Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/kCJbmjf4kU16aCbBqdApD1zRGH8.roa
File: kCJbmjf4kU16aCbBqdApD1zRGH8.roa (raw, json)
Hash identifier: coEqC3nXBFZnJ7Rau2XICXaAoWASb4MuUpy1F+M3QLI=
Subject key identifier: 90:22:5B:9A:37:F8:91:4D:7A:68:26:C1:A9:D0:29:0F:5C:D1:18:7F
Certificate issuer: /CN=64b59ae521952da55e03f779b885031c0c809cf9
Certificate serial: 018CC5DD0668C3B59C579C54D203BF9EC30B
Authority key identifier: 64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/kCJbmjf4kU16aCbBqdApD1zRGH8.roa
Signing time: Mon 01 Jan 2024 16:30:45 +0000
ROA not before: Mon 01 Jan 2024 16:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210897
IP address blocks: 103.56.172.0/24 maxlen: 24
193.23.125.0/24 maxlen: 24
194.8.135.0/24 maxlen: 24
2a11:2b80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:06:68:c3:b5:9c:57:9c:54:d2:03:bf:9e:c3:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64b59ae521952da55e03f779b885031c0c809cf9
Validity
Not Before: Jan 1 16:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90225b9a37f8914d7a6826c1a9d0290f5cd1187f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d7:9b:e1:9a:85:0b:e6:19:13:42:13:c7:7d:
89:71:18:e5:61:55:c8:e6:ba:51:de:b2:8b:27:0f:
21:bc:93:d4:ff:69:6d:ee:52:f3:e0:49:5c:04:1c:
7c:9f:78:17:45:a4:5d:26:89:f0:e8:5b:80:9f:cb:
8a:14:c3:60:7c:93:c1:26:00:c0:70:de:28:20:36:
54:1b:56:a7:0b:92:6c:a9:d6:1e:ce:07:fa:ca:93:
8b:2c:9e:eb:8d:4c:91:b4:b2:11:ee:d1:f5:1a:d1:
73:9f:eb:ef:51:41:5e:5d:db:c9:3f:a5:ac:78:63:
8d:80:9a:30:bb:f9:f8:1e:5f:8e:2d:d6:c9:1b:4e:
e4:76:0b:29:45:ba:b7:f0:04:c6:ab:f6:d0:40:1b:
39:f3:ac:32:38:83:3b:92:fa:ee:d8:6b:c2:13:87:
c2:70:4c:36:a5:78:be:2d:2f:d0:32:42:8a:ec:d2:
55:a5:5f:70:cf:8b:a3:54:91:6f:7a:3e:fc:73:58:
10:28:0b:d1:c0:6d:c4:b2:05:8a:4a:13:a7:86:03:
19:57:99:41:28:cb:3f:fd:b0:40:0e:c9:b5:8a:7b:
72:50:a2:df:71:30:38:e3:42:66:91:52:e1:63:65:
fb:f4:e1:47:10:56:30:19:16:bb:dc:de:95:ff:dc:
4d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:22:5B:9A:37:F8:91:4D:7A:68:26:C1:A9:D0:29:0F:5C:D1:18:7F
X509v3 Authority Key Identifier:
keyid:64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/kCJbmjf4kU16aCbBqdApD1zRGH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.56.172.0/24
193.23.125.0/24
194.8.135.0/24
IPv6:
2a11:2b80::/32
Signature Algorithm: sha256WithRSAEncryption
74:d6:13:36:b4:76:1b:0d:76:f1:6f:8f:89:2a:e9:c3:29:09:
19:1c:f2:3c:8a:04:d8:0b:2e:27:21:16:64:b8:1c:a5:98:bf:
94:3c:85:fc:42:c7:60:1c:9e:a3:1e:19:ee:0d:c3:91:42:f4:
50:1e:39:88:ca:20:89:34:80:5c:86:6d:58:02:16:d7:3e:64:
13:3a:82:88:d4:40:12:c6:ad:2b:72:7c:9f:f8:0e:b0:56:7f:
5e:62:91:bf:df:e5:5e:5e:d5:ff:b0:23:32:37:0d:bc:54:1e:
f2:08:0a:60:b0:5c:28:f8:5d:04:ba:0a:0a:79:68:19:55:01:
18:ff:7a:58:3a:90:42:f6:b6:3d:42:73:1e:46:aa:7c:bb:c9:
e6:c3:ac:a1:1d:e2:23:f5:1d:c2:09:ee:11:52:84:8b:dd:ce:
6e:b7:ae:6b:c8:59:a1:db:60:68:bf:6f:1f:ef:c1:22:83:5f:
92:6d:79:cb:fd:b7:e6:8c:49:4d:c6:79:21:30:4d:53:b4:17:
31:a5:f2:b2:5a:88:38:3c:39:49:bb:20:6a:8b:8c:fa:69:bc:
6d:26:43:f2:3c:25:5f:8a:70:3f:52:74:3c:c5:73:ef:1b:0d:
4d:4d:d5:a1:4f:de:f8:25:cb:4d:e4:df:8f:93:23:73:06:87:
f6:c0:6b:4e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF3QZow7WcV5xU0gO/nsMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjU5YWU1MjE5NTJkYTU1ZTAzZjc3OWI4ODUwMzFjMGM4
MDljZjkwHhcNMjQwMTAxMTYzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDIyNWI5YTM3Zjg5MTRkN2E2ODI2YzFhOWQwMjkwZjVjZDExODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9eb4ZqFC+YZE0ITx32JcRjlYVXI
5rpR3rKLJw8hvJPU/2lt7lLz4ElcBBx8n3gXRaRdJonw6FuAn8uKFMNgfJPBJgDA
cN4oIDZUG1anC5JsqdYezgf6ypOLLJ7rjUyRtLIR7tH1GtFzn+vvUUFeXdvJP6Ws
eGONgJowu/n4Hl+OLdbJG07kdgspRbq38ATGq/bQQBs586wyOIM7kvru2GvCE4fC
cEw2pXi+LS/QMkKK7NJVpV9wz4ujVJFvej78c1gQKAvRwG3EsgWKShOnhgMZV5lB
KMs//bBADsm1intyUKLfcTA440JmkVLhY2X79OFHEFYwGRa73N6V/9xNMwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJAiW5o3+JFNemgmwanQKQ9c0Rh/MB8GA1UdIwQY
MBaAFGS1muUhlS2lXgP3ebiFAxwMgJz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQt
NTFhZDAwZTU0MzMyLzEva0NKYm1qZjRrVTE2YUNiQnFkQXBEMXpSR0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQtNTFhZDAwZTU0MzMy
LzEvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAZzisAwQA
wRd9AwQAwgiHMA0EAgACMAcDBQAqESuAMA0GCSqGSIb3DQEBCwUAA4IBAQB01hM2
tHYbDXbxb4+JKunDKQkZHPI8igTYCy4nIRZkuBylmL+UPIX8QsdgHJ6jHhnuDcOR
QvRQHjmIyiCJNIBchm1YAhbXPmQTOoKI1EASxq0rcnyf+A6wVn9eYpG/3+VeXtX/
sCMyNw28VB7yCApgsFwo+F0EugoKeWgZVQEY/3pYOpBC9rY9QnMeRqp8u8nmw6yh
HeIj9R3CCe4RUoSL3c5ut65ryFmh22Bov28f78Eig1+SbXnL/bfmjElNxnkhME1T
tBcxpfKyWog4PDlJuyBqi4z6abxtJkPyPCVfinA/UnQ8xXPvGw1NTdWhT974JctN
5N+PkyNzBof2wGtO
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:48:32 2024 by rpki-client on console-fra.rpki-client.org