Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/avXlMA1z60hG950zPS7u_9owxDg.roa
File: avXlMA1z60hG950zPS7u_9owxDg.roa (raw, json)
Hash identifier: 1M6zSLUHHbu08ab/Tz8EoeS/uBvTxOxe8ZxiZuqCrCI=
Subject key identifier: 6A:F5:E5:30:0D:73:EB:48:46:F7:9D:33:3D:2E:EE:FF:DA:30:C4:38
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0193499BD6FD2E35D1B951062DD4A1B17579
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/avXlMA1z60hG950zPS7u_9owxDg.roa
Signing time: Wed 20 Nov 2024 12:46:10 +0000
ROA not before: Wed 20 Nov 2024 12:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 188.209.156.0/22 maxlen: 24
212.90.100.0/22 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 15:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:9b:d6:fd:2e:35:d1:b9:51:06:2d:d4:a1:b1:75:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 20 12:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6af5e5300d73eb4846f79d333d2eeeffda30c438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ea:f4:95:b6:fe:4d:65:7f:27:24:3a:5d:93:
80:ea:de:71:55:d6:56:c2:f5:45:25:92:c0:87:77:
13:fc:6c:da:cb:c6:d8:c2:06:78:b8:23:8f:c5:81:
fe:b3:0e:e0:f1:25:6c:e7:97:59:e3:d7:9a:8d:cc:
48:ec:8b:3a:8e:79:11:f9:1c:24:89:3d:38:78:39:
33:b8:5d:2b:72:6d:f1:40:4f:b2:ca:91:d4:28:9a:
2b:dc:7c:59:cd:f9:94:9b:55:e0:9e:dc:4d:1f:69:
5d:5f:d0:3f:6c:a2:f3:5d:cf:53:73:60:40:48:1e:
b2:b8:a0:4d:6f:49:96:16:2a:a8:1c:1b:ee:af:23:
dd:8c:21:90:a9:e8:f0:eb:b8:4e:63:16:2d:f8:1b:
8c:2b:33:c2:56:d7:a5:ff:d6:bf:ad:ac:d7:2b:a0:
48:1f:9a:b5:ce:0f:0b:19:9b:ba:88:e8:8d:8d:a2:
0e:73:75:f8:28:a2:85:d7:4e:3a:28:23:d0:64:61:
3d:cf:7b:45:0a:9f:d2:25:6a:34:94:8d:33:a0:26:
74:b9:1a:dd:a0:36:2b:0a:84:a2:3e:b1:c2:2c:4b:
52:b8:3f:44:b0:df:c6:98:99:e3:87:01:b2:22:43:
4f:aa:ad:41:51:65:df:ca:85:0c:d1:78:0e:d8:cc:
ee:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F5:E5:30:0D:73:EB:48:46:F7:9D:33:3D:2E:EE:FF:DA:30:C4:38
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/avXlMA1z60hG950zPS7u_9owxDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.156.0/22
212.90.100.0/22
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
66:fe:a0:36:ad:ad:0a:e7:f9:e1:58:ea:85:12:6c:86:b5:d0:
de:91:14:a2:6d:6a:a6:1b:a9:b6:32:0f:73:27:52:fc:5d:2b:
22:a4:75:27:cb:ac:08:9d:a3:ee:b0:f5:6f:87:24:de:1d:ba:
d1:56:c5:ba:da:8b:ee:03:03:47:0a:df:41:e4:d8:99:ae:6a:
00:07:eb:a5:50:0b:70:3b:a6:db:c3:97:64:cf:04:b1:81:fb:
26:68:ba:7d:7b:d4:94:c3:68:4e:f2:fb:32:df:77:ed:c3:96:
ad:15:ff:aa:68:68:e7:73:97:51:aa:8e:67:48:3d:e9:b0:b0:
8e:80:5e:da:5f:36:1f:24:46:f4:68:c6:09:85:a9:9f:aa:f2:
f2:99:2c:7f:8b:93:66:36:c4:81:e6:7d:9b:69:97:68:2e:11:
c0:a5:a6:8a:d2:d9:c9:74:57:56:6a:bb:1d:c1:a8:b2:ad:49:
27:12:5d:73:fc:83:1d:9f:50:42:e2:01:7d:04:3d:c9:78:98:
36:17:3d:80:2c:10:59:af:5c:d5:6b:20:ff:12:cd:60:fb:a0:
eb:e5:8a:4b:f7:d6:c9:c8:2d:17:8a:1d:68:e5:d3:a2:a0:b1:
3d:0b:5a:ec:c2:a2:42:e9:fd:b4:3a:ba:ea:59:06:92:c7:91:
86:cd:33:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNJm9b9LjXRuVEGLdShsXV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMTIwMTI0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWY1ZTUzMDBkNzNlYjQ4NDZmNzlkMzMzZDJlZWVmZmRhMzBjNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOr0lbb+TWV/JyQ6XZOA6t5xVdZW
wvVFJZLAh3cT/Gzay8bYwgZ4uCOPxYH+sw7g8SVs55dZ49eajcxI7Is6jnkR+Rwk
iT04eDkzuF0rcm3xQE+yypHUKJor3HxZzfmUm1XgntxNH2ldX9A/bKLzXc9Tc2BA
SB6yuKBNb0mWFiqoHBvuryPdjCGQqejw67hOYxYt+BuMKzPCVtel/9a/razXK6BI
H5q1zg8LGZu6iOiNjaIOc3X4KKKF1046KCPQZGE9z3tFCp/SJWo0lI0zoCZ0uRrd
oDYrCoSiPrHCLEtSuD9EsN/GmJnjhwGyIkNPqq1BUWXfyoUM0XgO2MzuGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGr15TANc+tIRvedMz0u7v/aMMQ4MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvYXZYbE1BMXo2MGhHOTUwelBTN3VfOW93eERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCvNGcAwQC
1FpkAwQC1a0gMA0GCSqGSIb3DQEBCwUAA4IBAQBm/qA2ra0K5/nhWOqFEmyGtdDe
kRSibWqmG6m2Mg9zJ1L8XSsipHUny6wInaPusPVvhyTeHbrRVsW62ovuAwNHCt9B
5NiZrmoAB+ulUAtwO6bbw5dkzwSxgfsmaLp9e9SUw2hO8vsy33ftw5atFf+qaGjn
c5dRqo5nSD3psLCOgF7aXzYfJEb0aMYJhamfqvLymSx/i5NmNsSB5n2baZdoLhHA
paaK0tnJdFdWarsdwaiyrUknEl1z/IMdn1BC4gF9BD3JeJg2Fz2ALBBZr1zVayD/
Es1g+6Dr5YpL99bJyC0Xih1o5dOioLE9C1rswqJC6f20OrrqWQaSx5GGzTNP
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:35:28 2024 by rpki-client on console-fra.rpki-client.org