa
File: k9wDSQwDhbTNX2cybdKmGH3iCTQ.roa (raw, json)
Hash identifier: fa/0WmuBnulsd/5Rn3Ptluamdu0PHBCdEWCwZ+9Ez7A=
Subject key identifier: 93:DC:03:49:0C:03:85:B4:CD:5F:67:32:6D:D2:A6:18:7D:E2:09:34
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018CC79422A6D1045CF8A0713DE9BCA0ED51
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/k9wDSQwDhbTNX2cybdKmGH3iCTQ.roa
Signing time: Tue 02 Jan 2024 00:30:23 +0000
ROA not before: Tue 02 Jan 2024 00:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43463
IP address blocks: 82.135.228.0/22 maxlen: 22
82.135.156.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:22:a6:d1:04:5c:f8:a0:71:3d:e9:bc:a0:ed:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 00:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93dc03490c0385b4cd5f67326dd2a6187de20934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8e:75:54:85:4d:d8:a8:66:07:56:9f:d6:29:
ad:47:c2:9f:a6:4a:10:b9:c6:26:81:4e:cc:09:16:
c8:7b:87:60:bc:8f:68:90:93:04:f7:c2:35:ca:4c:
1a:c4:ec:1f:25:ee:f8:84:eb:eb:07:cc:d5:66:98:
90:89:c9:64:19:9e:42:84:71:5f:23:df:37:e4:d0:
ee:1b:3f:0f:04:dd:68:e8:61:bb:74:a9:a6:3e:a0:
90:24:cf:4e:39:ed:aa:0c:9b:4c:c2:55:9c:f0:74:
ec:8a:65:7a:91:19:f0:49:96:f3:82:95:d7:db:b6:
3f:ca:8c:a3:0d:89:79:81:51:a1:7e:83:cc:bb:f7:
62:34:57:ab:ef:5a:0b:0c:8a:5e:c6:64:c8:32:a3:
4e:7d:6e:31:c1:25:26:20:da:37:ae:17:30:8d:ac:
af:46:6a:bc:84:4e:7a:a6:c5:9d:79:cd:cf:19:98:
9c:b1:26:4a:a4:bc:a8:d1:76:b2:03:7e:dc:50:7f:
22:52:57:82:ba:c6:6e:a6:ae:d3:7a:8e:25:da:ab:
50:ca:cf:d0:b7:e3:d3:f4:16:e8:e0:0c:8a:58:0c:
fd:43:d4:c3:6a:72:e5:5c:90:1a:c7:3b:9f:0e:2f:
ee:2f:d4:fa:6d:16:6a:6c:92:d6:61:bd:b4:f4:b3:
21:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DC:03:49:0C:03:85:B4:CD:5F:67:32:6D:D2:A6:18:7D:E2:09:34
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/k9wDSQwDhbTNX2cybdKmGH3iCTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.135.156.0/23
82.135.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:3e:4d:f2:c4:9c:9c:64:87:f7:36:54:ed:2a:4e:b5:7c:09:
e8:1f:2d:52:61:39:79:b2:79:12:5f:0a:de:26:1b:cc:59:ce:
d4:70:4c:b4:09:dd:b6:7c:f0:8c:a6:e1:d7:f0:64:a3:57:f1:
ef:f4:80:58:64:b4:e4:a0:d4:b2:1d:1e:08:08:3a:94:5a:eb:
57:41:21:f6:40:ba:5f:5c:8c:46:5b:88:7a:18:94:43:ad:4e:
e8:2b:5c:9e:d8:46:be:81:d4:38:91:26:cf:fe:2b:f2:2f:2d:
c3:1f:c3:e8:d0:33:fc:a2:a9:83:82:c0:57:40:a4:ad:37:07:
8f:77:9e:24:67:21:a0:25:00:d6:bb:9f:52:c4:8d:fe:fe:13:
52:bc:d6:ae:09:3d:b7:8e:69:ad:c8:2a:79:33:3e:5a:d0:3e:
64:7e:30:79:dc:de:97:77:73:0b:c6:2f:fa:19:17:c0:03:31:
35:d9:32:41:ce:22:b1:a5:36:e3:6c:12:73:39:5d:0b:07:25:
34:69:4d:a2:b9:11:97:00:97:62:fd:e5:32:cb:73:89:ca:2e:
4e:eb:99:e0:0d:dc:5f:52:d9:39:d9:1a:8a:71:c7:0f:59:0f:
cb:1a:17:d8:a0:d8:06:c2:f7:21:31:22:37:96:c7:5a:54:89:
03:c4:e9:c6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlCKm0QRc+KBxPem8oO1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjQwMTAyMDAzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RjMDM0OTBjMDM4NWI0Y2Q1ZjY3MzI2ZGQyYTYxODdkZTIwOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI51VIVN2KhmB1af1imtR8KfpkoQ
ucYmgU7MCRbIe4dgvI9okJME98I1ykwaxOwfJe74hOvrB8zVZpiQiclkGZ5ChHFf
I9835NDuGz8PBN1o6GG7dKmmPqCQJM9OOe2qDJtMwlWc8HTsimV6kRnwSZbzgpXX
27Y/yoyjDYl5gVGhfoPMu/diNFer71oLDIpexmTIMqNOfW4xwSUmINo3rhcwjayv
Rmq8hE56psWdec3PGZicsSZKpLyo0XayA37cUH8iUleCusZupq7Teo4l2qtQys/Q
t+PT9Bbo4AyKWAz9Q9TDanLlXJAaxzufDi/uL9T6bRZqbJLWYb209LMhVQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJPcA0kMA4W0zV9nMm3Sphh94gk0MB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL2s5d0RTUXdEaGJUTlgyY3liZEttR0gzaUNUUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAFSh5wD
BAJSh+QwDQYJKoZIhvcNAQELBQADggEBAD4+TfLEnJxkh/c2VO0qTrV8CegfLVJh
OXmyeRJfCt4mG8xZztRwTLQJ3bZ88Iym4dfwZKNX8e/0gFhktOSg1LIdHggIOpRa
61dBIfZAul9cjEZbiHoYlEOtTugrXJ7YRr6B1DiRJs/+K/IvLcMfw+jQM/yiqYOC
wFdApK03B493niRnIaAlANa7n1LEjf7+E1K81q4JPbeOaa3IKnkzPlrQPmR+MHnc
3pd3cwvGL/oZF8ADMTXZMkHOIrGlNuNsEnM5XQsHJTRpTaK5EZcAl2L95TLLc4nK
Lk7rmeAN3F9S2TnZGopxxw9ZD8saF9ig2AbC9yExIjeWx1pUiQPE6cY=
-----END CERTIFICATE-----
Generated at Wed May 22 23:46:46 2024 by rpki-client on console-ams.rpki-client.org