Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/IsXlJVr4hClOkJL-3vmF95s6rec.roa
File: IsXlJVr4hClOkJL-3vmF95s6rec.roa (raw, json)
Hash identifier: f7ariwQoc3hUPsiD3EeDf1kwHLpX2QdwswTREcD7/zA=
Subject key identifier: 22:C5:E5:25:5A:F8:84:29:4E:90:92:FE:DE:F9:85:F7:9B:3A:AD:E7
Certificate issuer: /CN=951bb490e09df1467e4eec43d8f20484cee839fe
Certificate serial: 018E74E98668D6867314C5C1E2F81BECB658
Authority key identifier: 95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/IsXlJVr4hClOkJL-3vmF95s6rec.roa
Signing time: Mon 25 Mar 2024 09:20:45 +0000
ROA not before: Mon 25 Mar 2024 09:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 213.218.36.0/24 maxlen: 24
213.218.37.0/24 maxlen: 24
213.218.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 06:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:e9:86:68:d6:86:73:14:c5:c1:e2:f8:1b:ec:b6:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951bb490e09df1467e4eec43d8f20484cee839fe
Validity
Not Before: Mar 25 09:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22c5e5255af884294e9092fedef985f79b3aade7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0f:66:fe:e5:51:28:a9:b4:fd:1d:6d:0e:0f:
98:9f:14:21:f6:95:3f:10:2e:ef:ac:8c:cb:3b:d4:
01:76:56:64:85:e0:f4:5a:ac:63:93:26:b4:63:df:
f3:c4:93:d5:1d:fc:07:9c:a1:a6:49:55:e1:dc:51:
58:e3:87:7f:b2:e6:c9:48:88:64:50:09:3e:6e:e5:
f8:85:0e:16:f4:e1:47:aa:08:34:b3:d9:04:c4:6b:
1c:02:da:ba:c2:56:c6:a1:6c:fd:f1:75:a9:e9:58:
fc:08:a5:57:e3:e7:95:b6:ee:5c:aa:b2:63:2a:7a:
0b:ad:0e:52:39:a4:68:86:81:e1:c9:da:6a:fd:e1:
62:54:09:24:14:7c:36:a7:d4:f3:83:18:8b:c0:07:
f8:e8:d2:fa:bb:e3:c2:db:82:c3:70:1d:04:7d:82:
2f:fc:24:4a:ab:9e:7c:cc:af:ea:cf:57:64:c5:03:
bf:fc:4a:2d:07:db:b0:d9:d4:c2:2e:1e:95:78:a6:
25:66:a7:49:2c:a2:a1:15:53:db:da:73:9b:23:74:
f7:e9:f7:00:56:df:4e:6c:d0:91:1a:d9:7a:1f:2c:
03:3d:46:17:7f:c9:72:4b:90:78:41:74:5e:ab:11:
76:e9:33:98:dd:02:8e:b8:99:ab:9f:64:4a:a4:4c:
a3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C5:E5:25:5A:F8:84:29:4E:90:92:FE:DE:F9:85:F7:9B:3A:AD:E7
X509v3 Authority Key Identifier:
keyid:95:1B:B4:90:E0:9D:F1:46:7E:4E:EC:43:D8:F2:04:84:CE:E8:39:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/IsXlJVr4hClOkJL-3vmF95s6rec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/ea6f61-a9d2-4c6b-b717-1db4ed131bc3/1/lRu0kOCd8UZ-TuxD2PIEhM7oOf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.36.0/23
213.218.48.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:9e:b3:0c:00:1a:51:6c:78:b4:a5:18:67:1a:83:6b:ee:20:
26:13:c1:94:68:93:e9:4a:df:b6:a9:e9:f2:b2:99:c3:b1:88:
b4:2c:41:39:60:ca:7a:27:ce:92:2a:d5:ab:3f:f6:4e:dd:85:
2c:8a:58:a6:9b:09:87:d7:0b:71:d0:fd:64:8e:b1:28:a3:12:
15:81:51:12:54:28:1f:ce:71:84:11:03:30:da:c8:22:3a:5f:
43:15:33:59:a4:52:e3:c5:41:5f:60:49:03:f9:c0:38:7a:ea:
14:bf:46:85:ee:ed:a0:71:24:95:d6:49:ef:66:69:9b:c9:85:
c3:55:87:74:5d:dc:4d:00:db:93:f6:8a:d9:33:7c:51:f1:bf:
7c:13:70:68:da:1d:09:93:bf:02:c9:1d:53:27:72:e9:86:31:
9e:58:70:65:19:42:d1:46:ef:8f:b1:42:9f:1a:6a:11:ba:c7:
be:89:40:98:19:09:01:a9:d4:1a:54:da:93:3e:07:c0:e4:7e:
e3:a6:18:91:a6:13:06:25:58:ed:42:e7:54:c1:cb:df:9b:11:
8c:3f:aa:4e:d3:2f:cd:a2:82:0a:95:10:29:fb:5f:d9:e2:22:
d0:fe:1f:9a:22:cd:fd:14:64:f0:d1:34:2b:e9:de:be:3d:b9:
16:86:32:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY506YZo1oZzFMXB4vgb7LZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MWJiNDkwZTA5ZGYxNDY3ZTRlZWM0M2Q4ZjIwNDg0Y2Vl
ODM5ZmUwHhcNMjQwMzI1MDkyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmM1ZTUyNTVhZjg4NDI5NGU5MDkyZmVkZWY5ODVmNzliM2FhZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow9m/uVRKKm0/R1tDg+YnxQh9pU/
EC7vrIzLO9QBdlZkheD0Wqxjkya0Y9/zxJPVHfwHnKGmSVXh3FFY44d/subJSIhk
UAk+buX4hQ4W9OFHqgg0s9kExGscAtq6wlbGoWz98XWp6Vj8CKVX4+eVtu5cqrJj
KnoLrQ5SOaRohoHhydpq/eFiVAkkFHw2p9TzgxiLwAf46NL6u+PC24LDcB0EfYIv
/CRKq558zK/qz1dkxQO//EotB9uw2dTCLh6VeKYlZqdJLKKhFVPb2nObI3T36fcA
Vt9ObNCRGtl6HywDPUYXf8lyS5B4QXReqxF26TOY3QKOuJmrn2RKpEyjoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCLF5SVa+IQpTpCS/t75hfebOq3nMB8GA1UdIwQY
MBaAFJUbtJDgnfFGfk7sQ9jyBITO6Dn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTct
MWRiNGVkMTMxYmMzLzEvSXNYbEpWcjRoQ2xPa0pMLTN2bUY5NXM2cmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lYTZmNjEtYTlkMi00YzZiLWI3MTctMWRiNGVkMTMxYmMz
LzEvbFJ1MGtPQ2Q4VVotVHV4RDJQSUVoTTdvT2Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1dokAwQC
1dowMA0GCSqGSIb3DQEBCwUAA4IBAQAPnrMMABpRbHi0pRhnGoNr7iAmE8GUaJPp
St+2qenyspnDsYi0LEE5YMp6J86SKtWrP/ZO3YUsilimmwmH1wtx0P1kjrEooxIV
gVESVCgfznGEEQMw2sgiOl9DFTNZpFLjxUFfYEkD+cA4euoUv0aF7u2gcSSV1knv
ZmmbyYXDVYd0XdxNANuT9orZM3xR8b98E3Bo2h0Jk78CyR1TJ3LphjGeWHBlGULR
Ru+PsUKfGmoRuse+iUCYGQkBqdQaVNqTPgfA5H7jphiRphMGJVjtQudUwcvfmxGM
P6pO0y/NooIKlRAp+1/Z4iLQ/h+aIs39FGTw0TQr6d6+PbkWhjKY
-----END CERTIFICATE-----
Generated at Mon May 20 15:26:06 2024 by rpki-client on console-fra.rpki-client.org