Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kVFXlQvauiJ6ls3aQjgILoca67E.roa
File: kVFXlQvauiJ6ls3aQjgILoca67E.roa (raw, json)
Hash identifier: et/GBDlsoeEPtehm5Vdy5DyHJxHt1jU6ep5n87NkfsI=
Subject key identifier: 91:51:57:95:0B:DA:BA:22:7A:96:CD:DA:42:38:08:2E:87:1A:EB:B1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F66CFF916734A99537F6410EB7AFB97EA
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kVFXlQvauiJ6ls3aQjgILoca67E.roa
Signing time: Sat 11 May 2024 08:40:56 +0000
ROA not before: Sat 11 May 2024 08:40:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212025
IP address blocks: 193.124.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 17:32:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:66:cf:f9:16:73:4a:99:53:7f:64:10:eb:7a:fb:97:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 11 08:40:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=915157950bdaba227a96cdda4238082e871aebb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f5:29:61:11:7e:e7:d9:2e:fa:da:7d:1b:51:
57:d2:73:60:7f:2a:d9:7b:b4:d1:13:5c:ff:34:cd:
5c:6b:c7:3f:0d:72:a6:6f:e3:2f:d1:2a:c4:90:49:
87:a8:f7:b7:17:da:93:70:6e:2a:84:9b:ac:46:fe:
55:cf:1a:43:d4:92:b1:e7:1d:7e:02:c0:c5:cf:04:
b8:6b:f5:ab:17:1e:42:bd:3d:aa:6d:42:5b:30:c1:
c3:e9:ea:19:00:bc:37:d4:f6:8d:46:96:ff:57:1b:
eb:4f:09:41:72:1f:c7:46:96:c1:93:7a:01:72:b9:
e1:58:09:a2:54:6a:d2:c1:67:44:5b:eb:97:14:6e:
64:b9:61:21:21:d4:f1:08:f3:51:fc:f7:d8:85:96:
56:7a:de:00:0f:4f:16:ff:5d:28:e5:71:ff:31:73:
93:e6:21:2b:9e:ae:ea:fc:9e:78:e6:53:6d:4a:99:
d3:ee:d8:72:86:56:c2:8c:7d:2a:55:b4:56:17:4e:
14:71:5f:ef:7e:7f:12:4a:c5:f1:f7:a7:75:17:fb:
2c:cc:f9:29:56:1b:e3:55:3a:6f:0b:c9:d2:59:91:
93:b5:ec:94:53:84:b7:2f:f0:e2:96:27:7c:ad:74:
32:3a:6b:63:55:93:04:c3:3c:27:bf:da:36:79:71:
e9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:51:57:95:0B:DA:BA:22:7A:96:CD:DA:42:38:08:2E:87:1A:EB:B1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kVFXlQvauiJ6ls3aQjgILoca67E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.207.0/24
Signature Algorithm: sha256WithRSAEncryption
93:af:45:89:4a:6e:00:9a:45:7f:37:80:3f:36:72:4e:4c:69:
18:d5:89:98:ef:47:e0:49:06:94:f7:8f:82:30:98:b4:ff:11:
1c:b2:e9:cd:d3:76:51:de:2e:ed:d2:41:28:4e:ad:37:b7:5f:
85:87:10:d6:5a:12:42:7a:2b:0f:ae:50:06:a4:86:30:e8:0b:
54:c5:e6:da:aa:59:44:ba:e1:d5:14:b1:95:03:34:b1:46:7a:
55:10:1e:06:74:db:b1:fe:c5:95:5a:a2:42:d9:2b:32:94:df:
33:52:0c:35:7a:94:7f:61:4b:f6:c6:4e:35:5f:40:bf:7f:ca:
a9:41:6f:e7:86:61:c7:37:4f:80:11:1f:a0:d2:7d:35:d9:90:
02:c9:b9:b3:70:c3:f6:94:d5:1f:d0:77:6c:62:b0:5b:6a:66:
7c:e5:a0:be:95:48:a4:a4:fa:0e:6c:2b:5c:56:83:97:71:31:
90:71:b4:a9:69:dd:6d:fe:c1:62:24:ab:f5:c1:f9:9b:e7:75:
96:1b:19:68:b4:96:53:41:92:40:2e:4b:7c:8d:af:15:a3:54:
c2:d6:6c:1b:f4:a0:60:72:a8:e0:c1:bf:10:78:0a:a5:3c:20:
99:eb:ff:3d:97:27:51:35:1a:ac:ef:77:0c:76:2b:40:34:bc:
13:ac:b8:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9mz/kWc0qZU39kEOt6+5fqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTExMDg0MDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTUxNTc5NTBiZGFiYTIyN2E5NmNkZGE0MjM4MDgyZTg3MWFlYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvUpYRF+59ku+tp9G1FX0nNgfyrZ
e7TRE1z/NM1ca8c/DXKmb+Mv0SrEkEmHqPe3F9qTcG4qhJusRv5VzxpD1JKx5x1+
AsDFzwS4a/WrFx5CvT2qbUJbMMHD6eoZALw31PaNRpb/VxvrTwlBch/HRpbBk3oB
crnhWAmiVGrSwWdEW+uXFG5kuWEhIdTxCPNR/PfYhZZWet4AD08W/10o5XH/MXOT
5iErnq7q/J545lNtSpnT7thyhlbCjH0qVbRWF04UcV/vfn8SSsXx96d1F/sszPkp
VhvjVTpvC8nSWZGTteyUU4S3L/Dilid8rXQyOmtjVZMEwzwnv9o2eXHpcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFRV5UL2roiepbN2kI4CC6HGuuxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva1ZGWGxRdmF1aUo2bHMzYVFqZ0lMb2NhNjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXzPMA0G
CSqGSIb3DQEBCwUAA4IBAQCTr0WJSm4AmkV/N4A/NnJOTGkY1YmY70fgSQaU94+C
MJi0/xEcsunN03ZR3i7t0kEoTq03t1+FhxDWWhJCeisPrlAGpIYw6AtUxebaqllE
uuHVFLGVAzSxRnpVEB4GdNux/sWVWqJC2SsylN8zUgw1epR/YUv2xk41X0C/f8qp
QW/nhmHHN0+AER+g0n012ZACybmzcMP2lNUf0HdsYrBbamZ85aC+lUikpPoObCtc
VoOXcTGQcbSpad1t/sFiJKv1wfmb53WWGxlotJZTQZJALkt8ja8Vo1TC1mwb9KBg
cqjgwb8QeAqlPCCZ6/89lydRNRqs73cMditANLwTrLhl
-----END CERTIFICATE-----
Generated at Tue Oct 15 02:13:10 2024 by rpki-client on console-fra.rpki-client.org