Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/D4hFJyzk1Ep3lyZXkgC-2QsDdLA.roa
File: D4hFJyzk1Ep3lyZXkgC-2QsDdLA.roa (raw, json)
Hash identifier: qX/jV7tuW3a8y3cLhSSRNQdbS9xd2YujjIt5qKN4DR4=
Subject key identifier: 0F:88:45:27:2C:E4:D4:4A:77:97:26:57:92:00:BE:D9:0B:03:74:B0
Certificate issuer: /CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae
Certificate serial: 0192B056B4DF94B445FC88B145454ED5F932
Authority key identifier: 72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/D4hFJyzk1Ep3lyZXkgC-2QsDdLA.roa
Signing time: Mon 21 Oct 2024 18:28:45 +0000
ROA not before: Mon 21 Oct 2024 18:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43458
IP address blocks: 213.159.136.0/24 maxlen: 24
213.159.137.0/24 maxlen: 24
213.159.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b0:56:b4:df:94:b4:45:fc:88:b1:45:45:4e:d5:f9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae
Validity
Not Before: Oct 21 18:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f8845272ce4d44a779726579200bed90b0374b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:0c:57:25:a0:1f:5b:0c:8e:87:07:28:36:ef:
48:c5:54:7a:47:29:64:de:7e:02:92:a3:39:1d:b5:
5d:fe:86:9e:31:b6:6e:19:8f:57:b7:1d:c5:23:dc:
17:7e:5e:f7:13:44:5a:25:71:9f:99:96:de:91:b2:
1f:83:aa:a4:6e:d9:d5:dd:c2:f4:78:6a:f3:16:f1:
63:af:a9:2b:f4:90:bb:91:9b:97:2c:77:f4:a2:7a:
fc:98:9c:54:ee:53:38:dc:45:e2:df:f8:19:68:3a:
c7:c2:87:9e:50:02:56:5d:bc:c2:d2:88:fd:d5:9e:
68:24:43:48:0b:b2:d0:f7:67:2f:bc:46:78:a9:a6:
e9:24:db:c6:fb:2d:69:bb:e0:18:95:d8:64:5e:6e:
32:a0:30:21:21:73:2d:67:06:c2:8d:de:18:f1:43:
08:e5:9b:de:e9:5a:ba:a7:78:7c:7d:d3:b7:ef:72:
cc:dd:4d:f4:7b:3c:09:b6:84:d3:27:84:96:38:74:
df:04:b2:1f:a6:f0:20:20:e6:ac:7b:1b:e8:55:49:
55:fe:e8:1a:52:c3:3e:af:9b:d6:3d:9f:1d:93:ca:
9b:fa:6d:94:53:90:6b:a5:ef:d6:82:d7:2e:15:1b:
9e:ed:68:a0:81:e6:23:1c:e9:58:b3:b8:18:b8:1d:
e7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:88:45:27:2C:E4:D4:4A:77:97:26:57:92:00:BE:D9:0B:03:74:B0
X509v3 Authority Key Identifier:
keyid:72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/D4hFJyzk1Ep3lyZXkgC-2QsDdLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.159.136.0-213.159.138.255
Signature Algorithm: sha256WithRSAEncryption
02:c5:9b:c9:5c:26:73:86:16:42:d6:fa:b6:42:42:1c:79:13:
d7:ac:ff:bf:33:c6:5d:d0:eb:12:83:d4:06:88:fb:d2:61:c3:
49:41:23:08:5c:5e:8c:9e:4c:38:29:80:a6:7f:27:5c:bb:2d:
85:3a:e5:67:69:a6:c2:dc:11:3f:37:b5:d3:27:74:d3:91:dc:
d2:0b:e9:8e:3b:bb:39:1f:c0:b2:21:d8:df:a9:ae:53:3f:90:
52:2c:ab:c9:c1:a9:8b:90:ea:78:48:72:2e:f0:c2:af:a7:25:
d2:8e:fd:7c:9f:dd:02:65:1a:90:a3:74:7f:a2:90:8b:fb:ab:
6c:36:d9:53:86:a8:1d:65:f2:b3:79:6e:e0:c0:33:fe:57:40:
cb:f9:a2:54:35:f0:9e:80:82:ab:af:59:5f:68:64:6d:f2:9f:
7c:c2:e5:d7:1d:75:cb:6b:cd:6e:d1:6b:e8:88:1c:97:6e:b7:
e6:f8:f2:be:46:4c:4c:98:61:3f:08:4e:52:cd:34:93:13:db:
84:10:7d:b5:0a:44:1e:5a:5e:b5:05:f7:cb:c1:2d:29:45:36:
35:f2:41:84:b8:46:ae:44:02:5c:4d:6d:50:7c:0e:19:b7:50:
e5:24:92:6d:d1:25:21:58:fd:1c:25:14:79:cf:74:fc:e1:94:
48:5e:26:55
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZKwVrTflLRF/IixRUVO1fkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYmJkMmZhMTgzMTk2MzllMjVmZmJmNGJkYmZhMDA4NjYw
MTU4YWUwHhcNMjQxMDIxMTgyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjg4NDUyNzJjZTRkNDRhNzc5NzI2NTc5MjAwYmVkOTBiMDM3NGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AxXJaAfWwyOhwcoNu9IxVR6Rylk
3n4CkqM5HbVd/oaeMbZuGY9Xtx3FI9wXfl73E0RaJXGfmZbekbIfg6qkbtnV3cL0
eGrzFvFjr6kr9JC7kZuXLHf0onr8mJxU7lM43EXi3/gZaDrHwoeeUAJWXbzC0oj9
1Z5oJENIC7LQ92cvvEZ4qabpJNvG+y1pu+AYldhkXm4yoDAhIXMtZwbCjd4Y8UMI
5Zve6Vq6p3h8fdO373LM3U30ezwJtoTTJ4SWOHTfBLIfpvAgIOasexvoVUlV/uga
UsM+r5vWPZ8dk8qb+m2UU5Brpe/WgtcuFRue7WiggeYjHOlYs7gYuB3nVQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA+IRScs5NRKd5cmV5IAvtkLA3SwMB8GA1UdIwQY
MBaAFHK70voYMZY54l/79L2/oAhmAViuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgt
MGFmMmU1NDE2NDZjLzEvRDRoRkp5emsxRXAzbHlaWGtnQy0yUXNEZExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgtMGFmMmU1NDE2NDZj
LzEvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPVn4gD
BADVn4owDQYJKoZIhvcNAQELBQADggEBAALFm8lcJnOGFkLW+rZCQhx5E9es/78z
xl3Q6xKD1AaI+9Jhw0lBIwhcXoyeTDgpgKZ/J1y7LYU65WdppsLcET83tdMndNOR
3NIL6Y47uzkfwLIh2N+prlM/kFIsq8nBqYuQ6nhIci7wwq+nJdKO/Xyf3QJlGpCj
dH+ikIv7q2w22VOGqB1l8rN5buDAM/5XQMv5olQ18J6AgquvWV9oZG3yn3zC5dcd
dctrzW7Ra+iIHJdut+b48r5GTEyYYT8ITlLNNJMT24QQfbUKRB5aXrUF98vBLSlF
NjXyQYS4Rq5EAlxNbVB8Dhm3UOUkkm3RJSFY/RwlFHnPdPzhlEheJlU=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:42:57 2024 by rpki-client on console-fra.rpki-client.org