Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/U_5B0rVJsnsRIes1EQIZbEGBxZc.roa
File: U_5B0rVJsnsRIes1EQIZbEGBxZc.roa (raw, json)
Hash identifier: jb0yqfWg2SPjUl+flcECBXDY+nMA868FA8FxXTuN8FQ=
Subject key identifier: 53:FE:41:D2:B5:49:B2:7B:11:21:EB:35:11:02:19:6C:41:81:C5:97
Certificate issuer: /CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Certificate serial: 018CC5DC7E969C1B48EB3A4157EE62BB4C5B
Authority key identifier: 92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/U_5B0rVJsnsRIes1EQIZbEGBxZc.roa
Signing time: Mon 01 Jan 2024 16:30:10 +0000
ROA not before: Mon 01 Jan 2024 16:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201250
IP address blocks: 213.59.158.0/24 maxlen: 24
213.59.155.0/24 maxlen: 24
217.107.197.0/24 maxlen: 24
217.107.198.0/24 maxlen: 24
217.107.196.0/22 maxlen: 22
213.59.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Jun 2024 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:7e:96:9c:1b:48:eb:3a:41:57:ee:62:bb:4c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Validity
Not Before: Jan 1 16:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53fe41d2b549b27b1121eb351102196c4181c597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9e:4d:27:0d:c3:08:a2:fe:64:9d:36:26:fb:
bf:05:ac:be:bc:97:f3:3b:61:42:7f:f2:1f:b7:d6:
b4:08:4d:23:c6:91:ae:c6:02:07:3f:05:d9:9d:9b:
4b:36:26:34:48:db:78:0a:f1:ba:ef:4a:a5:27:22:
a7:5f:cc:82:46:4d:31:96:91:09:1b:35:29:00:8c:
23:ff:20:b2:90:6d:22:78:4c:6d:3d:ac:68:a8:ff:
6e:da:11:ca:67:8b:0d:52:5c:88:f4:41:b8:bc:a6:
97:3f:43:ee:67:83:b2:21:40:38:9c:ba:5b:c1:5a:
2e:aa:5a:f0:69:41:78:34:7d:59:f6:21:7a:af:6c:
ae:7f:38:52:6f:96:b9:c4:10:ec:56:65:36:fe:e6:
78:2f:fe:3a:44:96:05:6b:75:77:37:d5:18:fe:4d:
06:8b:50:ca:97:25:af:f3:e6:74:00:6a:55:04:9c:
02:e8:71:4e:20:9f:02:d7:6b:b3:d6:65:0a:01:29:
68:e8:09:62:e5:b2:c5:6d:f9:5a:10:b3:81:f5:39:
29:0f:27:f5:09:09:8d:63:96:cc:40:aa:62:7f:f6:
76:48:2f:6e:19:c0:d5:5a:43:51:fc:92:9d:d2:f7:
3e:40:37:f2:26:fa:1f:c9:e9:a1:e5:64:c3:67:b6:
c2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FE:41:D2:B5:49:B2:7B:11:21:EB:35:11:02:19:6C:41:81:C5:97
X509v3 Authority Key Identifier:
keyid:92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/U_5B0rVJsnsRIes1EQIZbEGBxZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.59.132.0/22
213.59.155.0/24
213.59.158.0/24
217.107.196.0/22
Signature Algorithm: sha256WithRSAEncryption
87:e9:d7:dc:15:ed:ad:e4:44:65:88:45:9e:28:df:da:22:f2:
a2:61:2e:4d:78:b2:57:bf:01:b9:65:e2:6c:a1:f4:e2:ef:03:
1c:2b:cf:08:e5:eb:90:f2:05:af:15:dc:1d:90:0c:34:ba:db:
0d:c0:70:b0:e1:0a:c2:e5:ac:49:8e:55:2e:41:d9:26:f0:14:
68:3d:09:68:08:3b:76:cc:2d:d2:bb:90:52:1e:4d:e9:93:0d:
22:26:c0:75:71:6f:51:f9:16:c5:38:1d:aa:12:76:54:a1:ec:
98:55:ec:e2:11:8b:8b:ad:71:2b:33:cf:ad:d9:20:d2:9c:27:
eb:5d:37:86:c8:9e:0c:ce:bc:77:4a:3b:6c:3a:cc:f9:30:33:
ba:9e:0c:d7:fe:1f:7f:19:9f:2b:08:aa:a3:46:7c:5d:d4:14:
73:0b:e0:3c:eb:d9:2b:4f:64:b7:27:1b:46:7f:9e:19:fb:b4:
f9:c6:35:78:4c:ab:b6:8d:f7:25:1b:6a:55:48:08:ef:55:6e:
bd:17:d6:52:83:56:a0:c0:3f:85:d5:84:be:ee:ca:48:f0:45:
b3:85:6c:c9:e4:4d:b2:eb:a3:02:47:bf:64:de:e7:ea:1a:6f:
2a:f4:52:cf:9f:5a:10:77:c1:ae:e0:7e:6b:cc:7a:2d:78:84:
0d:95:30:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3H6WnBtI6zpBV+5iu0xbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZjRiMWMwYmZiYWQ0NmI4MTFlZWU1NjhhMThmYmFhMTRh
OWQ2ODcwHhcNMjQwMTAxMTYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZlNDFkMmI1NDliMjdiMTEyMWViMzUxMTAyMTk2YzQxODFjNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ5NJw3DCKL+ZJ02Jvu/Bay+vJfz
O2FCf/Ift9a0CE0jxpGuxgIHPwXZnZtLNiY0SNt4CvG670qlJyKnX8yCRk0xlpEJ
GzUpAIwj/yCykG0ieExtPaxoqP9u2hHKZ4sNUlyI9EG4vKaXP0PuZ4OyIUA4nLpb
wVouqlrwaUF4NH1Z9iF6r2yufzhSb5a5xBDsVmU2/uZ4L/46RJYFa3V3N9UY/k0G
i1DKlyWv8+Z0AGpVBJwC6HFOIJ8C12uz1mUKASlo6Ali5bLFbflaELOB9TkpDyf1
CQmNY5bMQKpif/Z2SC9uGcDVWkNR/JKd0vc+QDfyJvofyemh5WTDZ7bChwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFP+QdK1SbJ7ESHrNRECGWxBgcWXMB8GA1UdIwQY
MBaAFJL0scC/utRrgR7uVooY+6oUqdaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMt
YTA4NGY3NmM4ZTJiLzEvVV81QjByVkpzbnNSSWVzMUVRSVpiRUdCeFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMtYTA4NGY3NmM4ZTJi
LzEva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQC1TuEAwQA
1TubAwQA1TueAwQC2WvEMA0GCSqGSIb3DQEBCwUAA4IBAQCH6dfcFe2t5ERliEWe
KN/aIvKiYS5NeLJXvwG5ZeJsofTi7wMcK88I5euQ8gWvFdwdkAw0utsNwHCw4QrC
5axJjlUuQdkm8BRoPQloCDt2zC3Su5BSHk3pkw0iJsB1cW9R+RbFOB2qEnZUoeyY
VeziEYuLrXErM8+t2SDSnCfrXTeGyJ4Mzrx3SjtsOsz5MDO6ngzX/h9/GZ8rCKqj
Rnxd1BRzC+A869krT2S3JxtGf54Z+7T5xjV4TKu2jfclG2pVSAjvVW69F9ZSg1ag
wD+F1YS+7spI8EWzhWzJ5E2y66MCR79k3ufqGm8q9FLPn1oQd8Gu4H5rzHoteIQN
lTDZ
-----END CERTIFICATE-----
Generated at Fri Jun 14 02:13:57 2024 by rpki-client on console-fra.rpki-client.org