Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aBaOKo47TOxJ-kjT7_xi_TVf_ck.roa
File: aBaOKo47TOxJ-kjT7_xi_TVf_ck.roa (raw, json)
Hash identifier: m5qj02ckKk5LrLE8WnMnfUTmqpfNFdFYsdobbQgIbEY=
Subject key identifier: 68:16:8E:2A:8E:3B:4C:EC:49:FA:48:D3:EF:FC:62:FD:35:5F:FD:C9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018FEDFACD581B0B45E33787EA5F27734F63
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aBaOKo47TOxJ-kjT7_xi_TVf_ck.roa
Signing time: Thu 06 Jun 2024 14:36:27 +0000
ROA not before: Thu 06 Jun 2024 14:36:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213035
IP address blocks: 194.87.132.0/24 maxlen: 24
195.133.16.0/24 maxlen: 24
212.192.216.0/24 maxlen: 24
212.192.218.0/24 maxlen: 24
212.192.219.0/24 maxlen: 24
212.192.240.0/24 maxlen: 24
212.192.243.0/24 maxlen: 24
212.193.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ed:fa:cd:58:1b:0b:45:e3:37:87:ea:5f:27:73:4f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 6 14:36:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68168e2a8e3b4cec49fa48d3effc62fd355ffdc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f8:94:c8:99:03:e8:9a:91:4b:23:3d:a8:34:
2e:53:f6:70:f3:dc:3a:31:43:50:f3:09:d3:09:cc:
22:45:63:b9:5a:b0:a9:f5:de:95:46:ff:6b:ba:2e:
e5:36:c6:2c:fb:f9:5e:6f:73:20:15:7b:63:fe:b8:
4c:f2:f0:46:6b:5e:46:ae:2b:40:e1:86:58:ab:70:
66:dd:0f:19:95:df:f8:bf:df:58:9f:08:6b:55:0d:
d1:c6:5d:ae:9a:9d:a7:56:a1:aa:56:63:52:37:2c:
5c:a6:39:d1:70:e8:f4:91:02:cf:ea:ab:5c:25:54:
3c:ed:be:6d:b6:fd:cc:ff:28:e6:3f:43:8d:d7:35:
5f:d2:b3:d8:8f:0f:7d:87:4c:37:e5:da:4f:29:6d:
77:17:c1:4a:d2:5f:10:bd:15:9e:33:ee:a3:4a:da:
bb:a1:86:d0:93:1e:06:4c:31:13:e4:09:28:8c:a8:
47:7f:84:ce:5c:3d:35:b9:24:e3:13:3d:ef:ee:94:
e3:e8:96:ab:1f:9e:80:0a:70:8b:5b:57:4a:32:fa:
97:f0:c9:57:bc:0e:2e:e6:cf:c7:26:db:d8:d8:f6:
fe:ff:80:34:d7:5a:be:7d:44:b3:06:0f:95:e1:f3:
55:a4:a5:f7:ef:32:37:f9:51:70:ac:d0:b8:59:eb:
c2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:16:8E:2A:8E:3B:4C:EC:49:FA:48:D3:EF:FC:62:FD:35:5F:FD:C9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/aBaOKo47TOxJ-kjT7_xi_TVf_ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.132.0/24
195.133.16.0/24
212.192.216.0/24
212.192.218.0/23
212.192.240.0/24
212.192.243.0/24
212.193.29.0/24
Signature Algorithm: sha256WithRSAEncryption
15:6b:7e:98:fd:6c:f1:58:19:cc:16:9a:af:77:0a:dd:8d:aa:
0b:12:9e:6b:7b:93:ea:28:b5:51:d3:ca:fc:81:8c:d2:56:77:
4d:43:84:24:b2:5e:d0:22:f5:28:f5:b6:88:a5:73:2e:d1:13:
cf:6b:4c:1a:54:34:67:72:8a:cd:fd:71:90:7c:9d:7b:74:31:
7d:19:e1:31:ec:7f:35:c9:26:75:96:3e:51:79:cc:58:59:e7:
26:f1:98:b5:3a:f4:43:e6:34:50:d1:1a:b7:bb:ed:08:77:fd:
07:89:ee:62:bc:31:b2:5d:d8:a6:1f:7c:59:c2:27:ab:6c:0e:
0a:33:32:c9:80:f3:58:09:a5:1e:71:57:7b:0e:05:d5:50:21:
41:49:6d:46:34:b8:63:ce:36:e7:38:97:5c:0e:d6:c5:1d:44:
92:bc:cd:eb:57:78:07:4c:93:5b:58:6f:6d:64:ec:11:b3:4e:
48:ff:26:17:43:f7:81:4c:76:37:d7:af:04:5d:55:4f:d8:de:
e2:a2:e3:b1:c0:25:3d:d6:3b:47:85:f7:26:ac:63:ec:5b:00:
90:26:9a:49:fd:db:dc:08:45:b8:8b:71:30:7d:78:da:e5:70:
ed:16:48:41:16:bb:ce:85:7d:8c:b6:59:d4:28:de:f5:6f:e9:
05:83:c9:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY/t+s1YGwtF4zeH6l8nc09jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNjA2MTQzNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODE2OGUyYThlM2I0Y2VjNDlmYTQ4ZDNlZmZjNjJmZDM1NWZmZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPiUyJkD6JqRSyM9qDQuU/Zw89w6
MUNQ8wnTCcwiRWO5WrCp9d6VRv9rui7lNsYs+/leb3MgFXtj/rhM8vBGa15GritA
4YZYq3Bm3Q8Zld/4v99YnwhrVQ3Rxl2ump2nVqGqVmNSNyxcpjnRcOj0kQLP6qtc
JVQ87b5ttv3M/yjmP0ON1zVf0rPYjw99h0w35dpPKW13F8FK0l8QvRWeM+6jStq7
oYbQkx4GTDET5AkojKhHf4TOXD01uSTjEz3v7pTj6JarH56ACnCLW1dKMvqX8MlX
vA4u5s/HJtvY2Pb+/4A011q+fUSzBg+V4fNVpKX37zI3+VFwrNC4WevCdQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGgWjiqOO0zsSfpI0+/8Yv01X/3JMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYUJhT0tvNDdUT3hKLWtqVDdfeGlfVFZmX2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwleEAwQA
w4UQAwQA1MDYAwQB1MDaAwQA1MDwAwQA1MDzAwQA1MEdMA0GCSqGSIb3DQEBCwUA
A4IBAQAVa36Y/WzxWBnMFpqvdwrdjaoLEp5re5PqKLVR08r8gYzSVndNQ4Qksl7Q
IvUo9baIpXMu0RPPa0waVDRncorN/XGQfJ17dDF9GeEx7H81ySZ1lj5RecxYWecm
8Zi1OvRD5jRQ0Rq3u+0Id/0Hie5ivDGyXdimH3xZwierbA4KMzLJgPNYCaUecVd7
DgXVUCFBSW1GNLhjzjbnOJdcDtbFHUSSvM3rV3gHTJNbWG9tZOwRs05I/yYXQ/eB
THY3168EXVVP2N7iouOxwCU91jtHhfcmrGPsWwCQJppJ/dvcCEW4i3EwfXja5XDt
FkhBFrvOhX2MtlnUKN71b+kFg8l4
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:03:13 2024 by rpki-client on console-ams.rpki-client.org