Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/kXA6oiglOMZb86J9yKr-rv602ws.roa
File: kXA6oiglOMZb86J9yKr-rv602ws.roa (raw, json)
Hash identifier: SvMd19NaM3sTEsKORKva5g0pbbKDzJcCQx3ObkSRCwc=
Subject key identifier: 91:70:3A:A2:28:25:38:C6:5B:F3:A2:7D:C8:AA:FE:AE:FE:B4:DB:0B
Certificate issuer: /CN=e938cd7ecf23ac1c4962546e1bcf5e083ad229a5
Certificate serial: 018CC80181FD8E6F68863372C779A6EF0C98
Authority key identifier: E9:38:CD:7E:CF:23:AC:1C:49:62:54:6E:1B:CF:5E:08:3A:D2:29:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6TjNfs8jrBxJYlRuG89eCDrSKaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/kXA6oiglOMZb86J9yKr-rv602ws.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 193.22.64.0/20 maxlen: 20
193.22.71.0/24 maxlen: 24
193.22.74.0/23 maxlen: 23
193.22.76.0/24 maxlen: 24
193.22.72.0/23 maxlen: 23
193.22.78.0/24 maxlen: 24
193.22.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/6TjNfs8jrBxJYlRuG89eCDrSKaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/6TjNfs8jrBxJYlRuG89eCDrSKaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/6TjNfs8jrBxJYlRuG89eCDrSKaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:81:fd:8e:6f:68:86:33:72:c7:79:a6:ef:0c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e938cd7ecf23ac1c4962546e1bcf5e083ad229a5
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91703aa2282538c65bf3a27dc8aafeaefeb4db0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a2:49:fe:49:7c:6c:a7:db:ea:44:f4:be:96:
72:88:78:71:8a:e2:70:27:3f:05:ce:3d:dd:4b:8e:
84:f8:13:83:f9:40:7b:1e:1e:86:7d:1c:7e:40:ae:
09:f8:ad:cb:99:2e:c5:4f:ef:70:c3:b3:7d:ff:0a:
c5:14:61:8f:ae:01:82:b0:8b:53:35:6e:6f:90:98:
0e:4b:83:d1:dd:8b:1d:91:2c:4f:a4:67:a4:05:0c:
25:a1:89:a7:5b:58:53:65:2d:68:ea:c5:85:57:b1:
d9:65:85:fa:64:ee:c6:68:d5:54:4f:4c:79:b0:04:
67:dd:8f:38:d3:90:be:72:fa:45:9e:35:72:39:93:
93:3d:0d:bd:94:33:9b:87:d9:b2:67:5c:e4:a0:9d:
3e:f7:d2:28:0b:57:a0:75:12:9e:06:00:75:04:44:
c7:ad:40:5d:bb:86:c2:60:37:36:43:03:fa:3d:06:
04:a3:d5:40:17:0e:3e:57:e4:9b:d5:6a:17:5a:85:
69:bb:9a:3a:56:61:73:13:ce:09:05:72:5d:76:d9:
47:b5:11:55:76:47:be:cc:5f:4b:46:ef:ab:32:1a:
db:ce:a8:75:88:e9:37:b4:56:97:9e:45:ed:d3:70:
7a:3e:2f:08:57:5e:97:8d:bf:61:72:24:8b:bc:a1:
76:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:70:3A:A2:28:25:38:C6:5B:F3:A2:7D:C8:AA:FE:AE:FE:B4:DB:0B
X509v3 Authority Key Identifier:
keyid:E9:38:CD:7E:CF:23:AC:1C:49:62:54:6E:1B:CF:5E:08:3A:D2:29:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6TjNfs8jrBxJYlRuG89eCDrSKaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/kXA6oiglOMZb86J9yKr-rv602ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/6TjNfs8jrBxJYlRuG89eCDrSKaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.64.0/20
Signature Algorithm: sha256WithRSAEncryption
97:31:ec:13:51:98:4a:17:04:08:6c:ce:d0:c7:12:92:3b:1d:
8a:94:bb:0f:b7:00:b7:68:bc:9a:28:50:c0:97:b9:65:9b:b9:
7a:5d:1f:ad:38:e8:90:72:b1:c9:fb:41:ba:6a:3e:49:75:fd:
b4:6d:67:76:b7:3b:9d:91:27:cf:f4:f1:ac:47:19:23:d4:ac:
3c:74:4b:1b:71:0f:d0:a2:04:e1:7b:07:dd:22:48:c2:87:23:
fd:63:a8:67:d0:87:64:45:f9:c2:8d:92:c6:10:74:54:ef:97:
2e:15:ce:0f:a7:59:91:79:de:e2:cb:b5:55:4e:6f:32:0a:b7:
b7:9b:c3:f7:c6:31:fd:11:b0:f1:cc:71:f5:f0:86:d7:a8:ec:
a5:4e:10:ee:47:fe:fd:7e:94:7a:5a:b9:9c:03:48:2e:74:60:
86:68:0e:ca:a6:c1:3c:da:85:3d:3f:19:35:4d:3d:93:fd:cf:
33:a9:20:54:b0:65:c8:0f:6f:c6:f2:00:1e:58:9d:ae:53:df:
c4:98:b5:07:7a:ce:4b:77:bb:8b:0a:1e:a4:03:f2:7c:b5:14:
be:30:bb:4c:4a:56:b7:8a:3d:60:b3:30:77:72:5a:62:2a:ad:
4a:b2:d0:ec:a3:ac:01:e6:fd:af:d8:2f:cb:4e:91:55:83:ee:
b3:87:7e:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYH9jm9ohjNyx3mm7wyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MzhjZDdlY2YyM2FjMWM0OTYyNTQ2ZTFiY2Y1ZTA4M2Fk
MjI5YTUwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTcwM2FhMjI4MjUzOGM2NWJmM2EyN2RjOGFhZmVhZWZlYjRkYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqJJ/kl8bKfb6kT0vpZyiHhxiuJw
Jz8Fzj3dS46E+BOD+UB7Hh6GfRx+QK4J+K3LmS7FT+9ww7N9/wrFFGGPrgGCsItT
NW5vkJgOS4PR3YsdkSxPpGekBQwloYmnW1hTZS1o6sWFV7HZZYX6ZO7GaNVUT0x5
sARn3Y8405C+cvpFnjVyOZOTPQ29lDObh9myZ1zkoJ0+99IoC1egdRKeBgB1BETH
rUBdu4bCYDc2QwP6PQYEo9VAFw4+V+Sb1WoXWoVpu5o6VmFzE84JBXJddtlHtRFV
dke+zF9LRu+rMhrbzqh1iOk3tFaXnkXt03B6Pi8IV16Xjb9hciSLvKF2PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFwOqIoJTjGW/Oifciq/q7+tNsLMB8GA1UdIwQY
MBaAFOk4zX7PI6wcSWJUbhvPXgg60imlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlRqTmZzOGpyQnhKWWxSdUc4OWVDRHJTS2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83NjFiZjUtMDM3ZS00ODA3LTg4YzAt
ZmVlZTg2YzZiNjAwLzEva1hBNm9pZ2xPTVpiODZKOXlLci1ydjYwMndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83NjFiZjUtMDM3ZS00ODA3LTg4YzAtZmVlZTg2YzZiNjAw
LzEvNlRqTmZzOGpyQnhKWWxSdUc4OWVDRHJTS2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwRZAMA0G
CSqGSIb3DQEBCwUAA4IBAQCXMewTUZhKFwQIbM7QxxKSOx2KlLsPtwC3aLyaKFDA
l7llm7l6XR+tOOiQcrHJ+0G6aj5Jdf20bWd2tzudkSfP9PGsRxkj1Kw8dEsbcQ/Q
ogThewfdIkjChyP9Y6hn0IdkRfnCjZLGEHRU75cuFc4Pp1mRed7iy7VVTm8yCre3
m8P3xjH9EbDxzHH18IbXqOylThDuR/79fpR6WrmcA0gudGCGaA7KpsE82oU9Pxk1
TT2T/c8zqSBUsGXID2/G8gAeWJ2uU9/EmLUHes5Ld7uLCh6kA/J8tRS+MLtMSla3
ij1gszB3clpiKq1KstDso6wB5v2v2C/LTpFVg+6zh34B
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:01:59 2024 by rpki-client on console-fra.rpki-client.org