Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/K4QiKCBCDVJNwj3LyfcbIMw_rKE.roa
File: K4QiKCBCDVJNwj3LyfcbIMw_rKE.roa (raw, json)
Hash identifier: b6+PypL9ti9hIT0yeSg40quGYOT605m+sImk4ubc57w=
Subject key identifier: 2B:84:22:28:20:42:0D:52:4D:C2:3D:CB:C9:F7:1B:20:CC:3F:AC:A1
Certificate issuer: /CN=65282bf52bfb80f1106b3c0ecdfa1a5433305086
Certificate serial: 018CC5DBEFC08DB8262882C22B807415EBBB
Authority key identifier: 65:28:2B:F5:2B:FB:80:F1:10:6B:3C:0E:CD:FA:1A:54:33:30:50:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/K4QiKCBCDVJNwj3LyfcbIMw_rKE.roa
Signing time: Mon 01 Jan 2024 16:29:34 +0000
ROA not before: Mon 01 Jan 2024 16:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196864
IP address blocks: 193.93.169.0/24 maxlen: 24
193.93.168.0/22 maxlen: 22
193.93.168.0/24 maxlen: 24
193.93.171.0/24 maxlen: 24
193.93.170.0/24 maxlen: 24
2001:67c:1908::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ef:c0:8d:b8:26:28:82:c2:2b:80:74:15:eb:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65282bf52bfb80f1106b3c0ecdfa1a5433305086
Validity
Not Before: Jan 1 16:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b84222820420d524dc23dcbc9f71b20cc3faca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1b:6e:f7:77:c3:ea:b5:07:55:ef:7a:f2:d7:
c7:72:90:ed:1e:1e:2b:ff:4e:c0:c4:33:fc:8d:0c:
07:29:f4:2f:a6:2a:25:5e:84:ca:d0:50:36:ab:5f:
b1:78:de:a2:92:a0:35:d8:51:2d:db:99:02:aa:d6:
a1:fa:ec:49:3e:dd:e9:ed:7e:a4:ad:31:af:bc:e8:
00:3a:f9:45:4c:4a:b1:66:b8:04:cd:54:4c:5e:a6:
49:48:30:ac:22:86:de:a7:7e:8f:2c:68:61:93:2f:
50:17:16:2f:d5:86:d0:54:03:77:4b:07:54:af:aa:
0a:86:26:a4:b1:c1:39:b7:c5:b7:b3:d6:83:b8:55:
74:56:a5:29:19:ad:bf:1c:35:ae:45:85:54:63:93:
42:0f:0c:3a:65:23:52:01:1f:99:0e:20:cf:97:c2:
29:96:76:c5:6c:26:5f:aa:37:d5:54:1d:b8:a9:ee:
f0:e4:5a:ce:77:f0:cc:b9:f7:6a:f6:4f:29:7c:c5:
31:27:cc:de:6b:ae:59:d1:17:47:47:2a:90:5f:3b:
f9:09:20:7b:96:e5:e6:ba:37:59:6b:6f:88:f8:cf:
18:c8:3c:f4:43:ef:a7:1b:43:72:b5:43:f6:0a:ad:
c5:86:39:c6:0c:91:c7:63:3e:84:93:56:3f:ed:04:
92:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:84:22:28:20:42:0D:52:4D:C2:3D:CB:C9:F7:1B:20:CC:3F:AC:A1
X509v3 Authority Key Identifier:
keyid:65:28:2B:F5:2B:FB:80:F1:10:6B:3C:0E:CD:FA:1A:54:33:30:50:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/K4QiKCBCDVJNwj3LyfcbIMw_rKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/dc7e65-9b3b-4135-9db9-0c1e4fdfac5a/1/ZSgr9Sv7gPEQazwOzfoaVDMwUIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.168.0/22
IPv6:
2001:67c:1908::/48
Signature Algorithm: sha256WithRSAEncryption
9a:8b:36:df:4d:10:de:f2:55:10:71:8a:e3:3f:24:36:15:b2:
1a:f3:03:c7:f4:24:95:26:9e:2d:f2:cb:09:91:23:59:45:bc:
4c:ce:0b:28:51:7a:f4:73:63:7f:8b:2b:f7:74:9d:ba:2b:5c:
e3:2f:93:7d:06:55:0e:f8:27:2c:25:71:36:1a:3b:b3:ec:8f:
c1:28:99:0f:26:21:80:ee:da:02:c3:88:f8:ae:01:50:00:cb:
4b:1c:ec:9c:96:17:12:c5:42:4d:7b:81:dd:21:83:27:ec:cc:
0c:9e:7b:07:c5:3b:9d:12:f6:23:47:42:b5:1b:92:d4:7f:2b:
f2:aa:f9:74:8d:6a:3f:5e:e3:b6:e3:6a:c6:d9:9b:35:ee:ad:
28:c2:8f:1c:9d:44:4c:d3:78:32:93:fc:c4:0c:81:3d:51:ed:
d9:95:d9:b6:35:9b:35:23:19:65:01:e4:dd:6d:69:ee:33:e5:
c2:c3:5f:98:6c:0b:54:a7:73:52:84:9b:06:77:78:4b:c0:32:
38:f9:fe:24:77:e0:85:8a:d9:43:d1:33:af:50:d9:75:c2:01:
63:9c:de:10:ea:c9:09:fa:4a:53:ac:64:cc:f2:5e:8c:e8:9f:
8f:dd:2f:61:a8:e9:1a:ad:f7:14:8b:e2:2d:48:5f:af:d6:e8:
2f:bd:03:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF2+/AjbgmKILCK4B0Feu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjgyYmY1MmJmYjgwZjExMDZiM2MwZWNkZmExYTU0MzMz
MDUwODYwHhcNMjQwMTAxMTYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjg0MjIyODIwNDIwZDUyNGRjMjNkY2JjOWY3MWIyMGNjM2ZhY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxtu93fD6rUHVe968tfHcpDtHh4r
/07AxDP8jQwHKfQvpiolXoTK0FA2q1+xeN6ikqA12FEt25kCqtah+uxJPt3p7X6k
rTGvvOgAOvlFTEqxZrgEzVRMXqZJSDCsIobep36PLGhhky9QFxYv1YbQVAN3SwdU
r6oKhiakscE5t8W3s9aDuFV0VqUpGa2/HDWuRYVUY5NCDww6ZSNSAR+ZDiDPl8Ip
lnbFbCZfqjfVVB24qe7w5FrOd/DMufdq9k8pfMUxJ8zea65Z0RdHRyqQXzv5CSB7
luXmujdZa2+I+M8YyDz0Q++nG0NytUP2Cq3FhjnGDJHHYz6Ek1Y/7QSSxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCuEIiggQg1STcI9y8n3GyDMP6yhMB8GA1UdIwQY
MBaAFGUoK/Ur+4DxEGs8Ds36GlQzMFCGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNncjlTdjdnUEVRYXp3T3pmb2FWRE13VUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kYzdlNjUtOWIzYi00MTM1LTlkYjkt
MGMxZTRmZGZhYzVhLzEvSzRRaUtDQkNEVkpOd2ozTHlmY2JJTXdfcktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kYzdlNjUtOWIzYi00MTM1LTlkYjktMGMxZTRmZGZhYzVh
LzEvWlNncjlTdjdnUEVRYXp3T3pmb2FWRE13VUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwV2oMA8E
AgACMAkDBwAgAQZ8GQgwDQYJKoZIhvcNAQELBQADggEBAJqLNt9NEN7yVRBxiuM/
JDYVshrzA8f0JJUmni3yywmRI1lFvEzOCyhRevRzY3+LK/d0nborXOMvk30GVQ74
JywlcTYaO7Psj8EomQ8mIYDu2gLDiPiuAVAAy0sc7JyWFxLFQk17gd0hgyfszAye
ewfFO50S9iNHQrUbktR/K/Kq+XSNaj9e47bjasbZmzXurSjCjxydREzTeDKT/MQM
gT1R7dmV2bY1mzUjGWUB5N1tae4z5cLDX5hsC1Snc1KEmwZ3eEvAMjj5/iR34IWK
2UPRM69Q2XXCAWOc3hDqyQn6SlOsZMzyXozon4/dL2Go6Rqt9xSL4i1IX6/W6C+9
A/U=
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:12:11 2024 by rpki-client on console-fra.rpki-client.org