Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/RYEVkQnVUgPKqp9zGL9ZakMPofU.roa
File: RYEVkQnVUgPKqp9zGL9ZakMPofU.roa (raw, json)
Hash identifier: Z6POEGWltFEcurWjAEpx2t97/Sx9Zvsed4Cz//yBeHk=
Subject key identifier: 45:81:15:91:09:D5:52:03:CA:AA:9F:73:18:BF:59:6A:43:0F:A1:F5
Certificate issuer: /CN=d90155c51ff2394da784a384aa717c76e3032c24
Certificate serial: 018CC8012A1B17DE0A66C59B4BD0361B72D4
Authority key identifier: D9:01:55:C5:1F:F2:39:4D:A7:84:A3:84:AA:71:7C:76:E3:03:2C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QFVxR_yOU2nhKOEqnF8duMDLCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/RYEVkQnVUgPKqp9zGL9ZakMPofU.roa
Signing time: Tue 02 Jan 2024 02:29:28 +0000
ROA not before: Tue 02 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210967
IP address blocks: 213.217.30.0/24 maxlen: 24
2a11:1b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/2QFVxR_yOU2nhKOEqnF8duMDLCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/2QFVxR_yOU2nhKOEqnF8duMDLCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/2QFVxR_yOU2nhKOEqnF8duMDLCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 13:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2a:1b:17:de:0a:66:c5:9b:4b:d0:36:1b:72:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90155c51ff2394da784a384aa717c76e3032c24
Validity
Not Before: Jan 2 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4581159109d55203caaa9f7318bf596a430fa1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:1f:c0:8f:c5:8b:78:c0:bf:2f:47:06:fa:
71:a1:da:28:9c:0e:3d:02:e1:78:50:91:13:e0:4c:
bd:9c:98:53:ad:d6:ec:d6:4d:85:09:bc:fb:4e:7a:
52:f2:5b:99:1b:e2:af:7f:12:84:ec:3f:49:6b:6b:
30:26:a9:5b:7d:17:1f:a2:43:70:52:f3:a4:8b:39:
bd:92:8f:0f:57:6e:ef:2c:c1:d1:36:ad:fc:e2:0b:
bd:b4:62:85:f2:e3:37:d7:df:f7:bc:2a:1f:3c:67:
bc:91:1c:a5:ae:c0:a0:b6:4c:c4:48:7a:91:c9:c6:
51:13:e8:72:2c:4b:ab:47:59:2c:56:26:a4:eb:6a:
db:74:c4:5f:ca:13:65:98:89:ed:7e:07:60:bd:4e:
ae:b5:3e:bb:23:0f:22:62:3e:8f:ee:bf:08:65:04:
41:0c:08:96:78:c0:43:99:72:6c:60:13:9f:ed:57:
e1:95:51:17:a1:6c:57:be:a1:6e:58:dc:db:d4:aa:
dc:4f:99:56:37:bd:ac:84:77:f0:79:6e:63:ce:eb:
2e:70:59:33:1c:28:c7:3d:e4:5d:34:5f:2f:99:73:
4d:22:35:3d:f9:20:e0:49:12:4d:ab:20:7c:a4:5b:
a5:7b:9d:21:c0:e4:c6:04:16:80:ce:cb:a8:33:3c:
a8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:81:15:91:09:D5:52:03:CA:AA:9F:73:18:BF:59:6A:43:0F:A1:F5
X509v3 Authority Key Identifier:
keyid:D9:01:55:C5:1F:F2:39:4D:A7:84:A3:84:AA:71:7C:76:E3:03:2C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QFVxR_yOU2nhKOEqnF8duMDLCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/RYEVkQnVUgPKqp9zGL9ZakMPofU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/dec12c-5f18-48ab-b006-422bb43753be/1/2QFVxR_yOU2nhKOEqnF8duMDLCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.217.30.0/24
IPv6:
2a11:1b00::/29
Signature Algorithm: sha256WithRSAEncryption
52:2d:7b:ad:3d:d3:d7:3d:c7:75:e1:7e:f8:1d:76:e7:5b:0b:
d0:d6:c4:55:71:d6:77:eb:aa:ea:87:a3:12:1b:13:15:bd:e7:
31:cc:b8:20:98:10:41:eb:07:04:ed:bd:e5:18:0e:4f:73:08:
69:40:7d:06:3e:6d:32:e9:5a:c6:c2:60:cd:4a:01:d1:8d:b7:
b5:db:9d:fa:cc:d3:82:8a:75:50:19:a3:51:54:cc:10:da:88:
7b:73:ba:00:00:52:2d:c9:0a:49:73:56:72:45:53:f6:0f:fd:
87:eb:45:1f:07:4f:8f:9d:a0:f5:cf:9b:c1:d0:0a:cf:cb:30:
65:55:d8:8f:35:b1:12:4d:45:1a:31:32:72:62:18:db:14:81:
71:0d:02:c5:f0:d3:e7:ac:13:ea:e3:55:4f:a9:be:2b:a3:df:
fb:45:58:3a:6c:94:60:00:7d:0b:9f:9b:d6:6d:a7:25:f1:17:
8c:66:e5:11:73:c9:7a:0c:f2:0b:e9:88:e2:6c:56:01:1f:c0:
da:8b:16:65:b7:5a:72:ea:ad:a8:a4:7a:ac:fa:0a:91:99:7f:
4e:07:78:3d:04:6b:d3:f1:57:74:6e:98:7b:0c:1e:2a:45:67:
51:75:a4:1d:84:d5:77:06:c0:93:40:8b:e7:47:90:bd:2e:aa:
f3:96:b1:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIASobF94KZsWbS9A2G3LUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MDE1NWM1MWZmMjM5NGRhNzg0YTM4NGFhNzE3Yzc2ZTMw
MzJjMjQwHhcNMjQwMTAyMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTgxMTU5MTA5ZDU1MjAzY2FhYTlmNzMxOGJmNTk2YTQzMGZhMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLwfwI/Fi3jAvy9HBvpxodoonA49
AuF4UJET4Ey9nJhTrdbs1k2FCbz7TnpS8luZG+KvfxKE7D9Ja2swJqlbfRcfokNw
UvOkizm9ko8PV27vLMHRNq384gu9tGKF8uM319/3vCofPGe8kRylrsCgtkzESHqR
ycZRE+hyLEurR1ksViak62rbdMRfyhNlmIntfgdgvU6utT67Iw8iYj6P7r8IZQRB
DAiWeMBDmXJsYBOf7VfhlVEXoWxXvqFuWNzb1KrcT5lWN72shHfweW5jzusucFkz
HCjHPeRdNF8vmXNNIjU9+SDgSRJNqyB8pFule50hwOTGBBaAzsuoMzyo/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEWBFZEJ1VIDyqqfcxi/WWpDD6H1MB8GA1UdIwQY
MBaAFNkBVcUf8jlNp4SjhKpxfHbjAywkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFGVnhSX3lPVTJuaEtPRXFuRjhkdU1ETENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kZWMxMmMtNWYxOC00OGFiLWIwMDYt
NDIyYmI0Mzc1M2JlLzEvUllFVmtRblZVZ1BLcXA5ekdMOVpha01Qb2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kZWMxMmMtNWYxOC00OGFiLWIwMDYtNDIyYmI0Mzc1M2Jl
LzEvMlFGVnhSX3lPVTJuaEtPRXFuRjhkdU1ETENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1dkeMA0E
AgACMAcDBQMqERsAMA0GCSqGSIb3DQEBCwUAA4IBAQBSLXutPdPXPcd14X74HXbn
WwvQ1sRVcdZ366rqh6MSGxMVvecxzLggmBBB6wcE7b3lGA5PcwhpQH0GPm0y6VrG
wmDNSgHRjbe12536zNOCinVQGaNRVMwQ2oh7c7oAAFItyQpJc1ZyRVP2D/2H60Uf
B0+PnaD1z5vB0ArPyzBlVdiPNbESTUUaMTJyYhjbFIFxDQLF8NPnrBPq41VPqb4r
o9/7RVg6bJRgAH0Ln5vWbacl8ReMZuURc8l6DPIL6YjibFYBH8DaixZlt1py6q2o
pHqs+gqRmX9OB3g9BGvT8Vd0bph7DB4qRWdRdaQdhNV3BsCTQIvnR5C9LqrzlrHM
-----END CERTIFICATE-----
Generated at Tue May 28 19:57:45 2024 by rpki-client on console-fra.rpki-client.org